MSC3998: Add timestamp massaging to /join and /knock
#3998
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,106 @@ | ||
| # MSC3998: Add timestamp massaging to `/join` and `/knock` | ||
|
There was a problem hiding this comment. It's not entirely clear to me why There was a problem hiding this comment. They need timestamp massaging for different reasons and alternatives vary. I think it makes more sense to split them up but it does make sense to keep the bigger picture in mind. |
||
|
|
||
| As mentioned in the original | ||
| [MSC3316](https://github.com/matrix-org/matrix-spec-proposals/pull/3316) for timestamp | ||
| massaging, | ||
|
|
||
| > We consciously don't support the `ts` parameter on the various helper | ||
| > syntactic-sugar APIs like `/kick` and `/ban`. If a bridge/bot is smart enough to | ||
| > be faking history, it is already in the business of dealing with raw events, | ||
| > and should not be using the syntactic sugar APIs. | ||
|
|
||
| While it's possible to mimic a join/invite/knock for a room that the server already | ||
| knows about, this falls apart for a federated action for a room that the server doesn't | ||
| know about since it's not possible to specify any `via` servers with the `/state` | ||
| endpoint. Currently, if you try with Synapse, it will throw a `404` with the following | ||
| error response body: | ||
|
|
||
| ```json | ||
| { | ||
| "errcode": "M_UNKNOWN", | ||
| "error": "Can't join remote room because no servers that are in the room have been provided." | ||
| } | ||
| ``` | ||
|
|
||
| When writing end-to-end tests, it's useful to have your room appear as though it was | ||
| created back in time before your messages were sent and to have stable/consistent | ||
| timestamps. If you start using timestamp massaging when sending messages, it can appear | ||
| as though those events occurred before the `m.room.member` events used to join federated | ||
| rooms. We specifically run into this with the [Matrix Public | ||
| Archive](https://github.com/matrix-org/matrix-public-archive/) end-to-end tests. | ||
|
|
||
| In real-life scenarios, practically, this hasn't mattered much for content because the | ||
| DAG is ordered topologically and not by timestamp but is a semantic inconsistency that | ||
| is becoming more important with API's like `/timestamp_to_event` which find events by | ||
| their `origin_server_ts`. And makes things tricky for the Matrix Public Archive to | ||
| navigate history by date seamlessly assuming good intentions. | ||
|
Comment on lines
+32
to
+36
There was a problem hiding this comment. Add this context to the MSC: It also mattered to us in real life with historical Gitter rooms where we imported history and ran into these messy client issues: |
||
|
|
||
|
|
||
| ## Proposal | ||
|
|
||
| Add timestamp massaging to the `/join` and `/knock` endpoints to be able to override the | ||
| `origin_server_ts` of sent events. We do this by adding a `ts` querystring parameter | ||
| that specifies the value to apply to `origin_server_ts` on the event (UNIX epoch | ||
| milliseconds). | ||
|
|
||
| - `POST /_matrix/client/v3/join/{roomId}?ts=123` | ||
| - `POST /_matrix/client/v3/knock/{roomIdOrAlias}?ts=123` | ||
|
|
||
| This functionality is restricted to the application service (AS) API to be consistent | ||
| with [MSC3316](https://github.com/matrix-org/matrix-spec-proposals/pull/3316). There | ||
| could be future considerations to opening this up to any client as it's kinda arbitrary | ||
| to restrict it this way and just seems like friction to try to get only people with good | ||
| intentions using it. | ||
|
|
||
| --- | ||
|
|
||
| Also related: [MSC3997](https://github.com/matrix-org/matrix-spec-proposals/pull/3997) | ||
MadLittleMods marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| proposes adding a `ts` querystring parameter to the `/createRoom` endpoint but for | ||
| different reasons. | ||
|
|
||
|
|
||
| ## Potential issues | ||
|
|
||
| *None surmised so far* | ||
|
|
||
|
|
||
| ## Alternatives | ||
|
|
||
| We could alternatively add `via` server parameters to the `/send` and `/state` endpoints | ||
| so the server knows how to find the room in question. | ||
|
|
||
|
|
||
| ## Security considerations | ||
|
|
||
| Timestamps should already be considered untrusted over federation, and application | ||
| services are trusted server components, so allowing appservices to override timestamps | ||
| does not create any new security considerations. | ||
|
|
||
|
|
||
| ## Unstable prefix | ||
|
|
||
| While this feature is in development, the `ts` querystring parameter can be used as | ||
| `org.matrix.msc3998.ts` | ||
|
|
||
| ### While the MSC is unstable | ||
|
|
||
| During this period, to detect server support clients should check for the presence of | ||
| the `org.matrix.msc3998` flag in `unstable_features` on `/versions`. Clients are also | ||
| required to use the unstable prefixes (see [unstable prefix](#unstable-prefix)) during | ||
| this time. | ||
|
|
||
| ### Once the MSC is merged but not in a spec version | ||
|
|
||
| Once this MSC is merged, but is not yet part of the spec, clients should rely on the | ||
| presence of the `org.matrix.msc3998.stable` flag in `unstable_features` to determine | ||
| server support. If the flag is present, clients are required to use stable prefixes (see | ||
| [unstable prefix](#unstable-prefix)). | ||
|
|
||
| ### Once the MSC is in a spec version | ||
|
|
||
| Once this MSC becomes a part of a spec version, clients should rely on the presence of | ||
| the spec version, that supports the MSC, in `versions` on `/versions`, to determine | ||
| support. Servers are encouraged to keep the `org.matrix.msc3998.stable` flag around for | ||
| a reasonable amount of time to help smooth over the transition for clients. "Reasonable" | ||
| is intentionally left as an implementation detail, however the MSC process currently | ||
| recommends *at most* 2 months from the date of spec release. | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cc @ara4n as the original
?tsproposer from the old version of MSC2716cc @tulir as an interested party in timestamp massaging (author of MSC3316 and one of the main consumers of the
?tsAPI)