From bab39e28ce83c259cc93e7a133911b536f3eb7c9 Mon Sep 17 00:00:00 2001 From: Travis Ralston Date: Mon, 19 Jun 2023 08:52:55 -0600 Subject: [PATCH] MSC3989: Redact `origin` property on events (#3989) * Redact `origin` field on events * Provide context and remove hunt for more useless fields * spelling: actually * Apply suggestions from code review Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> * Slight wording alterations * Property --------- Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> --- proposals/3989-redact-origin-field.md | 61 +++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 proposals/3989-redact-origin-field.md diff --git a/proposals/3989-redact-origin-field.md b/proposals/3989-redact-origin-field.md new file mode 100644 index 00000000..8d362122 --- /dev/null +++ b/proposals/3989-redact-origin-field.md @@ -0,0 +1,61 @@ +# MSC3989: Redact `origin` property on events + +The [current redaction algorithm](https://spec.matrix.org/v1.6/rooms/v10/#redactions) *keeps* the +top-level `origin` property on events during redaction, however, as of this writing, the only use within the +spec of `origin` as a top-level event property is a malformed example of event format. The property has no +significant meaning in modern room versions. + +Within the ecosystem, it's clear that we'd [prefer the property to disappear](https://github.com/matrix-org/matrix-spec/issues/374), +and have [tried to do so](https://github.com/matrix-org/matrix-spec/pull/998) in the past. The +malformed examples are even [known to us](https://github.com/matrix-org/matrix-spec/issues/1480). + +What's not clear, and mentioned in [a comment](https://github.com/matrix-org/matrix-spec/issues/1480#issuecomment-1495183789), +is whether the `origin` property is *actually* used. There do not appear to be any auth rules or similar +which would use the property, however it'd hardly be the first time that the spec was wrong about an +ancient room version like v1. What is clear is that Synapse, where this question would be asked, +wants to [drop support](https://github.com/matrix-org/synapse/issues/3816) for the property and has +taken [steps](https://github.com/matrix-org/synapse/pull/8324) towards that mission by fixing bugs +in the area. In a [quick audit](https://github.com/matrix-org/matrix-spec-proposals/pull/3989#issuecomment-1497659507) +of the Synapse codebase during implementation of this MSC, the `origin` property appears unused. + +Given the above context, this proposal removes the `origin` property from the [redaction algorithm](https://spec.matrix.org/v1.7/rooms/v10/#redactions) +in a future room version, leaving it as-is for existing versions (not that an MSC can change the behaviour +of an already-stable room version anyways). + +Some other properties are additionally useless in modern room versions, however they are already adapted +by [MSC2176](https://github.com/matrix-org/matrix-spec-proposals/pull/2176). + +## Proposal + +In a future room version, the `origin` property is *removed* from the list of *event* keys which are +kept during redaction. Note that this requires a new room version because changing the redaction +algorithm changes how [event IDs](https://spec.matrix.org/v1.6/rooms/v10/#event-ids) are calculated, +as they are [reference hashes](https://spec.matrix.org/v1.6/server-server-api/#calculating-the-reference-hash-for-an-event) +which redact the event during calculation. + +## Potential issues + +No major concerns. + +## Alternatives + +No significant alternatives. + +## Security considerations + +No major concerns. + +## Unstable prefix + +While this MSC is not considered stable, implementations should use `org.matrix.msc3989` as the room +version identifier, using v10 as a base. + +## Dependencies + +No blocking dependencies. + +This MSC would partner well with the following MSCs, however: +* [MSC2176](https://github.com/matrix-org/matrix-spec-proposals/pull/2176) +* [MSC2175](https://github.com/matrix-org/matrix-spec-proposals/pull/2175) +* [MSC2174](https://github.com/matrix-org/matrix-spec-proposals/pull/2174) +* [MSC3821](https://github.com/matrix-org/matrix-spec-proposals/pull/3821)