Here I'll point out that Matrix had audits commissioned prior to this research as well. Audits are a good thing, but one reason the previous audits didn't hit on this stuff is that the scope of the audit was sharply limited.

Totally agreed. We didn’t have the $ to do more than libolm at first, and then we did vodozemac in May. That one was the first of 4 planned audits, the rest of which go up the rest of the stack (respectively matrix-rust-sdk-crypto, matrix-rust-sdk, and then end-to-end across the whole stack). It is very frustrating we couldn’t do the rest of the stack sooner - and this hopefully explains why we are consolidating on matrix-rust-sdk prior to getting it audited.

Ironically, the drama over this paper is now putting funding for the other audits at risk, however - as who wants to fund a project with a bunch of loud infosec folks declaring it shit?

> Ironically, the drama over this paper is now putting funding for the other audits at risk, however - as who wants to fund a project with a bunch of loud infosec folks declaring it shit?

I'm not familiar with how the funding here works - can you describe the process by which audits would be abandoned as a result of internet commentary? Who is threatening to withhold funding for future audits? From my outsider's perspective, that would seem like _incredibly_ poor decision-making on behalf of the Matrix folks.

The process is:

* Audits cost $$$K

* The Matrix project doesn’t have pots of money sitting around to spend on audits. We get around $8K/month of donations on Patreon, which currently doesn’t even cover the running costs of matrix.org.

* Therefore, to get an audit done, we need to find a someone who is so excited about Matrix that they’ll fund it. For instance, the most recent audit was funded by Gematik, the German healthcare interoperability agency.

* However, the reason that folks like this get excited about Matrix is because they want a secure decentralised open communication platform. If the perception of Matrix shifts that its security is “killed dead” or other such hyperbole due to the infosec community reacting to the overclaims in the paper, then it obviously undermines that interest in Matrix. Who wants to use a protocol whose security is declared dead by cryptographers? And so who would want burn money funding audits?

This may sound dramatic, but unfortunately it’s really how it works. Just as academic papers rely on presenting the most dramatic interpretation to get attention and boost their visibility and help them get funding… similarly, open source projects get disproportionately harmed by dramatic overclaims.

It would behoove you to stop saying that the paper "overclaims" things. Maybe you believe I've "overclaimed" things, by saying that the paper killed your protocol as dead as TLS 1.0. I stand by that argument, but the paper's authors made no such claim. It's a dry, detailed, factual paper that just happens to rattle off a bunch of vulnerabilities both in your protocol and in Element's implementation of it.

Thank you for the clarification! Appreciate the candor here re: Element not being able to afford audits on its own. I get now why you might perceive commentary about security research as an existential threat.

For whatever it's worth, the specific thing you're doing with calling the discussion hyperbole and "overclaims" makes it harder for me to take you seriously.

Element is a client, matrix is a protocol

I don't really know where you get off on telling people you don't take them seriously

Can't Element (the company) fund audits?

Element doesn't have the $, thanks to footing the bill for most (90%+) of the core Matrix work on behalf of the rest of the Matrix ecosystem.

Element is probably already footing the bill for the main matrix.org server + they really need to improve their clients, and that is from a users perspective more important than a security audit.

What is the cost of a comprehensive audit?