MSC4019: Encrypted event relationships

[tusooa]

Rendered

[tusooa]

cc matrix-org/matrix-spec#660

[richvdh]

Obviously, server-side aggregations and the /relationships API will not work any more with this change.

These exist for a reason: clients are heavily reliant on them for things like finding the reactions and threads which relate to a particular event.

It seems to me that these are "Potential issues" which need discussing here.

[tusooa]

For my use case (1-to-1 chats and small groups of at most 10 people), aggregations from server side just do not help much. Most used relation is reply, second most editing, and tiny little bits of reactions. Reply and editing chains wouldn't be spanned across like 100s of events.

The sole purpose of this is to sacrifice the ability for the server to track relationships in order to achieve better privacy.

Made this explicit in the potential issues section.

[FSG-Cat]

@richvdh A somewhat recent discussion in Client Dev Room revealed no matrix clients use aggregations for Reactions. If a client does nobody was able to present one in that conversation. (Date of Discussion is Feburary 21nd of 2023. According to Central European Summer Time.)

So the concern that Reactions would break is if that conversation was accurate incorrect for most users.

Due to that reactions wont break a MSC like this is safe to move forward for Reactions atleast if that conversation was accurate. As we are trying to prove a negative in this case its up to whoever wants to do the work to find a counterexample.

Edit: lets update this comment. So i dug up that MSC2677 and this specific comment is where the call is made that relations in the case of reactions are not aggregated and this PR to synapse removes the code from synapse in line with the MSC.

[clokep]

that Relations specifically are not aggregated

I think you mean reactions.

[richvdh]

You're right, reactions are not aggregated, I'd forgotten. Nevertheless the concern remains around other relation types (especially edits).

[FSG-Cat]

@clokep is correct about what i intended to communicate. And yes its a valid concern to be concerned about other relation types.

[deepadmax]

The key field for reactions makes sense to encrypt in private conversations. However, I think that fields denoting the relationship itself should always be unencrypted. It doesn't help with just server aggregation. Bots and clients will have it way easier getting relevant events on demand rather than needing a full sync cached and searched through. It could be made the default and no extra toggle (m.room.relationship_encryption) would be needed; if a room is encrypted, all other relationship fields are stored inside the encrypted content, whereas the event_id and rel_type remain outside, unencrypted.

[tusooa]

The key field for reactions makes sense to encrypt in private conversations. However, I think that fields denoting the relationship itself should always be unencrypted. It doesn't help with just server aggregation. Bots and clients will have it way easier getting relevant events on demand rather than needing a full sync cached and searched through. It could be made the default and no extra toggle (m.room.relationship_encryption) would be needed; if a room is encrypted, all other relationship fields are stored inside the encrypted content, whereas the event_id and rel_type remain outside, unencrypted.

I am talking about the possibility for clients to not rely on servers to keep record of event relationships. And it's optional. Clients that do want to rely on servers can simply not support it.

[tusooa]

Regarding implementation, libkazv currently sends all outbound relations encrypted in encrypted rooms.