Behind Console’s design — there’s a brain. This brain, or “chat API”, makes decisions on data storage and privacy. For the past year at Console, we've been in pursuit of a chat API that respects user privacy, and that can eventually decentralize over time. If you look at the landscape of chat APIs today you’ll see countless options: Twilio, XMTP, Nostr, PubNub, SendBird, etc.
After a great deal of research and experimentation we chose Matrix.org. In this piece, I’ll share why we moved to Matrix, as well as what we learned along the way. I’m grateful to any community that decides to come build on Console, and so it’s important to me to be as transparent as possible about both our technology, as well as our decisions around how we made certain decisions. 🧑🏻💻
What is Matrix? 👀
Matrix is an open source chat standard with more than 80 million users. Because Matrix works behind the scenes, you may be using a Matrix-powered app, but not even know it.
In fact, many government agencies have built their chat infrastructure on Matrix, including: the German Bundeswehr, U.S. Navy, Space Force, the U.S. Marines and NATO. Matthew Hodgson, co-founder of Matrix, told me that governments trust Matrix because they need to be assured they have “full control over their own communication.” Matrix is open source, which means that anyone is free to use Matrix to build chat functionality.
What does Matrix do for Console? ✔️
- Matrix enables end-to-end encryption (E2EE — the Signal Protocol) for all Console users. When we roll out E2EE in August, it will be by default for all DMs, group DMs and private channels.
- Matrix brings extra security to Console with an tried and tested by millions of users.
- Matrix’s SDK includes infrastructure to support global DMs, threads, audio channels, video channels, and more.
The Move from PubNub to Matrix 🖤
In May of 2022, we had originally chosen PubNub as our chat API. Why? After reviewing PubNub’s documentation, as well as meeting with their team, it seemed like PubNub would be the easiest solution for building a quick and dirty prototype of Console. We launched the first Console demo in October of 2022. PubNub did make our lives easy (at first). But by December 2022, we had learned a great deal about PubNub’s limitations for security and privacy and began looking for a better solution.
PubNub vs. Matrix
PubNub had four issues that Matrix solved:
1. User privacy — PubNub doesn’t offer end-to-end encryption (E2EE). With E2EE, messages are encrypted by the client. Your messages are stored on our servers, but because only you have the key, only you can read your messages. Without E2EE assume that your chat data can be read by any developer working on building that app. Furthermore, the centralized company can shut you down, or hand over “private” personal data to the government or third-parties without your consent.
This happens more than you think. In 2016 Steve Huffman, Reddit CEO, was able to edit user comments that he felt were insulting to him. In 2022, Facebook handed over 41 year old Jessica Burgess and her daughter’s Facebook Messenger’s chat history to Nebraska law enforcement in order to investigate an alleged illegal abortion.
PubNub doesn’t offer native E2EE. They use a third-party cloud provider Virgil Security. After reviewing Virgil Security, we concluded that it would cost us more time and money to plug-in Virgil. In addition, we wanted to support open source code, and didn’t see Vigil as being scalable with our longer-term mission.
Matrix was the best choice for implementing E2EE on Console. Matrix offers one of the highest levels of cryptographic encryption: Signal Protocol (aka. double ratchet). Matrix implements double ratchet through the Matrix olm library.
2. Improved Security — In December 2022, our security CISO reviewed our PuNub implementations. They strongly suggested moving from PubNub to Matrix in order to dramatically reduce security concerns moving forward. Why? Matrix is an SDK with components that millions of people have tested, whereas with PubNub, we had to write a lot of code implementations ourselves. New code increases our potential surface area for attacks — therefore, we felt Matrix would be a more secure solution as we evolved our chat features.
3. Speed — Matrix helped us ship new features faster. If you’ve ever done some coding then it might resonate when I say that PubNub is like Ruby, whereas Matrix is like Ruby on Rails.
4. Decentralization — Matrix offers Console the ability to allow communities to run their own servers. In the current build of Console, running your own Matrix server isn’t possible. Although in the future we plan to allow communities, enterprise clients, and individuals the ability to tap into Matrix’s decentralized network. 🌐
What about XMTP?
XMTP today does not have group chat, it is only available for 1on1 DMs. XMTP just launched in 2021, and has a lot of promise. But I think the protocol is still too new for Console.
What about Nostr?
The Console team has been busy learning about Nostr. Talha on our team helped build NostrChat.io. 🌟 NostrChat is a Nostr fork of Console’s UI. What we found is that NostrChat works especially well for public group chats, and private DMs. But there are limitations with NostrChat regarding managing spam, private keys, push notifications, media, and a short list of tooling. To be sure, all of these concerns are works in progress and I’m very confident in the future of Nostr. Using Nostr with Console seems to be more a question of timing in the future.
Why not decentralize everything? 👀
A: In 2023, a 100% decentralized tech stack doesn’t exist. Or if it exists, it’s not scalable to millions of users. 😔
Equally as important than decentralization will be composability, and we plan to work with web3 apps and other protocols to help develop an ecosystem of apps that can communicate with each other. We believe Matrix Bridges already connect Matrix to Discord, Telegram, Signal, WhatsApp, Mastadon and more. In the future, we may leverage Matrix Bridges to connect with XMTP, Nostr and other ecosystems.
The Future for Console
As Console and Web3 mature we’re committed to continuously upgrading our tech stack.
Today on Console, you own your identity. If Console were to disappear one day, you’d still be able to connect with your network because your identity is your wallet, and your on-chain identity.
We support tech solutions that support our three principles: decentralization, privacy, and transparency. 🔮 And as we evolve, Console will progressively decentralize — and progressively move towards those goals. Nostr is poised to become a powerful force in decentralized media. it's just not quite ready for where we are with Console. It’s possible that in 1-2 years we’ll integrate Nostr into Console. Decentralization will take some time. ⌚️
The future is very bright with possibilities. 🌞In the meantime, I’m happy to celebrate our accomplishments this year: Launching Matrix for Console users. Next steps for Summer 2023: Signal E2EE. 😎
Not on Console yet? Join Console now. 💬