The Matrix server manages clients who are registered to rooms where there exist events, which represent client actions such as sending a message. Our OCaml Matrix server implementation follows the Matrix specification standard from which we extract the parts describing the subset of Matrix components that we choose to implement for the MVP. The OCaml implementation environment provides secure by design properties and avoids various vulnerabilities such as the buffer overflow recently discovered to produce considerable information disclosure in other Matrix implementations such as Element. We note that Matrix maintains a hall of fame regarding the investigative work into Matrix security vulnerabilities.
The clients are user applications that connect to a Matrix server via the client-server API, which allows clients to perform actions such as sending messages, control rooms, or synchronize the conversation history. We remind that in Phase 1 we implemented an OCaml-CI client, which communicates with the Matrix unikernel via the client-server API provided here. We tested the integration of the OCaml-CI communication with both Synapse and the OCaml Matrix server. Regarding the GDPR requirements, we note that the Matrix unikernel supports a client authentication mechanism based on user name identification and password, according to the Matrix specification for authentication mechanisms.
The Matrix rooms define the notion of location where users can interact by sending and receiving events. The users that are present in a room will receive the events according to their access rights characteristics. The Matrix federation maintains room data structures representing the state of the room and messages. The state data comprises the (unique) room id, the list of servers accessing the room and the list of clients who are members to a room. The message data describes communication activities such as instant messages, video/audio call setups, or file transfers, which are implemented using secured channels. We note that we follow the Matrix specification for Room Version 6 (out of 7 versions). For now we implement in the OCaml Matrix server only access to public rooms, which does not require the end-to-end encryption protocol. Nevertheless, we define support for encrypted communication via the Key module and we note that most of the encryption algorithms used by the end-to-end encryption protocol are available to be used in Mirage unikernels via the mirage-crypto library.
The events are sorted via two types of relations: topological and stream ordering. The topological ordering takes into account a timestamp related ordering where the most recent in time events are previous events candidates for the next event to be sent. The state of the room at a given timestamp is calculated by considering all events preceding the timestamp and a conflict resolution algorithm is used for data racing, when events apply to the same state of a room. Our implementation of the conflict resolution algorithm adapts the standard conflict resolution by reasoning upon a list structure instead of a directed acyclic graph as in the specification. This slight deviation from the specification is not relevant for the moment but we plan to rectify it and follow the specification to the letter.
Setting the OCaml Matrix server into the unikernel format transforms it into a library operating system, which provides the infrastructure for the development of secure and high-performance code that is deployed as an operating system driver. The process of production deployment also ensures that the Matrix server unikernel is compatible with various platforms where the Matrix server can run in isolation, as such increasing the security level of the Matrix server.
The unikernel format of the Matrix server is not completed and we plan this as the next step of work. We also consider as additional contexts for the future of the Matrix server unikernel to develop the feature of user access to private rooms with end-to-end encryption and more authentication methods that follow the Matrix specification and the GDPR recommendations.