From 1f8da297998701dcf6d53a181aae28fa8a16030c Mon Sep 17 00:00:00 2001 From: Gnuxie <50846879+Gnuxie@users.noreply.github.com> Date: Wed, 16 Jul 2025 20:35:22 +0100 Subject: [PATCH] Attempt to allow Draupnir to use room V12. (#918) - Updated to matrix-basic-types 1.4.0 which changes the regex validating room ids. - Changed the package override so that all dependencies use matrix-basic-types 1.4.0, including the matrix-protection-suite. - Removed code that tries to store details about discovered rooms in the room takdedown protection. These were unreliable for so many reasons and also are now broken given the room origin cannot be extracted from the room id. Details for why this is can be found in the reviews of matrix-org/matrix-spec-proposals#4291. --- package.json | 4 ++-- src/backingstore/better-sqlite3/HashStore.ts | 4 +--- src/protections/RoomTakedown/DiscoveredRoomStore.ts | 4 ++-- test/unit/stores/hashStoreTest.ts | 13 +++++++++++++ yarn.lock | 8 ++++---- 5 files changed, 22 insertions(+), 11 deletions(-) diff --git a/package.json b/package.json index cd91cac..eeeb5f3 100644 --- a/package.json +++ b/package.json @@ -52,7 +52,7 @@ "@sentry/node": "^7.17.2", "@sinclair/typebox": "0.34.13", "@the-draupnir-project/interface-manager": "4.1.0", - "@the-draupnir-project/matrix-basic-types": "1.3.0", + "@the-draupnir-project/matrix-basic-types": "1.4.0", "@the-draupnir-project/mps-interface-adaptor": "^0.4.1", "better-sqlite3": "^9.4.3", "body-parser": "^1.20.2", @@ -71,7 +71,7 @@ "overrides": { "matrix-bot-sdk": "$@vector-im/matrix-bot-sdk", "@vector-im/matrix-bot-sdk": "npm:@vector-im/matrix-bot-sdk@^0.7.1-element.6", - "@the-draupnir-project/matrix-basic-types": "@the-draupnir-project/matrix-basic-types@1.2.0", + "@the-draupnir-project/matrix-basic-types": "$the-draupnir-project/matrix-basic-types", "matrix-protection-suite": "$matrix-protection-suite" }, "engines": { diff --git a/src/backingstore/better-sqlite3/HashStore.ts b/src/backingstore/better-sqlite3/HashStore.ts index 5f081d7..d294f24 100644 --- a/src/backingstore/better-sqlite3/HashStore.ts +++ b/src/backingstore/better-sqlite3/HashStore.ts @@ -9,7 +9,6 @@ import { isError, Ok, Result } from "@gnuxie/typescript-result"; import { - roomIDServerName, StringRoomID, StringServerName, StringUserID, @@ -323,8 +322,7 @@ export class SqliteHashReversalStore (room_id: StringRoomID, sha256) => ({ room_id, sha256 }), (roomRecords) => { this.emit("ReversedHashes", roomRecords, [], []); - }, - (roomRecord) => roomIDServerName(roomRecord.room_id) + } ); } diff --git a/src/protections/RoomTakedown/DiscoveredRoomStore.ts b/src/protections/RoomTakedown/DiscoveredRoomStore.ts index a436bc0..6567d19 100644 --- a/src/protections/RoomTakedown/DiscoveredRoomStore.ts +++ b/src/protections/RoomTakedown/DiscoveredRoomStore.ts @@ -4,8 +4,8 @@ import { isError, Ok, Result } from "@gnuxie/typescript-result"; import { - roomIDServerName, StringRoomID, + userServerName, } from "@the-draupnir-project/matrix-basic-types"; import { Logger, @@ -79,7 +79,7 @@ export class StandardDiscoveredRoomStore const storeResult = await this.hashStore.storeRoomIdentification({ creator: details.creator, roomID: details.room_id, - server: roomIDServerName(details.room_id), + server: userServerName(details.creator), }); if (isError(storeResult)) { log.error( diff --git a/test/unit/stores/hashStoreTest.ts b/test/unit/stores/hashStoreTest.ts index 5a3b977..39f849d 100644 --- a/test/unit/stores/hashStoreTest.ts +++ b/test/unit/stores/hashStoreTest.ts @@ -89,6 +89,7 @@ describe("meow", function () { const bannedServer = StringServerName("banned.example.com"); const roomBannedViaServer = StringRoomID("!banned:banned.example.com"); const policyRoom = randomRoomID([]); + const roomCreator = StringUserID("@creator:banned.example.com"); const bannedServerHash = base64sha256(bannedServer); const findResult = (await store.findServerHash(bannedServerHash)).expect( "Should be able to at least query this" @@ -118,6 +119,18 @@ describe("meow", function () { (await store.storeUndiscoveredRooms([roomBannedViaServer])).expect( "Should be able to discover rooms jsut fine" ); + // previously storing an undiscovered room would extract the server name. + // this is no longer possible to do indirectly https://matrix.org/blog/2025/07/security-predisclosure/. + ( + await store.storeRoomIdentification({ + roomID: roomBannedViaServer, + creator: roomCreator, + server: bannedServer, + }) + ).expect("Should be able to store identification for the room"); + (await store.storeUndiscoveredUsers([roomCreator])).expect( + "Should be able to store the creator of the room" + ); const foundHash = (await store.findServerHash(bannedServerHash)).expect( "Should be able to now find the server hash from the room we discovered" ); diff --git a/yarn.lock b/yarn.lock index 7e406df..5fadaf0 100644 --- a/yarn.lock +++ b/yarn.lock @@ -319,10 +319,10 @@ "@gnuxie/super-cool-stream" "^0.2.1" "@gnuxie/typescript-result" "^1.0.0" -"@the-draupnir-project/matrix-basic-types@1.3.0": - version "1.3.0" - resolved "https://registry.yarnpkg.com/@the-draupnir-project/matrix-basic-types/-/matrix-basic-types-1.3.0.tgz#02fa9bd75eeed778a57da0844447feca3a4c663c" - integrity sha512-WkUD7cqs9qFr1NQZiJWxa+/1trWrhQqv8SbPxrMLRKv1LMm93ELeguROP470kHNWHrCkVcKmYQVc4uC2Yup+EQ== +"@the-draupnir-project/matrix-basic-types@1.4.0": + version "1.4.0" + resolved "https://registry.yarnpkg.com/@the-draupnir-project/matrix-basic-types/-/matrix-basic-types-1.4.0.tgz#18fcfc7561ad495f4868ef4298131a3e20e7d946" + integrity sha512-nKK9vmAXh87VwaANvlNlUaq/rIu50VcdRXfoPJB99RqY4dt6iXRu/1b8mQJ5rDCK4yun/4IyGexw6FVQAqT58Q== dependencies: "@gnuxie/typescript-result" "^1.0.0" glob-to-regexp "^0.4.1"