| 22 May 2025 |
|  jaywimbie joined the room. | 06:53:08 |
|  MangoIV joined the room. | 06:53:38 |
 Zhaofeng Li | interesting, this is new: https://usercontent.irccloud-cdn.com/file/9nDosRQp/old-room-notification.png | 06:54:02 |
| Zhaofeng Li | so spam opportunities would remain if the old rooms weren't restricted | 06:54:43 |
 uep | the spec does suggest the pl change that was apparently done | 06:57:01 |
| uep |
If possible, the power levels in the old room should also be modified to prevent sending of events and inviting new users. For example, setting events_default and invite to the greater of 50 and users_default + 1.
| 06:57:21 |
| uep | *
If possible, the power levels in the old room should also be modified to prevent sending of events and inviting new users. For example, setting events_default and invite to the greater of 50 and users_default + 1.
| 06:57:28 |
| uep | but in this case it seemingly didn't replicate fully, just like the tombstone itself | 06:57:59 |
| uep | and of course, tombstones are just events that clients have to process | 06:58:15 |
| uep | basically a 302 | 06:58:34 |
| Zhaofeng Li | all glitches in the matrix 🙃 | 06:58:45 |
| Zhaofeng Li | btw it looks like events that violate power restrictions are treated as "soft failures"
https://spec.matrix.org/v1.9/server-server-api/#soft-failure | 06:59:22 |
| Zhaofeng Li | so... DoS opportunities? | 06:59:39 |
 Cat | Depends on how they violate powerlevel restrictions. | 07:00:15 |
 K900 | Not any more than spamming any normal PDU | 07:00:24 |
| uep | yeah, there's also a feed for those | 07:00:25 |
| Cat | Because soft failure is only for events that COULD be legal. | 07:00:28 |
|  sefidel joined the room. | 07:00:28 |
| Cat | if they are not legal in any universe then they should hard fail as far as i know. | 07:00:48 |
|  jopejoe1 (4094@39c3) joined the room. | 07:01:20 |
| Cat | But yes spamming and running into softfailure is indeed a strategy that is employed. | 07:01:41 |
| uep | it came up in the context of the mod bot banning users as well as issuing redacts for image spam etc. If it bans too quickly, its homeserver doesn't send it more events from the banned user, and so the bot never sends redactions to delete some of the images because it never sees them. | 07:02:05 |
| uep | there's some additional integration it can have with the server to get reports of these soft failures and redact those too | 07:02:34 |
| Cat | oh ye thats a known problem. | 07:02:51 |
| Cat | And sadly the whole problem sucks. | 07:02:58 |
| uep | just basic dist sys race condition things | 07:03:06 |
| Cat | Tho soft failure access for the moderation bots is probably going to be made official in Synapse. | 07:03:33 |
| Zhaofeng Li |
get reports of these soft failures and redact those too
interesting, but redacting will still take up storage, right?
| 07:03:38 |
| Zhaofeng Li | *
get reports of these soft failures and redact those too
interesting, but redacting will still take up storage, right?
| 07:03:53 |
| Cat | depending on the size of the original event it will take up less storage. | 07:04:03 |
