jdev - 2025-04-18

i wonder if servers remove also all corrections of a message from MAM when processing moderate/retract requests

would be amazed if they do, but i very much doubt it

its probably hard to search in stanzas for correction elements if they dont parse this out into its own column beforehand

Would make getting the message history hard then

i dont mean remove, i meant replacing with a tombstone

They are supposed to with retract

for the original message yeah, i very much doubt someone thought about corrections

and i assume its hard for a server to find corrections, lots of logic is necessary, you cant just filter for some id

> i dont mean remove, i meant replacing with a tombstone That seems bad so do on an ordinary retract ↺

If a retraction is just "add tombstone on top" won't it take care of message corrections too?

Latest correction would override previous corrections, and in turn be overridden by the tombstone

Oh the server would need to know to remove it all though (from history) if that's thow it's doing it

Visually in a client yes. The question is if the server should be erasing history from mam

Generally I consider mam immutable

Or append only I should say

Don't messages get removed from MAM when moderation takes place?

that's MUC MAM ✏

Ah so you're only talking about direct MAM here

Moderation you need to remove even though it's kinda gross because of the potential for illegal content etc

If you don't remove retracted content from direct MAM, won't it lead to more situations where a "retracted" message is still displayed when a client doesn't support it?

Whereas if we remove it server-side it'd only affect clients that were online at the time of receiving the message (and before the retraction happened)

That's true if the client already got it anyway. And a client may want to provide a menu to show the original content also

So are we aiming for a Fediverse like thing where edit history is always available?

I think different projects have different interests 🙂

I suppose it helps to set expectations, given we can't guarantee someone's client respects retractions ✏

Fair

Indeed. Someone can always modify their client to not respect on purpose anyway and it helps set expectations exactly is my preference personally. Of course other apps will do different things and that's fine

Out of curiousity, if we *did* decide to remove them server side, would it mess up OMEMO to have some messages suddenly missing?

i.e. is OMEMO dependent on order or does it work even if we skip a bunch of messages along the way

order-independent

I see

qy: i disagree

OMEMO uses double-ratchet so i would think the order of messages does matter in that case

because if some messages went missing, the key derivations would be out-of-sync

What if the messages have a serial number so you know how many times to rotate the key in advance even if the other messages haven't come in yet?

(Disclaimer: I have only a very vague understanding of how the algorithm actually works)

Cynthia, omemo can skip messages that is no problem

and also its not "if we decide to remove them", moderated messages *are* replaced by a tombstone, all content of the message is removed by the server

this is as intended by the xep, same goes for retraction, a moderation is just a retraction from the MUC it self with some more metadata, it all is based on the same spec

the only argument i see why servers dont remove corrections is, because its probably technically hard to do.

Moderation and retraction aren't really the same. There is a single retraction tag used as a child in moderation and honestly you could just remove it and nothing would change

I think it's there in case we never invent a second kind of moderation

>> i dont mean remove, i meant replacing with a tombstone > That seems bad so do on an ordinary retract singpolyma: i mean thats what the xep says to do anyway ↺

how are they not the same?

they are technically, exactly the same

the server does the same thing, the client does the same thing

its just the person that issues the retract is not the same person that wrote the message

also, you are kind of wrong about the child thing. Yes for whatever reason the message sent by the user, its moderate -> retract on all messages issued by the server its the other way around

moderation is just a special case of the retract XEP, that adds stuff like occupant-id, nickname who moderated

> the server does the same thing, the client does the same thing One is a message one is an IQ the client definitely doesn't do the same thing ↺

how is this relevant

It's relevant because the syntax is different, the user intent is different, and the result in an app certainly can be different.

please elaborate

Retraction is a message from a user that says to another user "hey pretend I didn't send this" Moderation is a command from a moderator to a MUC that says "remove this thing someone else said we don't want it here"

and? both lead to removing the message from MAM, as the XEP defines

Or you can look at it like: either a mod or the sender saying: "hey pretend that wasn't sent"

moparisthebest: it's different though because the mod doesn't tell participants to pretend it wasn't sent. They tell the MUC

It's a command to the server so of course the server removes it

as it is with retract

vs just a message the server is relaying that an experimental xep claims ought to cause a side effect maybe ✏

No, in both cases they tell the muc who tells everyone else

There's no MUC

With retraction

of course?

what do you think, a MUC rejects a retract message?

Sometimes there is a muc sometimes not

Well it could use that's not the case we're we're talking about

Whats this discussion even about? Lol

i asked if the server removes corrections, after it removes the original of the retracted message

If servers should remove messages from your local MAM history based on routing a message to you with a retraction tag

thats not a question

thats what the XEP defines and happens already

the Question was, if it should tombstone corrections for that already removed message

You say some server has an implementation of that behaviour?

I've not seen one

The server can remove retractions per the xep

ok then no server supports the XEP yet, this is still not relevant to the discussion, think of it in theory if a server supports the XEP

Hopefully we can remove that part from the xep 🙂

or to get the discussion again on track, ignore retractions, and lets talk about moderation

as you accepted that messages are removed there

Same

> Hopefully we can remove that part from the xep 🙂 Seems silly, the XEP has a very good explanation of why the server should ↺

> or to get the discussion again on track, ignore retractions, and lets talk about moderation Yes probably needs to go in security considerations for the moderation xep ↺

https://modules.prosody.im/mod_muc_moderation.html says it does tombstones sometimes

singpolyma, his argument was, that no server does it for retractions

IQ in single chat would be not effecient, because you need to tell the other user anyway, and the IQ would not be routed to the user

so message makes more sense

also there is enough precedent that messages execute actions on the server

e.g. message hints, no-carbon, no-store etc

> singpolyma, his argument was, that no server does it for retractions Ok? So no server should ever do anything that no server yet does? Seems silly lol ↺

i think the argument was, everybody agrees that this part of the XEP is bad, thats why no server implements it

Citation needed

im not saying it is that way, i say, i think that was the implied argument

but yeah, thats actually the first time i hear that someone questions that part of the XEP

Yea I'm responding to that argument not you

its totally my intent to remove the message from the server if i retract it

if that will not happen, then we need an additional xep that does exactly that

Seems right

With muc, the server, with 1:1, both servers *

puh can of worms :D

that will not happen

Always :)

actually thats kind of a flaw if the remote server does not remove it ..

moparisthebest, would you consider it a vulnerability if an abuser can send an abusive message and then retract it after it has been seen?

he removes his own abuse, thats ... nice

I mean thats up to the victims client i guess ?

i think the question was meant from a perspective of the remote server

Always been possible though, i can send a link then remove etc

stuff will always be possible, therefore it's okay?

> I mean thats up to the victims client i guess ? And server if the server is doing this thing ↺

anyway, at least Prosody doesn't implement server-side retraction becasue we just haven't gotten around to it yet

i think someday somekind of archiving preference setting would be nice "respect remote retractions"

sure, all you can do is ask for remote parties to delete it, they may or may not

is it asking if all compatible software complies?

is it useful if compatible sofware does not comply?

or, maybe s/useful/expected (by users)/

I think it's asking unless DRM is involved

XMPP over HDCP

for client side my plan was, to have a time-based setting, and after that time retracted messages get really removed from the database

and until then you can click the message and show it and have the option to keep it forever

what do you think about that?

so if I send you my secret password I can't rely on retracting it? UNACCEPTABLE CRITICAL SECURITY VULNERABILITY!!!! probably

hm the option to delete a message locally is always there, user would not need to wait for the cleanup

singpolyma, does cheogram do retraction?

i ponder if i should include the fallback text ..

We accept inbound retraction but our retraction menu item sends LMC instead

why that? because of better backwards compat?

Partly yes. And partly because I prefer the protocol

why? both sends a message and references the other message

Also there is no notion of deleting the original message in LMC

in Gajim you can always look at the original message, it would also not accept LMC for older messages (altough i may change that at some point)

all in all, problems over problems, if you try to build on LMC, its also only backwards compatible if a client allows to correct older messages, if not its equivalent to what the retraction spec does now

also you throw all server assisting out of the window because a server cannot even detect that its a retract

Gajim was accepting LMC for older messages. Did that get changed again?

hmmm

you are right, we accept all corrections

so i did this change already :)

outgoing we only allow the last one, right now

but i intend to change that aswell at some point

We changed it recently (for outbound) based on user demand and gajim support

> singpolyma whew 😂 ↺

ok, we really should more talk, i had no idea, if i dont know what other clients do, i maybe get a smart idea and remove something again :D

so message retraction MR is 90% complete, with the next version retracts will start to flow :)