MSC2923: Connect Matrix room to another Matrix room #2923
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,95 @@ | ||
| # MSC2923: Matrix to Matrix connections | ||
|
|
||
| [Portal rooms](https://matrix.org/bridges/#libpurple) are a fantastic way for a network/platform/ecosystem/community to be exposed to Matrix. The naming happens automatically and creates a new room on Matrix to bridge everyone across. Some examples are the IRC freenode bridge (`#freenode_#channelname:matrix.org`) and the Gitter bridge (`#org_repo:gitter.im`) (bridges that transparently expose a whole ecosystem). | ||
|
|
||
| One problem is some communities can span across multiple platforms which means there are multiple Matrix portal rooms for the same topic. Example: | ||
|
|
||
| - `#freenode_#crystal-lang:matrix.org` | ||
| - `#crystal-lang_crystal:gitter.im` | ||
|
|
||
| It would be great if these rooms could be connected all together and reduce the fragmentation even more. Chatting in Gitter would reach freenode automagically. The goal of this MSC is to come up with a solution to solve this problem. | ||
|
|
||
|
|
||
|
|
||
| ## Proposal | ||
|
|
||
| Add a mechanism to homeservers to be able connect and ferry messages back and forth from another Matrix room. | ||
|
There was a problem hiding this comment. (I'm going to put out thoughts here in different threads). I'd like to avoid mixing messages between rooms at the DAG level, and this connection be a layer on top supported by the homeserver. Rooms would continue to be separate at that level, but the client would still see a room with messages mixed in from both rooms. This however presents a problem in that it's difficult to splice together two different rooms as the DAG is used for ordering. You'd need some way to interject messages in a way that works. And then you can have things like replies/relationships which would be cross room, and would cause all sorts of headaches. There was a problem hiding this comment.
Relates to #2716 and incrementally importing existing message history but we haven't come up with anything concrete there yet. There was a problem hiding this comment. When someone sends a message to a room, we can also put a pointer reference event to the message in the connected room. This way we can follow the pointer to the single source of truth which may have edits, etc. This also makes it ordered in the DAG as expected for both rooms. There was a problem hiding this comment. I added your potential solution (@Half-Shot) and the one I just mentioned to the MSC 👍
|
||
|
|
||
|
There was a problem hiding this comment. If Alice joins room A, they would not see history until they join room B too? Would we need some kind of auto-join / auto-invite > join mechanism to avoid split brain views of the room? There was a problem hiding this comment. Federated peeking 🤷 Re: #2923 (comment), if there are pointer reference events in the connected room, we can show a placeholder that you need to join the other room to see the message There was a problem hiding this comment. How would power levels work in this instance? Presumably if a bridge has admin in it's portal room, it would not automatically get authority in the other room. This presents a problem in so far that if a IRC OP kicks/bans a Matrix user from the chat, how would the bridge handle that? Would users be expected to op the bridge in the plumbed room, which would feel somewhat awkward and unexpected? There was a problem hiding this comment. If someone gets banned in a Matrix room, messages coming from the connected Matrix room would also be blocked. But I don't think the ban would necessarily carry through to the connected room by default. Maybe we could add an option to "ban in connected rooms" as well which would only work if you were also authorized there. There was a problem hiding this comment. This relates to the PL(power-level/permission) syncing across rooms in a space from MSC1772 (see "room admin bot"), https://github.com/matrix-org/matrix-doc/pull/1772/files. We could probably re-use the same mechanism for syncing bans. |
||
| For the Cerulean threading proposal, there was a mention of adding a mechanism to send a message to both your timeline and thread room at the same time. This seems kind of similar, sending one event and ending up in multiple. | ||
|
|
||
|
|
||
| ### Potential solutions | ||
|
|
||
|
|
||
| #### Message pointer reference events | ||
|
|
||
| When someone sends a message to a room, we also send a pointer reference event to the connected room which marks that messages place in the DAG. | ||
|
|
||
|
|
||
| The pointer reference events get filled in before we pass it on to the client. | ||
|
|
||
| Since [federated peeking](https://github.com/matrix-org/matrix-doc/issues/913) isn't available yet, for people not joined to the connected room, we can show a placeholder for the pointer reference event telling the user that they need to join the other room in order to see the message. | ||
|
|
||
|
|
||
| #### Connection layer on top of the DAG | ||
|
|
||
| To avoid mixing messages between rooms at the DAG level, this could be a connection layer on top supported by the homeserver. Rooms would continue to be separate at that level, but the client would still see a room with messages mixed in from both rooms. | ||
|
|
||
| This however presents a problem in that it's difficult to splice together two different rooms as the DAG is used for ordering. You'd need some way to interject messages in a way that works. And then you can have things like replies/relationships which would be cross room, and would cause all sorts of headaches. | ||
|
|
||
|
|
||
|
|
||
|
|
||
| ## Potential issues | ||
|
|
||
|
|
||
| #### Connecting private and public rooms | ||
|
|
||
| Can someone connect a private and public room together? | ||
|
|
||
|
|
||
| #### E2EE rooms | ||
|
|
||
| How do e2e rooms work? Since the message is encrypted and only the devices can decrypt, the homeserver can't just ferry an encrypted message over and expect the others to be able to decrypt. | ||
|
|
||
| Potentially, we could have the client send the message to all of the connected rooms individually. | ||
|
|
||
|
|
||
|
|
||
| ## Alternatives | ||
|
|
||
| #### Consolidate to a single room | ||
|
|
||
| This option works today and doesn't require any additonal change. | ||
|
|
||
| Bridges could use the same internal room ID and just add their portal alias on top of the existing room. This requires a lot of manual poking on the bridges side to get setup and additional work if rooms are already created on each side like adding `m.room.tombstone` to point people to the new correct place. | ||
|
|
||
| Since, we don't want to handle every request manually. this also requires every single bridge to solve the problem of adding self-service plumbing to individual rooms. | ||
|
|
||
|
|
||
| #### Matrix to Matrix bridge | ||
|
|
||
| Create a new bridge which can bridge a Matrix room to another Matrix room. | ||
|
|
||
| This solution is flexible to solve any scenario but this functionality could also be built into the homeserver. | ||
|
|
||
| This also requires more burden on people having to host their own bridge. | ||
|
There was a problem hiding this comment. As noted by @Half-Shot: Maintaining senders will be a problem if it's an AS bridge There was a problem hiding this comment. Also how does setting up the link/connection between rooms work for someone who doesn't own the homeserver |
||
|
|
||
|
|
||
|
|
||
| ## Security considerations | ||
MadLittleMods marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| People might not realize their message is being shared more broadly to another audience. Also relating to a private room being connected to a public room. | ||
|
|
||
|
There was a problem hiding this comment. You'd need a two way negotiation system for this kind of linking, or the guys at There was a problem hiding this comment. Added to security consideration section 👍 |
||
| Make sure there is a two-way negotiation system where admins of both rooms can approve of connecting the rooms. This is to prevent bad actors at `#badroom:evilcorp.com` connecting themselves to `#matrix:matrix.org` and causing hell. | ||
|
|
||
|
|
||
|
|
||
| ## Unstable prefix | ||
|
|
||
| *If a proposal is implemented before it is included in the spec, then implementers must ensure that the | ||
| implementation is compatible with the final version that lands in the spec. This generally means that | ||
| experimental implementations should use `/unstable` endpoints, and use vendor prefixes where necessary. | ||
| For more information, see [MSC2324](https://github.com/matrix-org/matrix-doc/pull/2324). This section | ||
| should be used to document things such as what endpoints and names are being used while the feature is | ||
| in development, the name of the unstable feature flag to use to detect support for the feature, or what | ||
| migration steps are needed to switch to newer versions of the proposal.* | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This may go some way to solving decentralised bridges too. If each bridge maintains its own portal room, it can then be up to the bridges to negotiate on who bridges who.