Eventually Consistent Access Control: Practical Insights on Matrix from Decentralized Systems Theory (matrix-conf-2025)

Chaos Computer Club - recent events feed (low quality)

محتوای ارائه شده توسط CCC media team. تمام محتوای پادکست شامل قسمت‌ها، گرافیک‌ها و توضیحات پادکست مستقیماً توسط CCC media team یا شریک پلتفرم پادکست آن‌ها آپلود و ارائه می‌شوند. اگر فکر می‌کنید شخصی بدون اجازه شما از اثر دارای حق نسخه‌برداری شما استفاده می‌کند، می‌توانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal

29d ago 51:39

MP4•خانه قسمت

Access control is the core of any system's security, but usually provided by a single, centralized server. However, access control in a Matrix room is decentralized: every participating server *independently* decides *who* is authorized to send and receive *which* events, without consulting any other server. To the surprise of many, these decisions are still *eventually* consistent even if all but one server is malicious, but seeing *why* requires a new way of thinking about access control. I will explain the necessary design patterns from decentralized systems science, and show how they can be weaved together for a practical explanation of what Matrix is, and why Matrix can reach its astonishing levels of security and resilience. In this talk, I provide a primer on **design patterns from decentralized systems theory**, and explain what they mean for the current and future design of Matrix in practice. I will start with **concurrency as the root of all problems in decentralized systems**, and how network partitions and arbitrarily malicious servers stand in the way of consistency. Based on these problems, I will explain **conflict-free replicated data types** (CRDTs) and hash linking as the solution to still make a Matrix room eventually converge at all benevolent servers. Finally, I will show you my **access control to the best of knowledge and belief** way of thinking about eventually consistent access control in Matrix – you need to think in **two authorization decisions per event**, of which one is final on receiving the event, while the other one may ever be changing on receiving new concurrent events. Licensed to the public under https://creativecommons.org/licenses/by-sa/4.0/ about this event: https://cfp.2025.matrix.org/matrix-conf-2025/talk/X3KDAQ/

1789 قسمت

#Technologie #CCC media team #Ccc Congress Hacking Security Netzpolitik #Video