I did want to point out that Matrix does do distributed eventually-consistent authorization, which is their key invention IMHO. (Rooms are distributed among the homeservers, none of which are privileged over the others. You could (and their long-term plan from back in the day) was to run a tiny little single-device homeserver on every device to achieve P2P.)
It's tricky, but a very cool algorithm! Several entities (including myself as a hobby project) are working in combining the Matrix eventually-consistent CRDT with MLS for encryption for a no-compromise distributed E2EE system. It's possible, but very hard, as you might imagine.
Edit: Here's one academic paper writing up the abstract algorithm behind Matrix https://dl.acm.org/doi/10.1145/3381991.3395399
In other words, show the kick/invite options to users when it does happen, but destroy and create a new group behind the scenes.
Being serverless is cool and all, but what makes it worth all the extra complexity and effort?
To me the future of decentralized group chats is focused on what's missing from platforms like WhatsApp, Telegram and WeChat: - Verifiable Sender and Conversation Privacy - Censorship Resistance / Permission-less operation - User ownership of their own messaging (no application lock-in) - Harvest Now, Decrypt Later (HNDL) protections
While maintaining a similar feature set: - Efficient scalable groups - Recovery from compromised/stolen devices - Accessible UX for non-technical users
All design work is managing trade offs, however this approach appears to make some serious concessions:
Sender & Social Graph Privacy: Queries in a DHT (like Kademlia) bind the requested key to the requester's IP/Node ID. This would allow the network to be able to reconstruct the social graph, and unmask group membership by associating who is querying for who.
Compromise Recovery: Users are unable to rotate their own keys without the creator being online. In the event a device/account is compromised, a user has no mechanism to stop attackers from posting messages on their behalf.
Additionally with the group size limits, lack of forward secrecy/post compromise security -
My question is, what makes this particular path worth it?
https://github.com/simplex-chat/simplex-chat/blob/stable/doc...
Key Agreement for Decentralized Secure Group Messaging with Strong Security Guarantees [0]