Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MSC4101: Hashes for unencrypted media #4101

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

MSC4101: Hashes for unencrypted media #4101

wants to merge 1 commit into from

Conversation

turt2live
Copy link
Member

Rendered

In line with matrix-org/matrix-spec#1700, the following disclosure applies:

I am Director of Standards Development at The Matrix.org Foundation C.I.C., Matrix Spec Core Team (SCT) member, employed by Element, and operate the t2bot.io service. This proposal is written and published as a member of the SCT working in the area of media authentication and linking.

Implementation requirements:

  • Client sends hashes
  • Client verifies hashes

@turt2live turt2live changed the title Hashes for unencrypted media MSC4101: Hashes for unencrypted media Feb 15, 2024
@turt2live turt2live added proposal A matrix spec change proposal client-server Client-Server API kind:feature MSC for not-core and not-maintenance stuff needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. labels Feb 15, 2024
ara4n
ara4n reviewed Feb 20, 2024
View reviewed changes
proposals/4101-unencrypted-media-hashes.md
to clients. Clients will believe these changes in most cases because they do not have the capability
to validate the DAG itself.

This proposal does *not* attempt to fix either tampering issue for unencrypted media. Encrypting events
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm surprised we're not mentioning MSC #2757 (https://github.com/Sorunome/matrix-doc/blob/soru/sign-events/proposals/2757-sign-events.md ) here, which /does/ try to fix the tampering issue for unencrypted media (and is kinda the sister-proposal to this, but for events rather than media)

kegsay
kegsay reviewed Jan 13, 2025
View reviewed changes
proposals/4101-unencrypted-media-hashes.md

## Alternatives

No alternatives identified.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't the hash just go into the MXC URI e.g "thumbnail_url": "mxc://example.org/$hash"?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we have an MSC3911 world, no. The media ID would need to be unique.

We'd also find it harder to update or change the algorithm in future, but not impossible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ara4n ara4n ara4n left review comments

@kegsay kegsay kegsay left review comments

Assignees
No one assigned
Labels
client-server Client-Server API kind:feature MSC for not-core and not-maintenance stuff needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. proposal A matrix spec change proposal
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@turt2live @ara4n @kegsay