E2EE disabling plugin for Synapse

Related tags

Cryptographymatrix_encryption_disabler
Overview

E2EE disabling plugin for Synapse

This Pluggable Module disables end-to-end encryption in a self-hosted Synapse servers. It works by stripping out requests for encryption from newly created rooms, patching power levels to prevent users from enabling encryption and additionally filtering out events for enabling E2EE on already existing rooms if a user or a room belongs to a configured list of servers.

This logic will work also on federated servers as long as they verify and enforce power levels.

Possible use-cases:

  • A legal requirement to provide auditable chat logs
  • Simplify deployments and operation for private homeservers where users don't care about E2EE and want to avoid issues with device verification, server-backed-up-keys etc.

Once this feature is implemented on Synapse side (https://github.com/matrix-org/synapse/issues/4401) this plugin will become obsolete.

Example config:

Plugin will strip away encryption from newly created rooms. In addition the plugin will filter out events for enabling encryption on room based on the server:

  • deny_encryption_for_users_of: if the event sender is on the server in the list (i.e. @user:example.org)
  • deny_encryption_for_rooms_of: if the room is on the server in the list (i.e. !room:example.org)

In your homeserver.yaml:

modules:
 - module: "matrix_e2ee_filter.EncryptedRoomFilter"
   config:
     deny_encryption_for_users_of: ['example.org']
     deny_encryption_for_rooms_of: ['example.org']

You may also want to add the following to your logging config to debug the plugin:

loggers:
    matrix_e2ee_filter:
        level: INFO

Caveats

This is not bullet-proof, a federated server that doesn't respect power levels may still allow users to enable encryption which will allow 3p users on other servers belonging to federation to freely use e2ee. This will create a divergence in room state and users on the server where this plugin is enabled won't be able to read encrypted messages - from their point of view the room will still be unencrypted.

Owner
Konstantin Sharlaimov
Konstantin Sharlaimov
GitHub Repository
Ethereum ETL lets you convert blockchain data into convenient formats like CSVs and relational databases.

Python scripts for ETL (extract, transform and load) jobs for Ethereum blocks, transactions, ERC20 / ERC721 tokens, transfers, receipts, logs, contracts, internal transactions.

Blockchain ETL 2.3k Jan 01, 2023
Encrypt your code without a worry. Stark utilizes the base64, hashlib and Crypto lib to encrypt your code which cannot be decrypted with any online tools.

Stark Encrypt your code without a worry. Stark utilizes the base64, hashlib and Crypto lib to encrypt your code which cannot be decrypted with any onl

cliphd 3 Sep 10, 2021
Bit is Python's fastest Bitcoin library and was designed from the beginning to feel intuitive, be effortless to use, and have readable source code.

Bit is Python's fastest Bitcoin library and was designed from the beginning to feel intuitive, be effortless to use, and have readable source code.

Ofek Lev 1.1k Jan 02, 2023
Simple crypto & blockchain implementation written in Python

JaamoCoin - simple Python blockchain example This is a very simple blockchain example written in Python. Based on this tutorial: https://medium.com/co

Jaakko Alajoki 1 Jan 07, 2022
Python based project to pull useful account statistics from the Algorand block chain.

PlanetWatchStats Python based project to pull useful account statistics from the Algorand block chain. Setup pip install -r requirements.txt Run pytho

M0x40 1 Jan 27, 2022
A self-contained cryptographic library for Python

PyCryptodome PyCryptodome is a self-contained Python package of low-level cryptographic primitives. It supports Python 2.7, Python 3.4 and newer, and

Helder Eijs 2.2k Jan 08, 2023
基于python的一款 加解密工具

基于python的一款 加解密工具 加密: SHA序列: sha1 , sha2 , sha224 , sha256 , sha384 , sha512 , sha512-256 , sha3-224 , sha3-256 , sha3-384 , sha3-512 MD序列: md4 , md5

3 May 05, 2022
Blockchain online Voting System

decentralized-voting-system A decentralized voting system where a user can walk into a government authorized center (Ex- banks, telecom companies etc.

Mahima Arora 1 Dec 28, 2021
A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

A Python library to wrap age and minisign to provide key management, encryption/decryption and signing/verification functionality.

Vinay Sajip 3 Feb 01, 2022
Bitcoin & Lightning Container Manager for facilitating development tools

Torch-cli Bitcoin & Lightning Container Manager for facilitating development too

Gray Finance 3 Aug 22, 2022
An Etebase (EteSync 2.0) server so you can run your own.

Etebase - Encrypt Everything An Etebase (EteSync 2.0) server so you can run your own. Installation Requirements Etebase requires Python 3.7 or newer a

EteSync & Etebase 1.2k Dec 31, 2022
The (Python-based) mining software required for the Game Boy mining project.

The (Python-based) mining software required for the Game Boy mining project.

Ghidra Ninja 31 Nov 04, 2022
Dicoding Machine Learning for Expert Submission 1 - Predictive Analytics

Laporan Proyek Machine Learning - Azhar Rizki Zulma Domain Proyek Domain proyek yang dipilih dalam proyek machine learning ini adalah mengenai keuanga

Azhar Rizki Zulma 6 Jul 23, 2022
PeGuard - Windows PE crypter and packing utility

PEGUARD PEGUARD is a file crypter and packing utility. This project was original

11 Nov 28, 2022
Atomkraft - Lightweight e2e testing for cosmos blockchains

Atomkraft End-to-end testing of Cosmos blockchains should be easy and reproducib

Informal Systems 57 Dec 16, 2022
This is a Sharding Simulator to study blockchain scalability

Sharding Simulator This is a Sharding Simulator to study blockchain scalability. How to run on Ubuntu First make sure you have the header file for Pyt

1 Jan 23, 2022
This is a simple Bitcoin non-deterministic wallet address generator coded in Python 3.

This is a simple Bitcoin non-deterministic wallet address generator coded in Python 3. It generates a Private Key in different formats (hex, wif and compressed wif) and corresponding Public Addresses

7 Dec 22, 2022
A simple script useful to switch from Dashlane to Bitwarden by converting the password file to the right format.

A simple script useful to switch from Dashlane to Bitwarden by converting the password file to the right format.

3 May 06, 2022
A crypto bot that checks the price movement in the markets and creates buy and sell signals

Booter bot Purpose The purpose of this bot is to check the price fluctuations in a given market in binance and create the idealistic signals based on

2 Oct 09, 2022
A hybrid(AES + RSA) encryptor in python.

python-file-encryptor A hybrid(AES + RSA) encryptor in python. Tasted on Windows and Linux(Kali). Install Requirements Use the package manager pip to

Alireza Kalhor 8 Jun 24, 2022