SlideShare a Scribd company logo
1 of 40
Decentralised Communication with
Matrix
matthew@matrix.org
http://www.matrix.org
The problem:
Users are locked into proprietary
communication apps.
They have no control over their
data or their privacy.
Worse still, each app is a closed
silo – forcing users to install
redundant apps and fragmenting
their comms.
I want to communicate with the
apps and services I trust.
6
Not be forced into specific
services chosen by my contacts.
7
If email gives me that flexibility,
why not VoIP and IM?
8
Enter Matrix
9
Open
Decentralised
Persistent
Eventually Consistent
Cryptographically Secure
Messaging Database
with JSON-over-HTTP API.
10
Matrix is for:
Group Chat (and 1:1)
WebRTC Signalling
Bridging Comms Silos
Internet of Things Data
…and anything else which needs to
pubsub persistent data to the world.
11
Matrix was built to liberate your
scrollback.
12
1st law of Matrix:
Conversation history and Group
comms are the 1st class citizens.
13
2nd law of Matrix:
No single party own your
conversations – they are shared
over all participants.
14
3rd law of Matrix:
All conversations may be
end-to-end encrypted.
15
Matrix is:
• Non-profit Open Source Project
• De-facto Open Standard HTTP APIs:
– Client <-> Server
– Server <-> Server
– Application Services <-> Server
• Apache-Licensed Open Source Reference Impls
– Server (Python/Twisted)
– Client SDKs (iOS, Android, JS, Angular, Python, Perl)
– Clients (Web, iOS, Android)
– Application Services (IRC, SIP, XMPP, Lync bridges)
• A whole ecosystem of 3rd party servers, clients & services
16
What does it look like?
17
Demo time!
http://matrix.org/blog/try-matrix-now
18
The Matrix Ecosystem
The Matrix Specification (Client/Server API)
client-side
server-side
Other Servers and
Services
Synapse
(Reference Matrix
Server)
Matrix Application
Services
Other Clients
Matrix iOS
Console
MatrixKit (iOS)
matrix-ios-sdk
Matrix
Web
Console
matrix-
angular-
sdk
matrix-js-sdk
Android Console
matrix-android-
sdk
matrix-
react-
sdk
Matrix Architecture
Clients
Home
Servers
Identity
Servers
Application
Servers
Functional Responsibility
• Clients: Talks simple HTTP APIs to homeservers to push
and pull messages and metadata. May be as thin or thick
a client as desired.
• Homeservers: Stores all the data for a user - the history
of the rooms in which they participate; their public
profile data.
• Application Services: Optional; delivers application layer
logic on top of Matrix (Gateways, Conferencing,
Archiving, Search etc). Can actively intercept messages if
required.
• Identity Servers: Trusted clique of servers (think DNS
root servers): maps 3rd party IDs to matrix IDs.
21
How does it work?
22
http://matrix.org/#about
The client-server API
To send a message:
curl -XPOST -d '{"msgtype":"m.text", "body":"hello"}'
"https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_
ID/send/m.room.message?access_token=ACCESS_TOKEN"
{
"event_id": "YUwRidLecu"
}
23
The client-server API
To set up a WebRTC call:
curl -XPOST –d '{
"version": 0, 
"call_id": "12345”, 
"offer": {
"type" : "offer”,
"sdp" : "v=0rno=- 658458 2 IN IP4 127.0.0.1…"
}
}'
"https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_
ID/send/m.call.invite?access_token=ACCESS_TOKEN"
{ "event_id": "ZruiCZBu” } 24
The client-server API
To persist some MIDI:
curl -XPOST –d '{
"note": "71",
"velocity": 68,
"state": "on",
"channel": 1,
"midi_ts": 374023441
}'
"https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_
ID/send/org.matrix.midi?access_token=ACCESS_TOKEN"
{ "event_id": “ORzcZn2” }
25
The server-server API
curl –XPOST –H ‘Authorization: X-Matrix origin=matrix.org,key=”898be4…”,sig=“j7JXfIcPFDWl1pdJz…”’ –d ‘{
"ts": 1413414391521,
"origin": "matrix.org",
"destination": "alice.com",
"prev_ids": ["e1da392e61898be4d2009b9fecce5325"],
"pdus": [{
"age": 314,
"content": {
"body": "hello world",
"msgtype": "m.text"
},
"context": "!fkILCTRBTHhftNYgkP:matrix.org",
"depth": 26,
"hashes": {
"sha256": "MqVORjmjauxBDBzSyN2+Yu+KJxw0oxrrJyuPW8NpELs"
},
"is_state": false,
"origin": "matrix.org",
"pdu_id": "rKQFuZQawa",
"pdu_type": "m.room.message",
"prev_pdus": [
["PaBNREEuZj", "matrix.org"]
],
"signatures": {
"matrix.org": {
"ed25519:auto": "jZXTwAH/7EZbjHFhIFg8Xj6HGoSI+j7JXfIcPFDWl1pdJz+JJPMHTDIZRha75oJ7lg7UM+CnhNAayHWZsUY3Ag"
}
},
"origin_server_ts": 1413414391521,
"user_id": "@matthew:matrix.org"
}]
}’ https://alice.com:8448/_matrix/federation/v1/send/916d630ea616342b42e98a3be0b74113 26
Application Services (AS)
• Extensible custom application logic
• They have privileged access to the server (granted
by the admin).
• They can subscribe to wide ranges of server traffic
(e.g. events which match a range of rooms, or a
range of users)
• They can masquerade as 'virtual users'.
• They can lazy-create 'virtual rooms'
• They can receive traffic by push.
27
Uses for AS API
• Gateways to other comms platforms
e.g.: all of Freenode is available at #freenode_#foo:matrix.org
• Data manipulation
– Filtering
– Translation
– Indexing
– Mining
– Visualisation
– Orchestration
• Application Logic (e.g. bots, IVR services)
• …
28
A trivial application service
import json, requests # we will use this later
from flask import Flask, jsonify, request
app = Flask(__name__)
@app.route("/transactions/<transaction>", methods=["PUT"])
def on_receive_events(transaction):
events = request.get_json()["events"]
for event in events:
print "User: %s Room: %s" % (event["user_id"], event["room_id"])
print "Event Type: %s" % event["type"]
print "Content: %s" % event["content"]
return jsonify({})
if __name__ == "__main__":
app.run()
29
Matrix Bridging with ASes
Existing App
Application
Service
3rd party
Server
3rd party
Clients
matrix-react-sdk
• All new web client SDK!
• Sensible separation of:
– HTTP API wrapper
– Matrix client state machine
– UI business logic
– UI look & feel (skin)
• Either customise per-component
• …or fork your own skin.
31
End to End Encryption with Olm
• Apache License C++11 implementation of an
Axolotl-style ratchet, exposing a C API.
• Axolotl is Open Whisper System's better-than-
OTR cryptographic ratchet, as used by
TextSecure, Pond, WhatsApp etc.
• Supports encrypted asynchronous group
communication.
• 130KB x86-64 .so, or 208KB of asm.js
32
33
Olm C API
Account
• Keys
Session
• Initial Key Exchange
Ratchet
• Encrypt
• Decrypt
Crypto
• Curve25519
• AES
• SHA256
Group chat
• Adds a 3rd type of ratchet, used to encrypt
group messages.
• Establish 'normal' 1:1 ratchets between all
participants in order to exchange the initial
secret for the group ratchet.
• All receivers share the same group ratchet
state to decrypt the room.
34
Flexible privacy with Olm
• Users can configure rooms to have:
– No ratchet (i.e. no crypto)
– Full PFS ratchet
– Selective ratchet
• Deliberately re-use ratchet keys to support paginating
partial eras of history.
• Up to participants to trigger the ratchet (e.g. when a
member joins or leaves the room)
– Per-message type ratchets
35
Current Progress
• Funded: May 2014
• Launched alpha: Sept 2014
• Entered beta: Dec 2014
• Stable v0.9 Beta: May 2015
• Crypto & React SDK, Jul 2015
• Aug 2015: Approaching 1.0...?
36
What's next?
• Rolling out E2E encryption
• Multi-way VoIP
• Lots more Application Services
• Landing V2 APIs
• Use 3rd party IDs by default
• Yet more performance work
• Spec polishing
• New server implementations!
37
We need help!!
38
• We need people to try running their own
servers and join the federation.
• We need people to run gateways to their
existing services
• We need feedback on the APIs.
• Consider native Matrix support for new apps
• Follow @matrixdotorg and spread the word!
39
Thank you!
matthew@matrix.org
http://matrix.org
@matrixdotorg
40

More Related Content

Similar to Construyendo un nuevo ecosistema para comunicaciones interoperables

Building an Open M2M community one step at a time
Building an Open M2M community one step at a timeBuilding an Open M2M community one step at a time
Building an Open M2M community one step at a time
Benjamin Cabé
 
Topic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxTopic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptx
AyeCS11
 
Protecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackProtecting Web Services from DDOS Attack
Protecting Web Services from DDOS Attack
Ponraj
 
Ex 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chenEx 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chen
Đô GiẢn
 
Ex 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chenEx 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chen
Đô GiẢn
 

Similar to Construyendo un nuevo ecosistema para comunicaciones interoperables (20)

Open source building blocks for the Internet of Things - Jfokus 2013
Open source building blocks for the Internet of Things - Jfokus 2013Open source building blocks for the Internet of Things - Jfokus 2013
Open source building blocks for the Internet of Things - Jfokus 2013
 
Building an Open M2M community one step at a time
Building an Open M2M community one step at a timeBuilding an Open M2M community one step at a time
Building an Open M2M community one step at a time
 
OWF12/Java Building an Open M2M community
OWF12/Java Building an Open M2M communityOWF12/Java Building an Open M2M community
OWF12/Java Building an Open M2M community
 
Matrix, The Year To Date, Ben Parsons, TADSummit 2018
Matrix, The Year To Date, Ben Parsons, TADSummit 2018Matrix, The Year To Date, Ben Parsons, TADSummit 2018
Matrix, The Year To Date, Ben Parsons, TADSummit 2018
 
Microservices Practitioner Summit Jan '15 - Don't Build a Distributed Monolit...
Microservices Practitioner Summit Jan '15 - Don't Build a Distributed Monolit...Microservices Practitioner Summit Jan '15 - Don't Build a Distributed Monolit...
Microservices Practitioner Summit Jan '15 - Don't Build a Distributed Monolit...
 
Fast RTPS Workshop at FIWARE Summit 2018
Fast RTPS Workshop at FIWARE Summit 2018Fast RTPS Workshop at FIWARE Summit 2018
Fast RTPS Workshop at FIWARE Summit 2018
 
Chat app case study - xmpp vs SIP
Chat app case study - xmpp vs SIPChat app case study - xmpp vs SIP
Chat app case study - xmpp vs SIP
 
Viloria osi layer4-7
Viloria osi layer4-7Viloria osi layer4-7
Viloria osi layer4-7
 
Workshop on Network Security
Workshop on Network SecurityWorkshop on Network Security
Workshop on Network Security
 
Mesh IoT Networks Explained
Mesh IoT Networks ExplainedMesh IoT Networks Explained
Mesh IoT Networks Explained
 
Topic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptxTopic # 16 of outline Managing Network Services.pptx
Topic # 16 of outline Managing Network Services.pptx
 
DCN-chapter1.pdf
DCN-chapter1.pdfDCN-chapter1.pdf
DCN-chapter1.pdf
 
Application Layer
Application LayerApplication Layer
Application Layer
 
Block chain technology
Block chain technologyBlock chain technology
Block chain technology
 
Protecting Web Services from DDOS Attack
Protecting Web Services from DDOS AttackProtecting Web Services from DDOS Attack
Protecting Web Services from DDOS Attack
 
Ex 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chenEx 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chen
 
Ex 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chenEx 1 chapter03-appliation-layer-tony_chen
Ex 1 chapter03-appliation-layer-tony_chen
 
Block chain technology
Block chain technology Block chain technology
Block chain technology
 
Cotopaxi - IoT testing toolkit (3rd release - Black Hat Europe 2019 Arsenal)
Cotopaxi - IoT testing toolkit (3rd release - Black Hat Europe 2019 Arsenal)Cotopaxi - IoT testing toolkit (3rd release - Black Hat Europe 2019 Arsenal)
Cotopaxi - IoT testing toolkit (3rd release - Black Hat Europe 2019 Arsenal)
 
Chap 1 Network Theory & Java Overview
Chap 1   Network Theory & Java OverviewChap 1   Network Theory & Java Overview
Chap 1 Network Theory & Java Overview
 

More from OpenDireito

More from OpenDireito (20)

Kubernetes: Más Allá de la Orquestación de Contenedores
Kubernetes: Más Allá de la Orquestación de ContenedoresKubernetes: Más Allá de la Orquestación de Contenedores
Kubernetes: Más Allá de la Orquestación de Contenedores
 
Identificación y Clasificación de Algas con IA
 Identificación y Clasificación de Algas con IA Identificación y Clasificación de Algas con IA
Identificación y Clasificación de Algas con IA
 
PostCall: Encuestas telefónicas post llamada
PostCall: Encuestas telefónicas post llamadaPostCall: Encuestas telefónicas post llamada
PostCall: Encuestas telefónicas post llamada
 
Monitorea y controla oxígeno disuelto
Monitorea y controla oxígeno disueltoMonitorea y controla oxígeno disuelto
Monitorea y controla oxígeno disuelto
 
Control de aireadores eléctricos con Yubox
Control de aireadores eléctricos con YuboxControl de aireadores eléctricos con Yubox
Control de aireadores eléctricos con Yubox
 
Todo lo que tienes que saber del API de WhatsApp Business
Todo lo que tienes que saber del API de WhatsApp BusinessTodo lo que tienes que saber del API de WhatsApp Business
Todo lo que tienes que saber del API de WhatsApp Business
 
Monitoreo de Tanques de Combustible en Tiempo Real con IoT
Monitoreo de Tanques de Combustible en Tiempo Real con IoTMonitoreo de Tanques de Combustible en Tiempo Real con IoT
Monitoreo de Tanques de Combustible en Tiempo Real con IoT
 
VoIP y la incapacidad auditiva
VoIP y la incapacidad auditivaVoIP y la incapacidad auditiva
VoIP y la incapacidad auditiva
 
Asterisk - el futuro es REST
Asterisk - el futuro es RESTAsterisk - el futuro es REST
Asterisk - el futuro es REST
 
Diseña tu estrategia de certificación con credenciales digitales
Diseña tu estrategia de certificación con credenciales digitalesDiseña tu estrategia de certificación con credenciales digitales
Diseña tu estrategia de certificación con credenciales digitales
 
Detección temprana de sigatoka en banano usando Inteligencia Artificial
Detección temprana de sigatoka en banano usando Inteligencia ArtificialDetección temprana de sigatoka en banano usando Inteligencia Artificial
Detección temprana de sigatoka en banano usando Inteligencia Artificial
 
Integrando encuestas automáticas con IsurveyX
Integrando encuestas automáticas con IsurveyXIntegrando encuestas automáticas con IsurveyX
Integrando encuestas automáticas con IsurveyX
 
Asterisk Update
Asterisk UpdateAsterisk Update
Asterisk Update
 
Elastix en hoteles, ¿Es posible?
Elastix en hoteles, ¿Es posible?Elastix en hoteles, ¿Es posible?
Elastix en hoteles, ¿Es posible?
 
Novedades de Elastix
Novedades de ElastixNovedades de Elastix
Novedades de Elastix
 
GUI o línea de comandos, puedes tener lo mejor de ambos mundos
GUI o línea de comandos, puedes tener lo mejor de ambos mundosGUI o línea de comandos, puedes tener lo mejor de ambos mundos
GUI o línea de comandos, puedes tener lo mejor de ambos mundos
 
SIP2012: Es hora de reiniciar la PBX!
SIP2012: Es hora de reiniciar la PBX!SIP2012: Es hora de reiniciar la PBX!
SIP2012: Es hora de reiniciar la PBX!
 
Hardware Digium y Elastix - una combinación perfecta
Hardware Digium y Elastix - una combinación perfectaHardware Digium y Elastix - una combinación perfecta
Hardware Digium y Elastix - una combinación perfecta
 
Caso de estudio: Instalando 64 E1 con Elastix
Caso de estudio: Instalando 64 E1 con ElastixCaso de estudio: Instalando 64 E1 con Elastix
Caso de estudio: Instalando 64 E1 con Elastix
 
Buenas prácticas para pequeños/medianos operadores de telefonía basados en Op...
Buenas prácticas para pequeños/medianos operadores de telefonía basados en Op...Buenas prácticas para pequeños/medianos operadores de telefonía basados en Op...
Buenas prácticas para pequeños/medianos operadores de telefonía basados en Op...
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
FIDO Alliance
 

Recently uploaded (20)

JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers:  A Deep Dive into Serverless Spatial Data and FMECloud Frontiers:  A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
The Ultimate Prompt Engineering Guide for Generative AI: Get the Most Out of ...
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 

Construyendo un nuevo ecosistema para comunicaciones interoperables

  • 3. Users are locked into proprietary communication apps. They have no control over their data or their privacy.
  • 4. Worse still, each app is a closed silo – forcing users to install redundant apps and fragmenting their comms.
  • 5.
  • 6. I want to communicate with the apps and services I trust. 6
  • 7. Not be forced into specific services chosen by my contacts. 7
  • 8. If email gives me that flexibility, why not VoIP and IM? 8
  • 11. Matrix is for: Group Chat (and 1:1) WebRTC Signalling Bridging Comms Silos Internet of Things Data …and anything else which needs to pubsub persistent data to the world. 11
  • 12. Matrix was built to liberate your scrollback. 12
  • 13. 1st law of Matrix: Conversation history and Group comms are the 1st class citizens. 13
  • 14. 2nd law of Matrix: No single party own your conversations – they are shared over all participants. 14
  • 15. 3rd law of Matrix: All conversations may be end-to-end encrypted. 15
  • 16. Matrix is: • Non-profit Open Source Project • De-facto Open Standard HTTP APIs: – Client <-> Server – Server <-> Server – Application Services <-> Server • Apache-Licensed Open Source Reference Impls – Server (Python/Twisted) – Client SDKs (iOS, Android, JS, Angular, Python, Perl) – Clients (Web, iOS, Android) – Application Services (IRC, SIP, XMPP, Lync bridges) • A whole ecosystem of 3rd party servers, clients & services 16
  • 17. What does it look like? 17
  • 19. The Matrix Ecosystem The Matrix Specification (Client/Server API) client-side server-side Other Servers and Services Synapse (Reference Matrix Server) Matrix Application Services Other Clients Matrix iOS Console MatrixKit (iOS) matrix-ios-sdk Matrix Web Console matrix- angular- sdk matrix-js-sdk Android Console matrix-android- sdk matrix- react- sdk
  • 21. Functional Responsibility • Clients: Talks simple HTTP APIs to homeservers to push and pull messages and metadata. May be as thin or thick a client as desired. • Homeservers: Stores all the data for a user - the history of the rooms in which they participate; their public profile data. • Application Services: Optional; delivers application layer logic on top of Matrix (Gateways, Conferencing, Archiving, Search etc). Can actively intercept messages if required. • Identity Servers: Trusted clique of servers (think DNS root servers): maps 3rd party IDs to matrix IDs. 21
  • 22. How does it work? 22 http://matrix.org/#about
  • 23. The client-server API To send a message: curl -XPOST -d '{"msgtype":"m.text", "body":"hello"}' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ ID/send/m.room.message?access_token=ACCESS_TOKEN" { "event_id": "YUwRidLecu" } 23
  • 24. The client-server API To set up a WebRTC call: curl -XPOST –d '{ "version": 0, "call_id": "12345”, "offer": { "type" : "offer”, "sdp" : "v=0rno=- 658458 2 IN IP4 127.0.0.1…" } }' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ ID/send/m.call.invite?access_token=ACCESS_TOKEN" { "event_id": "ZruiCZBu” } 24
  • 25. The client-server API To persist some MIDI: curl -XPOST –d '{ "note": "71", "velocity": 68, "state": "on", "channel": 1, "midi_ts": 374023441 }' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ ID/send/org.matrix.midi?access_token=ACCESS_TOKEN" { "event_id": “ORzcZn2” } 25
  • 26. The server-server API curl –XPOST –H ‘Authorization: X-Matrix origin=matrix.org,key=”898be4…”,sig=“j7JXfIcPFDWl1pdJz…”’ –d ‘{ "ts": 1413414391521, "origin": "matrix.org", "destination": "alice.com", "prev_ids": ["e1da392e61898be4d2009b9fecce5325"], "pdus": [{ "age": 314, "content": { "body": "hello world", "msgtype": "m.text" }, "context": "!fkILCTRBTHhftNYgkP:matrix.org", "depth": 26, "hashes": { "sha256": "MqVORjmjauxBDBzSyN2+Yu+KJxw0oxrrJyuPW8NpELs" }, "is_state": false, "origin": "matrix.org", "pdu_id": "rKQFuZQawa", "pdu_type": "m.room.message", "prev_pdus": [ ["PaBNREEuZj", "matrix.org"] ], "signatures": { "matrix.org": { "ed25519:auto": "jZXTwAH/7EZbjHFhIFg8Xj6HGoSI+j7JXfIcPFDWl1pdJz+JJPMHTDIZRha75oJ7lg7UM+CnhNAayHWZsUY3Ag" } }, "origin_server_ts": 1413414391521, "user_id": "@matthew:matrix.org" }] }’ https://alice.com:8448/_matrix/federation/v1/send/916d630ea616342b42e98a3be0b74113 26
  • 27. Application Services (AS) • Extensible custom application logic • They have privileged access to the server (granted by the admin). • They can subscribe to wide ranges of server traffic (e.g. events which match a range of rooms, or a range of users) • They can masquerade as 'virtual users'. • They can lazy-create 'virtual rooms' • They can receive traffic by push. 27
  • 28. Uses for AS API • Gateways to other comms platforms e.g.: all of Freenode is available at #freenode_#foo:matrix.org • Data manipulation – Filtering – Translation – Indexing – Mining – Visualisation – Orchestration • Application Logic (e.g. bots, IVR services) • … 28
  • 29. A trivial application service import json, requests # we will use this later from flask import Flask, jsonify, request app = Flask(__name__) @app.route("/transactions/<transaction>", methods=["PUT"]) def on_receive_events(transaction): events = request.get_json()["events"] for event in events: print "User: %s Room: %s" % (event["user_id"], event["room_id"]) print "Event Type: %s" % event["type"] print "Content: %s" % event["content"] return jsonify({}) if __name__ == "__main__": app.run() 29
  • 30. Matrix Bridging with ASes Existing App Application Service 3rd party Server 3rd party Clients
  • 31. matrix-react-sdk • All new web client SDK! • Sensible separation of: – HTTP API wrapper – Matrix client state machine – UI business logic – UI look & feel (skin) • Either customise per-component • …or fork your own skin. 31
  • 32. End to End Encryption with Olm • Apache License C++11 implementation of an Axolotl-style ratchet, exposing a C API. • Axolotl is Open Whisper System's better-than- OTR cryptographic ratchet, as used by TextSecure, Pond, WhatsApp etc. • Supports encrypted asynchronous group communication. • 130KB x86-64 .so, or 208KB of asm.js 32
  • 33. 33 Olm C API Account • Keys Session • Initial Key Exchange Ratchet • Encrypt • Decrypt Crypto • Curve25519 • AES • SHA256
  • 34. Group chat • Adds a 3rd type of ratchet, used to encrypt group messages. • Establish 'normal' 1:1 ratchets between all participants in order to exchange the initial secret for the group ratchet. • All receivers share the same group ratchet state to decrypt the room. 34
  • 35. Flexible privacy with Olm • Users can configure rooms to have: – No ratchet (i.e. no crypto) – Full PFS ratchet – Selective ratchet • Deliberately re-use ratchet keys to support paginating partial eras of history. • Up to participants to trigger the ratchet (e.g. when a member joins or leaves the room) – Per-message type ratchets 35
  • 36. Current Progress • Funded: May 2014 • Launched alpha: Sept 2014 • Entered beta: Dec 2014 • Stable v0.9 Beta: May 2015 • Crypto & React SDK, Jul 2015 • Aug 2015: Approaching 1.0...? 36
  • 37. What's next? • Rolling out E2E encryption • Multi-way VoIP • Lots more Application Services • Landing V2 APIs • Use 3rd party IDs by default • Yet more performance work • Spec polishing • New server implementations! 37
  • 39. • We need people to try running their own servers and join the federation. • We need people to run gateways to their existing services • We need feedback on the APIs. • Consider native Matrix support for new apps • Follow @matrixdotorg and spread the word! 39