| 16 Jul 2025 |
 K900 | If they can talk to A, they'll fetch the keys directly | 20:18:47 |
| K900 | So B and the new server will be on different sides of the split | 20:19:17 |
 Zhaofeng Li | In reply to @k900:0upti.me
Because you need to talk to another server to join a room * let's say the newly-joined homeserver can talk to all homeservers including B and matrix.org (both blocked by A) except for A which is down forever | 20:19:55 |
| K900 | Like fundamentally Matrix room state is not consensus, it's CRDT | 20:21:49 |
| K900 | So different participants seeing different states is expected | 20:22:02 |
| K900 | And ideally everything gets reconciled in the end | 20:22:17 |
| Zhaofeng Li | In reply to @k900:0upti.me
Like fundamentally Matrix room state is not consensus, it's CRDT right, it makes sense, but practically it's... unproductive? | 20:22:37 |
| K900 | It is | 20:23:44 |
| Zhaofeng Li | any participating homeserver can become load-bearing and make the room unusable (for many common use cases) | 20:24:35 |
| K900 | I don't think there's a solution for achieving this that is actually good | 20:24:57 |
| K900 | Any sort of consensus algorithm is susceptible to 51% attacks | 20:25:16 |
| K900 | And CRDTs are susceptible to splits | 20:25:28 |
 @magic_rb:matrix.redalder.org | 51% is a fun one, ive long been fascinates by distributed systems, but any system you come up with which is based on consensus can be taken over by the 51% thing | 20:30:40 |
| K900 | The only thing I can think of is doing some kind of roughtime thing | 20:31:15 |
| @magic_rb:matrix.redalder.org | Roughtime? | 20:31:34 |
| K900 | Where you have an external trusted timing oracle | 20:31:34 |
| K900 | Or five | 20:31:39 |
| @magic_rb:matrix.redalder.org | "Trusted" and "distributed" dont go together :P | 20:31:59 |
| K900 | But that's arguably a single point of failure | 20:32:00 |
| @magic_rb:matrix.redalder.org | (So is matrix.org) | 20:32:12 |
| K900 | In reply to @magic_rb:matrix.redalder.org
Roughtime? https://roughtime.googlesource.com/roughtime | 20:32:13 |
| @magic_rb:matrix.redalder.org | Oh nice, didnt know rhat | 20:33:51 |
| K900 | But you still need to agree on the set of roughtime servers to trust | 20:34:32 |
| K900 | Or include a giant pile of receipts in every state event just in case someone in the federation trusts that particular server | 20:35:21 |
| @magic_rb:matrix.redalder.org | Distributed systems are hard :( | 20:38:06 |
 c-x-berger | http://scholar.harvard.edu/files/mickens/files/thesaddestmoment.pdf | 20:38:22 |
| c-x-berger | * for further reading http://scholar.harvard.edu/files/mickens/files/thesaddestmoment.pdf | 20:38:37 |
 emily | https://developers.cloudflare.com/time-services/roughtime/ fwiw | 20:55:30 |
| emily | cloudflare kinda adopted the protocol from google at this point | 20:55:43 |
| emily | they do run a server | 20:55:46 |
