Open ara4n opened 7 years ago
It's unfortunate that decentralized accounts still aren't ready. feneas.org will be shutting down and deactivating all of their Matrix accounts on March 1st. I'm not sure how many users they had but it would've been nice for those users to have the option to keep their account. https://git.feneas.org/feneas/association/-/raw/master/comms/dissolving-the-association-2022-01-09.txt
Work started on this a few weeks ago, fwiw - and is scheduled to be the next big thing for the synapse team to work on once Faster Joins land.
Work started on this a few weeks ago, fwiw - and is scheduled to be the next big thing for the synapse team to work on once Faster Joins land.
Awesome, this is very exciting news!
That's great news! Is there any public information on how you are planning to implement it? Is it related to the OIDC plans?
Great news indeed. Is there any spec or a document listing the planned features related to decentralized accounts?
not yet. we're still finishing off Faster Joins, which is taking forever.
not yet. we're still finishing off Faster Joins, which is taking forever.
Is Faster Joins about SQL queries?
@ara4n Faster Joins are completed once every issue on that milestone gets fixed, right?
Also, you mentioned the synapse team, does that mean that only synapse will get this feature and not Dendrite?
faster joins are completed once synapse ships with support for faster joins, which is basically https://github.com/matrix-org/synapse/milestone/8.
we expect account portability to be implemented first on synapse, and then obviously on dendrite and other HSes too.
Will decentralized acounts allow the user to have unlimited addresses and be able to manage addresses like cryptocurrency wallet address are with a seed phrase? The ability to generate matrix ID for friends, a matrix ID for family, the ability to generate a Matrix ID for business A, etc. Essentially bringing the functionality of SimpleLogin or Anonaddy into Matrix by allowing the user to have as many Matrix ID “aliases” as they want with one account and with the ability to enable/disable a Matrix ID.
Will decentralized acounts allow the user to have unlimited addresses and be able to manage addresses like cryptocurrency wallet address are with a seed phrase? The ability to generate matrix ID for friends, a matrix ID for family, the ability to generate a Matrix ID for business A, etc. Essentially bringing the functionality of SimpleLogin or Anonaddy into Matrix by allowing the user to have as many Matrix ID “aliases” as they want with one account and with the ability to enable/disable a Matrix ID.
I agree on this @trymeouteh. We need a master key account ID, from which if I choose to switch servers, I can re-authenticate myself. Some form of wallet, DID, PGP, Self-Sovereign Identity solution is needed.
Problem: I joined on the matrix.org server, and then switched to a personal server. I think had to create a whole new "identity", and could not see any of my prior posts.
You could use CIP-34 for Hierarchical Deterministic Wallets.
@ccgarant said: Some form of [DID] is needed
What a coincidence, the W3C recommendation for Decentralized Identifiers (DIDs) was recently approved.
After reviewing the spec, I think we should use these. As I noted in matrix-org/matrix-spec-proposals#2787:
We currently have several outstanding MSCs and other issues related to decentralized identity, including:
- matrix-org/matrix-spec-proposals#1762
- matrix-org/matrix-spec-proposals#1768
- matrix-org/matrix-spec-proposals#1781
- matrix-org/matrix-spec-proposals#3839
- matrix-org/matrix-spec#203
- matrix-org/matrix-spec#246
Due to how generic they are, W3C DIDs can (and should) be used as the portable and decentralized identifier mentioned in these GitHub issues.
What this doesn't address, as I noted in vector-im/element-web#1781, is the distinction between the DIDs proper, and the human-friendly Identifier, which is not in scope for the DID spec, so human-friendly Identifiers should also be out of scope for Matrix portable identities. Under the hood, Matrix should probably consider only the DID proper, regardless of how we present this to the user.
If I understood the DID spec, the "standard" way to integrate this into Matrix is to
I agree on this @trymeouteh. We need a master key account ID, from which if I choose to switch servers, I can re-authenticate myself. Some form of wallet, DID, PGP, Self-Sovereign Identity solution is needed.
Problem: I joined on the matrix.org server, and then switched to a personal server. I think had to create a whole new "identity", and could not see any of my prior posts.
You could use CIP-34 for Hierarchical Deterministic Wallets.
Reauthentication isn't even necessary when you are signing your events with your public key. The signature should be the only authentication necessary. The nostr protocol even allows users to switch servers on the fly, and broadcast to several at the same time for the same events.
Identity mapping a public key to a DNS internet identifier is handled with a simple .well-known
response. This json response could be updated as DIDs evolve.
...the W3C recommendation for Decentralized Identifiers (DIDs) was recently approved.
A related spec, which DIDs are specifically designed to be used in, is the W3C Verifiable Credentials Data Model (VC-DATA-MODEL). This purports to provide a generalized framework for decentralized authentication.
Insofar as it's useful to analyze portable identities under a common framework for compatibility reasons, it may be worth verifying that our approach to decentralizing user accounts is compatible with VC-DATA-MODEL semantics.
Also, for both DID and VC-DATA-MODEL, if we first describe the current Matrix spec in terms of these frameworks, that might allow us to evolve certain components of Matrix in a decoupled manner. Notably, it might be more obvious how to implement "portable/decentralized user accounts" and e.g. "p2p/shared client-homeserver" functionality separately, so that they don't block each other.
Are there any progress reports on this? I see that the faster joins milestone is done in synapse, so maybe this can see some progress? :)
Decentralized identity is also a major topic in the fediverse, where it’s typically referred to as Nomadic Identity:
https://socialhub.activitypub.rocks/t/nomadic-identity-for-the-fediverse/2101?u=erlend_sh
One promising solution considers using the emerging UCAN standard as an established starting point to build with DIDs.
UCAN’s local-first approach also seems to mesh well with Matrix’ long term p2p ambitions.
Not sure whether it has been mentioned already, or there is an already existing issue about that. If so, I'd love to know.
For me, in addition to being able to switch accounts, I also think that merging accounts will be really important. Let's say I have multiple accounts on different servers. Now, one server shuts down. So with this issue, I can migrate that account, but there is no way to merge it with an existing one (although that might be pretty difficult for conversations where both accounts participated).
tagging myself into the thread as someone with DID WG, crypto wallet, and activitypub experience - happy to help
We seem not to have a bug for the age-old feature of decentralised user accounts. This would let users migrate or replicate their accounts between different homeservers, such that their homeserver is not a single point of failure for their account. See also https://github.com/matrix-org/GSoC/blob/master/IDEAS.md#decentralised-accounts
Various possible ideas: