Want to create an interactive transcript for this episode?
Podcast: Chaos Computer Club - recent audio-only feed
Episode: Eventually Consistent Access Control: Practical Insights on Matrix from Decentralized Systems Theory (matrix-conf-2025)
Description: Access control is the core of any system's security, but usually provided by a single, centralized server. However, access control in a Matrix room is decentralized: every participating server *independently* decides *who* is authorized to send and receive *which* events, without consulting any other server. To the surprise of many, these decisions are still *eventually* consistent even if all but one server is malicious, but seeing *why* requires a new way of thinking about access control. I will explain the necessary design patterns from decentralized systems science, and show how they can be weaved together for a practical explanation of...