Matrix: open, secure, and decentralised
9th October, 2019
- What are Matrix, Riot, etc.?
- Why do you write ‘LaTeX’ in scare quotes?
- Why are you telling me all this?
- If I do now care, what can I do?
Anybody who follows me on Twitter will have heard me go on about Matrix, and Riot, and maybe a whole host of other such things. I understand that most people probably won’t really care much about it all, but I thought that I’d try to explain a bit why I’m quite so passionate about this stuff, and why I’m bothering to try to work on ‘LaTeX’ support (with scare quotes for good reason, as explained later).
What are Matrix, Riot, etc.?↟
tl;dr: Matrix is like email, and Riot is like an email client.
Anybody who has ever used IRC has some idea of what Matrix is, and anybody who hasn’t, but has used MSN Messenger/Facebook Messenger/Slack/WhatsApp has a pretty vague idea too (or at least, will do, when I explain it a bit).
(As a warning, although I’ve been making small contributions to Matrix and Riot, I do not work for them, and it has been a very long time since I worked in any sort of technology sector, so I hope I don’t mess up any important points too badly. Sorry in advance to any experts out there.)
Matrix is, at its very heart, a specification (or, protocol) for communication. What does this mean? I would explain it to a mathematician by saying that it is a set of properties that a method of communication can satisfy, or maybe an axiomatisation of such a system. This is where it has some similarities to IRC, or even something a bit more like WhatsApp.
You can think of Matrix as ‘email’ in the following sense. There are
many ways of sending emails, in that you can use any client
that you want to (e.g. GMail, Apple Mail, Thunderbird, Mutt, Telnet),
and you can send to and from people with email addresses hosted by
different people (e.g. I, from my
posteo.net email address,
can send an email to somebody with an
address, who can then reply to me and CC in somebody whose email ends
@yahoo.fr, and so on). But there is some underlying
standard of what an email actually is that all of
these clients and hosts understand and agree to. It’s similar to
whenever you open a webpage in any browser: all of the (people who make
the) browsers (well, almost all…) have agreed on what any piece
of HTML they see should actually mean, and how it should be displayed.
There are lots of subtleties I’m skipping over here, I’m afraid, but
it’s just to motivate the general idea.
So then, what is Riot? Riot is a client for sending messages via Matrix. Further, it’s the ‘official’ client, in that it’s made by (sort of) the same people who make Matrix. There are lots of clients out there now, for all sorts of operating systems, and written in all sorts of different programming languages (and, recently, one written in about 8 lines of Bash script (rather long lines some of them, sure, but still…)). All of them (as far as I am aware) are entirely open source: anybody can go and read any part of the code, and understand how anything works, and even make suggestions or additions or fix errors, or even just do some spellchecking on documentation files; people can help however they want to.
What (to me, at least, but I’m sure to many of the hundreds of thousands of people who read this blog) is important is that Matrix and, to take the canonical example, Riot, are built in a way that makes them pretty much the opposite of other new technologies which we now sometimes find forced upon ourselves, because everything here is free, open source, decentralised (but federated), and secure.
Most of those words are probably pretty self-explanatory, but it’s
worth mentioning the ‘decentralised (but federated)’ bit. The former
means that you can go and find an old computer (or even use part of your
new one, if you like) and ‘build’ your very own Matrix Homeserver, which
means that you can now send messages and receive messages to people on
any other homeserver! This is like the fact that you can send emails
from any email host to any other. Imagine what a nightmare it would be
if you could only email people with the same
address. Unfortunately, this is how most technologies seem to head this
day, because the hope is that everybody will flock to the biggest
platform to be able to speak with the most people, and then shady people
can flock to smaller ones, in turn giving them a bad name and leading
for the big one to demand that the smaller one shuts down and wow we’re
one step closer to an authoritative monopoly, which is the ‘best’ kind,
because it literally controls who we can speak to 🙃.
Not to point fingers, I’ll just point hands: WhatsApp, Facebook Messenger, Slack, Telegram, and Signal. All very different use cases, but all have basically this problem: the only way that I can send messages to somebody on Facebook Messenger is by using Facebook Messenger: I don’t (really) have a choice of clients, and I don’t have a way of building my own copy of Facebook messenger that I can use, because this would give the added bonus of knowing exactly how Facebook Messenger works behind the scenes.
Luckily though, I’m sure that Mark Zuckerberg would love to share all the lovely secrets about what Facebook Messenger does during the process of ‘deliver this message from Person A to Person B’. It must be because there are many techincal details that he wants to keep secret. Unfortunately, it can’t be anything about how the message is sent, or encrypted, or anything like that, because Riot’s source code contains basically all these sorts of things that work just as well, if not better, than Facebook Messenger’s. Anyway, luckily though, Mark Zuckerberg is simultaneously a man who we can all trust with anything, and also the sort of man who would definitely come forward and tell us if there were anything that he were actually trying to hide. Our society today and the sorts of people in power really make it very easy to trust everybody all the time. One of them even told me that if you think that’s not the case because you read it in a newspapers or something then the newspaper just made it up, so that’s nice.
Anyway, back to happier business. Wouldn’t it be nice to have a method of communication, like email, where anybody can send messages to anybody else, irrelevant of what app/program they use, and we all know exactly what’s happening, down to the goriest details of implementation if we really want? I think the answer is a pretty firm yes. Bonus points if things are being run and developed by anybody who wants to help (with their work ‘peer-reviewed’ by some minimum of people, but also by anybody else who wants to). Even more bonus points when all the clients can be open-source, so we can fix any little problems about them that annoy us, or just make our own for scratch.
“But,” one might think, “if everything is out in the open, then where is my privacy?” To this, there are really two answers: one to each of the two interpretations of what the questions might be asking.
Firstly, if anybody is trying to explain why a system that ensures privacy/security by saying “oh but I can’t tell you the details of how it works, because then hackers could hack it”, then they are almost certainly explaining a pretty shitty system. Good cryptographic algorithms are those where every single step is read by hundreds of different scientists and developers and mathematicians, over and over, for 30 years, and everybody agrees that all the pieces they’ve read (maybe even the whole thing) are good, and guarantee security in practice for these and those reasons. A good cryptographic thing is one where you know how it works, but where this has absolutely no way of telling you how it works backwards, in some sense.
Secondly, and as an answer to the question that was probably the intended one, is that Matrix is more secure than how I described it, because all of your messages can be send with end-to-end encryption. This is something that, for example, WhatsApp offers, but they don’t tell us what they do at either ‘end’, i.e. before the message has been encrypted and when the message has been decrypted. Heck, for all we know they could be attaching a little something to your message before decryption, and then quickly sneaking it away to keep on the other phone just after decoding. Who knows?
Generally, I lean very far to the ‘copyright has become, thanks to certain big names, a system of oppression and removal-of-choice for the individual, and an incredibly incredibly profitable system for those in power’ side of the argument, but even so, it makes sense to ask why WhatsApp want to keep all their code secret. I understand that, sometimes, it is unfair to expect a piece of code to be open source: people want to make a living by making and selling software, and quite often, I think, the people know that they want to make money because you need money to have an easier (to put it mildly) time in life, and don’t really want to have to work so un-collaboratively and in secret, but have to, for various reasons which I will not go in to, lest this becomes a drug-fuelled foray into politics.
So it’s just like that XCKD comic, right?
In almost any conversation, there is a relevant XKCD: here, it’s #927 : there are so many competing standards, so why try for another one?
First of all, as mentioned above, Matrix solves a pretty big problem
by being federated: like email, it doesn’t matter who you
choose to trust (I still use the word ‘trust’ here, because that’s
always something you should think about) to give you your username and
deal with your message sending/receiving (e.g.
you can always send and receive messages from people who made a
different choice. To me, this is just so obvious! Why did we move from
email, and then SMS, to things like chat apps…
But the main reason why I think that Matrix doesn’t really fall afoul
of the (truthfully accurate) problem in this XKCD is that Riot has
bridges. Bridges are ways for people to interact with chat rooms
(or conversations, which are just like two-people chat rooms) in
other apps/programs. That is, without leaving Riot, I
can send and reply to emails, take part in a conversation on Slack, and
message somebody a funny (yet cute) photo of a bird on WhatsApp. So
Matrix is not saying ‘everybody has to use me
instead ‘anybody who uses me can also talk to people not using me
Why do you write ‘LaTeX’ in scare quotes?↟
What I’ve been working on for a while is trying to find a way to be able to type formatted maths in messages.
This started off as the naive idea of teaching Riot to understand KaTeX, MathJax, or MathML, or something ‘LaTeX-ish’. LaTeX is a full language, and I just want to be able to message somebody in a way prettier than typing out raw LaTeX code. A first step, then, would be to just put a little LaTeX compiler into Riot (something like LaTeXiT, which I do use for a lot of things, including doing exactly this (by hand) when I want to have some maths in my email), so that we can send maths and the viewer can see them as images. This has a few problems thought, like the fact that we then can’t really just edit the message after we’ve sent it, because it’s now an image; and also, LaTeX installations are generally full of a lot of faff (even TinyTeX — something I personally use and love — has just so many capabilities that we don’t need, like knowing how to make tables of contents, or to do page numbering, or margins, or tables, or… any other number of things that are either not necessary for instant messages, or already possible to do in much simpler ways): all we really want is to be able to turn something like
So I write ‘LaTeX’ support, because we don’t really want LaTeX, but instead something like MathJax or KaTeX: something that can just display LaTeX syntax as nice SVG/HTML content.
Obviously, for me, this is really exciting, but it’s actually exciting for other people too, I promise! Hear me out.
Why are you telling me all this?↟
What people are now trying to do is to come up with a way of sending ‘LaTeX’ source code (here the square quotes mark the fact that we don’t want to be able to send arbitrary LaTeX code to be executed, for fair security reasons) within the Matrix protocol. Then individual clients can decide how they want to display this. For example, Riot already knows how to display maths as HTML+CSS using KaTeX, and it can almost, itself, generate images of the rendered maths to send alongside the plain text message, so that other clients who can’t turn LaTeX into something viewable, can use these images as fallbacks instead. It might even be the case that basically nobody does any ‘programming’, and the messages are just sent as plain text, but then the homeservers do some media magic and accompany the messages with a nice rendered version of the maths.
What I’m saying, then, analogously, is that we’re trying to find a way to fit LaTeX syntax into the specifications, which would be a pretty great thing for mathematicians everywhere! With the rise of environmentally-conscientious conferences, being able to discuss and communicate long-distance is becoming increasingly important, and, for mathematicians, at least, having a way to send messages with nice LaTeX stuff inside them, could really be a wonderful experience. And not just that, but also to be able to send such messages to people who aren’t even using Matrix. Things are much easier when people are all on the same system, but a good system should never only function in such a way that it has to be the only one existing.
Finally, I just want to point out what this might mean on a not-necessarily-smaller-but-maybe-horizontally-located level: there are still many active IRC chat rooms, most notably, maybe, being the one for homotopy type theory. At the moment, Riot can bridge to IRC, so a single room can be at once an IRC room and a Matrix room, but with the Matrix room supporting things like saving history of conversations that take place while you’re logged out, and images, file sharing, voice calls, video calls, E2E encryption, etc.. Seeing how nice it is to still have chat rooms, where you can go and ask a question and get answers (as opposed to, say, stackexchange/mathoverflow, where you can ask questions, but all discussions must be moved to a separate thread, and questions must adhere to a certain structure, etc. etc. (not taht I’m saying that stackexchange is bad, not at all, but just that it is meant for a different (more rigorous) purpose)), it seems even nicer to me that we could have ones that have a bit more support for modern things that we take for granted (images, file sharing, etc., as above).
If I do now care, what can I do?↟
Well, depending on how you feel, and what you like to do, there are lots of things that you could do! Here are some suggestions, in no particular order.
- Switch from using Slack/Discord or whatever you currently use, and give Riot a try. If you don’t like it, maybe ask some questions about if things can be changed or not. If you decide that you much prefer Slack/Discord, then go back! (maybe after trying a different Matrix client, if you’re feeling extra generous — saying “I don’t like Matrix” because you don’t like Riot is a bit like saying “I don’t like email” because you don’t like Thunderbird. There are a bunch of Matrix clients, from Electron-based ones to purely command line ones.) Just please keep in mind that Riot is open-source: if there’s something missing, or something broken, or something that you don’t like, then you can just say so! and if you know how, you can implement/fix/add it! Riot probably also has most of the things that you are used to: public rooms, private rooms, one-to-one chats, room bots, and the like.
- Join some of the standard Matrix rooms to listen and learn (as well
as to say hello to people and talk)! These are ones like Matrix HQ (
#matrix:matrix.org) and Riot Web/Desktop (
- If you want to learn more about how Matrix actually works, or about other clients, or anything at all really, then just ask me (via email, Twitter, or even Matrix itself!) and I will either answer, or point you in the direction of somebody who can! If you want to get involved in these discussions about ‘LaTeX’, then I can point you to the rooms where these discussions are taking place.
- If you like maths, but have never really used IRC rooms before (or
those chat rooms on stackexchange), or even if you have used
them before, I guess, then why not come and see what they’re like? At
the very least, I can guarantee that they’re super welcoming and never
home to responses like “that’s a stupid question: please do more
research before asking stuff like that here” (although, sure, the caveat
is that they’re very small…). There are currently two maths rooms that I
#math.AT:matrix.org), and a community that I moderate (
+mathematics:matrix.org), which keeps a list of interesting rooms to do with mathematics. Don’t see a room that you’d like to exist? Then make one! You can make it private and just use it with your local team/work group/reading group; you can make it public so that anybody can see it; or you can suggest for it to be added to the Mathematics community list!
If you’ve made it this far, then thank you. I should be asleep by now, given that I started writing this an hour ago, and it should really have taken about 15 minutes to write. I hope it’s at least mildly coherent.