Today was the coordinated disclosure date for multiple Matrix chat protocol vulnerabilities:

https://matrix.org/blog/2025/08/security-release/

Our #GrapheneOS synapse server has been upgraded to 1.135.2 and now we'll need to upgrade our Matrix chat rooms. Many servers haven't yet upgraded and won't be able to join.

Our plan is to create an entirely new set of Matrix rooms with room version 12 and begin migrating people over to those. Our existing rooms will be kept around for a while because we know many instances are going to take their time updating to the new server software releases.

Our Matrix chat rooms have been repeatedly broken by these protocol bugs. Our General and Offtopic rooms have been replaced 4-5 times. The most recent occurrence was our GrapheneOS Space with over 25000 users breaking. This will all hopefully be in the past after today's fixes.

See https://grapheneos.org/contact#community-chat for more info. Our rooms are bridged across Matrix, Discord, Telegram and IRC. We started on IRC and intended to fully migrate to Matrix. We added Telegram due to the major issues with Matrix and then Discord for ordinary users which is now the most active platform.

Federating with open registration Matrix servers leads to endless raids including people spamming CSAM and gore. Not federating makes it quite useless. A large portion of our Matrix community moved to Discord due to the CSAM spam across Matrix and we don't bridge media from it.

Discord has very good configurable server-side filtering and dramatically better mod tools. Matrix heavily enables abuse through federation and doesn't even support restricting inline media. Matrix also lacks channels within rooms so communities like ours rely on moderation bots.

Discord provides a fantastic user experience and moderation tools but is a closed source platform without end-to-end encryption for direct messages. We would be happiest with an open source, non-federated chat platform we could host ourselves similar to Discord but that time is too late.