-
Notifications
You must be signed in to change notification settings - Fork 344
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Matrix.org has broken the federation connection #2483
Comments
This problem has existed since at least the end of July. |
I also can't get messages from nitro[.]chat user, same problem |
Knock, knock |
we’re not aware of federation problems on matrix.org atm. generally when other servers can’t federate (eg nitro.chat) it’s because they are coughing up errors to requests from matrix.org for whatever reason, which means they then get marked down - ie a problem on the receiver not the sender. in order for this bug report to actually be actionable, you may want to:
…otherwise we’ll have to close this as unactionable. |
I've been the developer looking at messages which are unable to decrypt (UTD) in the ecosystem. There's a few reasons why this may happen. This typically (though not exclusively) means matrix.org was unable to claim one-time keys (OTKs) for those remote users, or it failed to send room keys, particularly if it used to work. This is governed by the endpoints
However, if you are sending traffic to matrix.org, the backoff timer should be reset, so it's most likely timeouts on
then I would check your logs at the end of July for timeouts/non 2xx status codes for |
So YOU have a federation working? Well, if you don't use the federation... register two accounts on different servers and check the logs. I used a German server. |
oh! if you're in Russia (which, of course, you didn't bother to say either here or on HN), then you are probably suffering from your government censoring access to matrix.org. We are aware of folks in Russia being unable to connect to the CS API on matrix.org for the last few weeks, but this is the first we've heard of the SS API being blocked too. You may wish to complain to your own 3-letter agencies... |
Looking at OONI - it doesn't have stats on matrix-federation.matrix.org (https://explorer.ooni.org/domain/matrix-federation.matrix.org?since=2024-08-25&until=2024-09-25&probe_cc=RU) but it does for the CS API: https://explorer.ooni.org/domain/matrix-client.matrix.org?since=2024-08-25&until=2024-09-25&probe_cc=RU So I'd assume that SS API is impacted too. The workaround is to use censorship circumvention, as you would on any other service. Separately, Matrix could do more native censorship circumvention - either via p2p (arewep2pyet.com) or by rearchitecting E2EE so it can bounce transitively via other servers (like plaintext traffic can). But both of those are long-term projects which just don't exist yet today. |
matrix-client.matrix.org was blocked recently. But matrix.org works and the messengers that connect to it also work (even though it is not standard). I mean, when communicating within the matrix.org server. However, something doesn't add up for you. I tested under Cloudflare WARP VPN, it is uncensored, although the IP is considered Russian (I think it comes out of Cloudflare servers somewhere from Finland). And there was still no connection to the federation (in app.element.io in the browser). It looks more like a geo block on your side. You still haven't said if federation is working for you. |
Yes. |
As I said:
We are not blocking anything on the matrix.org side, nor are any servers currently defederated. If you can actually give us something to go on (e.g. the hostname of an impacted server) then we try to understand what's actually going on, but so far this continues to be completely unactionable... |
I've just checked from my personal server ( I've wrote to the chat hosted on But. When I tried to check the key exchange via DM with my friend who has account on Here's my message to her from Nheko: Here's how she saw my message on mobile: Here's how I see her reply: @ara4n, @kegsay, @artenax
I really don't like the attitude of some people who accuse I can't provide server logs right now. If someone can replicate my experiment, please do that. If not, then I'll try to repeat it later and provide logs myself. If possible, please reopen the issue so it won't be lost. UPD: At the same time, another So... no reliable results for now. |
Well, I managed to create an encrypted room between |
I want to add that I tested it in VPN (or rather, shadowsocks proxy from Finland) without censorship. |
I've seen the same problem before between transfem.dev (now dead) and matrix.im. That is, without involving communication with matrix.org contacts. |
Logically it seems that matrix.im has the problem. But there are complaints on different servers, as you understand. |
Small update from me. After some time, I've got the message from my friend (mentioned above) successfully decrypted on all devices. I'm not really sure what changed since then 🤷 |
The default and largest server on the Matrix network has broken the key exchange between messenger users. Users with accounts on matrix.org do not receive the key from their contacts with accounts on other servers, so they cannot decrypt messages. /discardsession does not help.
Users on matrix.org have in chat instead of message text: “unable to decrypt message” (in Element client) and “message could not be decrypted due to missing key” (in Nheko).
Users of any other servers can read messages from matrix.org users - they get the keys.
Communication between users of any other servers goes without problems.
The text was updated successfully, but these errors were encountered: