This post is a reply of sorts to two posts:
Drew Devault: The Next Chat App
I've been disconnected from a lot of the mainstream net for a while, and Drew’s post was the first I heard that Signal is getting into cryptocurrency. It was a pretty big disappointment. I've had concerns since the beginning about Signal's centralization and halfhearted relationship to Free Software, but I still use it, and I've still recommended it to people. It's really easy to get people to switch to, because it's a seamless replacement for SMS. At least on Android, you can set Signal as your SMS app, and then there’s no issue of two messaging apps to check, just the one. You message everyone for it, and if they *happen* to be on Signal, you get end-to-end encryption. And I actually like some of the features a lot, especially Signal Stickers. A lot of them are just ports from Telegram, but that’s great, actually. It’s easy to add sticker sets, both from a website, and from friends. All that said, my experience with cryptocurrencies is that anything even *adjacent* to cryptocurrency is a scam, which means that I can't trust Signal anymore.
Drew mentions Matrix as an alternative, and Ben mentions XMPP. I’d like to share my experience with both of these for a bit.
Drew notes that Matrix has most of the qualities that the Next Chat App should have, but that it's slow, over-complex, and de-facto centralized, because though you can run your own server, everyone uses matrix.org.
I run my own Matrix homeserver, and my main group chat with friends is on a Matrix room. I don't really see any problem with performance on the client side, and I like that even with an end-to-end encrypted room, everything works both on desktop and mobile. For decentralized chat, it is remarkably trouble-free.
One feature that Drew didn't mention is that ’rooms’ are fully decentralized – they may have a name attached to a server (like #geminiprotocol:matrix.org), but it doesn't actually *depend* on that server. Messages are actually propagated to every server that has a user in the conversation. So if I host a room on my homeserver, and my homeserver goes down, all of the people in the chat who have accounts on different servers are able to keep chatting with each other – just not with me.
So, what are the downsides? The biggest issue for me is that the complexity of the Matrix protocol, especially key exchange for e2e, means that there is effectively only one completely full-featured client: Element (whether for desktop or mobile). Most third-party clients don’t support end-to-end encryption, and the ones that do (shout out to Gomuks) don’t support the key-sharing that is necessary for multi-device.
There's also effectively only one server implementation: synapse, which is well-known for using a ton of RAM, and is one of the big reasons that people use matrix.org instead of running their own homeservers. There is a lighter, faster implementation coming from the project itself (dendrite), but it’s not fully compatible or feature-complete yet. As far as I can tell, there are about four independent server implementations, but none of them are fully compatible or feature complete, meaning we're in the same situation as with clients.
Some features beyond the main chat features involve some kind of centralization: you can run your own identity server (optionally maps matrix IDs to emails or phone numbers) or integrations server (adds features like stickers), but in practice, you’ll need to use matrix.org’s.
The standard client, Element, is *okay*. It supports direct and group chats, e2e by default, and usual niceties like emoji reactions to messages. There’s *nominal* sticker support, but you can only use the sticker packs installed on your integrations server, and users can’t add any. The available sticker packs on matrix.org are mostly awful, some are mediocre. I know most people don’t care about stickers, but they’re a feature I like.
XMPP has been around for a long time, and that makes a lot of people think of it as outdated. But it was extensible from the beginning, and if your client and server support the correct extensions, XMPP supports all of the features you expect from a modern chat app. I also run my own XMPP server, and use it for some group chats, but also for instant messaging within my family.
XMPP doesn't support end-to-end encryption by default, but there are several ways of doing e2e over XMPP, each with their own limitations. The newest, OMEMO, uses the same encryption protocol as Signal (Matrix does as well, more or less). This requires support from the client.
There are several good server implementations. I've found the easiest to work with is Prosody, though some others may be higher performance for large installations. I wrote a blog post a couple of years ago about configuring Prosody with all the extensions it needs for a modern chat experience:
There are very many XMPP clients available for all operating systems, but not that many that support all of the extensions needed for a modern experience. There’s basically one good mobile client (Conversations), with a number of derivatives. There are a couple of good desktop clients: gajim is cross-platform and full-featured, but with a complex and old-fashioned UI, and Dino is more modern, but also more bare-boned. One big issue is that none of the iOS clients seem to be that great; Monal and ChatSecure both look good, but they seem to interoperate poorly, though maybe they've improved.
How’s the experience? XMPP is fast, and if everything is set up right, you have pretty much everything you'd expect from a modern chat app. End-to-end encryption works fine – with a caveat I'll get to in a moment. Conversations is slightly bare-bones for a modern chat app, but it's fine. It has everything you need and lacks some of the more frivolous features I enjoy (like emoji reactions and stickers). Multiuser chats are fine, but they do go down if the server they’re hosted on goes down.
My main gripe with XMPP is that it's hard to find a modern client for a lot of platforms. My second gripe with XMPP is that end-to-end encryption really doesn't work if you are using multiple devices. I can start a conversation from Conversations, switch to Dino, and be unable to decrypt messages, both from the person I'm chatting with, and the ones I sent myself. My conversation partner might or might not be able to read the messages I sent from Dino. Basically, everything is good as long as you stick to one client (usually Conversations), or don't use e2ee.
I will note that there’s an experimental XEP for sticker packs, so once Prosody and Conversations both support it, we’ll be golden.
I don’t know. I use both XMPP and Matrix. Matrix seems more coherent and trouble-free, but a lot of that is just because of de-facto centralization. XMPP is in principle simpler, but that doesn't necessarily make the client situation any better.