Matrix literally syncs the entire data/metadata history to all other servers where someone pops in; chat is meant to have an ephemeral aspect to it. The whole network is de facto centralized on Matrix.org or the servers they host for others which means one org has access to almost everything—like the issue with Signal.

What’s scary to me is how expensive it is to run this eventual consistency model, which should not be a protocol requirement for this style of communication. It sucks so much RAM, so much storage, so wasteful—which causes medium-sized servers to shutdown on maintenance costs alone which causes more users to leave for the Matrix.org. These are not the characteristics of a revolutionary protocol—revolutionary is users & collectives to reasonably be self-hosting this stuff for their privacy & autonomy.

I have used XMPP for some time now and I tried Matrix for a bit, but have stuck with XMPP until now.

I found it practically very easy to set up a prosody XMPP server in a raspberry pi. In XMPP you have the core standard that is kept quite minimal and then you can extended your implementation using XMPP extension protocols (XEPs) in a highly modular fashion. This approach of building on top of a light core using well-documented extensions I like very much.

With Matrix, JSON is used instead of XML. I think that JSON is a nice format when trying to look under the hood at how the message data is structured. XML is a bit of a pain to look at in my opinion. And I think JSON might be more efficient in how it moves the data around. So, that is a big positive for me. But I Matrix appears to be more focused on being feature rich than on having a flexible modular structure. While it does have extensions, successful extensions do have a chance of being eventually integrated into the core protocol. This makes the core feel bloated to me, because I have very minimal requirements.

In terms of security, in XMPP you start with the core and then you select the type of encryption that you like (OpenPGP, OMEMO, etc). OMEMO encryption has plausible deniability built into its design, and for me, plausible deniability is a property that I consider important for messaging. The modular approach to XMPP also means that these are choices that one gets to make in an active manner, and the protocols are open protocols that come from outside of XMPP. With Matrix you get their encryption protocol as part of the core - it is a protocol that they designed and that you need to accept to use their tool with encryption. It is probably a good protocol, but I don’t think it has plausible deniability built in, and that’s a choice you did not get to make.

As for moderation, I don’t know. Do they mean moderation tools, or the actual absence of moderators and unmoderated communities? Because the latter is more a property of the people using the tool that the tool itself. You can have your own private communities.

If someone asks me, I could recommend Matrix but would rather recommend XMPP, depending on what they are looking for specifically.

My wife and I use it to chat privately and I host synapse inside our LAN so im not federated. Works perfectly for that, but I’ve heard a lot of people have issues with large groups.

deleted by creator

Depends on the use case an server.

Google and facebook do not yet have public servers. You want a trudtworthy server such that noone abuses your metadata like the time of sending a message.

It’s very useful for companies like email but for real time communication. I’d prefer matrix over most other forms. In many companies and agencies matrix is getting introduced these days.

It’s not anonymuous just like signal isn’t perfectly anonymuous.

Matrix is still in my “recommend” category for real time federation. With third room still being the coolest example of what that can mean so far. They build on the same libs that make Peertube work too for the video sharing aspect (not the video metadata sharing and socials that all ActivityPub).

I’m really excited to see dendrite make it to client devices for real p2p servers, maybe even as a micro service deployment. I do want to try out the Conduwuit too.

That said the metadata leakage is an issue to me and consider that a serious flaw depending on your threat model, and you want to extra steps to preserve your identity from an untrusted matrix network and/or stick to a private one you trust

Its definetely more polished for users, but it leaks metadata. XMPP is nicer to work with, as a developer.

I find it to be pretty trash, and that’s just my layman’s opinion. I won’t get into my professional opinion…

Overall, it’s good, but you need to know what exactly you’re signing up for. The reality is that you can run a decentralized or centralized E2EE chat server, along with voice/video calling, without much effort. There are hiccups with the key exchange that suck, and metadata isn’t really protected. It really comes down to if it meets your particular requirements.

Yes and No

I consider matrix to be somewhat equivalent to XMPP or public mailing lists. It is potentially decentralized (even though everyone uses matrix.org) and it can host group chats. And for those purposes it is ok-ish, but for privacy it is no good.

My pet peeve with matrix is that I consider most features to be half baked. And instead of fixing them we just keep pilling up more. Here is a list in no particular order

• encryption regularly breaks in weird ways, usually you see a message that you can’t read
• if you enable encryption in a chat room you cannot disable it
• we now have two official clients for Android (Element and Element X) in the first one encryption breaks in weird ways, in the later there is no way to use Spaces properly
• direct messages between people don’t work well - it is like they are a room with the two people
• privacy wise matrix is weak, leaks metadata, attachments are not encrypted, etc. Do not use if you expect privacy/anonymity. Also I think most groups run without encryption because of the other issues.
• verifying sessions between clients is painful e.g. the client annoys me to verify but then verification does not trigger on the second client

Because of this mess your quality of experience will vary depending on the client and features you use. The web clients are usable.

I don’t really use the video/audio calls so I have no comments on that front.

I dislike how little security and moderation it has myself. Too basic, IRC seemed to have better moderation support but granted they used bots for more advanced stuff. Not to mention how clunky it seems. That is ignoring the even higher bar required to even get started, having to find both a client and a server to get started is a pretty high bar for a lot of people.

The protocole is fine I think the real problem is the synapse implementation but I could be wrong on that take I am no expert.

What else do you recommend?

I don’t use Matrix due to a permanent copy of all activity being kept on servers. It seems Matrix only has private group chats but not end-to-end direct messaging to add a contact and message them, you have to invite a user to a chat.