KB1RD
commented
4 years ago In #matrix-collaboration:kb1rd.net, @uhoreg:matrix.org sent two good papers a while ago, one of which could be very useful for E2EE: https://martin.kleppmann.com/2019/07/16/snapdoc-authenticated-snapshots.html
(The other one would be very useful for rich text editing, but I'm not even going to open an issue about that now!)
This is absolutely possible to implement right now but I'm holding it back until squashing (issue #11 ) is finished so that I don't have to re-write or re-consider anything. The main consideration with this is UI/UX and metadata leakage. First, there needs to be a clear way of letting the user know that some events cannot be read until E2EE keys are exchanged. Finally, metadata about when, how quickly, and whether a user is inserting or removing text would be leaked. The latter could be solved by making all event types the same and adding a field in the event for the type. By far the largest metadata leak would be through squashes. Because the server would need to filter events into the appropriate threads, some knowledge of the overall structure of the document could be gained by seeing which squashes contain a particular event.