search

syphon-org / syphon

⚗️ a privacy centric matrix client
https://syphon.org
GNU Affero General Public License v3.0
1.04k stars 71 forks source link

How a domain for the local server is obtained? #266

Closed frankwalter1301 closed 3 years ago

frankwalter1301 commented 3 years ago

Hi, the feature of the local server is very interesting and I'm willing to support it in every way. But I have no idea how can a domain be obtained by every client automagically. For https certificates there is lets encrypt or cloudflare, for port forwarding there is nat-pmp/upnp and for dynamic IPs there is cloudflare/any ddns provider, but for domains?

0x1a8510f2 commented 3 years ago

I believe you're referring to the Peer To Peer Matrix project, where a local homeserver is started and communicates with other P2P homeservers, correct? If so, that project is still in its very early infancy, and being actively worked on by Element, so it won't be implemented in Syphon for a while, as there is no stable specification to implement.

That said, to answer your question, P2P Matrix is not intended to work quite like the current Matrix. This means that there will not be any need for HTTPS/TLS certificates or domains, because servers will be identified by public keys instead. You can see that if you install the alpha version of P2P element, which you can find out how to do in https://matrix.to/#/#p2p:matrix.org . You can also ask there to find out more about P2P Matrix.

frankwalter1301 commented 3 years ago

Oooh thanks now everything is clear. I thought the p2p homeserver was a feature exclusive to syphon and that it would work with the current matrix specs.

ereio commented 3 years ago

Just wanted to give a bit more context here.

I originally built an almost working PoC of a locally run dendrite server w/ libp2p alongside Syphon without the official spec in mind around May of last year (2020). That June, Riot/Element announced they had done the same and were formalizing a spec around it.

In theory, you can implement P2P with the Client-Server / Server-Server matrix specs as they are today.

That announcement and process from Matrix is now listed in the readme of Syphon under Why: https://matrix.org/blog/2020/06/02/introducing-p-2-p-matrix

However, you run into various issues that would not be established protocols - like associating domains to public keys - and since Matrix started formalizing a spec surrounding P2P and made it a priority, I dropped attempting to hack it together and defy the spec.

To solve the issue you mentioned of Domain resolution for public keys, a system could be put into place similar to DKIM with email. With DKIM, in order to verify that you're actually the proper sender of an email, you can add a public key to your DNS config for your domain that will be verified when receiving an email. In the case of Matrix though, what type of record/name to add and how/when that is supposed to be checked should be apart of a spec so all clients follow the same flow. I'm sure this has been considered by the Matrix P2P team.

If the Matrix P2P team builds out the P2P protocol to have inherently really complicated end user implications, Syphon will attempt to make it an easier process and consider doing things slightly different. One example of this would be making logging into you DNS provider and adding your public key record for you with a user friendly, simple GUI. This of course would be a hard user experience problem to solve, especially for those who are less technical, and may not even be a viable solution. That's why I've taken a step back and chose to just wait and see how Matrix would like to approach it first. Ideally, we wouldn't have to memorize public keys!

Let me know if this clears anything else up or brings up any other questions! :)

0x1a8510f2 commented 3 years ago

In regards to domain resolution, I believe there's already a solution the P2P team has in mind, although I can't provide a source as it's just random bits of conversation I've put together from #p2p:matrix.org. Essentially:

Some references: