2025-10-17 –, Alan Turing
Most modern software applications give total trust to the service provider. End-to-end encrypted (E2EE) services are different: the service provider is a gateway, and the real trust is with other people.
This is unfamiliar, and can make using E2EE confusing. When you add in federation (meaning lots of different service providers) and a diverse set of client apps, trying to make Matrix's encryption understandable is tricky.
It would help to have a shared set of words and definitions. In this talk I describe MSC4161, which attempts to establish a shared vocabulary, and then my own thoughts about some metaphors we can use to make these ideas easier to grasp.
End-to-end encryption (E2EE) is unfamiliar to people used to using modern applications: instead of handing over total trust to the server you connect to, E2EE makes the server a simple connector, and we only have to trust the people we are actually talking to.
It is quite common for people using Matrix to ask "Why do I have 2 passwords?", referring to the username and password for logging in, and the recovery key.
I recently made a leap of understanding about this question: the reason is that there are two audiences: the password is for your homeserver, and the recovery key is for allowing you to talk to other people.
I began working on MSC4161 ("Crypto terminology for non-technical users") because I believed we needed to standardise our vocabulary, but it quickly became clear that we need to do more than that: if we want to make Matrix easy to use, we need to agree on:
- what the main ideas are,
- what words we use to describe them, and
- what metaphors we use to explain.
In its current form, the MSC focusses on the first two. In this talk, I will summarise the ideas and words that are reasonably settled in the MSC and will hopefully make their way into the spec, and I will also introduce some ideas I have about the third item: how to explain Matrix's E2EE using some metaphors that are intended to find the right level of explanation, and be more accurate than the metaphors we have used up to now.
We will go through the proposed common words:
- Devices/sessions and Identity
- Verified users
- Message keys, message history and key storage
- Recovery and recovery keys
Then we will look at some proposed metaphors:
- "connect" for logging in,
- "id card" for identity, and
- "safe deposit box" for recovery
I will try to argue that these metaphors are at the right level of explanation, and they match more closely to what is really happening than the ideas we have used up to now.
Andy is a long-time free/open source contributor who has worked as a programmer in many different industries, using a variety of technologies including C++, Java, Python, JavaScript and Rust. His hobbies are writing programming languages, coding retro games, and making programming videos.
He loves working with people to craft clean, well-tested code, and feels very privileged to be able to work on Matrix full-time in his job at Element.