E2EE disabling plugin for Synapse

Related tags

Cryptographymatrix_encryption_disabler
Overview

E2EE disabling plugin for Synapse

This Pluggable Module disables end-to-end encryption in a self-hosted Synapse servers. It works by stripping out requests for encryption from newly created rooms, patching power levels to prevent users from enabling encryption and additionally filtering out events for enabling E2EE on already existing rooms if a user or a room belongs to a configured list of servers.

This logic will work also on federated servers as long as they verify and enforce power levels.

Possible use-cases:

  • A legal requirement to provide auditable chat logs
  • Simplify deployments and operation for private homeservers where users don't care about E2EE and want to avoid issues with device verification, server-backed-up-keys etc.

Once this feature is implemented on Synapse side (https://github.com/matrix-org/synapse/issues/4401) this plugin will become obsolete.

Example config:

Plugin will strip away encryption from newly created rooms. In addition the plugin will filter out events for enabling encryption on room based on the server:

  • deny_encryption_for_users_of: if the event sender is on the server in the list (i.e. @user:example.org)
  • deny_encryption_for_rooms_of: if the room is on the server in the list (i.e. !room:example.org)

In your homeserver.yaml:

modules:
 - module: "matrix_e2ee_filter.EncryptedRoomFilter"
   config:
     deny_encryption_for_users_of: ['example.org']
     deny_encryption_for_rooms_of: ['example.org']

You may also want to add the following to your logging config to debug the plugin:

loggers:
    matrix_e2ee_filter:
        level: INFO

Caveats

This is not bullet-proof, a federated server that doesn't respect power levels may still allow users to enable encryption which will allow 3p users on other servers belonging to federation to freely use e2ee. This will create a divergence in room state and users on the server where this plugin is enabled won't be able to read encrypted messages - from their point of view the room will still be unencrypted.

Owner
Konstantin Sharlaimov
Konstantin Sharlaimov
GitHub Repository
Secure open-source password manager.

aes256_passwd_store This script securely encrypts or decrypts passwords on disk within a custom database file. It also features functionality to retri

14 Nov 15, 2022
Highly decentralized and censorship-resistant way to store key data

Beacon coin Beacon coin is a Chia singelton coin that can store data that needs to be: always available censorship resistant versioned potentially imm

Sebastjan Trepca 24 Oct 04, 2022
This program can encrypt and decrypt your files so that they can no longer be identified.

File_Cryptographer Table of Contents: About the Program Features Requirements Preview Credits Reach Me See Also About the Program: with this program,

Sina.f 6 Nov 20, 2022
A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python.

pyhcrypt A simple and secure password-based encryption & decryption algorithm based on hash functions, implemented solely based on python. Usage Pytho

Hongfei Xu 3 Feb 08, 2022
Microllect - Fully automated btc wallet hack,using advanced protocols

Microllect - Fully automated btc wallet hack,using advanced protocols

Arya kaghazkanani 40 Dec 17, 2022
DCAStack: an Automated Dollar Cost Averaging Bot for Your Crypto

Welcome to DCA Stack! An Automated Dollar Cost Averaging Bot For Your Crypto Web

0 Sep 03, 2022
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Ubuntu

Google 12.9k Jan 05, 2023
Vaulty - Encrypt/Decrypt with ChaCha20-Poly1305

Vaulty Encrypt/Decrypt with ChaCha20-Poly1305 Vaulty is an extremely lightweight encryption/decryption tool which uses ChaCha20-Poly1305 to provide 25

Chris Mason 1 Jul 04, 2022
An automated Risk Management Monitor Bot for ByBit cryptocurrencies exchange.

An automated Risk Management Monitor Bot for ByBit cryptocurrencies exchange that forces all open positions to adhere to a specific risk ratio, defined per asset. It supports USDT Perpetual, Inverse

Hadi Aladdin 25 Nov 27, 2022
Algorand-app - This tutorial is designed to get you started with Algorand development in a step by step process

Getting Started This tutorial is designed to get you started with Algorand devel

Connor 1 Jan 06, 2022
Vhost password decrypt for python

vhost_password_decrypt Where is symkey.dat Windows:C:\ProgramData\VMware\vCenterServer\cfg\vmware-vpx\ssl\symkey.dat Linux:/etc/vmware-vpx/ssl/symkey.

Jing Ling 152 Dec 22, 2022
Simple encryption/decryption utility using Pycryptodome module. Working with AES and RSA algorithms.

EncypherUtil Simple encryption/decryption utility using PyCryptodome module. Working with AES and RSA algorithms. THIS UTILITY IS NOT LICENSED AS CRYP

Egor Yakubovich 0 Jun 14, 2022
Bombcrypto-robot - Python bot to automate BombCrypto game. Updated 01.02.2022

About: This is an open-source bot, the code is open for anyone to see, fork and

LarkoPa 120 Apr 15, 2022
Accounting Cycle Program with Blockchain Component

In the first iteration of my accounting cycle program, I talked about adding in a blockchain component that allows the user to verify the inegrity of

J. Brandon Walker 1 Nov 29, 2021
A Python implementation of CWT/COSE.

Python CWT - A Python implementation of CWT/COSE Python CWT is a CBOR Web Token (CWT) and CBOR Object Signing and Encryption (COSE) implementation com

Ajitomi Daisuke 13 Dec 14, 2022
PytoPrice is an automation program to fetch the latest price of a cryptocurrency of your choice at a user-customizable update interval.

PyToPrice (Python Crypto Price) PytoPrice is an automation program to fetch the latest price of a cryptocurrency of your choice at a user-customizable

Peter 1 Jun 16, 2022
😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations.

👑 Shining 😈 Shining is a tool that enables engineers to remotely pull smart contract code in multi-file situations. Shining is the name of one of my

xxxeyJ 15 Jun 17, 2022
s-pass is a program that creates strong passwords and then encrypts the password and saves it to a file. To see the encrypted password, execute the decrypt.py file and paste the password in the txt file into the incoming question.

s-pass v1.1 s-pass is a program that creates strong passwords and then encrypts the password and saves it to a file. To see the encrypted password, ex

Alpkunt 9 Sep 09, 2022
An extreme encryption for everyone, encrypt your text before sending to anyone.

An extreme encryption for everyone, encrypt your text before sending to anyone. Alphabets and numbers are going to be encrypted like a hell

Saad 6 Oct 28, 2022
High Performance Blockchain Deserializer

bitcoin_explorer is an efficient library for reading bitcoin-core binary blockchain file as a database (utilising multi-threading).

Congyu 2 Dec 28, 2021