this post was submitted on 10 Jun 2023
261 points (100.0% liked)

Technology

37854 readers
65 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 3 years ago
MODERATORS
 

I'm personally crossing my fingers for Discord.

you are viewing a single comment's thread
view the rest of the comments
[–] darvit 18 points 2 years ago (1 children)

This is not true. Data will only be sent to your homeserver if a user on your homeserver joins a room on another server. And only the data for that room is sent, not the whole network. The room data only contains all state changes, and a small amount of recent messages. The amount of state changes is the biggest problem.

Matrix protocol does have a giant problem regarding spam joins though, which make a complete instance basically unusable. Last time I talked with people related to the protocol they didn't want to or know how to fix it, because the need to verify all room state changes.

[–] Andreas@feddit.dk 2 points 2 years ago (1 children)

Thanks for the information. I set up a Matrix instance with a friend before and noticed it had significantly more resource usage than expected of a little chat client, then someone else explained that Matrix was trying to discover all of the other nodes on the network so I assumed it was true. What causes so many state changes to be generated?

[–] darvit 5 points 2 years ago (1 children)

There's a page explaining it in more detail, but basically, all servers need to verify the complete chain of state events in order to trust data and messages about the room. This is because otherwise malicious servers could make bogus state events and messages that are not valid, like scam messages and unauthorized room setting changes.

In matrix, when you create a new room, or edit room settings, a state event is made. The same is true for changes in user permissions like who is admin, and for settings related to who can join the room.

The last one is key, because this means that in order for servers to trust other servers' messages, they need to verify if the user that sent the message joined the room in a legit way.

In order to do this, when a user joins a room it must cause a state event. However, this makes it easy for people to abuse, by joining a room with a ton of accounts, it spams state events to all connected servers, which bogs them all down because they are required to process all state events in order for chain of trust to function.

Even for rooms with non-malicious usage, servers can still be bogged down if the room is very big, which might be what happened with you or your friend joining a big public room.

Basically, in my opinion, Matrix cannot be used with public rooms as it stands today.

[–] kresten@feddit.dk 2 points 2 years ago (1 children)

That sounds a lot like how blockchains work, do you know whether it is the same principle with hashing a state and then simply chaining them?

I don't really understand what actually takes up bandwidth. Is it the multiple clients querying the matrix server, about previous states, at once?

If you don't mind me asking

[–] darvit 1 points 2 years ago

Sorry for the late reply, Beehaw is blocking my phone's ip cus of vpn.

Basically like blockchain yeah, where the state points to the previous state. I think it's a combination of having to download all state events for the room (bandwidth), but also your server having to verify each and every event (cpu). It has to do all of this before you can really start using the room.

So if a user on your server joins a big room, it can put strain on the server until it got everything downloaded and verified.

Also, if for some reason (like someone spam joining the room) a lot of state events get generated, your server (and all other servers that connect to the room) have to download and verify each one of those state events.

For me, I only have my own user account on my server, and I only join private rooms. It's a shame, cus the idea of Matrix is neat, but currently there's no way to avoid getting DoS-ed if you join public rooms.