I really wanted matrix to succeed, but I've completely and entirely given up on it now.
State resolution is just a total mess. On the best of days it's a hideously complicated system that sucks crazy resources, and on the worst of days rooms get blown up and bricked. Supposedly it's not as bad as before, but the fact that rooms can get bricked in the first place is bonkers. Just computing the member list of a room is a disaster due to the complex resolution algorithm - I spoke to a homeserver admin once who found that the DB storage space of just the member list can easily reach multiple gigabytes for larger rooms.
I'm interested in hearing if anyone has used simplex and what kind of experience it is. It seems like simplex is going for a similar audience as signal but using a very different approach. I don't think they've really had a breakout though and haven't heard it talked about much.
I used it for a year or so, with the default servers, worked just fine. We tried to get a group chat over from Signal to SimpleX but were unsuccessful in the end for unknown reasons. It just petered out and I didn't reinstall it on a new phone.
> I spoke to a homeserver admin once who found that the DB storage space of just the member list can easily reach multiple gigabytes for larger rooms.
This is nothing to do with state resolution; it's due to Synapse's implementation deliberately cutting corners on storage efficiency while trading off for speed. I showed how it could be fixed a few months ago here: https://youtu.be/D5zAgVYBuGk?t=1853, but we prioritised fixing state resets instead.
> Also years later, we still don't have custom emojis, user statuses, user bios, invite links etc
There are MSCs for all of these now, and implementations are starting to filter through. The reality is that the project has been in a funding crunch since 2023 and we've had to focus on survival by prioritising stuff people pay for (i.e. big servers for govtech deployments) rather than custom emoji.
> This is nothing to do with state resolution; it's due to Synapse's implementation deliberately cutting corners on storage efficiency while trading off for speed.
It's specifically to increase the speed if *state resolution*. If it weren't for the convoluted state resolution system, there wouldn't be a need to store gigabytes worth of state groups in the database.
Simply fixes some of the many ways that rooms can explode or be bricked. Zero confidence that room brickings are totally fixed once and for all.
> There are MSCs for all of these now, and implementations are starting to filter through. The reality is that the project has been in a funding crunch since 2023 and we've had to focus on survival by prioritising stuff people pay for (i.e. big servers for govtech deployments) rather than custom emoji.
A funding crunch since 2023 yet those features have been necessary for many years before 2023.
If speed is a concern, why did you all stick with Synapse (essentially single-threaded due to the GIL) over moving to Dendrite? As far as I can tell, Dendrite is, for all intents and purposes, abandoned.
Because we didn't have enough people or cash to do a good job of simultaneously writing two servers, and as Synapse had gone into production across *.gouv.fr and other critical deployments, we instead frantically backported Dendrite's main novelties to Synapse - adding instead worker processes to Synapse so it could easily scale beyond the GIL: https://matrix.org/blog/2020/11/03/how-we-fixed-synapse-s-sc...
The hope was always that we would then get back to Dendrite and be able to invest in it and migrate over, but the cash situation got worse in 2022 due to Matrix being more and more successful (causing the available $ in the industry to be flow to integrators rather than the upstream project), and instead we had to essentially park Dendrite dev in 2023 other than for critical fixes.
Meanwhile, to try to fix the $ situation, we added Rust workers to Synapse as "Synapse Pro" to give customers a reason to actually route money to us as the upstream project, and nowadays Element is actually on a more economically sustainable path. However, at this point the likelihood is that rather than progressing Dendrite we'll instead look to add more Rust to Synapse and fix its resource usage. That said, others are of course very welcome to continue progressing Dendrite forwards, and I personally find it super depressing that we failed to progress both servers at the same time.
Matrix team is doing a solid job of running - Keep it up and keep eating the Slack/Teams marketshare up with competitive features and pricing. Additional business considerations like HQ location costs, tax liabilities, and talent pool availability on paper also affect what you have to work with. London tax, talent, and labor pay versus Austin for example.
Also I got your name wrong last time - I apologize for that.
I also wanted - and still want - matrix to succeed! But, i've also semi-given up. I still use it because there a small number of folks i still chat with; though that's dying off. I managed a synapse home server very early in matrix's life, for a few years, and yeah it was complex back then...and for me the security is fine. Sure, there are gaps and things to be address for security...but, overall the thing that grinds my gears are the heavy resources needed. I started returning to xmpp. Is xmpp "simpler" or "more secure"? I would reply: no. But, you know where xmpp is really great? Ridiculously low needs for resources for a server! I understand that in this day and age we have far more access to so much more computing power...But, why should we allow bloat just because we can? Sorry, nowadays if I'm just trying to provide for chat, I'm looking into xmpp. I have no experience with simplex, but i think i'll wait til it bakes a bit more (and also see the resources usage story in a year or so).
Its funny, I was such a matrix fan boy, and now i'm looking at a chat tech (xmpp) that has been around for tons of years - figure that!
At this point I just want them to die off completely so we could get something better. They have been unable to make real improvements that make using Matrix a nice experience. And their existence somehow inhibits other solutions from emerging in the OSS community chat space.
People new to the system think that Matrix can work. So FLOSS devs spend time trying to lipstick the pig. Takes time away from other areas.
Matrix is completely busted, for the article's aforementioned reasons, and others.
My complaints is that ive seen child sexual assault imagery on your primary servers, hours later (and thousands of CSAM images) finally the user banned. And still does it cause some federated server they are connected to still allows them to be half-joined to a room.
The only safer way to federate is to disable image caching and preloading, and ideally defed from matrix.org.
And combined are the laughable moderation tools. I'm sure for some gov deployment, they're not going to spread child sex images. But on the public internet, even basic tooling is a joke.
I recommend all Matrix admins to discontinue. Its frankly too legally dangerous to run it, given all the various failure modes and E2EE failures.
Its 1 size doesnt fit at all. And it being gone would allow others to potentially succeed.
>Unlike any other existing messaging platform, SimpleX has no identifiers assigned to the users
Lies by omission. SimpleX doesn't mask your IP-address by default. It leaks to the server. The ENTIRE public SimpleX network is hosted by two companies, Akamai and Runonflux. Metadata of two conversing users running on the same VPS can be detected with end-to-end correlation attacks, so pray that the two are not PRISM partners or whatever has replaced that program.
I'd be fine with SimpleX if they
1) bundled Tor and had a toggle switch during initial setup.
2) were transparent about what the toggle switch does (lag/bandwidth vs IP masking)
This is crucial as they already have Tor Onion Service server infra set up, but they're not making it easy for a layperson to use those. Instead they lie by omission. Their
"SimpleX has no identifiers"
only means
"SimpleX does not add additional identifiers"
They don't give a damn about your router gluing your IP address, that's increasingly becoming a unique IPv6 address, to every TCP packet header.
I still wonder why my experience and the experience of my friends, community and family with Matrix has been so positive compared to what people describe all of the time. Maybe it's because something changed in ~2025 when I started using it again? Both Beeper (my main Matrix provider, the one that preconfigures WhatsApp, Signal, SMS etc. bridges) and Element (the new mobile app and EMS for hosting). I onboarded something like two dozend non-technical people to it, and they are all happily using it every day, mostly to use the bridges that come with Beeper. Haven't heard a single complaint, even switching devices just works now. Almost all communities I care about (GNOME and so on) have Matrix servers, and since the spaces feature launched it's been really competitive with Discord, even UX-wise thanks to the new apps on desktop and mobile. Yet all I hear on HN and elsewhere is people complaining about UX issues that just have not appeared a single time for myself. Maybe it's people using non-compliant clients, old servers, or some other strange configuration? It's a mystery to me.
My best theory here is that because Matrix is actually quite close to being really good, folks get very upset about the remaining flaws, especially when the last few years have had to prioritise development for public sector deployments over being a Discord killer, in order to keep the lights on.
Yes, that is my impression also. Extensively using for a couple of years, and only occasional quirks now and then, e.g. a profile verification issue (seeing the annoying red shields to each comment), but easily fixed. Or a UX update that doesn't necessary feel improvement (this is an Element thing, really).
It may not be good enough for your grandma, but certainly can support your software dev team, and there are countless of those active most probably. I really like Matrix as a daily driver. Also using Discord and Slack, and to me these look like a UX Christmas trees full of blinking lights, and far from anything you can call 'calm technology'.
Update: Seeing who I respond to, taking opportunity to mention these recent UX musings.. there used to be 'favorites' in one click in Element, now it is in a drop-down of filters not shown by default (I make distinction of 3 groups 'favorites', 'people', and 'rooms' for all/other. Not using spaces at all (except for the record)). And then there's paragraph spacing between replies given one after the other, is to small. Setting margin to 10px (think its 4px now) makes a world of improved reading already.
I think you're partially correct. People are upset at the time it takes to land even the most basic of fixes. Replies being bright red might be one of the most indicative examples. So while the work towards public sector deployments has probably helped with some aspects, the user-facing side has stagnated and people dislike that.
Self hosting experience went well, but it was very confusing for people moving from Discord about a year ago. If it's still the same, there's literally no way to simply send a registration or channel invite link to someone, and have them onboard through your home server by default without the need to explain "Oh, you have to change this URL to that" etc.
My primary issue is that they changed the voice chat system, broke existing self hosted installs, and the new system was barely documented. I threw in the towel since I mostly hosted it for myself. Could never fix their livekit stuff.
As someone who has witnessed a malicious Matrix admin, it has become glaringly obvious that operating on a platform that hinges on any sort of trust in a human (even those who you consider to be good friends) is not viable.
I wanted to believe, but sadly privacy must be hard-coded or the people with a large set of technical skill, access to AI agents who will restlessly pursue their mission, and a dysfunctional moral compass will attempt to technologically dominate users.
Moxie (Signal Founder) gave a talk about the issues with federation at CCC in 2020, he took a crazy amount of flak for it, a lot of it from the Matrix community. Lots of the issue highlighted are in this post.
Just gave it a listen. A lot of what he asserts seems pretty obvious with many examples e.g. the ones he give about IP, DNS, email etc. Centralized movers will always have the advantage of coordination, so decentralized systems have to have a damn good raison d'etre that's immediately obvious (e.g. Tor) or else be eventually consigned to niche use in highly idealistic communities.
The message I got was more "decentralized services have major coordination issues that prevent them from adapting to changing needs".
Also a major point in Signal's development philosophy is building a comms platform that doesn't require that you trust them, because the protocol is built in a way that leaks the absolute minimum of data about the user necessary to make the service usable for the general public.
Element web and PC applications are still, in 2025, a mess. I have heard you have to use it on Mobile using the ElementX.
No new complaints: The standard it badgers you to authenticate, then doesn't let you due to errors. Slow to load messages, inconsistent whether edits will show or not, inits channels to an arbitrary time in the past, then you have to click the arrow a few times and wait to get to the latest, the page won't load on mobile, etc.
As the other guy pointed out, you would 100% experience the same issues if Signal was a web app. You're deleting your encryption keys. They have to be stored somewhere. You want private keys on the public server?
The reason Matrix hasn't prioritised metadata protection earlier is:
* If you're particularly concerned about metadata footprint, you can run your own servers in whatever network environment you feel like - you are NOT surrendering metadata to some central or 3rd party server as you would in a centralised platform.
* We've had to focus on getting decentralised encryption stable, which turns out to be hard enough without also throwing in metadata protection - it's only this year that we've turned that corner.
* Unless you're using a mixnet, network traffic gives away a significant amount of metadata anyway.
Anyway, yes: Matrix can do better on obfuscating metadata on servers, and we'll continue improving it in 2026.
Meanwhile, if anyone's feeling nostalgic you can see a presentation I wrote preempting the challenge of metadata protection back in 2016 (on the day we first turned on E2EE in Matrix, ironically): https://matrix.org/~matthew/2015-06-26%20Matrix%20Jardin%20E.... In some other world perhaps we would have got to this point sooner, but better late than never.
EDIT: I can't face going through all the other points in this post, but it's worth noting that some of it is just entirely false - e.g. the hackea claims of "an impressive collection of private data being sent to Matrix central servers, even when you use your own instance", or the fact that media isn't authed (it has been since Jun 2024). Meanwhile the abuse situation has evolved significantly in 2025, with stuff like https://matrix.org/blog/2025/02/building-a-safer-matrix/ and https://matrix.org/blog/2025/12/policyserv as well as hiring up a larger trust & safety team at the Matrix Foundation.
People here always want to run the software themselves first, but then the next day they want to pay someone else to host it. If you're running into people throwing security flags, the silver lining is you're also a stone's throw away from offering a hosted option.
"If you're particularly concerned about metadata footprint, you can run your own servers in whatever network environment you feel like"
You're not going to win any long-term support with this attitude, even if you're technically right. Like, if we're still in this "why doesn't the pleb just become a part time sysadmin" way of thinking, it's hard to think it's not just DoA.
Well, that's why the first half of the post spells out the work that we're doing to improve the metadata footprint. The second half that you're quoting explains why we didn't solve this back in 2014.
Frankly, I'm not sure why explaining it (or the explanation) makes the situation any better.
FWIW, I'm the kind of weirdo who gets annoyed by having to add a new noscript rule for every federated instance. So I'm not exactly Matrix's target audience.
Several years ago I was looking for something to use as a family chat server. Many of my friends/coworkers were using Slack/etc., but since my immediate family members didn't already have a preferred chat app, I was hoping to self-host something open-source. Matrix was under very active development at the time and I was pretty excited about the prospect of using it. Matrix didn't even have E2EE yet (I think it was under development), and that really wasn't a feature I needed or cared about (disappointing to read about all the trade-offs involved in this post though). The computational/storage costs for Matrix really were way too burdensome though. I ended up going with Jabber (Snikket). A jabber server costs essentially nothing to run. Highly recommend.
I don’t really have a dog in the fight so to say (aside from running a relatively large IRC network for the passed 22 years)…
But I really do wish we had doubled down on XMPP. It was nearly everywhere in the late-00’s early-10’s. If we could have just solved the mobile case (which, was solved, just not in popular server versions) then we would have been in a better place today.
Hatred of XML has cost us so many wonderful things, the one that hurts me most is SMF (the solaris init system) which obviated the major issues people have with systemd. Except because it’s using XML people would rather carve off a limb over seriously considering porting it.
It’s so easy to host, and I once implemented a partial in-browser client (using, basically, a web bridge that I also wrote on the other side) in no time, starting from not knowing a single thing about it aside from having used xmpp chat clients in the past. Like getting to the point of status online/offline indicators showing up and messages passing was so easy. I get that I was a far cry from supporting things like encryption extensions, but it’s a great sign when going from nothing to having at least some of a protocol working takes very little time.
The web platform’s still (for now) really good and fast at working with xml. Kinda wild we ended up with json everywhere.
Now that i'm looking back at xmpp, i agree that i wish we would have doubled down on xmpp - either to make some things easier for hosting, etc. And, yeah, its funny that you mention about the hatred of xml...i never loved it, but never hated it. Same with json, etc....To me they're just data formats...but so much dislike seemed the cool thing to do back in the day. Ah, well.
> ...The computational/storage costs for Matrix really were way too burdensome though. I ended up going with Jabber (Snikket). A jabber server costs essentially nothing to run...
Your experience seems to mirror my own. I still use matrix very little, but have defaulted to use xmpp. Well, really returned to it after so many, many years away from xmpp. I tried prosody, but then after a multi-server cleanup killed it off. I think it was fine. Up next, i'd like to try either self-hosting my own ejabberd server, or if i don't want manage yet another host might consider the paid option of Snikket...or maybe go through jmp.chat which if i recall correctly includes xmpp hosting with some jmp chat paid plan, etc.
> [federation] offers a degree of censorship resistance, as the messages or images are replicated across multiple servers, making it difficult for any single entity to censor or control the content.
That's the way Matrix goes, but that's not an inherent property of federation (XMPP doesn't leak nearly as much metadata as Matrix does, for instance)
Also, there is no free lunch in this space: p2p is slow and inefficient (bandwidth as much as battery) for modern mobile usecases, the workarounds generally consist of having edge servers to act as caches or preferred routing points, and that brings us back to the exact same set of tradeoffs found in the federation model, except with less control.
In short, I agree with the premise that Matrix is terrible, but not that federation is necessarily bad, nor that P2P is clearly superior.
I'll preface by saying that I would prefer fully decentralized/p2p systems to take over, that's said...
Their arguments against the middle ground (federation) made no sense. Yes, some current implementations are flawed in that you can poison caches with spam and csam, but that's not inherent to federation. In fact, it looked more like they were upset that you can't censor federated communities sufficiently to their liking (nuke them out of existence on a whim?). Their main, and really only, argument against Lemmy was group think but...it's a consensus platform, that's its purpose. There is a time and place for communities to build group consensus organically and it's a viral part of society, so while I can understand chafing at that from time to time, I wouldn't call it a protocol failure.
Trying to build a secure system on top of email is a waste of time and energy. Even if you succeeded, it would only be by compromising all the things that make email useful.
I wondered from the beginning why matrix was adapted so quickly. It's cryptographic protocol is so flawed. Most of the leaks could be easily prevented.
There were no good alternatives at the time. They were competing largely with Telegram and Whatsapp so basically anything was seen as an improvement. Since then Signal has gained popularity and set a much more robust standard for implementation, instead of hollow feature count.
Not open source, you can't verify the end-to-end encryption or any other measures the client uses actually happen. This makes it trivial to hide backdoors.
The entire secure messaging app space is open source, why anyone would bother with writing a proprietary app and thus omit verifiability of the security claims is beyond me.
EDIT: Also, no proxy settings, meaning your IP address can't be masked with Tor/SOCKS5 proxy.
I really wanted matrix to succeed, but I've completely and entirely given up on it now.
State resolution is just a total mess. On the best of days it's a hideously complicated system that sucks crazy resources, and on the worst of days rooms get blown up and bricked. Supposedly it's not as bad as before, but the fact that rooms can get bricked in the first place is bonkers. Just computing the member list of a room is a disaster due to the complex resolution algorithm - I spoke to a homeserver admin once who found that the DB storage space of just the member list can easily reach multiple gigabytes for larger rooms.
Also years later, we still don't have custom emojis, user statuses, user bios, invite links etc. - very basic things that literally every messaging platform has. https://github.com/element-hq/element-meta/issues/339 https://github.com/element-hq/element-meta/issues/573 https://github.com/element-hq/element-meta/issues/426
I'm interested in hearing if anyone has used simplex and what kind of experience it is. It seems like simplex is going for a similar audience as signal but using a very different approach. I don't think they've really had a breakout though and haven't heard it talked about much.
I used it for a year or so, with the default servers, worked just fine. We tried to get a group chat over from Signal to SimpleX but were unsuccessful in the end for unknown reasons. It just petered out and I didn't reinstall it on a new phone.
Maybe there was no migration?
> State resolution is just a total mess.
Not since https://matrix.org/blog/2025/08/project-hydra-improving-stat...
> I spoke to a homeserver admin once who found that the DB storage space of just the member list can easily reach multiple gigabytes for larger rooms.
This is nothing to do with state resolution; it's due to Synapse's implementation deliberately cutting corners on storage efficiency while trading off for speed. I showed how it could be fixed a few months ago here: https://youtu.be/D5zAgVYBuGk?t=1853, but we prioritised fixing state resets instead.
> Also years later, we still don't have custom emojis, user statuses, user bios, invite links etc
There are MSCs for all of these now, and implementations are starting to filter through. The reality is that the project has been in a funding crunch since 2023 and we've had to focus on survival by prioritising stuff people pay for (i.e. big servers for govtech deployments) rather than custom emoji.
> This is nothing to do with state resolution; it's due to Synapse's implementation deliberately cutting corners on storage efficiency while trading off for speed.
It's specifically to increase the speed if *state resolution*. If it weren't for the convoluted state resolution system, there wouldn't be a need to store gigabytes worth of state groups in the database.
* https://element-hq.github.io/synapse/latest/usage/administra...
* https://github.com/matrix-org/rust-synapse-compress-state
Maybe there's a way to calculate state without state groups, but I sure don't see one that I can use if I were to run a matrix server.
> Not since https://matrix.org/blog/2025/08/project-hydra-improving-stat...
Simply fixes some of the many ways that rooms can explode or be bricked. Zero confidence that room brickings are totally fixed once and for all.
> There are MSCs for all of these now, and implementations are starting to filter through. The reality is that the project has been in a funding crunch since 2023 and we've had to focus on survival by prioritising stuff people pay for (i.e. big servers for govtech deployments) rather than custom emoji.
A funding crunch since 2023 yet those features have been necessary for many years before 2023.
The room state is cached to not need to recompute the current room state from the beginning of time.
You probably would do that even if there was no state resolution at all
> Simply fixes some of the many ways that rooms can explode or be bricked.
How many other ways are there? Afaik none is known
>trading off for speed
If speed is a concern, why did you all stick with Synapse (essentially single-threaded due to the GIL) over moving to Dendrite? As far as I can tell, Dendrite is, for all intents and purposes, abandoned.
Because we didn't have enough people or cash to do a good job of simultaneously writing two servers, and as Synapse had gone into production across *.gouv.fr and other critical deployments, we instead frantically backported Dendrite's main novelties to Synapse - adding instead worker processes to Synapse so it could easily scale beyond the GIL: https://matrix.org/blog/2020/11/03/how-we-fixed-synapse-s-sc...
The hope was always that we would then get back to Dendrite and be able to invest in it and migrate over, but the cash situation got worse in 2022 due to Matrix being more and more successful (causing the available $ in the industry to be flow to integrators rather than the upstream project), and instead we had to essentially park Dendrite dev in 2023 other than for critical fixes.
Meanwhile, to try to fix the $ situation, we added Rust workers to Synapse as "Synapse Pro" to give customers a reason to actually route money to us as the upstream project, and nowadays Element is actually on a more economically sustainable path. However, at this point the likelihood is that rather than progressing Dendrite we'll instead look to add more Rust to Synapse and fix its resource usage. That said, others are of course very welcome to continue progressing Dendrite forwards, and I personally find it super depressing that we failed to progress both servers at the same time.
> nowadays Element is actually on a more economically sustainable path
Good to hear. Keep up the good work.
Matrix team is doing a solid job of running - Keep it up and keep eating the Slack/Teams marketshare up with competitive features and pricing. Additional business considerations like HQ location costs, tax liabilities, and talent pool availability on paper also affect what you have to work with. London tax, talent, and labor pay versus Austin for example.
Also I got your name wrong last time - I apologize for that.
I also wanted - and still want - matrix to succeed! But, i've also semi-given up. I still use it because there a small number of folks i still chat with; though that's dying off. I managed a synapse home server very early in matrix's life, for a few years, and yeah it was complex back then...and for me the security is fine. Sure, there are gaps and things to be address for security...but, overall the thing that grinds my gears are the heavy resources needed. I started returning to xmpp. Is xmpp "simpler" or "more secure"? I would reply: no. But, you know where xmpp is really great? Ridiculously low needs for resources for a server! I understand that in this day and age we have far more access to so much more computing power...But, why should we allow bloat just because we can? Sorry, nowadays if I'm just trying to provide for chat, I'm looking into xmpp. I have no experience with simplex, but i think i'll wait til it bakes a bit more (and also see the resources usage story in a year or so).
Its funny, I was such a matrix fan boy, and now i'm looking at a chat tech (xmpp) that has been around for tons of years - figure that!
At this point I just want them to die off completely so we could get something better. They have been unable to make real improvements that make using Matrix a nice experience. And their existence somehow inhibits other solutions from emerging in the OSS community chat space.
> And their existence somehow inhibits other solutions from emerging in the OSS community chat space.
How?
People new to the system think that Matrix can work. So FLOSS devs spend time trying to lipstick the pig. Takes time away from other areas.
Matrix is completely busted, for the article's aforementioned reasons, and others.
My complaints is that ive seen child sexual assault imagery on your primary servers, hours later (and thousands of CSAM images) finally the user banned. And still does it cause some federated server they are connected to still allows them to be half-joined to a room.
The only safer way to federate is to disable image caching and preloading, and ideally defed from matrix.org.
And combined are the laughable moderation tools. I'm sure for some gov deployment, they're not going to spread child sex images. But on the public internet, even basic tooling is a joke.
I recommend all Matrix admins to discontinue. Its frankly too legally dangerous to run it, given all the various failure modes and E2EE failures.
Its 1 size doesnt fit at all. And it being gone would allow others to potentially succeed.
I have a room going on multiple years now.
>Unlike any other existing messaging platform, SimpleX has no identifiers assigned to the users
Lies by omission. SimpleX doesn't mask your IP-address by default. It leaks to the server. The ENTIRE public SimpleX network is hosted by two companies, Akamai and Runonflux. Metadata of two conversing users running on the same VPS can be detected with end-to-end correlation attacks, so pray that the two are not PRISM partners or whatever has replaced that program.
I'd be fine with SimpleX if they
1) bundled Tor and had a toggle switch during initial setup.
2) were transparent about what the toggle switch does (lag/bandwidth vs IP masking)
This is crucial as they already have Tor Onion Service server infra set up, but they're not making it easy for a layperson to use those. Instead they lie by omission. Their
"SimpleX has no identifiers"
only means
"SimpleX does not add additional identifiers"
They don't give a damn about your router gluing your IP address, that's increasingly becoming a unique IPv6 address, to every TCP packet header.
Simplex is also going down the crypto drain, they're starting their own coin.
I still wonder why my experience and the experience of my friends, community and family with Matrix has been so positive compared to what people describe all of the time. Maybe it's because something changed in ~2025 when I started using it again? Both Beeper (my main Matrix provider, the one that preconfigures WhatsApp, Signal, SMS etc. bridges) and Element (the new mobile app and EMS for hosting). I onboarded something like two dozend non-technical people to it, and they are all happily using it every day, mostly to use the bridges that come with Beeper. Haven't heard a single complaint, even switching devices just works now. Almost all communities I care about (GNOME and so on) have Matrix servers, and since the spaces feature launched it's been really competitive with Discord, even UX-wise thanks to the new apps on desktop and mobile. Yet all I hear on HN and elsewhere is people complaining about UX issues that just have not appeared a single time for myself. Maybe it's people using non-compliant clients, old servers, or some other strange configuration? It's a mystery to me.
My best theory here is that because Matrix is actually quite close to being really good, folks get very upset about the remaining flaws, especially when the last few years have had to prioritise development for public sector deployments over being a Discord killer, in order to keep the lights on.
Yes, that is my impression also. Extensively using for a couple of years, and only occasional quirks now and then, e.g. a profile verification issue (seeing the annoying red shields to each comment), but easily fixed. Or a UX update that doesn't necessary feel improvement (this is an Element thing, really).
It may not be good enough for your grandma, but certainly can support your software dev team, and there are countless of those active most probably. I really like Matrix as a daily driver. Also using Discord and Slack, and to me these look like a UX Christmas trees full of blinking lights, and far from anything you can call 'calm technology'.
Update: Seeing who I respond to, taking opportunity to mention these recent UX musings.. there used to be 'favorites' in one click in Element, now it is in a drop-down of filters not shown by default (I make distinction of 3 groups 'favorites', 'people', and 'rooms' for all/other. Not using spaces at all (except for the record)). And then there's paragraph spacing between replies given one after the other, is to small. Setting margin to 10px (think its 4px now) makes a world of improved reading already.
I think you're partially correct. People are upset at the time it takes to land even the most basic of fixes. Replies being bright red might be one of the most indicative examples. So while the work towards public sector deployments has probably helped with some aspects, the user-facing side has stagnated and people dislike that.
Self hosting experience went well, but it was very confusing for people moving from Discord about a year ago. If it's still the same, there's literally no way to simply send a registration or channel invite link to someone, and have them onboard through your home server by default without the need to explain "Oh, you have to change this URL to that" etc.
My primary issue is that they changed the voice chat system, broke existing self hosted installs, and the new system was barely documented. I threw in the towel since I mostly hosted it for myself. Could never fix their livekit stuff.
I'm in the same boat. I manage my own server with tons of help from the ansible script(0) and it's generally been great for years.
I can only assume our experience in private servers is way different than people logging into the matrix.org server or in extremely populated rooms?
(0): https://github.com/spantaleev/matrix-docker-ansible-deploy
As someone who has witnessed a malicious Matrix admin, it has become glaringly obvious that operating on a platform that hinges on any sort of trust in a human (even those who you consider to be good friends) is not viable.
I wanted to believe, but sadly privacy must be hard-coded or the people with a large set of technical skill, access to AI agents who will restlessly pursue their mission, and a dysfunctional moral compass will attempt to technologically dominate users.
care to elaborate was it encryption they targeted as well?
Moxie (Signal Founder) gave a talk about the issues with federation at CCC in 2020, he took a crazy amount of flak for it, a lot of it from the Matrix community. Lots of the issue highlighted are in this post.
https://youtu.be/DdM-XTRyC9c
Just gave it a listen. A lot of what he asserts seems pretty obvious with many examples e.g. the ones he give about IP, DNS, email etc. Centralized movers will always have the advantage of coordination, so decentralized systems have to have a damn good raison d'etre that's immediately obvious (e.g. Tor) or else be eventually consigned to niche use in highly idealistic communities.
Yeah, but it boiled down to “we want to move fast and modify the client on our whim”.
Which, is fair, but if absolute control of the client is required then there’s no benefit to E2EE.
The message I got was more "decentralized services have major coordination issues that prevent them from adapting to changing needs".
Also a major point in Signal's development philosophy is building a comms platform that doesn't require that you trust them, because the protocol is built in a way that leaks the absolute minimum of data about the user necessary to make the service usable for the general public.
Element web and PC applications are still, in 2025, a mess. I have heard you have to use it on Mobile using the ElementX.
No new complaints: The standard it badgers you to authenticate, then doesn't let you due to errors. Slow to load messages, inconsistent whether edits will show or not, inits channels to an arbitrary time in the past, then you have to click the arrow a few times and wait to get to the latest, the page won't load on mobile, etc.
I use the strict cookie policy on firefox, and set cookies to be deleted at shutdown. I just save credentials and login to platforms each time.
I joined the mozilla matrix, and ironically, this caused the auth system to completely break down for some reason since I would log in each time.
It suggested to reset the whatever login data cookie thing because it did not want to trust me anymore, displaying red warning or whatever.
I asked around, and apparently they disagreed about that strict cookie policy, which felt quite ironic coming from the mozilla community.
As the other guy pointed out, you would 100% experience the same issues if Signal was a web app. You're deleting your encryption keys. They have to be stored somewhere. You want private keys on the public server?
Yes, deleting your encryption keys every time you close the end to end encrypted chat app is definitely a great idea
/me sighs; Merry Christmas everyone.
For what it's worth, we've been working on improving Matrix's metadata footprint this year: MSC4362 (https://github.com/matrix-org/matrix-spec-proposals/blob/kay...) got implemented on matrix-js-sdk for encrypting room state (currently behind a labs flag on Element Web: https://github.com/element-hq/element-web/blob/develop/docs/...). Meanwhile more radical proposals like MSC4256 (https://github.com/dklimpel/matrix-spec-proposals/blob/mls-R...) go and remove senders entirely and encrypt room state via MLS.
The reason Matrix hasn't prioritised metadata protection earlier is:
* If you're particularly concerned about metadata footprint, you can run your own servers in whatever network environment you feel like - you are NOT surrendering metadata to some central or 3rd party server as you would in a centralised platform.
* We've had to focus on getting decentralised encryption stable, which turns out to be hard enough without also throwing in metadata protection - it's only this year that we've turned that corner.
* Unless you're using a mixnet, network traffic gives away a significant amount of metadata anyway.
Anyway, yes: Matrix can do better on obfuscating metadata on servers, and we'll continue improving it in 2026.
Meanwhile, if anyone's feeling nostalgic you can see a presentation I wrote preempting the challenge of metadata protection back in 2016 (on the day we first turned on E2EE in Matrix, ironically): https://matrix.org/~matthew/2015-06-26%20Matrix%20Jardin%20E.... In some other world perhaps we would have got to this point sooner, but better late than never.
EDIT: I can't face going through all the other points in this post, but it's worth noting that some of it is just entirely false - e.g. the hackea claims of "an impressive collection of private data being sent to Matrix central servers, even when you use your own instance", or the fact that media isn't authed (it has been since Jun 2024). Meanwhile the abuse situation has evolved significantly in 2025, with stuff like https://matrix.org/blog/2025/02/building-a-safer-matrix/ and https://matrix.org/blog/2025/12/policyserv as well as hiring up a larger trust & safety team at the Matrix Foundation.
People here always want to run the software themselves first, but then the next day they want to pay someone else to host it. If you're running into people throwing security flags, the silver lining is you're also a stone's throw away from offering a hosted option.
"If you're particularly concerned about metadata footprint, you can run your own servers in whatever network environment you feel like"
You're not going to win any long-term support with this attitude, even if you're technically right. Like, if we're still in this "why doesn't the pleb just become a part time sysadmin" way of thinking, it's hard to think it's not just DoA.
Well, that's why the first half of the post spells out the work that we're doing to improve the metadata footprint. The second half that you're quoting explains why we didn't solve this back in 2014.
Frankly, I'm not sure why explaining it (or the explanation) makes the situation any better.
FWIW, I'm the kind of weirdo who gets annoyed by having to add a new noscript rule for every federated instance. So I'm not exactly Matrix's target audience.
yup, unsure why i bothered too.
> Why Federation Must Die
They've lost me right here.
Matrix should rightly die. Its a terrible protocol in so many aspects.
As a counter, Mastodon federation is pretty sweet.
I have yet to learn about a federated alternative which is better than Matrix or at least on the same level
it's too bad running a mastodon instance is also a nightmare
GoToSocial and snac2 are both much simpler. https://gotosocial.org/ https://comam.es/snac-doc/
Discourse "loading" screen is the worst user experience. It's long, non-informative and meaningless.
Several years ago I was looking for something to use as a family chat server. Many of my friends/coworkers were using Slack/etc., but since my immediate family members didn't already have a preferred chat app, I was hoping to self-host something open-source. Matrix was under very active development at the time and I was pretty excited about the prospect of using it. Matrix didn't even have E2EE yet (I think it was under development), and that really wasn't a feature I needed or cared about (disappointing to read about all the trade-offs involved in this post though). The computational/storage costs for Matrix really were way too burdensome though. I ended up going with Jabber (Snikket). A jabber server costs essentially nothing to run. Highly recommend.
I don’t really have a dog in the fight so to say (aside from running a relatively large IRC network for the passed 22 years)…
But I really do wish we had doubled down on XMPP. It was nearly everywhere in the late-00’s early-10’s. If we could have just solved the mobile case (which, was solved, just not in popular server versions) then we would have been in a better place today.
Hatred of XML has cost us so many wonderful things, the one that hurts me most is SMF (the solaris init system) which obviated the major issues people have with systemd. Except because it’s using XML people would rather carve off a limb over seriously considering porting it.
It’s so easy to host, and I once implemented a partial in-browser client (using, basically, a web bridge that I also wrote on the other side) in no time, starting from not knowing a single thing about it aside from having used xmpp chat clients in the past. Like getting to the point of status online/offline indicators showing up and messages passing was so easy. I get that I was a far cry from supporting things like encryption extensions, but it’s a great sign when going from nothing to having at least some of a protocol working takes very little time.
The web platform’s still (for now) really good and fast at working with xml. Kinda wild we ended up with json everywhere.
You say that but has XMPP really improved over the past 10-20 years? The same issues plague it still.
because all the investment has gone elsewhere.
I thought I was clear about that?
SMF also has not moved in 15 years.
Now that i'm looking back at xmpp, i agree that i wish we would have doubled down on xmpp - either to make some things easier for hosting, etc. And, yeah, its funny that you mention about the hatred of xml...i never loved it, but never hated it. Same with json, etc....To me they're just data formats...but so much dislike seemed the cool thing to do back in the day. Ah, well.
> ...The computational/storage costs for Matrix really were way too burdensome though. I ended up going with Jabber (Snikket). A jabber server costs essentially nothing to run...
Your experience seems to mirror my own. I still use matrix very little, but have defaulted to use xmpp. Well, really returned to it after so many, many years away from xmpp. I tried prosody, but then after a multi-server cleanup killed it off. I think it was fine. Up next, i'd like to try either self-hosting my own ejabberd server, or if i don't want manage yet another host might consider the paid option of Snikket...or maybe go through jmp.chat which if i recall correctly includes xmpp hosting with some jmp chat paid plan, etc.
> [federation] offers a degree of censorship resistance, as the messages or images are replicated across multiple servers, making it difficult for any single entity to censor or control the content.
That's the way Matrix goes, but that's not an inherent property of federation (XMPP doesn't leak nearly as much metadata as Matrix does, for instance)
Also, there is no free lunch in this space: p2p is slow and inefficient (bandwidth as much as battery) for modern mobile usecases, the workarounds generally consist of having edge servers to act as caches or preferred routing points, and that brings us back to the exact same set of tradeoffs found in the federation model, except with less control.
In short, I agree with the premise that Matrix is terrible, but not that federation is necessarily bad, nor that P2P is clearly superior.
I'll preface by saying that I would prefer fully decentralized/p2p systems to take over, that's said...
Their arguments against the middle ground (federation) made no sense. Yes, some current implementations are flawed in that you can poison caches with spam and csam, but that's not inherent to federation. In fact, it looked more like they were upset that you can't censor federated communities sufficiently to their liking (nuke them out of existence on a whim?). Their main, and really only, argument against Lemmy was group think but...it's a consensus platform, that's its purpose. There is a time and place for communities to build group consensus organically and it's a viral part of society, so while I can understand chafing at that from time to time, I wouldn't call it a protocol failure.
Email itself is federated. Sort of the original federated messaging.
And the worst available secure messaging system.
And it's the best widely available, accessible, battle hardened, omnipresent messasing system.
What do you think of a system like Delta Chat built on top?
Trying to build a secure system on top of email is a waste of time and energy. Even if you succeeded, it would only be by compromising all the things that make email useful.
I wondered from the beginning why matrix was adapted so quickly. It's cryptographic protocol is so flawed. Most of the leaks could be easily prevented.
There were no good alternatives at the time. They were competing largely with Telegram and Whatsapp so basically anything was seen as an improvement. Since then Signal has gained popularity and set a much more robust standard for implementation, instead of hollow feature count.
Use keet, true p2p & secure chat. No servers.
https://keet.io/
Not open source, you can't verify the end-to-end encryption or any other measures the client uses actually happen. This makes it trivial to hide backdoors.
The entire secure messaging app space is open source, why anyone would bother with writing a proprietary app and thus omit verifiability of the security claims is beyond me.
EDIT: Also, no proxy settings, meaning your IP address can't be masked with Tor/SOCKS5 proxy.
Do NOT use.
It’s all npm on the inside, if I understand correctly.
It doesn't appear to be open source, so users have no control or lasting guarantees of privacy.