| 22 May 2025 |
 uep | *
If possible, the power levels in the old room should also be modified to prevent sending of events and inviting new users. For example, setting events_default and invite to the greater of 50 and users_default + 1.
| 06:57:28 |
| uep | but in this case it seemingly didn't replicate fully, just like the tombstone itself | 06:57:59 |
| uep | and of course, tombstones are just events that clients have to process | 06:58:15 |
| uep | basically a 302 | 06:58:34 |
 Zhaofeng Li | all glitches in the matrix 🙃 | 06:58:45 |
| Zhaofeng Li | btw it looks like events that violate power restrictions are treated as "soft failures"
https://spec.matrix.org/v1.9/server-server-api/#soft-failure | 06:59:22 |
| Zhaofeng Li | so... DoS opportunities? | 06:59:39 |
 Cat | Depends on how they violate powerlevel restrictions. | 07:00:15 |
 K900 | Not any more than spamming any normal PDU | 07:00:24 |
| uep | yeah, there's also a feed for those | 07:00:25 |
| Cat | Because soft failure is only for events that COULD be legal. | 07:00:28 |
|  sefidel joined the room. | 07:00:28 |
| Cat | if they are not legal in any universe then they should hard fail as far as i know. | 07:00:48 |
|  jopejoe1 (4094@epvpn) joined the room. | 07:01:20 |
| Cat | But yes spamming and running into softfailure is indeed a strategy that is employed. | 07:01:41 |
| uep | it came up in the context of the mod bot banning users as well as issuing redacts for image spam etc. If it bans too quickly, its homeserver doesn't send it more events from the banned user, and so the bot never sends redactions to delete some of the images because it never sees them. | 07:02:05 |
| uep | there's some additional integration it can have with the server to get reports of these soft failures and redact those too | 07:02:34 |
| Cat | oh ye thats a known problem. | 07:02:51 |
| Cat | And sadly the whole problem sucks. | 07:02:58 |
| uep | just basic dist sys race condition things | 07:03:06 |
| Cat | Tho soft failure access for the moderation bots is probably going to be made official in Synapse. | 07:03:33 |
| Zhaofeng Li |
get reports of these soft failures and redact those too
interesting, but redacting will still take up storage, right?
| 07:03:38 |
| Zhaofeng Li | *
get reports of these soft failures and redact those too
interesting, but redacting will still take up storage, right?
| 07:03:53 |
| Cat | depending on the size of the original event it will take up less storage. | 07:04:03 |
| uep | event storage, yeah. | 07:04:38 |
| uep | image cache storage is of course an entirely separate problem and there's no garbage collection there | 07:04:58 |
| Zhaofeng Li | that sucks, so they can still DoS, just more slowly | 07:05:11 |
| Cat | Thats where ACL kicks in. | 07:05:26 |
| Cat | ACL can help prevent that problem as ACLs dont give a shit about DAG level matters they act as network level blocks now ofc the ACLs have to be enforced by everyone or else they can leak and well current tooling for spotting leaks sucks as it is close to non existent. | 07:06:31 |
| Zhaofeng Li |
the ACLs have to be enforced by everyone
but now there's no built-in "block together"-like mechanism, right?
| 07:08:19 |
