This article may contain excessive or inappropriate references to self-published sources .(February 2019) |
Communication protocol | |
Purpose | Federated messaging and data synchronization |
---|---|
Developer(s) | The Matrix.org Foundation CIC |
Introduction | September 2014 [1] [ failed verification ] |
Based on | HTTP, WebRTC |
OSI layer | application layer |
Port(s) | unknown value |
Website | matrix |
Matrix (sometimes stylized as [matrix]) is an open standard and communication protocol for real-time communication. [2] It aims to make real-time communication work seamlessly between different service providers, in the way that standard Simple Mail Transfer Protocol email currently does for store-and-forward email service, by allowing users with accounts at one communications service provider to communicate with users of a different service provider via online chat, voice over IP, and videotelephony. It therefore serves a similar purpose to protocols like XMPP, but is not based on any existing communication protocol.
From a technical perspective, it is an application layer communication protocol for federated real-time communication. It provides HTTP APIs and open source reference implementations for securely distributing and persisting messages in JSON format over an open federation of servers. [3] [4] It can integrate with standard web services via WebRTC, facilitating browser-to-browser applications.
The initial project was created inside Amdocs, while building a chat tool called "Amdocs Unified Communications", [5] by Matthew Hodgson and Amandine Le Pape . Amdocs then funded most of the development work from 2014 to October 2017. [6] Matrix was the winner of the Innovation award at WebRTC 2014 Conference & Expo, [7] and of the "Best in Show" award at WebRTC World in 2015. [8] The protocol received praise mixed with some cautionary notes after it launched in 2014. Reviewers noted that other attempts at defining an open instant messaging or multimedia signalling protocol of this type had difficulties becoming widely adopted—e.g. XMPP and IRCv3—and have highlighted the challenges involved, both technological and political. [9] Some were unclear if there was enough demand among users for services which interoperate among providers. [10] [11] In 2015, a subsidiary of Amdocs was created, named "Vector Creations Limited", and the Matrix staff was moved there. [12]
In July 2017, the funding by Amdocs was announced to be cut and in the following weeks the core team created their own UK-based company, "New Vector Limited", [13] which was mainly built to support the development of Matrix and Riot, which was later renamed to Element. [14] During this time period, there were multiple calls for support to the community and companies that build on Matrix, [15] to help pay for the wages of at least part of the core team. Patreon and Liberapay crowdfunding accounts were created, [16] and the core team started a video podcast, called Matrix "Live" to keep the contributors up to speed with ongoing developments. [17] This was expanded by a weekly blog format, called "This Week in Matrix", where interested community members could read, or submit their own, Matrix-related news. [18] The company was created with the goal of offering consultancy services for Matrix and paid hosting of Matrix servers (as a platform called modular.im, which was later renamed to Element matrix services [19] ) to generate income. [20]
In the early weeks after its creation, the Matrix team and the company Purism published plans to collaborate in the creation of the Librem 5 phone. [21] The Librem 5 was intended to be a Matrix native phone, where the default pre-installed messaging and caller app should use Matrix for audio and video calls and instant messaging. [22]
In 2017, KDE announced it was working on including support for the protocol in its IRC client Konversation. [23]
In late January 2018, the company received an investment of US$5 million from Status, [24] [25] an Ethereum based startup.
In April 2018, the French Government announced plans to create their own instant messaging tool. [26] Work on the application based on Riot and Matrix protocol—called Tchap after French scientist Claude Chappe—had started in early 2018, [27] and the program was open-sourced and released on iOS and Android in April 2019. [28]
In October 2018, a Community Interest Company called "The Matrix.org Foundation C.I.C." [29] was incorporated, to serve as a neutral legal entity for further development of the standard. [30]
In February 2019, the KDE community announced plans to adopt Matrix for its internal communications needs, as a decentralized alternative to other instant messaging servers like Telegram, Slack, and Discord, and operate its own server instance. [31]
In April 2019, Matrix.org suffered a security breach in which the production servers were compromised. [32] This breach was not an issue with the Matrix protocol and did not directly affect home servers other than matrix.org.
In June 2019, the Matrix protocol left beta phase with the version 1.0 across all APIs (and Synapse, at the time the reference home server), and the Matrix foundation was officially launched. [33] [34]
In October 2019, New Vector raised an additional US$8.5 million to develop Matrix. [35]
In December 2019, German Ministry of Defense announced a pilot project called BwMessenger for secure instant messaging tool based on Matrix protocol, Synapse server and Riot application. This is modeled after French Tchap project. The long-term goal of the Federal Government is the secure use of messenger services that covers all ministries and subordinate authorities. [36]
In December 2019, Mozilla announced that it would begin to use Matrix as a replacement for IRC. In the announcement, they said that they would be completing the move in late January 2020. The Mozilla IRC server, irc.mozilla.org, is said to be removed "no later than March of next year [2020]". [37] In March 2020, the IRC server was turned off and users were directed to join chat.mozilla.org, Mozilla's Element instance. [38]
In May 2020, Matrix enabled end-to-end encryption by default for private conversations. [39]
In October 2020, Element acquired Gitter from GitLab. [40] This meant that all Gitter users would be transitioned over to Matrix. [41]
In March 2021, matrix.org announced that there are 28 million global visible accounts. [42]
In September 2022, some security issues were found in the implementation of one client-side encryption library. [43] Due to the interoperable architecture, only the affected client applications needed upgrade and third-party implementations were not affected. [43] All critical issues were fixed, with the remaining ones being either non-exploitable in practice, or already prominently warned for in the client. [43]
In June 2023, Beeper became the first member of The Matrix Foundation. [44]
Matrix targets use cases like voice over IP, Internet of things and instant messaging, including group communication, along with a longer-term goal to be a generic messaging and data synchronization system for the web. The protocol supports security and replication, maintaining full conversation history, with no single points of control or failure. Existing communication services can integrate with the Matrix ecosystem. [3]
Client software is available for open-federated Instant Messaging (IM), voice over IP (VoIP) and Internet of Things (IoT) communication.
The Matrix standard specifies RESTful HTTP APIs for securely transmitting and replicating JSON data between Matrix-capable clients, servers and services. Clients send data by PUTing it to a ‘room’ on their server, which then replicates the data over all the Matrix servers participating in this ‘room’. This data is signed using a git-style signature to mitigate tampering, and the federated traffic is encrypted with HTTPS and signed with each server's private key to avoid spoofing. Replication follows eventual consistency semantics, allowing servers to function even if offline or after data-loss by re-synchronizing missing history from other participating servers.
The Olm library provides for optional end-to-end encryption on a room-by-room basis via a Double Ratchet Algorithm implementation. [1] It can ensure that conversation data at rest is only readable by the room participants. With it configured, data transmitted over Matrix is only visible as ciphertext to the Matrix servers, and can be decrypted only by authorized participants in the room. The encryption protocol is called Olm; Megolm is an expansion of Olm to better suit the need for bigger rooms. There are two main implementations:
Matrix supports bridging messages from different chat applications into Matrix rooms. These bridges are programs that run on the server and communicate with the non-Matrix servers. Bridges can either be acting as puppets or relays, where in the former the individual user's account is visibly posting the messages, and in the latter a bot posts the messages for non-puppeteered user accounts.
Currently there are official bridges for:
Bridges for the following notable applications are maintained by the community:
Element is the reference implementation of a client. The following client implementations exist; a possibly more complete list can be found on Matrix's website:
Project | Main Language | Comment | Platforms | Status | Repository |
---|---|---|---|---|---|
Cinny | JavaScript | Focuses primarily on having a simple and secure interface; written in React on the top of matrix-js-sdk | Web and desktop | Stable | GitHub: ajbura/cinny |
Element | JavaScript | Made by the matrix.org core team | Web, desktop, iOS, and Android | Stable | GitHub: vector-im/element-web |
FluffyChat | Dart | Written in Flutter | Web, desktop, iOS, and Android | Stable | GitHub: krille-chan/fluffychat |
Fractal | Rust | GNOME desktop | Stable | GitLab: GNOME/fractal | |
NeoChat | C++ | Fork of Spectral, using KDE frameworks, most notably Kirigami, KConfig and KI18n | Desktop, Plasma Mobile, and Android | Stable | Kde: network/neochat |
Nheko | C++ | made using Qt and C++17 | Desktop (Linux, macOS, Windows and others [60] ) | Stable | GitHub: Nheko-Reborn/nheko |
Quaternion | C++ | cross-platform Qt5-based client, a reference desktop application using Quotient | Desktop (macOS, Windows, Linux and others [61] ) | Stable | GitHub: quotient-im/Quaternion |
Synapse is the reference implementation of a Matrix home server, written in Python. [62] A "second generation Matrix home server" [63] called Dendrite is being developed by the Matrix core team. Dendrite is in beta.
The following server implementations exist; a possibly more complete list can be found on Matrix's website:
Project | Main Language | Comment | Status | Repository |
---|---|---|---|---|
Synapse [62] | Python | Synapse is a Matrix "homeserver" implementation developed by the matrix.org core team, written in Python 3/Twisted. | Production ready | GitHub: element-hq/synapse |
Dendrite | Go | Dendrite is a second-generation Matrix homeserver written in Go. It intends to provide an efficient, reliable and scalable alternative to Synapse. | Beta | GitHub: matrix-org/dendrite |
Construct [64] | C++ | Construct is a performance-oriented homeserver with minimal dependencies. It is the first actively federating Matrix server developed independently by the community. | Beta (since 2020-04-28) [65] | GitHub: matrix-construct/construct |
Conduit [66] | Rust | An efficient Matrix homeserver that aims to be easy to set up and just work. It is designed to run on low-powered mini computers such as a Raspberry Pi to host for a user's "friends, family, or company." | Beta (since 2021-09-01) | GitLab: famedly/conduit |
Mascarene [67] | Scala | Mascarene is an open source homeserver implementation of the Matrix protocol. | Under development | GitLab: mascarene/mascarene |
Ligase | Go | Ligase is a Golang-based implementation of Matrix home server, following the Matrix spec as defined at matrix.org. It has been used in production by an array of financial institutions in various scenarios.[ non-primary source needed ] | Appears to be dead (no commit since Sep 22, 2021) | GitHub: finogeeks/Ligase |
Maelstrom | Rust | A high-performance Matrix Home-Server written in Rust designed to have a plugable storage engine, scalable, and light on resources. | Appears to be dead. No commit since 2020 | GitHub: maelstrom-rs/maelstrom |
Communication among the public agents of France's central administration happens on a Matrix-based internal network, named Tchap . [68] The project is developed by the Interministerial Directorate for Digital Affairs (DINUM ) with the explicit goals of security and digital sovereignty, both of which were deemed to be impossible through WhatsApp, Telegram and Slack. [69]
Germany's national healthcare system's internal communication network uses a Matrix-based [70] system (Ti-Messenger) for real-time communication among Germany's healthcare organizations and sharing of sensitive patient data, and is developed by the national agency for the digitalisation of the healthcare system (Gematik GmbH). [71] Reasons for choosing Matrix included federated identity management, which allows to reuse the existing identity infrastructure into the new chat system; the decentralized architecture, which allows cross-linking data from disparate sources; and the open protocol, which ensures interoperability and future-proof data exchange and prevents vendor lock-in. [72]
Employees of the Bundeswehr (Germany's armed forces) communicate with each other, and share classified documents (German VS-NfD), on a private Matrix network, with a customized version of the Matrix Element app: BwMessenger (as mentioned above). [73] [74]
At least two schools in Germany host their own Matrix chat networks as the official contact venue with the pupils' families, and rebrand the already-existing Matrix clients. [75] [76]
Luxembourg has developed a Matrix-based chat service for government officials, named Luxchat4Gov, planned to be released in the second quartal of 2023. [77]
The Swedish Social Insurance Agency (Försäkringskassan) is using Matrix for internal communications. [78]
Rocket.chat is based on Matrix since version 4.7.0. [79] It is used in private networks of public governmental offices, private companies and NGOs, across the world. [80]
The FOSDEM uses Matrix since 2021. [81] [82] [83] The hosting is provided by Element Matrix Services, which publishes the technical details for public review soon after the event. [84] [85]
Instant messaging (IM) technology is a type of online chat allowing immediate transmission of messages over the Internet or another computer network. Messages are typically transmitted between two or more parties, when each user inputs text and triggers a transmission to the recipient(s), who are all connected on a common network. It differs from email in that conversations over instant messaging happen in real-time. Most modern IM applications use push technology and also add other features such as emojis, file transfer, chatbots, voice over IP, or video chat capabilities.
Pidgin is a free and open-source multi-platform instant messaging client, based on a library named libpurple that has support for many instant messaging protocols, allowing the user to simultaneously log in to various services from a single application, with a single interface for both popular and obsolete protocols, thus avoiding the hassle of having to deal with new software for each device and protocol.
Extensible Messaging and Presence Protocol is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML, it enables the near-real-time exchange of structured data between two or more network entities. Designed to be extensible, the protocol offers a multitude of applications beyond traditional IM in the broader realm of message-oriented middleware, including signalling for VoIP, video, file transfer, gaming and other uses.
Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP or SCTP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP or SCTP rather than TCP, it avoids the "TCP meltdown problem", when being used to create a VPN tunnel.
The following is a comparison of instant messaging protocols. It contains basic general information about the protocols.
Off-the-record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 bits group size, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides forward secrecy and malleable encryption.
The following tables compare general and technical information between a number of notable IRC client programs which have been discussed in independent, reliable prior published sources.
ZNC is an IRC network bouncer or BNC. It can detach the client from the actual IRC server, and also from selected channels. Multiple clients from different locations can connect to a single ZNC account simultaneously and therefore appear under the same nickname on IRC. It supports Transport Layer Security connections and IPv6.
Jitsi is a collection of free and open-source multiplatform voice (VoIP), video conferencing and instant messaging applications for the Web platform, Windows, Linux, macOS, iOS and Android. The Jitsi project began with the Jitsi Desktop. With the growth of WebRTC, the project team focus shifted to the Jitsi Videobridge for allowing web-based multi-party video calling. Later the team added Jitsi Meet, a full video conferencing application that includes web, Android, and iOS clients. Jitsi also operates meet.jit.si, a version of Jitsi Meet hosted by Jitsi for free community use. Other projects include: Jigasi, lib-jitsi-meet, Jidesha, and Jitsi.
Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546
WebRTC is a free and open-source project providing web browsers and mobile applications with real-time communication (RTC) via application programming interfaces (APIs). It allows audio and video communication and streaming to work inside web pages by allowing direct peer-to-peer communication, eliminating the need to install plugins or download native apps.
Tox is a peer-to-peer instant-messaging and video-calling protocol that offers end-to-end encryption. The stated goal of the project is to provide secure yet easily accessible communication for everyone. A reference implementation of the protocol is published as free and open-source software under the terms of the GNU GPL-3.0-or-later.
Gitter is an open-source instant messaging and chat room system for developers and users of GitLab and GitHub repositories. Gitter is provided as software-as-a-service, with a free option providing all basic features and the ability to create a single private chat room, and paid subscription options for individuals and organisations, which allows them to create arbitrary numbers of private chat rooms.
OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline". The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol . OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.
In cryptography, the Double Ratchet Algorithm is a key management algorithm that was developed by Trevor Perrin and Moxie Marlinspike in 2013. It can be used as part of a cryptographic protocol to provide end-to-end encryption for instant messaging. After an initial key exchange it manages the ongoing renewal and maintenance of short-lived session keys. It combines a cryptographic so-called "ratchet" based on the Diffie–Hellman key exchange (DH) and a ratchet based on a key derivation function (KDF), such as a hash function, and is therefore called a double ratchet.
The Signal Protocol is a non-federated cryptographic protocol that provides end-to-end encryption for voice and instant messaging conversations. The protocol was developed by Open Whisper Systems in 2013 and was introduced in the open-source TextSecure app, which later became Signal. Several closed-source applications have implemented the protocol, such as WhatsApp, which is said to encrypt the conversations of "more than a billion people worldwide" or Google who provides end-to-end encryption by default to all RCS-based conversations between users of their Google Messages app for one-to-one conversations. Facebook Messenger also say they offer the protocol for optional Secret Conversations, as does Skype for its Private Conversations.
Wire is an encrypted communication and collaboration app created by Wire Swiss. It is available for iOS, Android, Windows, macOS, Linux, and web browsers such as Firefox. Wire offers a collaboration suite featuring messenger, voice calls, video calls, conference calls, file-sharing, and external collaboration – all protected by a secure end-to-end-encryption. Wire offers three solutions built on its security technology: Wire Pro – which offers Wire's collaboration feature for businesses, Wire Enterprise – includes Wire Pro capabilities with added features for large-scale or regulated organizations, and Wire Red – the on-demand crisis collaboration suite. They also offer Wire Personal, which is a secure messaging app for personal use.
Element is a free and open-source software instant messaging client implementing the Matrix protocol.
Mattermost is an open-source, self-hostable online chat service with file sharing, search, and integrations. It is designed as an internal chat for organisations and companies, and mostly markets itself as an open-source alternative to Slack and Microsoft Teams.
Conversations is a free software, instant messaging client application software for Android. It is largely based on recognized open standards such as the Extensible Messaging and Presence Protocol (XMPP) and Transport Layer Security (TLS).
Après 3 mois de développement pour un coût très limité [...]
{{cite web}}
: Missing or empty |title=
(help){{cite web}}
: CS1 maint: archived copy as title (link)Entered beta-testing stage around 2020-04-28.