Room Version 6, Client-Server r0.6.1, and Federation r0.1.4 spec releases

27.05.2020 00:00 — Releases Travis Ralston

Room Version 6, Client-Server r0.6.1, and Federation r0.1.4 spec releases

Hey all,

It's been a little while since we've done a spec release, so here we are with Room Version 6, Client-Server r0.6.1, and Federation r0.1.4.

Room Version 6 (and the associated Federation r0.1.4 release) is largely something for implementations to worry about. It contains new event authorisation rules, changes to the redaction algorithm, and stricter compliance for JSON.

Client-Server r0.6.1 contains a number of clarifications as well as SSO support for authorisation, "soft logout" to avoid needlessly destroying e2e history, and new ways to publish aliases within rooms.

If you're wondering where all the E2E-by-default related MSCs are - we're doing final iterations based on the real-world feedback from the E2E-by-default launch a few weeks ago, and they are then expected to land in the upcoming Client-Server r0.7.

Here's all the MSCs that got merged since the last release:

  • MSC2240: Room version 6
  • MSC2457: Invalidating devices during password modification
  • MSC2454: Support UI auth for SSO
  • MSC2451: Remove query_auth federation endpoint
  • MSC2432: Updated semantics for publishing room aliases
  • MSC2324: Facilitating early releases of software dependent on spec
  • MSC2313: Moderation policies as rooms
  • MSC1466: Soft Logout
  • MSC2540: Stricter event validation: JSON compliance
  • MSC2209: Alter auth rules to check notifications in
  • MSC1802: Remove the '200' value from some federation responses

Client-Server r0.6.1 changelog

New Endpoints

  • Added /rooms/{roomId}/aliases for retrieving local aliases for a room. (#2562)

Backwards Compatible Changes

  • Added data structures for defining moderation policies in rooms per MSC2313. (#2434)
  • Optionally invalidate other access tokens during password modification per MSC2457. (#2523)
  • Add User-Interactive Authentication for SSO-backed homeserver per MSC2454. (#2532)
  • Add soft-logout support per MSC1466. (#2546)
  • Replaced legacy room alias handling with a more sustainable solution per MSC2432. (#2562)

Spec Clarifications

  • List available enum values for the room versions capability. (#2245)
  • Fix various spelling errors throughout the specification. (#2351, #2415, #2453, #2524, #2553, #2569)
  • Minor clarifications to token-based User-Interactive Authentication. (#2369)
  • Minor clarification for what the user directory searches. (#2381)
  • Fix key export format example to match the specification. (#2430)
  • Clarify the IV data type for encrypted files. (#2492)
  • Fix the .m.rule.contains_user_name default push rule to set the highlight tweak. (#2519)
  • Clarify that an event_id is returned when sending events. (#2525)
  • Fix some numbers in the specification to match their explanation text. (#2554)
  • Move redaction algorithm into the room version specifications. (#2563)
  • Clarify signature object structures for encryption. (#2566)
  • Clarify which events are created as part of /createRoom. (#2571)
  • Remove claims that the homeserver is exclusively responsible for profile information in membership events. (#2574)

Server-Server (Federation) r0.1.4 changelog

New Endpoints

  • Add new POST /publicRooms endpoint for filtering the room directory. (#2305)
  • Add new v2 /send_join and /send_leave endpoints per MSC1802. (#2547)

Removed Endpoints

Spec Clarifications

  • Move auth event selection to a more obvious location. (#2392)
  • Fix typo in Request Authentication python example. (#2510)
  • Clarify which fields are required on the key server endpoints. (#2527)
  • Clarify the limits of prev_events and auth_events for PDUs. (#2538)
  • Clarify which events are targeted by backfill. (#2559)
  • Fix the response format of the /send endpoint. (#2560)
  • Clarify signature object structures for encryption. (#2566)
  • Clarify the server names to use when signing requests. (#2570)
  • Clarify the state/auth chain requirements for /send_join. (#2575)
  • Fix various spelling errors throughout the specification. (#2577)

This Week in Matrix 2020-05-22

22.05.2020 00:00 — This Week in Matrix Ben Parsons

Matrix Live 🎙

Dept of Status of Matrix 🌡

Automattic invests in New Vector

Huge news, read more detail here! Check out Matrix Live with Matt Mullenweg above, too.

Matthew announced:

Automattic invested in New Vector in order to support Matrix, and are also hiring Matrix Integration Engineers!

Do check out the job description - this is a really fascinating role! If only I didn't have a job already...

Dept of Spec 📜

anoa reported:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at

MSC Status

Merged MSCs:

MSCs in Final Comment Period:

New MSCs:

Spec Core Team

In terms of Spec Core Team MSC focus for this week, the room v6 MSCs from last week's focus have all reached FCP 🎉 So we're continuing on with the E2E MSCs; MSC2366 (verification flows) and MSC2399 (UISI messaging).

We'll soon be releasing Federation API r0.1.3 and Client-Server API r0.6.1, which brings room v6.

Interestingly, this was produced with some new automation.

MSC status chart

As if this wasn't enough, sorunome reported:

heya twimers who were excited about the emotes msc thing, soru added a few more things and it'd be cool if someone could cross-check it

Dept of Servers 🏢


Conduit is a Matrix homeserver written in Rust

timo offered:

This week I finished support for end to end encryption and also implemented media uploading, downloading and thumbnail generation! See it in action here:

If you want to see it with your own eyes, create an account via We hope to push our changes to Riot upstream soon, so you can use your own Riot to connect.

Finally, I want to thank my kind supporters on Liberapay.


Dendrite is a next-generation homeserver written in Go

kegan told us:

Dendrite has seen a number of improvements this week, including:

  • Backfill will now backfill more messages than before, resulting in a snappier experience when scrolling back in a room.

  • Dendrite is now compliant with Synapse on backfill behaviour.

  • Inline CS API filters will now honour the timeline limit value.

  • Making more Sytests pass.

  • Modifications to how Dendrite tracks memberships.

  • Addition of an -api flag to expose internal HTTP APIs.

  • Clearer separation of internal/external HTTP APIs.

This has culminated in the following values for Are We Synapse Yet:

Client-Server APIs: 34% (227/672 tests) - up from 33%
Federation APIs: 34% (35/103 tests) - up from 27%

As for P2P.... v0.1.0 released!

This is a significant milestone because we now persist Dendrite databases to IndexedDB, greatly improving UX and giving users a consistent identity on the P2P network. In addition to this, the following changes have been made:

  • We now bake in the Dendrite commit SHA into the logs on startup.

  • Dendrite will now restart itself in case of panics/segfaults.

Known issues with this release:

  • Databases are only flushed to IndexedDB every 30 seconds, making it possible to lose the most recent messages. This has a variety of effects on the Dendrite instance, but in testing it has been able to mostly gracefully recover. Messages that you have sent will be backfilled but will be redacted. Rooms you have joined will be forgotten, and you need to be kicked/re-invited/re-join for communication to be re-established. We're looking into a better flushing mechanism going forwards.

  • If you have previously visited, you MUST manually clear your service worker via chrome:serviceworker-internals or about:debugging#/runtime/this-firefox or else you might get errors such as "LinkError: WebAssembly.instantiate(): memory import 37 has no maximum limit, expected at most 4294967295".

Please do not rely on to have any form of stability. Patch version bumps (0.1.0 -> 0.1.1) will not remove databases but minor version bumps will (0.1.1 -> 0.2.0) so we can continue to progress with Dendrite development at speed.


anoa announced:

Synapse v1.13.0 has landed with SSO fixes and support in User-Interactive Authentication sessions, the ability to run in worker mode using redis as an experimental backend (which will soon be considered the default transport for Synapse workers), the ability for server admins to define password policies, some alias bugfixes, some cross-signing fixes as well as many more continuous improvements.

v1.14.0 in now in development, which will feature room v6 support.

Be sure to read the upgrade notes before upgrading.

And btw, upgrade notes != release notes

Synapse Deployment 📥


Ananace offered:

1.13.0 tags for the K8s-optimized docker image have been pushed


Mathijs announced:

The synapse 1.13.0 image including coturn and jemalloc is available as avhost/docker-matrix:v1.13.0, as always the RCs were (and are) available under mvgorcum/docker-matrix:v1.13.0rcX

Dept of Bridges 🌉


Benedict told us:

I released a new matrix bridge called matrix-sms-bridge, which allows you to bridge matrix rooms to SMS with one telephone number only. It is build on top of matrix-spring-boot-sdk and written in kotlin. Currently, only modems via Gammu are supported, but new Providers (e.g. some REST API) can be added very easily.

I'm going to integrate it into matrix-docker-ansible-deploy to use it in my corporate-environment.


Tulir said:

mautrix-telegram v0.8.0-rc2 was released with some bugfixes and a basic implementation of Half-Shot's bridge information state event MSC. There will probably be at least one more RC with some more bugfixes in a week or two.


Tulir said:

Last week I updated the messenger library mautrix-facebook uses to the latest upstream version, which might have made things work a bit better. This week mautrix-facebook got some more bugfixes and also a new feature to bridge animated stickers on Messenger into gifs on Matrix.

Dept of Clients 📱


sorunome reported:

Fluffychat Version 0.14.0 is out now and this is new:

  • Implement image viewer

  • Implement room pills

  • New chat appBar showing presences and room avatars

  • Implement well-known support

  • Minor fixes, refactoring and performance improvements

F-Droid is already published here:

PlayStore and TestFlight will follow in the next few days.


stoic said:

Riot Web as Firefox Add-on? Yep, it's (still) a thing, now available as version 1.6.1 and supports search in encrypted rooms (via Radical Native)


miruka offered:

Mirage 0.5.0 has been released today:

  • Major performance improvements. Although there is still work to be done, such has persisting client state between restarts to avoid initial syncs everytime, accounts will hundreds of rooms should now be able to finish loading and no longer take your entire RAM and CPU until everything freezes

  • Rooms with unread messages or mentions for your user (currently only those received while the client is running) will be highlighted and sorted first

  • New UI component allowing you to quickly jump between accounts in the room list, and always keep an eye how many total unread messages or mentions you have

  • Messages can now be replied to

  • Room members can now be kicked and banned

  • New keybinds for jumping between accounts, cycling through unread rooms, replying to messages and opening links in a message

  • Kinetic scrolling can now be disabled, this should fix scrolling for some trackpads incorrectly handled by Qt

  • The order in which accounts are shown in the side pane can now be customized

  • And a lot more, see full changelog


Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico ( announced:

  • lkito has been contributing this week to Nheko as part of his homework for university or so? Anyway, he added an option to highlight whatever message you are currently hovering over, so that you have an easier time locating the proper timestamps and buttons for that specific message. He's now working through a few other issues to improve his coding skills, like optionally having big emojis in the timeline or showing tooltips to explain the settings Nheko has.

  • You can now set a /roomnick

  • You can now tag rooms using the room context menu. You can assign multiple tags and create new tags as you like. This helps organizing your rooms, since Nheko supported filtering you room list using tags for a few years already, but until now you couldn't assign them.

  • red_sky has been tying up the loose ends for reaction support. Once that is done, we'll release 0.7.2

RiotX Android

valere offered:

The team is working on getting feature parity with old-riot

  • Identity server support has been merged to develop
  • Switch language

1:1 Voip calls, Widgets, and room attachment list screen (media, files) are work in progress, and coming next

Matrix Android SDK

v0.9.35 has been released

  • Fixes Favs bug (no more favs after update)

=> Riot android release coming soon with SDK update


From Manu:

This week, we released Riot-iOS 0.11.5 with the support of the new version of SAS (emoji) verification. This release contains also a fix for share and Siri extensions to make them compatible with cross-signing.
We continued to make progress on the full support of the iOS13 SDK. The new push extension is almost here but it is tricky to make it work as VoIP pushes we abused for years.

Dept of SDKs and Frameworks 🧰


Ananace told us:

Just released version 2.1.0 of the Ruby SDK, headlines changes are the addition of request IDs (and timing) to the debug output to make request/response tracking easier, as well as finalized support for extending both the low-level and higher-level clients with MSCs - along with a much improved implementation for MSC2108 (Sync over SSE). Also included are some bug fixes, as usual, as well as many improvements to the provided example bot.

You can still find it on rubygems as matrix_sdk, and feel free to drop by for questions, comments, or just general discussion.


Ruma is a Rust project to create a comprehensive set of APIs for Matrix. Previously there was a Ruma homeserver project.

jplatte told us:

Rust bits

This week, we worked on support for endpoints with multiple values for one query parameter (in a livestream), federation endpoints for joining rooms and the next revision of ruma-events [1, 2] (that will, once finished, allow us to finally support redacted events properly, amongst other things). We also fixed two small bugs in ruma-client-api. Just today, we released ruma-client-api 0.9.0 and ruma-client 0.4.0 (sorry, no change log ☹︎).

Our website has been revamped! It has been ported from Middleman to Zola and has received some style improvements. RSS support has temporarily been removed, but you can expect it to be restored along with some content updates soon.

Dept of Guides 🧭

New documentation from Nataraj

Nataraj offered:

I have written a guide about configuring bridge to FreeNode:

And wrote a HowTo for installation matrix-appservice-irc on Debian:

Dept of Tulir 🇫🇮

A rather infrequent section.

Tulir offered:

Since multiple people have asked me about it, I now have a GitHub sponsor thing where you can get a fancy flair in my rooms and access to a highly exclusive sponsor room.

I didn't have any public donation things earlier due to the Finnish money collection act, but I realized that I can bypass that by selling things (like access to a Matrix room) instead of it only being a donation.

Completely unrelated to that: Following the bridge info state event implementation in my bridges, I've made a PR to Riot web to fix some bugs related to showing the bridge info there:

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS

Final thoughts 💭

Last week we featured some Sytest output and compared the results between homeservers, which was fun! We'll bring this back as an occasional feature.

I didn't feature this last month: GNU Radio are now using Matrix.

That's all I know 🏁

See you next week, and be sure to stop by with your updates!

Welcoming Automattic to Matrix!

21.05.2020 01:42 — General Matthew Hodgson
Last update: 21.05.2020 01:28

Automattic ♥️ Matrix

Hi all,

We’re very excited indeed to announce that Automattic, the creators of, are jumping head first into the Matrix ecosystem with a strategic investment of almost $5M into New Vector (the company which makes Riot and, founded by the core Matrix team in 2017). More importantly, Matt Mullenweg (co-founder of WordPress and founder of Automattic) and the Automattic gang are committing to make the most of Matrix in their work going forwards!

This is huge news, not least because WordPress literally runs over 36% of the websites on today’s web - and the potential of bringing Matrix to all those users is incredible. Imagine if every WP site automatically came with its own Matrix room or community? Imagine if all content in WP automatically was published into Matrix as well as the Web? (This isn’t so far fetched an idea - turns out that Automattic already runs a XMPP bridge for over at!). Imagine there was an excellent Matrix client available as a WordPress plugin for embedding realtime chat into your site? Imagine if Tumblr (which is part of Automattic these days) became decentralised!?

In fact, if you’re a developer in either the Matrix or WordPress communities, now might be a good time to think about how to cross the streams.... not least because Automattic just opened up a role for a Integrations Engineer! Quite aside from the investment, this shows Automattic is serious about Matrix - and we’d like to thank them for opening up jobs in these challenging times to further accelerate Matrix. Perhaps some day Matrix Engineer will be as common a career choice as Web Developer ;)

That said, it’s super early days for integration work, and there isn’t a concrete project to announce yet beyond the investment in New Vector (which is effectively an extension of the funding NV raised in October) and Automattic’s Job opening - but these are the sort of ideas we’ve been kicking around. And at the very least, we should expect to see Automattic’s communities migrating over to Matrix in the coming months.

It’s been loads of fun working with Matt and the team on this: we see a huge overlap in terms of a genuine love for the open web, open source and open standards. It’s also no coincidence that Matt (independently of Automattic) donated substantially to Matrix via Patreon back in 2017 when we needed it the most. We’re also looking forward to benefiting from Automattic’s experience in sustainably and responsibly funding and growing open source projects in general - is an excellent example of how one can support development of a project like WordPress without compromising its open source nature.

So, we’d like to formally welcome WordPress and the rest of the Automattic family into Matrix. It’s incredibly exciting times, and we can’t wait to see what will come of the partnership! And meanwhile, if any other massive open source organisations want to join Automattic and Mozilla in leaping into Matrix, you know where to find us… :D

Huge thanks go to Matt for believing in Matrix - watch this space for updates.

  • Matthew, Amandine & the Matrix Team.

Synapse 1.13.0 released

19.05.2020 00:00 — Releases Neil Johnson

Synapse 1.13.0 is here and it's a whopper!

Highlights include new support for User Interactive Authentication (UIA) for Single Sign-on (SSO) installations. This means that for the first time features that require the user to re-authenticate are available for servers that authenticate by SSO. Notably this means that these servers now support cross signing!

SSO admins should take a look at the SSO notes in the changelog.

We have been working hard on performance for large scale installations. Anyone supporting more than a few thousand users is probably running Synapse in worker mode. This means splitting out functionality from the master process and making use of multiple cores (or machines) to spread the load. Cross process communication was previously handled by a home grown TCP based replication protocol. As part of our ongoing efforts to improve performance we have replaced this replication system with Redis and have been running Redis in production on for the past 2 weeks.

Redis itself does not provide a significant performance win directly but it means that it is much less expensive to add new workers to a cluster. The topology of the old system meant that every additional worker carried a small but not insignificant overhead to the master process. Since moving to Redis we have doubled the number of workers backing

We still consider Redis to be experimental and admins should not feel obliged to upgrade. However it looks very promising and we are likely to deprecate the old replication system in future. So watch this space - Redis is the future.

Finally we've seen lots of improvements to our documentation and many thanks for those in the community making contributions in this area.

It is also worth noting for those of you contributing to Synapse that the develop branch is now the default. More details in the changelog, so take a look.

Get 1.13.0 from github or any of the sources mentioned at

Changelog since v1.12.4

Synapse 1.13.0 (2020-05-19)

This release brings some potential changes necessary for certain configurations of Synapse:

  • If your Synapse is configured to use SSO and have a custom sso_redirect_confirm_template_dir configuration option set, you will need to duplicate the new sso_auth_confirm.html, sso_auth_success.html and sso_account_deactivated.html templates into that directory.
  • Synapse plugins using the complete_sso_login method of synapse.module_api.ModuleApi should instead switch to the async/await version, complete_sso_login_async, which includes additional checks. The former version is now deprecated.
  • A bug was introduced in Synapse 1.4.0 which could cause the room directory to be incomplete or empty if Synapse was upgraded directly from v1.2.1 or earlier, to versions between v1.4.0 and v1.12.x.

Please review UPGRADE.rst for more details on these changes and for general upgrade guidance.

Notice of change to the default git branch for Synapse

With the release of Synapse 1.13.0, the default git branch for Synapse has changed to develop, which is the development tip. This is more consistent with common practice and modern git usage.

The master branch, which tracks the latest release, is still available. It is recommended that developers and distributors who have scripts which run builds using the default branch of Synapse should therefore consider pinning their scripts to master.


  • Extend the web_client_location option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata. (#7006)
  • Set Referrer-Policy header to no-referrer on media downloads. (#7009)
  • Add support for running replication over Redis when using workers. (#7040, #7325, #7352, #7401, #7427, #7439, #7446, #7450, #7454)
  • Admin API POST /_synapse/admin/v1/join/<roomIdOrAlias> to join users to a room like auto_join_rooms for creation of users. (#7051)
  • Add options to prevent users from changing their profile or associated 3PIDs. (#7096)
  • Support SSO in the user interactive authentication workflow. (#7102, #7186, #7279, #7343)
  • Allow server admins to define and enforce a password policy (MSC2000). (#7118)
  • Improve the support for SSO authentication on the login fallback page. (#7152, #7235)
  • Always whitelist the login fallback in the SSO configuration if public_baseurl is set. (#7153)
  • Admin users are no longer required to be in a room to create an alias for it. (#7191)
  • Require admin privileges to enable room encryption by default. This does not affect existing rooms. (#7230)
  • Add a config option for specifying the value of the Accept-Language HTTP header when generating URL previews. (#7265)
  • Allow /requestToken endpoints to hide the existence (or lack thereof) of 3PID associations on the homeserver. (#7315)
  • Add a configuration setting to tweak the threshold for dummy events. (#7422)


  • Don't attempt to use an invalid sqlite config if no database configuration is provided. Contributed by @nekatak. (#6573)
  • Fix single-sign on with CAS systems: pass the same service URL when requesting the CAS ticket and when calling the proxyValidate URL. Contributed by @Naugrimm. (#6634)
  • Fix missing field default when fetching user-defined push rules. (#6639)
  • Improve error responses when accessing remote public room lists. (#6899, #7368)
  • Transfer alias mappings on room upgrade. (#6946)
  • Ensure that a user interactive authentication session is tied to a single request. (#7068, #7455)
  • Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors. (#7089)
  • Return the proper error (M_BAD_ALIAS) when a non-existent canonical alias is provided. (#7109)
  • Fix a bug which meant that groups updates were not correctly replicated between workers. (#7117)
  • Fix starting workers when federation sending not split out. (#7133)
  • Ensure is_verified is a boolean in responses to GET /_matrix/client/r0/room_keys/keys. Also warn the user if they forgot the version query param. (#7150)
  • Fix error page being shown when a custom SAML handler attempted to redirect when processing an auth response. (#7151)
  • Avoid importing sqlite3 when using the postgres backend. Contributed by David Vo. (#7155)
  • Fix excessive CPU usage by prune_old_outbound_device_pokes job. (#7159)
  • Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature. (#7177)
  • Fix a bug which could cause incorrect 'cyclic dependency' error. (#7178)
  • Fix a bug that could cause a user to be invited to a server notices (aka System Alerts) room without any notice being sent. (#7199)
  • Fix some worker-mode replication handling not being correctly recorded in CPU usage stats. (#7203)
  • Do not allow a deactivated user to login via SSO. (#7240, #7259)
  • Fix --help command-line argument. (#7249)
  • Fix room publish permissions not being checked on room creation. (#7260)
  • Reject unknown session IDs during user interactive authentication instead of silently creating a new session. (#7268)
  • Fix a SQL query introduced in Synapse 1.12.0 which could cause large amounts of logging to the postgres slow-query log. (#7274)
  • Persist user interactive authentication sessions across workers and Synapse restarts. (#7302)
  • Fixed backwards compatibility logic of the first value of trusted_third_party_id_servers being used for, which occurs when the former, deprecated option is set and the latter is not. (#7316)
  • Fix a bug where event updates might not be sent over replication to worker processes after the stream falls behind. (#7337, #7358)
  • Fix bad error handling that would cause Synapse to crash if it's provided with a YAML configuration file that's either empty or doesn't parse into a key-value map. (#7341)
  • Fix incorrect metrics reporting for renew_attestations background task. (#7344)
  • Prevent non-federating rooms from appearing in responses to federated POST /publicRoom requests when a filter was included. (#7367)
  • Fix a bug which would cause the room directory to be incorrectly populated if Synapse was upgraded directly from v1.2.1 or earlier to v1.4.0 or later. Note that this fix does not apply retrospectively; see the upgrade notes for more information. (#7387)
  • Fix bug in EventContext.deserialize. (#7393)
  • Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. (#7376)
  • Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. (#7483)
  • Hash passwords as early as possible during registration. (#7523)

Improved Documentation

  • Update Debian installation instructions to recommend installing the virtualenv package instead of python3-virtualenv. (#6892)
  • Improve the documentation for database configuration. (#6988)
  • Improve the documentation of application service configuration files. (#7091)
  • Update pre-built package name for FreeBSD. (#7107)
  • Update postgres docs with login troubleshooting information. (#7119)
  • Clean up a bit. (#7141)
  • Add documentation for running a local CAS server for testing. (#7147)
  • Improve by being explicit about public IP recommendation for TURN relaying. (#7167)
  • Fix a small typo in the metrics_flags config option. (#7171)
  • Update the contributed documentation on managing synapse workers with systemd, and bring it into the core distribution. (#7234)
  • Add documentation to the password_providers config option. Add known password provider implementations to docs. (#7238, #7248)
  • Modify suggested nginx reverse proxy configuration to match Synapse's default file upload size. Contributed by @ProCycleDev. (#7251)
  • Documentation of media_storage_providers options updated to avoid misunderstandings. Contributed by Tristan Lins. (#7272)
  • Add documentation on monitoring workers with Prometheus. (#7357)
  • Clarify endpoint usage in the users admin api documentation. (#7361)

Deprecations and Removals

  • Remove nonfunctional captcha_bypass_secret option from homeserver.yaml. (#7137)

Internal Changes

  • Add benchmarks for LruCache. (#6446)
  • Return total number of users and profile attributes in admin users endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. (#6881)
  • Change device list streams to have one row per ID. (#7010)
  • Remove concept of a non-limited stream. (#7011)
  • Move catchup of replication streams logic to worker. (#7024, #7195, #7226, #7239, #7286, #7290, #7318, #7326, #7378, #7421)
  • Convert some of to async/await. (#7110, #7184, #7241)
  • De-duplicate / remove unused REST code for login and auth. (#7115)
  • Convert *StreamRow classes to inner classes. (#7116)
  • Clean up some LoggingContext code. (#7120, #7181, #7183, #7408, #7426)
  • Add explicit instance_id for USER_SYNC commands and remove implicit conn_id usage. (#7128)
  • Refactored the CAS authentication logic to a separate class. (#7136)
  • Run replication streamers on workers. (#7146)
  • Add tests for outbound device pokes. (#7157)
  • Fix device list update stream ids going backward. (#7158)
  • Use stream.current_token() and remove stream_positions(). (#7172)
  • Move client command handling out of TCP protocol. (#7185)
  • Move server command handling out of TCP protocol. (#7187)
  • Fix consistency of HTTP status codes reported in log lines. (#7188)
  • Only run one background database update at a time. (#7190)
  • Remove sent outbound device list pokes from the database. (#7192)
  • Add a background database update job to clear out duplicate device_lists_outbound_pokes. (#7193)
  • Remove some extraneous debugging log lines. (#7207)
  • Add explicit Python build tooling as dependencies for the snapcraft build. (#7213)
  • Add typing information to federation server code. (#7219)
  • Extend room admin api (GET /_synapse/admin/v1/rooms) with additional attributes. (#7225)
  • Unblacklist '/upgrade creates a new room' sytest for workers. (#7228)
  • Remove redundant checks on daemonize from synctl. (#7233)
  • Upgrade jQuery to v3.4.1 on fallback login/registration pages. (#7236)
  • Change log line that told user to implement onLogin/onRegister fallback js functions to a warning, instead of an info, so it's more visible. (#7237)
  • Correct the parameters of a test fixture. Contributed by Isaiah Singletary. (#7243)
  • Convert auth handler to async/await. (#7261)
  • Add some unit tests for replication. (#7278)
  • Improve typing annotations in synapse.replication.tcp.streams.Stream. (#7291)
  • Reduce log verbosity of url cache cleanup tasks. (#7295)
  • Fix sample SAML Service Provider configuration. Contributed by @frcl. (#7300)
  • Fix StreamChangeCache to work with multiple entities changing on the same stream id. (#7303)
  • Fix an incorrect import in IdentityHandler. (#7319)
  • Reduce logging verbosity for successful federation requests. (#7321)
  • Convert some federation handler code to async/await. (#7338)
  • Fix collation for postgres for unit tests. (#7359)
  • Convert RegistrationWorkerStore.is_server_admin and dependent code to async/await. (#7363)
  • Add an instance_name to RDATA and POSITION replication commands. (#7364)
  • Thread through instance name to replication client. (#7369)
  • Convert synapse.server_notices to async/await. (#7394)
  • Convert synapse.notifier to async/await. (#7395)
  • Fix issues with the Python package manifest. (#7404)
  • Prevent methods in synapse.handlers.auth from polling the homeserver config every request. (#7420)
  • Speed up fetching device lists changes when handling /sync requests. (#7423)
  • Run group attestation renewal in series rather than parallel for performance. (#7442)
  • Fix linting errors in new version of Flake8. (#7470)
  • Update the version of dh-virtualenv we use to build debs, and add focal to the list of target distributions. (#7526)

This Week in Matrix 2020-05-15

15.05.2020 00:00 — This Week in Matrix Ben Parsons

Open Tech Will Save Us 🎙

Second edition of OTWSU took place this week! Chance to watch it if you haven't already, or (pro-tip), watch it again.

  • Mike Hoye from Mozilla talks about "Verbs in the fediverse"
  • Eugen (@[email protected]) discusses "how we keep running at scale" as a Q&A
  • ... and a new VIP tour of Dendrite, the next-gen Matrix Homeserver, from our own neilalexander and Kegan!

Dept of Status of Matrix 🌡

Bundeswehr switching to Matrix

Oleg said:

German army reported in December 2019 their intentions for Matrix.

Now they decided to replace Stashcat with Matrix in this autumn.

Around 50'000 account are planned.

Riot will be used as a Matrix client. The E2EE by default and device Cross-Signing will be extensively used.

Full article (in German):

Mozilla are happy with their deployment!

About a year after this tweet, four months after deployment of our open source @matrixdotorg instance, community participation in the Mozilla project has increased from 4x to 10x across all the projects that previously relied on IRC.

— mhoye (@mhoye) May 12, 2020

For more from Mike check out the OTSWU recording above, he's on first.

Dept of Spec 📜


anoa announced:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at

MSC Status

Merged MSCs:

  • No MSCs were merged this week.

MSCs in Final Comment Period:

New MSCs:

Spec Core Team

In terms of Spec Core Team MSC focus for this week, MSC2526 has entered FCP. We'd like to keep the E2E MSCs in flight in focus, but are also conscious that room v6 is coming up. We're sticking the MSCs for the latter alongside the existing E2E ones in the focus queue, for a total of 5. Those MSCs are: MSC2366 (verification flows), MSC2399 (UISI messaging), MSC2540 (canonical JSON validation), MSC2209 (notifications auth rules), and MSC2240 (room version 6).

Dept of Servers 🏢

Dendrite / gomatrixserverlib

Dendrite is a next-generation homeserver written in Go

Neil Alexander announced:

  • Dendrite now implements /get_missing_events, which improves inbound federation reliability significantly

  • State resolution v2 implementation in gomatrixserverlib now uses significantly less overall memory and performs far fewer allocations

  • A skeleton keyserver component has been added - it returns no keys for now but that is enough to satisfy Riot when creating DMs

  • Canonical alias is now set if needed when the room is created

  • Reduced the number of HTTP 500s returned by the media API

  • Sync API topology logic and tokens have been reworked

  • Server keys are now cached in memory using an LRU cache, regardless of database or fetchers used

  • Federated joins now attempt all listed servers more reliably

  • Federated joins in response to an incoming invite should now work, particularly in cases where the room had previously been joined and left

  • Some Prometheus statistics are now available for the LRU caches

  • Sync API storage layer has been deduplicated quite a bit

  • Display name and avatar URL are now sent in join content again after a regression

  • Fixed a bug in the membership updater when matching added and removed state

  • Fixed a bug where a response to a federated device query would not contain all required fields

  • Fixed a bug where /sync could panic after joining a room

Get a real demo of Dendrite from Open Tech Will Save Us #2


Conduit is a Matrix homeserver written in Rust

timo said:

This week I worked on presence and end to end encryption, but they are not working yet.

Meanwhile, Valkum got sytest integration working! This means each time a new commit is pushed to a branch, CI automatically picks up on that and lets a lot of tests run on the homeserver - the same tests that synapse uses. Currently we have 8% of all tests positive on Conduit.

Client-Server APIs: 8% (56/667 tests)


  Registration             :  53% (17/32 tests)
  Login                    :  26% (5/19 tests)

  V1 CS APIs               :  10% (3/30 tests)
  Misc CS APIs             : 100% (1/1 tests)

  Profile                  :  33% (2/6 tests)
  Devices                  :  17% (2/12 tests)

  Presence                 :   0% (0/10 tests)
  Create Room              :  31% (4/13 tests)

  Sync API                 :   1% (1/85 tests)
  Room Membership          :   0% (0/15 tests)

  Room State APIs          :   0% (0/14 tests)
  Public Room APIs         :   0% (0/7 tests)

  Room Aliases             :   0% (0/15 tests)

At the same time, MTRNord tried to integrate opentracing into Conduit and Paul worked on a docker file to make installation easier.

Thanks to my supporters on Liberapay.

See the bottom of this post for some more interesting numbers!


anoa offered:

Synapse v1.13.0rc2 shipped this week with the following notable improvements:

  • SSO support in User-Interactive Authentication sessions

  • Cross-signing device list bug fixes

  • The ability to run in worker mode using redis as a backend (which will soon be considered the default transport for Synapse workers)

  • Some admin api improvements and additions well as all the usual bug fixes and especially performance improvements. See the changelog for the full details and please test if you can! A full release is expected early next week.

Speaking of next week: work will involve getting room version 6 ready to ship, alongside even more performance work - especially moving event processing off the master process (the code for which is already running successfully on Half-Shot's own homeserver)!

Dept of Bridges 🌉


Icewind told us:

I've been working on a new puppet bridge for steam chat mx-puppet-steam, while I would still consider it to be in alpha state, most of the things needed for day to day chatting are functional.

It bridges both one on one and group messages, shows the proper name, avatar and online status of your frends and handles embedded images in one on one chats.

I have a docker image for it if that helps:


Tulir reported:

As promised last week, mautrix-whatsapp now has end-to-bridge encryption (currently on the e2be branch, will be merged to master soon™). It works mostly the same way as the other bridges.

Dept of Clients 📱

It's a big, big week for client news! We must take a deeper look at some of these projects soon!

Ditto v0.4.1 Released!

Annie offered:

What is Ditto?

Ditto is a mobile client for iOS and Android! It's available on TestFlight and Google Play (beta) - download link available on the website below.

What's New?


  • Reactions support! 😄🎉

  • Add a visual hint if a message is sending or could not be sent

  • Send pending messages when the connection to the homeserver is back


  • Update to React Native 0.62.2

  • Major performance improvements!


  • Redacted events have a proper message

  • Switched push gateway to https


Half-Shot said:


I got really bored in lockdown, as we all have. I stared at my TV, and it stared back at me. While it's definitely a privacy nightmare to start developing apps for these things, I couldn't help myself. I got stuck in, and secured myself a LG Developer Account.

The LG set of smart TVs use WebOS, as like the name suggests, runs apps in it's special variant of Chromium. I was lucky to be running a recent OS and had access to Chromium 53! And NodeJS 0.12!! Sarcasm aside, there are some very troubling versions of WebOS with much older versions of the browser, so I was happy to be developing against something with strong ES6 support. Despite the absolutely awful onboarding experience, the WebOS SDK itself was pretty good. matrix-tv was written to be a general large screen matrix client, so it talks to the TV's own libraries through an abstraction layer :)

Anyway, this client is the culmination of a lazy Sunday afternoon's work. It features very basic support for viewing a room, but I hope to expand it at some point. It supports running in a web browser and the aforementioned OS, but support for more variants is easy to add. I'm looking into how to design for the large screen beyond making fonts bigger, because the unique constraints on memory and UI are fun challenge.


Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico ( announced:

  • Nheko now supports SSO. If your server uses SSO, you may want to test that, if it works for you, but I did successfully sign into the Mozilla homeserver.

  • We improved hinting on the login and registration pages, so it should be easier to enter correct credentials.

  • Replies now have a max height by default. If you want to see the full reply, you need to click on it to navigate to the reply.

  • Nheko now has a red unlocked padlock, when an unencrypted message is sent in an encrypted room.

  • red_sky has been hacking along on reactions. Displaying them is now in master, for sending he is currently reworking the emoji picker, so that it can be attached to the timeline more easily and it is easier to search, etc.

Nheko has it's own weblate btw, if anyone feels like translating a bit of stuff:

Pattle: version 0.16.0

Pattle is a client written for Flutter using Dart

Wilko said:

A new version has been made available and will become available on Google Play and TestFlight!

Because of corona this might take longer than usual.


  • Huge performance improvements! All SDK processing now happens in a different isolate (comparable to a thread)!

  • Also huge start up time improvement! When opening the app you should see your chats in less than or equal to a second! (will vary per device)

  • You'll now see two checkmarks when a message is read!

  • Add Dutch translations! (thanks to Louis!)

  • You can logout now!

  • An error along with a stack trace is now shown when the initial sync fails. You can use it to inform me and make an issue!

  • For the launcher icons vectors are now used on Android when it's supported

  • Contributing is now easier, you don't have to sign a CLA anymore!

Get Pattle

Issues or suggestions

If you stumble upon any issues or would like to suggest features, please do so here!

You can login via GitHub and!

Follow development

Follow development in!


benoit reported:

We are making progress on Identity server feature implementation (PR in review). Also we are working to integrated call with WebRTC, integration manager (widget, Jitsi, sticker) and we are stabilizing the application, especially on the cross-signing part.

Expect a new corrective release at the end of the day!


gomuks is a terminal based Matrix client written in Go. Source on GitHub

Tulir offered:

I was able to solve a few annoying bugs like message history disappearing and switching rooms taking time (it turned out that read receipts were being sent synchronously), so I decided to release gomuks v0.1.0.


krille said:

FluffyChat 0.13.1 is out with:

  • New status feature

  • HTML rendering of messages

  • Markdown support

  • Enhanced chat list design

  • New translations (Polish, Hungarian)

  • Lots of minor fixes and refactoring



Nio is a client written with SwiftUI

kilian told us:

Since the last updates, there's been a few cool new features and changes added to Nio:

  • message text field supports multiple lines of input

  • edit badges instead of "(edited)"

  • markdown message rendering

  • spanish translation

  • blurhash support for incoming images (so find some Nheko-using friends! 😄)

  • sending images

  • and a few minor and internal fixes

Join us in for discussion and more fun 😊

Riot-Android 0.9.11

benoit reported:

Riot-Android: Version 0.9.11 (with Matrix SDK 0.9.34) has been released on the PlayStore, and should be available for all during the week-end. It contains fixes on the identity server feature (the "missing token" thing), and also support Jitsi call with configured domain.


Manu offered:

On the cross-signing side, we have been working on the implementation of SSSS (to recover all private keys from the HS) and on UI polishments.

On the maintenance side, the new push mechanism from Apple has been implemented but it needs more work to work properly.

Riot integration with NextCloud

Riot-web integration with NextCloud exists! Source at

Dept of SDKs and Frameworks 🧰


Benedict offered:

This SDK is now on maven central. I also introduced support for implementing Application Services. The project can be found here: . It will be used by Matrix-SMS-Bridge, which only needs one telephone number. The latter will be released next week, when everything works fine (

Matrix Dart SDK: v0.31.0

Wilko said:

  • Add the ability to defer all processing to a different isolate

    When you use isolated: true on Homeserver.login or MyUser.fromStore, everything will be handled for you and the SDK works the same.

    This only works on platforms with the Dart VM (not web).

  • Updaters are now globally registered per MyUser id.

    This means for now only one Updater per MyUser is allowed. Updaters are created when a MyUser instance is retrieved via Homeserver.login or MyUser.fromStore

  • Add ability to specify what rooms to load from store when retrieving user

  • The previousBatch param from Room.copyWith is removed (wasn't used)

  • Add ability to override context in MyUser.copyWith and MyUser.merge

  • Updater and Homeserver are less coupled now

  • When a Context is changed with copyWith, all child objects' contexts are also changed

  • Fix bug in read receipt parsing (thanks to MatMaul!)

  • Sync errors are now pushed to the updates stream

  • Fix access token not being passed to logout API

  • Add type to RequestUpdate, so you can see which type of call

    the update was caused by

  • Moor has been updated

  • And other minor fixes!

Get it on pub, and see the source here!

Dept of Bots 🤖

JupyBot - First proof of concept

rdi said:

What is JupyBot

The purpose of the bot is to provide a link with Jupyter kernels running either on your local computer or somewhere else on a server. You can access your kernels through the bot with the chat interface. The kernels will answer to your commands through the same interface.

Since this is still a proof of concepts, the number of features is limited (command line text, string and pictures are the only output formats supported. No widget, no funny javascript) and they are few safeguards against infinite loops and other entertaining bugs.


This is right now just a proof of concept. We want to see if such a bot can be useful for people and how. What features would be interesting, what can be integrated in the present clients,... Therefore, in the short term, we want to focus on the possibility of easy testing for users and easy contributions for people who want to add their ideas. On the mid- and long term, a lot of ideas can be realized; it will depend on the feedback. These are just some examples. Short term:

  • proper error catching

  • fallback for non supported Jupyter formats on (i.e. a lot)

  • testing on termux on a tablet or smartphone

  • solve the problem with nio-matrix and upload in chunks of images.

  • Dockerized version

Middle term:

  • use of opsdroid as a framework

Longer term:

  • local server integrated to locally command the bot service.

  • make full use of jupyter capabilities with a client suited for it (for instance a Jupyterlab plugin)




lub reported:

I made a little bot that scrapes , because they've disabled their RSS feeds for some time now. It regularly scrapes all posts of a configured category and sends messages for new articles to all rooms the bot is a member of. It works like a RSS bot, except the source is a website instead of a RSS feed.

In the readme there are also some public instances, which you can just invite instead of hosting your own bot.

midori jabbot

Torrey Searle told us:

I've added matrix support into a chat bot, you can see the chat bot in action at and it's project page is here
it's main highlight is anybody can add new commands to it in chat using its scripting language
any any existing bot command can be used as a function in new scripts you write
The scripting language to add new commands can be found here
you can do things like
!script print "HELLO world";
or make a new command
!script sub hello { print "HELLO World"; }
that would result in a new command !hello being made
print also has 2 output stream, one for rich format and one for basic formatting
!script print "Hello World!"; print HTML "Hello <b>World</b>";

Dept of Events and Talks 🗣

Matrix will be featured in a Rust London meetup on the 27th May 2020.

New Public Rooms 🏟

Ludwig offered:

Hey, I have created a room for designers working on matrix stuff to join:

The goal is to improve cohesion and collaboration for all things design (UI, UX, interaction...) Over time, it should become a place for people to

  • ask design-specific questions

  • share cool stuff and be praised for all the good work you're doing

  • develop and document a common understanding of the semantics of matrix

  • make sure the user experience is amazing, even as we all figure out how to federate. Probably most designers work on single clients right now, but there are important UX questions that can only be answered ecosystem-wide. Maybe we'll end up with a design guide for people to use alongside the spec.

Final Thoughts 💭

Let's test homeservers against sytest, then unfairly pit them against one another! This week we're comparing Conduit and Dendrite - let's see the results!

Federation APIs1% (1/103 tests)27% (28/103 tests)
State APIs0% (0/13 tests)46% (6/13 tests)
Key API17% (1/6 tests)33% (2/6 tests)
Query API0% (0/5 tests)80% (4/5 tests)
send_join API0% (0/8 tests)38% (3/8 tests)
make_join API0% (0/2 tests)50% (1/2 tests)
Auth0% (0/19 tests)5% (1/19 tests)
room versions0% (0/7 tests)29% (2/7 tests)
Federation API0% (0/14 tests)36% (5/14 tests)
get_missing_events API0% (0/6 tests)33% (2/6 tests)
Backfill API0% (0/4 tests)0% (0/4 tests)
Invite API0% (0/10 tests)10% (1/10 tests)
send_leave API0% (0/1 tests)0% (0/1 tests)
Public Room API0% (0/1 tests)100% (1/1 tests)
Device Key APIs0% (0/7 tests)0% (0/7 tests)
Non-Spec API0% (0/50 tests)0% (0/50 tests)
Client-Server APIs8% (56/667 tests)33% (225/672 tests)
Registration53% (17/32 tests)62% (20/32 tests)
Login26% (5/19 tests)32% (6/19 tests)
V1 CS APIs10% (3/30 tests)10% (3/30 tests)
Misc CS APIs100% (1/1 tests)100% (1/1 tests)
Profile33% (2/6 tests)100% (6/6 tests)
Devices17% (2/12 tests)17% (2/12 tests)
Presence0% (0/10 tests)0% (0/10 tests)
Create Room31% (4/13 tests)92% (12/13 tests)
Sync API1% (1/85 tests)40% (34/85 tests)
Room Membership0% (0/15 tests)47% (7/15 tests)
Room State APIs0% (0/14 tests)36% (5/14 tests)
Public Room APIs0% (0/7 tests)14% (1/7 tests)
Room Aliases0% (0/15 tests)67% (10/15 tests)
Joining Rooms0% (0/8 tests)75% (6/8 tests)
Leaving Rooms0% (0/1 tests)100% (1/1 tests)
Inviting users to Rooms0% (0/14 tests)7% (1/14 tests)
Banning users0% (0/5 tests)20% (1/5 tests)
Sending events0% (0/3 tests)100% (3/3 tests)
Getting events for Rooms0% (0/10 tests)60% (6/10 tests)
Typing API0% (0/5 tests)0% (0/5 tests)
Receipts0% (0/4 tests)0% (0/4 tests)
Read markers0% (0/1 tests)100% (1/1 tests)
Media APIs10% (2/21 tests)24% (5/21 tests)
Capabilities API0% (0/2 tests)50% (1/2 tests)
Logout0% (0/4 tests)75% (3/4 tests)
Push APIs21% (12/58 tests)8% (5/59 tests)
Account APIs20% (2/10 tests)40% (4/10 tests)
Ephemeral Events0% (0/1 tests)0% (0/1 tests)
Power Levels0% (0/2 tests)83% (5/6 tests)
Redaction0% (0/5 tests)0% (0/5 tests)
Third-Party ID APIs16% (3/19 tests)16% (3/19 tests)
Guest APIs0% (0/35 tests)49% (17/35 tests)
Room Auth0% (0/25 tests)52% (13/25 tests)
Forget APIs0% (0/4 tests)25% (1/4 tests)
Context APIs0% (0/4 tests)0% (0/4 tests)
Room Upgrade APIs0% (0/21 tests)0% (0/21 tests)
Room Versions0% (0/40 tests)75% (30/40 tests)
Device Keys3% (1/37 tests)3% (1/37 tests)
Tagging APIs0% (0/8 tests)75% (6/8 tests)
Search APIs0% (0/6 tests)0% (0/6 tests)
OpenID API0% (0/3 tests)0% (0/3 tests)
Send-to-Device APIs0% (0/12 tests)0% (0/12 tests)
Server Admin API0% (0/1 tests)0% (0/1 tests)
Ignore Users0% (0/3 tests)0% (0/3 tests)
User Directory APIs0% (0/11 tests)0% (0/11 tests)
Application Services API4% (1/25 tests)20% (5/25 tests)

That's all I know 🏁

See you next week, and be sure to stop by with your updates!

Announcing GSOC 2020 Participants!

11.05.2020 00:00 — GSOC Ben Parsons


Google Summer of Code participants were announced last week. This year Matrix was assigned SIX students!

This is the most students we've have taken on in a single year, made possible by Matrix now acting as an umbrella organisation for multiple projects - this year that's Ruma, Nheko and OpsDroid. There are also students working on projects from the core team: go-neb, matrix-js-sdk and matrix-ircd.

We received dozens of applications this year, which made narrowing our focus to six students difficult, but we are proud to announce:

Devin Ragotzy, who has been involved with the Ruma project in the past, will work on Ruma procedural macro refactoring and more

Arnav Tiwari will work with Travis and myself to create HTML Embeddable Matrix Chat Rooms

Nikolaos Filippakis will work to support E2E encryption for go-neb. Kegan, one of the original go-neb authors is particularly excited about this one

Brooks Karlik will update matrix-ircd: Move matrix-ircd to async/await. This will be a welcome upgrade for anyone using that project!

Tyagdit will work with Cadair and the OpsDroid team on Enabling E2EE in Opsdroid Matrix Connector

Chethan Reddy, last but not least, will work with Nico and the Nheko gang on Adding Features in End-to-End encryption for Nheko-Reborn

Congratulations all, and also congratulations and thank you to the projects the students will be working on!

Find out all about Matrix @ GSoC on Google's dedicated site, and keep reading the Matrix blog where we'll have updates from the students.

PS Alejandro Domínguez has a Matrix related project too: they'll be working under the GNOME organisation to add Multi account support to Fractal.

This Week in Matrix 2020-05-07

07.05.2020 00:00 — This Week in Matrix Ben Parsons

Matrix Live 🎙

Matthew and Amandine discuss the week, including E2EE by default!

Dept of Status of Matrix 🌡

What a week!!

Lots happening this week! Cross-signing landed - this is a massive achievement for the team, and will go a long way to helping the user experience for new users especially. Read more in the major Riot blog post here. Time to start getting less-technical friends on Matrix!

Google announced their Summer of Code programme acceptees: Matrix have six students this year, our most ever! We'll make a new blog post next week welcoming the students!

Last month we hosted Open Tech Will Save Us meetup 1, so hold on to your keyboard as we announce Open Tech Will Save Us meetup 2!

Meetup 2 will feature:

  • Mike Hoye from Mozilla talking about "Verbs in the fediverse"
  • Eugen (@[email protected]) will talk about "how we keep running at scale" as a Q&A
  • +MORE

Dept of Spec 📜

anoa offered:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at

MSC Status

Merged MSCs:

MSCs in Final Comment Period:

New MSCs:

Spec Core Team

In terms of Spec Core Team MSC focus for this week, MSC2474 has entered FCP. Keeping with the E2EE theme, we've switched focus to MSC2526. So the new list of MSCs for next week is: MSC2366 (verification flows), MSC2399 (UISI messaging), and MSC2526 (deleting key backups).

Dept of Servers 🏢

Dendrite / gomatrixserverlib

Dendrite is a next-generation homeserver written in Go

Neil Alexander said:

  • Some of the work for /get_missing_events has been done now for filling gaps in the room DAG

  • Federation sender performance and parallelisation have been dramatically improved, which helps a lot in big rooms

  • Retries, backoff and blacklisting have also been implemented in the federation sender to handle cases where remote homeservers are unavailable much more gracefully

  • Retrieving missing state when receiving incoming events over federation is a bit more robust now

  • Creating direct chats now works

  • Invites are mostly working now overall, both locally and over federation

  • RespState and RespStateJoin have been fixed in gomatrixserverlib

  • Room joins and leaves are now handled by new code across the roomserver and federation server perform APIs, which reduces complexity significantly


Neil offered:

  • Redis live in production for! We did not expect this to translate into a significant improvement in performance directly, but it means that we can add new workers without any extra overhead on the master process which has been very useful in supporting cross signing.

  • Fixing bugs leading to messages getting stuck at the bottom of the timeline as well as messages not making it to sync at all.

  • Lots of improvements to deal with the extra load generated by cross signing.

All of these changes will be available in v1.13.0 which should have a release candidate ready rsn.

Next week, we continue to work on sharding changes, further SSO support and ensuring that cross signing adoption is as smooth as possible.


Gnuxie said:

Architect is a homeserver project written in Common Lisp. We intend to create a high performance homeserver using the meta-programming features of Common Lisp to reduce the amount of redundant and timely code that needs to be written and maintained.

architect events

I created a json-schema library, to generate class definitions directly from the Matrix specification. These classes also have information attached to them to allow for serialisation, using a metaclass from json-clos.

This is done entirely dynamically without writing to source files. The invocation of json-schema that creates classes for the client-server, server-server and application-service protocols is only about 20 lines.

I definitely approve of separating out the event library and generating it from the spec - Ruma also has this approach.


Conduit is a Matrix homeserver written in Rust

timo told us:

This week I refactored most of the data handling code to make it both more efficient and easier to read. I started by splitting a file called "" into multiple smaller files that handle just one part of the database, like "", "" or "". I continued improving the code by making methods return iterators instead of vectors and propagating errors instead of crashing directly. Lastly, I added a few comments here and there and made sure everything works.

Meanwhile, @Valkum experimented with CI and @MTRNord is working on FluffyChat Flutter support.

Finally, I want to thank my supporters on Liberapay.

Dept of Bridges 🌉

matrix-signal bridge

witchent told us:

After a few weeks of work the matrix-signal bridge is now functional again. In the process I also added the possibility to send audio and video files among other things.

If you want to try it out go to


mx-puppet-bridge is a general bridging library that supports (double)bridging and relays. The goal is to make it as easy as possible for others to bridge new third-party protocols to matrix. Support room Donate

sorunome reported:

mx-puppet-bridge now supports emote synchronising using revolution's custom emotes! The discord protocol implementation (mx-puppet-discord) already utilizes this

Easybridge is a multi-user bridge for small Matrix servers

LX reported:

Easybridge is a multi-user bridge for small Matrix servers, with the idea of making it easy for non-technical users to bridge their external accounts into Matrix. Once configured next to a server, users can just go to a dedicated web page and add their accounts with a simple form. Currently supported protocols include IRC (buggy), XMPP (basic feature only), Mattermost (quite in good shape) and Facebook Messenger (has issues with disconnections). Available at the following link:


Half-Shot offered:

Hello one and all. Today we're releasing the 1.2.0 of the slack bridge. No notable changes from the last RC this time, but another release should follow this one soon to make changes to the provisioning system :)

Dept of Clients 📱


gomuks is a terminal based Matrix client written in Go. Source on GitHub

Tulir offered:

gomuks's e2ee support is now on the master branch. The basic olm/megolm things like key distribution work fine, but no advanced stuff like key import/export or device verification yet.

I'll probably add e2be to mautrix-whatsapp next and then add some of the advanced e2ee stuff to gomuks. I'll also make a v0.1.0 release in gomuks after I figure out some bugs in message history loading.


Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico ( reported:

Apart from some further speedups, we've been working on reactions. Nheko can now display them and sending them should be done soon too. We also fixed a few bugs, when people reported them and you can now select, who you want to reply to by using a keyboard shortcut (Alt+Arrow keys for now). We will probably release a new version once reactions are done.


RiotX v0.19.0

benoit said:

We have released RiotX v0.19.0 on the PlayStore on Tuesday! This is a pretty huge release, including all the work on cross-signing, but also other features like changing account password, deactivating account, saving media to Gallery, etc., without forgetting a lot of bug fixes. More detailed change log can be found here:

We are now working to implement the main missing features compare to Riot-Android, with the target to upgrade Riot-Android with RiotX codebase in a few weeks.


Manu offered:

This week has mostly been another cross-signing week to improve it and to fix bugs. We released 0.11.2 on Monday. We are going to release 0.11.3 with the work we made this week. It should be available in the App Store tomorrow.

We also released MatrixSDK 0.16.4 with the last version of AFNetworking. That means apps using the MatrixSDK should be able to publish to the App Store again. There is no more usage of UIWebView.

Radical Native

stoic offered:

Your favorite way of electron-free searching through encrypted rooms in Riot Web was just updated to v0.1beta11, featuring:

New translation projects for RiotX and Nio

Take a look at and see if you can help with translation there.

Nio (client) translations are also now available on Weblate - go forth, translate and help Kilian out. Or, "aushelfen" him, as he might say.


Revolution is a riot-web fork that has things like custom emotes. Have you heard of it before? Well, it's been around for about two years already!

You can try it out on or build it yourself from the repos at

git clone <>
cd matrix-js-sdk

yarn install
yarn build

yarn link
cd ..

git clone <>
cd matrix-react-sdk

yarn link matrix-js-sdk
yarn install

yarn build
yarn link

cd ..
git clone <>

cd riot-web
yarn link matrix-js-sdk

yarn link matrix-react-sdk
yarn install

yarn build
yarn electron # this also launches the app

Dept of SDKs and Frameworks 🧰


Ruma is a Rust project to create a comprehensive set of APIs for Matrix. Previously there was a Ruma homeserver project.

jplatte offered:

Things are progressing at a fast pace, and after a few weeks of mostly pre-releases, we've now got

ruma-events 0.21.0

With this release, it is now easier than ever to work with malformed and / or custom events. Some big changes are already being planned for the next release.

ruma-api 0.16.0

We basically just deleted lots of code that is no longer needed with ruma-events 0.21.0. We also got rid of the dependency on the url crate, which really didn't have a very good reasont o be there.

ruma-client-api 0.8.0

With this release, ruma-client-api is basically up-to-date with r0.6.0 of the matrix specification. Special thanks to @iinuwa for updating a bunch of those endpoints, and for adding support for the user-interactive authentication API!

Dept of Bots 🤖

Opsdroid home-assistant bot

Oleg reported:

After seeing the fabulous matrix live opsdroid party I decided to release my home-assistant bot.

I use this bot for triggering home-assistant automations via matrix. All commands and actions can be configured using just a config file.

P.S: Thanks for Opsdroid! ❤︎


Awesome example of life imitating art! After we recorded the Matrix Live last week I resolved to get Opsdroid and Home Assistant running!

New Public Rooms 🏟

/r/AV1 discord bridged to Matrix

dandellion reported:

Anyone here is interested in AV1 (the new open video codec) and related modern codecs?

I have bridged the /r/AV1 discord to

Dept of Interesting Projects 🛰

Doctor Who watchalongs

Brendan said:

The Matrix community editions of the Doctor Who watchalongs continue! Next up on our line-up is another two-parter on Sunday (May 10th), we'll be pressing play on The Zygon Invasion at 7PM BST, then on The Zygon Inversion at 8PM BST! Joining us on Twitter will be Peter Harness (writer) & Ingrid Oliver (Petronella Osgood aka The Osgoods™︎), and maybe more 🙂

As always, to join the fun or know first-hand when the next event will happen, head over to

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS

That's all I know 🏁

See you next week, and be sure to stop by with your updates!

Cross-signing and End-to-end Encryption by Default is HERE!!!

06.05.2020 00:00 — General Matthew Hodgson

Hi all,

As of today, Matrix is end-to-end encrypted by default for private conversations.

Three years have passed since we first announced End-to-end Encryption in Matrix and started to beta test it in Riot - and after an enormous amount of polishing and refinement on its user experience, we are finally declaring it out of beta and enabling it by default for all new private conversations in Riot. As Riot is currently the most common Matrix client, this means that Matrix as a whole should now be considered end-to-end encrypted by default for DMs and invite-only rooms.

Work on E2EE in Matrix has progressed in waves since we first shipped it - including:

  • adding keysharing (letting you share encryption keys between your devices to improve reliability)
  • making Riot Web's encryption resilient to running concurrently in multiple tabs
  • adding online key backup (so you don't lose all your history if you lose all your devices)
  • making encryption resilient to restoring the app from a backup
  • adding interactive key verification via emoji to make the verification process easier.

However, our goal was always to enable E2EE by default for all private rooms, which means having feature parity between unencrypted and E2EE Matrix so that we can enable encryption without any negative impact on usability. The high-level remaining items were significant:

  • Cross-signing: verifying your own logins so others don’t have to.
  • Adding QR codes for even better verification UX, to make cross-signing as painless as possible.
  • Replacing the old prototype UI for E2EE with final polished UI/UX.
  • Ability to support non-E2EE clients.
  • Ability to search encrypted rooms.
  • Ability to view file indexes in encrypted rooms.
  • Fixing the remaining “Unable to decrypt” errors.

Over the last few months the Riot team has been almost entirely focused on implementing solutions to these items - and we're finally at the point where the switch can be flipped and as of Riot Web/Desktop 1.6, Riot iOS 0.11.1 and RiotX Android 0.19, all new private rooms will be encrypted by default; completing the transition we began at FOSDEM 2020 when we landed cross-signing E2E-by-default in the development branches of Riot.

For full details, please go check out the massive deep dive over at the Riot blog - also featuring all the other recent progress in Riot!

Heads up that encrypted traffic is slightly heavier on the server than unencrypted (due to exchanging keys, verification traffic, and keybackup traffic), and so there is a risk that the already-over-popular server instance may feel a little hugged to death. However, unprecedented Synapse performance breakthroughs are on the horizon in the coming weeks which will fix this - and, of course, you can (and should!) be using your own instance anyway.

Thanks everyone for helping us test encryption over the years and getting us to this point: cross-signing provides a more secure way of tracking device trust than almost any other comms system out there, and we hope that you'll agree the improved UX has been worth the wait.

Next stop: Synapse performance, and rebuilding Riot's first time user experience!


Matthew, Amandine & the Matrix Team.

(Comments over at HN)

This Week in Matrix 2020-05-01

01.05.2020 00:00 — This Week in Matrix Ben Parsons

Matrix Live 🎙

Dept of Status of Matrix 🌡

Cross-Signing is close, please test

Next week, Cross-Signing is planned for release!

Please test this weekend, and report any issues you may find! passes 3 Million bridged users

TravisR said:

Over 3 million people from Telegram and Discord have now been brought into the Matrix universe through Of those people, around 230 thousand are active each month and 15 thousand are dedicated users of the bridges daily.

While this is a huge milestone for,it underlines the importance of self-hosting: having a couple giant bridges is great for accessibility, though where possible it’s heavily encouraged that people self-host. Hosting the bridges yourself on your own homeserver gives you better control of what passes through your server, reduces your dependence on third parties like, and gives you better performance.

During peak periods, sees about 10 messages per second passing through it. Half of those messages are generated by the Telegram bridge alone. The other half is dealing with federation and the various other bridges and bots on In terms of media, a new image is uploaded every 2 seconds, leading to 5.8 TB of media being stored. The database is 3 TB and holds 236 Million events - roughly 131 Million of which are sent by

Thank you to everyone who has used in the past 3 years - it’s been more successful than ever imagined. Here’s to another year and a bunch of self-hosting. :)

Dept of Spec 📜

anoa said:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at

MSC Status

Merged MSCs:

  • No MSCs were merged this week

MSCs in Final Comment Period:

  • No MSCs are currently in FCP.

New MSCs:

Spec Core Team

In terms of Spec Core Team MSC focus for this week, MSC2454 has entered FCP, and as such we've decided to instead focus on MSC2399. So the new list of MSCs for next week is: MSC2366 (verification flows), MSC2399 (UISI messaging), and MSC2472 (Symmetric SSSS).

Dept of Servers 🏢

Dendrite / gomatrixserverlib

Dendrite is a next-generation homeserver written in Go

Neil Alexander announced:

  • Room version 5 support added - Dendrite now supports all current room versions!

  • Room version 5 will now be used by default when creating new rooms.

  • Backfill over federation has been implemented and it honours history_visibility correctly.

  • Strict key validity checking has been fully implemented in gomatrixserverlib in support of room version 5. Some key expiry bugs have also been fixed.

  • Back-pagination tokens are now generated correctly for events that have the same depth.

  • It's now possible to limit the number of Postgres connections - thanks tomasji!

  • Some progress towards working invites has been made.

  • Federated room joins are now performed by the federation sender as a part of an on-going remodelling.

  • Some bugs with URL query vs. path escaping have been fixed in gomatrixserverlib.

  • A number of internal APIs have been merged together.

  • Some new tests have been added to the sync API.

v5 rooms! this is a sign of huge progress in Dendrite!


Neil offered:

We’ve spent time this week working with the Riot teams to tweak performance for cross signing. We’ve also fixed a few performance regressions ahead of next week's 1.13.0 release (which will be a big one, more details when it lands).

With any luck we’ll have Redis in production on next week, we don’t think this will give us a huge performance win, but there is certainly overhead in having so many workers using the previous replication streaming method.

Our sharding project continues, and Erik has been trying to move the event stream entirely away from the master process which in itself could be significant for overall perf once ready for production.

Aside from that we continue to improve SSO support and we have a really great community PR from sandhose that implements OpenID Connect support. We are really looking forward to getting that merged. The admin API is also getting plenty of community love with awesome-manual and dklimpel leading the charge.

Next week, look out for 1.13.0 and hopefully some more good news on sharding.

P2P Matrix

kegan told us:

Version 0.0.6 has been released on which has the following changes:

  • Room version 5 is supported by default.

  • Backfill is much more reliable.

  • Backfill now does all PDU checks required of it

You might get kicked out a few times whilst the service worker shifts around, you can force things by going to chrome:serviceworker-internals or about:debugging#/runtime/this-firefox to unregister the worker manually. Logs will state version 0.0.6 on update.

All the benefits from Dendrite (above) will feed into this.


Conduit is a Matrix homeserver written in Rust

timo said:

There was a lot of progress this week!

  • First server-server communication by requesting a remote public room list

  • Paginated message loading

  • Message notifications

  • RiotX support

  • Changing the nickname works properly now

  • Forget rooms

Thanks to my supporters on Liberapay.

Dept of Bridges 🌉


Half-Shot announced:

Hey all, the IRC bridge has reached another milestone, 0.17.0. This is a medium sized release, containing a few nice to have features like predicting nickname conflicts and some work around user deactivation. Importantly, this release authenticates the provisioning endpoint so if you run an integration manager or script that makes use of it, ensure that it handles requests appropriately. You can see the changelog in


mx-puppet-bridge is a general bridging library that supports (double)bridging and relays. The goal is to make it as easy as possible for others to bridge new third-party protocols to matrix. Support room Donate

sorunome told us:

  • event syncing/storage is now properly handled on a per-room basis, rather than a global one

  • automatically renew double-puppeting if shared secret auth is enabled

  • Enhance reply support matrix->remote: The remote protocol gets in the callback now proper information on the event replied to

  • Add remote->matrix reply fallback


  • Implement skype quotes / matrix replies

  • various stability fixes

Dept of Clients 📱

Pattle: version 0.15.0

Pattle is a client written for Flutter using Dart

Wilko told us:

A new version has been made available and will become available on Google Play and TestFlight!

Because of corona this might take longer than usual.


  • A lot has changed internally, expect to have a smoother experience!

    (See also the Matrix Dart SDK release)

  • A new logo is here!

    Designed by bo_rad!

  • Logging in has completely been revamped

  • For the initial sync (after login) a splash screen is shown

  • Chats in the overview are now separated by two tabs: Chats and channels

  • There's now a navigation drawer, which will be filled with useful actions in the future. For now it's just a place to go to Settings

  • Message times are now shown on the same line, if possible

  • Replies have been redesigned

  • Buttons or list tiles that didn't do anything have been removed to avoid confusion

  • Image sending has been improved, the image is now shown immediately in the timeline

  • Push notifications don't popup when the respectful chat is opened

  • Push notifications are now grouped by chat

  • Push notifications are hidden when opening the respective chat

  • Messages are immediately marked as read, previously was after 2 seconds of having it opened

  • Some colors in the dark theme have been altered

  • Ability to create a chat has temporarily been removed, it wasn't functioning well and will be completely redone

Get Pattle

Issues or suggestions

If you stumble upon any issues or would like to suggest features, please do so here!

You can login via GitHub and!

Follow development

Follow development in!



gomuks is a terminal based Matrix client written in Go. Source on GitHub

Tulir announced:

gomuks now has experimental support for end-to-end encryption on the e2ee branch. It supports both text messages and media downloads. The majority of the work happened in mautrix-go (also on the e2ee branch). This also means that mautrix-whatsapp will get support for end-to-bridge encryption in the near future.

What megolm implementation are you using?

My own based on matrix-nio, the e2ee implementation guide and the spec. libolm bindings stolen from


Nio is a client written with SwiftUI

kilian told us:

Nio received some cool new features this week.

  • New Dutch and Chinese (simplified) translations (besides English & German)!

  • Edited messages are now displayed correctly.

  • An edit action has been added to the event context menu, long press a sent message to go into edit mode (looks cool as well!).

  • When entering a full MXID into the username field on logging in, Nio will automagically prefill the homeserver URL (if a well-known config is present server-side).

  • Rich text markdown message display including clickable links detection is now in the works!

Best part about all of these changes: They were contributed by others, I did nothing but merge the PRs! Open-Source ❤️ Shout out to,, and

Nio well known


benoit announced:

RiotX will finally be an update of Riot-Android on the PlayStore and RiotX beta will then be removed from the PlayStore. We will implement everything to let users upgrade their application without being forced to log in again.

While we are finalizing cross-signing, quadS, bootstrap, etc. on RiotX, we have started studying and implementing the main missing features: identity server and related functionality (terms of service consent, invite by email, search in contact list, bind emails and phone numbers, etc.), integration manager (terms of service consent,widgets, send stickers), WebRTC audio and video calls, Jitsi conference integration, and other important missing features like UI and UX to invite people to a room, etc. We are also fighting an annoying bug related to the navigation inside a timeline.

It's also now possible to deactivate your account using RiotX.

It's worth noting that people can contribute to translate RiotX by using new dedicated Weblate projects. Thanks!


Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico ( announced:

  • fernie contributed a smoother scroll behaviour and a loading indicator for individual rooms

  • We fixed some readability and styling issues

  • We fixed a major bug in 0.7.1, where you couldn't accept invites

  • We fixed a bug, where nheko would pin a core to 100% CPU on highdpi screens, because it tried to resize avatars all the time...

  • We also reduced CPU usage by a lot. Nheko now only uses 0.7% CPU on my system again and that's just the presence updates I get every 100ms or so...

There will probably be a release in the near future to get those fixes to people not running master.

The reduced CPU usage is mostly not resorting the whole room list all the time, but keeping the partially sorted room list around and not storing pending read receipts in the database but just applying them all the time without checking, if we are waiting on a receipt :D

Riot Web

A glossy Matrix collaboration client for the web.

Ryan told us:

Several more RCs this week have brought us ever closer to the release of cross-signing! A variety of verification, login, and toast issues related to cross-signing have been fixed in the RCs this week. Please do test over the weekend, as we're planning to release early next week if no issues are found.

Luxury Dark Theme for Riot

Dylan said:


OCRCC embeddable Matrix chatbox

Brendan told us:

Nomadic Labs have built an open-source embeddable chatbox using Matrix for the OCRCC (Ontario Coalition of Rape Crisis Centres) to allow survivors of sexual violence to communicate and seek help safely with OCRCC facilitators. This chatbox lives at - and it has a pretty nice feature set, including end-to-end encryption support.

They've also built a E2EE-capable bot to connect people with facilitators, which can be found here:

This is a really exciting project! Very stylish design and great to see people using Matrix for something so practical and positive. 👍

Dept of SDKs and Frameworks 🧰

Matrix Dart SDK: version 0.30.0

Wilko told us:

The whole SDK has been refactored!

  • All data objects such as MyUser, Room, etc. are now immutable

  • Add MoorStore, which uses moor (thanks to MatMaul for the idea and initial implementation!)

  • The SqfliteStore (was in a separate package) is now deprecated

  • LocalUser has been renamed to MyUser

And a lot of other changes!

How it works

The user has a stream of Updates, user.updates. An Update contains the latest 'snapshot' of data associated with the user. It also contains a delta MyUser, where all properties are null, except those that are changed. For example, if a user started typing in a certain room, and we're syncing, there will be an Update in user.updates, where delta has 1 Room in delta.rooms, with only the room where the user started typing, reflected in room.typingUserIds. All other properties of the Room will be null. This is all assuming that this is the only change in the sync. If more happened, it will be reflected in delta.

For more info, see the README

Some features previously present may not have been added yet again.

They will be added in the future!

Get it on pub!

Join to learn more!

🧙 Polyjuice Client

Polyjuice Client is a Matrix library for Elixir

uhoreg announced:

To better serve the wizarding community's transformation needs, I have released v0.2.2 of Polyjuice Client, a Matrix library for Elixir. This release adds support for some more Matrix endpoints, and allows paginating through room history using Elixir's streams.


jplatte and iinuwa offered:

We've iterated through a few new pre-releases of our libraries to bring some usability improvements. Here are a few highlights:

  • Implemented User-Interactive Authentication API and some other endpoints to bring us very close to full r0.6.0 compatibility

  • Updated the representation of events to allow preserving original JSON alongside typed event structs

  • Tidied up some our repositories, improved CI build times

  • Began work on Server-Server API in ruma-federation-api

Dept of Ops 🛠

matrix-chart v1.1.1

Typo Kign announced:

v1.1.1 of dacruz21/matrix-chart is out and now supports the IRC bridge! dacruz21/matrix-chart is a secure, scalable way to deploy a complete Matrix homeserver stack, complete with bridges and useful services, into Kubernetes. As always, come visit if you have any questions or need support!

buildbot-matrix plugin available

haywo said:

buildbot-matrix v0.0.1 released:

  • A plugin for the Buildbot CI framework

  • It sends build status notifications to a specified matrix room

  • available on PyPi, install with pip install buildbot-matrix

Dept of Bots 🤖


Cadair said:

Opsdroid has released v0.18 this week, which contains a load of stuff. The main matrix related changes are:

  • A generic event type for all unsupported matrix events, so you can now react to and send any custom events.

  • Implementation of the join room event in the matrix connector so you can react to users joining a matrix room.

  • A fix for mxc urls in messages, so inline images etc work.

  • A fix for the opsdroid memory to allow per-room matrix room state databases. This will hopefully be merged into core for the next release.

Picard Opsdroid Skill

Related to this release the picard skill for bridged slack/matrix community management has been updated, and now (for the first time) works with a release version of opsdroid rather than some random branch 🤣. This involved adding support for lots of different events to the slack connector in opsdroid.

See Matrix Live this week for a neat introduction to OpsDroid

New bot to share Jitsi call URLs

Cadair reported:

I wrote a bot to share Jitsi call URLs. The main objective is to allow people on the other side of bridges to get the URL for a jitsi call. When a jitsi widget is added to a room (v2 widget from riot-web) it will post a message with the plain jitsi URL. It also provides a !jitsi command which allows people to create a jitsi call with a custom URL, and if the bot has permission it will be added as a widget in the matrix room. It has a bunch of other config options you can tweak it with. The main thing you might find it useful for if you are not in a bridged room is you can use it to quickly add a jitsi widget for any conference URL. The bot can be found here: and it uses the opsdroid framework. I have also hosted a version

CovBot v0.1.5

Peter Roberts said:

  • Add regional data for Findland, Wales, Northern Ireland and Scotland with thanks to

  • Get UK and England regions from a new source as Public Health England stopped providing their CSV data, again thanks to

  • Send m.notice by default but use m.text in IRC bridged rooms to avoid annoying IRC users.

  • Make logging more consistent which helps with debugging.

MIT licensed on GitHub.

Dept of Interesting Projects 🛰

Doctor Who watchalongs

Brendan offered:

We're still having a great time watching Doctor Who with folks from the wider Matrix community. The next one scheduled is happening on Wednesday (May 6th) at 7PM, and we'll gather to watch The Girl in the Fireplace (series 2 episode 4) together, with tweets from Steven Moffat (writer) and Sophia Myles (Madame de Pompadour) bridged to the room 🙂

As always, if folks want to tag along and join the fun, feel free to join !

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS

That's all I know 🏁

See you next week, and be sure to stop by with your updates!

New Categories for Matrix Spec Changes

29.04.2020 22:37 — General Andrew Morgan
Last update: 29.04.2020 20:50

On April 14th, the Spec Core Team conducted a long-overdue retrospective about the things that were working in the Matrix Spec Proposal process, and those that were not.

The most glaring item on the list was the sluggish pace that many Matrix Spec Changes (MSCs) take throughout the proposal process, as well as the general lack of activity from the Spec Core Team members on proposals that have not yet started a Final Comment Period.

We deeply apologize for the frustration this has likely caused many MSC authors, and want to shed some light on the reasoning behind it, and what we plan to do to prevent leaving authors in the dark about why there may be no Spec Core Team activity on their proposal.

Proposal Triaging

There are currently 136 open MSCs that have yet to undergo Final Comment Period (FCP), 75 of which are marked as proposal-in-review, and 20 that have a FCP proposed. Relative to the 65 MSCs that have ever been closed, this is a lot of outstanding ideas, features and maintenance changes.

The Spec Core Team itself is made up of 8 members, each of which have separate full-time jobs. All team members are well-placed to be on the team given their wide breadth of knowledge across the Matrix ecosystem, however the majority are some of the most busy pushing forward Matrix's reference implementations - without which, Matrix will unquestionably fail. This limits the amount of MSCs that the team can effectively work on at a given time.

The team understands that there are MSCs that provide incredibly useful features, such as support for LaTeX in messages or the ability to "knock" on rooms, and would undoubtedly like to see them land at some point.

But there is also a large backlog of MSCs that provide even more fundamental fixes and additions to the protocol that the team needs to prioritise. These include things like cross-signing devices, the communities rewrite and finally merging reactions and edits into the spec.

While we announce what MSCs we're focusing on during a given week during TWIM, it's not as clear which items we're looking to pull from the backlog next. To help tackle this, and to help keep us honest, we've begun putting each MSC into either "feature", "maintenance", or "core" buckets. This materialises in the form of github tags, which can be used to filter the list of MSCs like so: feature, maintenance, core. For a given timespan, we’ll pick a track and pull MSCs out of that category when possible. More information about MSC categories are now detailed on the proposals page.

As for the next 6 to 12 months, we plan to work on items from the “core” category. We need to get Matrix to a point where it can compete with other, proprietary chat protocols and items in "core" are decidedly the proposals that will take us the furthest in that direction. This doesn't mean we won't occasionally look at an MSC in a different category, but it will heavily influence our prioritisation.


We'll try this approach out over the next few months and see how it goes. The next Spec Core Team retro will occur in the middle of May, where we will review the process once again.

For now, if you have any feedback please come and chat with us in :)