[00:00.000 --> 00:09.600]  Hey everybody, I'm Charles and I'm here to talk to you today about building a social
[00:09.600 --> 00:13.000]  app on top of Matrix.
[00:13.000 --> 00:15.720]  So a little bit about me before we get started.
[00:15.720 --> 00:18.480]  I'm a lead software engineer here at Futo.
[00:18.480 --> 00:23.280]  I come to this world from a background of CS academic research.
[00:23.280 --> 00:27.800]  I was a professor for about eight or nine years and I worked in security and privacy.
[00:27.800 --> 00:34.320]  I was very interested in how do we build real encrypted systems that can protect our data
[00:34.320 --> 00:38.240]  from attackers who want to get at it.
[00:38.240 --> 00:43.160]  At the same time, like a lot of you, I've got a family at home and I got very interested
[00:43.160 --> 00:48.200]  at one point about how can I bring these two worlds together and build encrypted systems
[00:48.200 --> 00:54.920]  not only to protect corporate data or national security data, but to protect my data at home
[00:54.920 --> 00:57.200]  for my family and my kid.
[00:57.200 --> 00:59.800]  The company that I work for now is called Futo.
[00:59.800 --> 01:01.400]  It's a relatively new company.
[01:01.400 --> 01:06.840]  The current incarnation was founded I think in the beginning of 2021 by Aaron Wolff, our
[01:06.840 --> 01:12.760]  CEO and my boss who was the creator of Yahoo Games back in the day.
[01:12.760 --> 01:16.680]  And our mission that we're working on now at Futo is we want to empower users and help
[01:16.680 --> 01:22.200]  people to get away from depending on the four or five or six major tech giants that are
[01:22.200 --> 01:26.720]  controlling more and more of our lives and mediating more and more of our interactions
[01:26.720 --> 01:30.440]  that we have with each other nowadays.
[01:30.440 --> 01:35.400]  And so it's a really nice confluence of my own personal goals and the company's goals
[01:35.400 --> 01:41.440]  and I hope we're doing some cool things starting with the project that I'm talking about today.
[01:41.440 --> 01:47.640]  And so my motivation when I started this was I was a young security and privacy researcher.
[01:47.640 --> 01:53.380]  I had a cute new baby at home and like all new parents, I wanted to send out these pictures
[01:53.380 --> 01:55.360]  to as many people as possible, right?
[01:56.360 --> 02:03.440]  But at the same time, I was reading in my work life and in the news constantly at that
[02:03.440 --> 02:09.440]  time, all these crazy things that these centralized companies were doing with the data that we
[02:09.440 --> 02:10.440]  give them.
[02:10.440 --> 02:15.440]  And so my wife and I decided very early on, our kid is not going on these centralized
[02:15.440 --> 02:17.440]  services at all.
[02:17.440 --> 02:21.960]  And that put us in kind of a bind because when we looked at the technology space of
[02:21.960 --> 02:29.600]  what we had for sharing photos with grandmas, grandpas, aunts, uncles, friends, cousins, it
[02:29.600 --> 02:34.480]  really looked like we sort of had to make a choice between things that were convenient
[02:34.480 --> 02:39.240]  and easy for us to blast out those photos or to put them up where everybody could get
[02:39.240 --> 02:41.920]  them later at their leisure.
[02:41.920 --> 02:48.280]  Or on the other hand, we could go and we could prioritize security and privacy.
[02:48.280 --> 02:53.200]  And there was some really exciting stuff coming out at the time like text secure and signal
[02:53.200 --> 02:56.400]  and then matrix added end-to-end encryption.
[02:56.400 --> 03:02.720]  But at the same time, all of those products were very focused on interactive chat.
[03:02.720 --> 03:08.440]  And we tried using signal with our friends and family for a while and it worked okay.
[03:08.440 --> 03:10.960]  But it left a lot to be desired.
[03:10.960 --> 03:12.760]  And so we wanted something more.
[03:12.760 --> 03:16.360]  That's what sent me down the path of working on this project.
[03:16.360 --> 03:21.960]  And I want to say this is not necessarily something that's limited only to parents of
[03:21.960 --> 03:23.040]  new babies.
[03:23.040 --> 03:27.520]  Maybe you like to travel and you take a lot of cool pictures from your trips and you
[03:27.520 --> 03:30.560]  want to share these with your friends and your family.
[03:30.560 --> 03:35.480]  And you don't want big tech spying on every last move that you make and analyzing every
[03:35.480 --> 03:39.240]  object in the background of every photo that you upload.
[03:39.240 --> 03:42.920]  Maybe you want to run a book club and have interesting discussions with people and not
[03:42.920 --> 03:47.800]  have every word that you say feed into some algorithm that's going to be used to feed
[03:47.800 --> 03:52.680]  a recommendation algorithm to sell ads to you.
[03:52.680 --> 03:57.640]  Or any number of other things that you might want to do to keep up with the people that
[03:57.640 --> 04:03.240]  matter in your life without being spied on and without being reliant on three or four
[04:03.240 --> 04:06.320]  companies that provide all of our digital life.
[04:06.320 --> 04:11.400]  For now though, we'll use the baby photos as the motivating example.
[04:11.400 --> 04:15.880]  And so at some point I sat down and I wrote down the goals of what I wanted.
[04:15.880 --> 04:18.980]  And it turns out they're pretty simple.
[04:18.980 --> 04:23.960]  First of all, I wanted most of the convenience of using something like centralized service
[04:23.960 --> 04:30.360]  like Facebook or Google Plus or MySpace or Friendster or any of these things.
[04:30.360 --> 04:36.200]  We all used 20 years ago and gave all of our data away to people that maybe now we regret
[04:36.200 --> 04:38.360]  giving it to.
[04:38.360 --> 04:42.760]  But why those services were successful is because they make life really easy.
[04:42.760 --> 04:49.640]  I can very easily keep up with the number of people that a human interacts with in a
[04:49.640 --> 04:51.840]  typical human life.
[04:51.840 --> 04:57.280]  One, two, maybe three, four hundred people and probably a much smaller group that I really
[04:57.280 --> 04:58.280]  care about.
[04:58.280 --> 05:04.200]  I can very easily publish some updates and have that go out to everyone that I care about.
[05:04.200 --> 05:09.360]  And the great thing about those sites is that it's explicitly asynchronous, right?
[05:09.360 --> 05:13.400]  So I can post whenever I want and it doesn't bother my friends.
[05:13.400 --> 05:17.400]  And I can post as many times a day as I want and it's not going to bother them.
[05:17.400 --> 05:21.160]  It's not going to ding their phone until they decide it's time to come and check and scroll
[05:21.160 --> 05:24.600]  through their timeline and see what I've posted.
[05:24.600 --> 05:28.680]  The second major thing or actually maybe the first major thing that I wanted being a security
[05:28.680 --> 05:34.600]  and privacy guy was I wanted most of the protections that you can get right now with
[05:34.600 --> 05:36.400]  an app like Signal, right?
[05:36.400 --> 05:42.960]  So with Signal or now with Matrix, you get confidentiality or secrecy.
[05:42.960 --> 05:48.880]  So I can send a message to my friends and only my friends who have been provided with
[05:48.880 --> 05:53.800]  the decryption key or they're the only people who can read what I said.
[05:53.800 --> 05:58.400]  Similarly, we can get what we call integrity.
[05:58.400 --> 06:02.320]  In a very simple terms, it just means that nobody can inject junk into my conversation,
[06:02.320 --> 06:03.320]  right?
[06:03.320 --> 06:05.600]  They can't have weird stealth ads.
[06:05.600 --> 06:10.960]  They can't try to steer me towards certain interests that they think I might like.
[06:10.960 --> 06:13.600]  What you see is what you get.
[06:13.600 --> 06:19.480]  And that's what we get from the cryptographic protections of the end-to-end encryption algorithms.
[06:19.480 --> 06:26.200]  And then finally, one thing that we want to do here at Fruto and that Matrix makes really
[06:26.200 --> 06:31.520]  nice and easy is to get a little bit more independence from the big tech mega-corps
[06:31.520 --> 06:34.000]  that are trying to take over the world.
[06:34.000 --> 06:38.760]  Because with Matrix, it's pretty straightforward for a user to run their own server or if they
[06:38.760 --> 06:42.800]  don't want to run their own server, at least they're not locked into the same four or five
[06:42.800 --> 06:47.920]  providers that control everything else, right?
[06:47.920 --> 06:52.640]  So in a word, what I was looking for was a more secure and private social networking
[06:52.640 --> 06:59.560]  tool for enabling real human relationships between real human people.
[06:59.560 --> 07:03.400]  And this seems to be a pretty pressing need when I've talked to other people, when I talk
[07:03.400 --> 07:10.800]  to grandparents, I talk to new moms, I talk to middle-aged people.
[07:10.800 --> 07:14.520]  I've had this feeling for a while that Facebook has kind of become a ghost town.
[07:14.520 --> 07:16.200]  It turns out this thing, this theory has a name.
[07:16.200 --> 07:18.320]  It's called the Dead Internet Theory.
[07:18.320 --> 07:21.920]  If you want to lose a couple hours of your life going down a rabbit hole, you can do
[07:21.920 --> 07:26.600]  an internet search for that and find some crazy speculations out there.
[07:26.600 --> 07:30.000]  I won't go into all that right now.
[07:30.000 --> 07:31.840]  Look it up if you're interested.
[07:31.840 --> 07:39.000]  But what I've found is that because Facebook has become kind of a ghost town, and my own
[07:39.000 --> 07:45.760]  theory is that the lack of privacy has been a major driver of that ghost town status.
[07:45.760 --> 07:52.160]  What you see when you talk to real people, the normals are out there stuck using tools
[07:52.160 --> 07:53.440]  from 20 years ago.
[07:53.440 --> 07:58.080]  People are still using SMS to keep in touch with their grandparents and their grandkids.
[07:58.080 --> 08:03.920]  People are still emailing photos to each other like it's 2003 or 1999.
[08:03.920 --> 08:07.920]  And that kind of sucks because at the same time, we're in this world where we have really
[08:07.920 --> 08:15.320]  slick, really powerful, really cool user interfaces that have been built by these big tech companies.
[08:16.080 --> 08:20.800]  For interacting with random internet people that we've never even met.
[08:20.800 --> 08:25.680]  So we're using the coolest technology to keep up with the people who matter the least to
[08:25.680 --> 08:26.680]  us.
[08:26.680 --> 08:32.080]  And we're using the clunkyest oldest technology to keep up with the people who matter the most.
[08:32.080 --> 08:33.080]  That's backwards, right?
[08:33.080 --> 08:36.280]  So we wanted to change that.
[08:36.280 --> 08:39.840]  So I took a sabbatical from my former academic life.
[08:39.840 --> 08:45.920]  I watched some Apple tutorials and learned a little bit about making mobile apps.
[08:45.920 --> 08:50.360]  And I made a first prototype of this app that we call circles.
[08:50.360 --> 08:55.720]  The user interface is designed to be very comfortable and convenient and familiar for
[08:55.720 --> 09:01.360]  users who have used the centralized big tech services.
[09:01.360 --> 09:04.360]  But at the same time, on the back end, it's all matrix.
[09:04.360 --> 09:11.240]  And so circles can talk to any standards compliant matrix server.
[09:11.240 --> 09:12.880]  You can host your own.
[09:12.880 --> 09:16.800]  You can connect with people on different servers from you.
[09:16.800 --> 09:20.680]  And we get all of the really cool benefits of matrix almost for free, right?
[09:20.680 --> 09:22.480]  We get the end to end encryption.
[09:22.480 --> 09:24.440]  We get the federation.
[09:24.440 --> 09:27.040]  We get the open standards and the open source code.
[09:27.040 --> 09:31.680]  It's very easy now for anybody to write a tool that's compatible with what we've got.
[09:31.680 --> 09:36.440]  And we're compatible with tons of other tools in the matrix ecosystem.
[09:36.440 --> 09:40.320]  So to make this a more technical talk, I'll talk a little bit about some of the challenges
[09:40.320 --> 09:45.200]  that we faced when working on this project.
[09:45.200 --> 09:50.800]  The primary one that I'm going to talk about today is just the issue of trying to figure
[09:50.800 --> 09:58.920]  out, OK, how do we map human social structures that aren't really nice and neat and clean
[09:58.920 --> 10:02.440]  and fit into a nice little square box?
[10:02.440 --> 10:04.400]  And how do we cram those into a square box?
[10:04.400 --> 10:10.760]  Or how do we make those work with a kind of a limited data structure that we have?
[10:10.760 --> 10:13.840]  Other work that we've done on the project recently that I won't talk too much about
[10:13.840 --> 10:20.040]  today is mostly around how do we balance protecting users' privacy and at the same
[10:20.040 --> 10:23.640]  time also making it easy for them to use the app.
[10:23.640 --> 10:27.840]  So one thing that we're here on right now is trying to improve discoverability, right?
[10:27.840 --> 10:33.360]  Making it easier for the users to find the friends that they have who are also in the
[10:33.360 --> 10:34.880]  system somewhere.
[10:34.880 --> 10:38.160]  And at the same time, we're kind of treading a fine line because we don't want to make
[10:38.160 --> 10:41.200]  it too easy for random strangers to find you.
[10:41.200 --> 10:43.440]  That's bad for privacy.
[10:43.440 --> 10:44.560]  We've also done some work.
[10:44.560 --> 10:51.040]  In fact, we built a whole matrix authentication system to make it easier for users who only
[10:51.040 --> 10:56.800]  have a single device who only want to remember a single password and make it easier for them
[10:56.800 --> 10:59.880]  to do Matrix's secure server-side storage.
[10:59.880 --> 11:05.120]  But again, today, let's talk mostly about the human social structures and the challenge
[11:05.120 --> 11:12.080]  of mapping that onto a system like Matrix that was built to do chat rooms.
[11:12.080 --> 11:17.280]  So let's think about what we have right now for online social networks.
[11:17.280 --> 11:22.080]  The big type of relationship that they have, they have different names for it, but it's
[11:22.080 --> 11:23.880]  a friendship-like relationship, right?
[11:23.880 --> 11:26.840]  On Facebook, it's called being a friend on LinkedIn.
[11:26.840 --> 11:31.000]  I think it's your contacts.
[11:31.000 --> 11:32.480]  It's basically the same thing, right?
[11:32.480 --> 11:39.760]  Somebody that you're connected with, and this is kind of a challenging thing with the current
[11:39.760 --> 11:46.440]  kind of view of Matrix as chat rooms because it's not like I can just go and easily have
[11:46.440 --> 11:50.840]  one Matrix room where I can talk to all the people that I care about.
[11:50.840 --> 11:53.120]  Most of them don't know each other.
[11:53.120 --> 11:56.800]  And if we were to try to cram everybody into one room, it gets kind of awkward.
[11:56.800 --> 12:02.520]  And if chat rooms were a solution that solved everything, then we wouldn't need to do anything
[12:02.520 --> 12:03.520]  new, right?
[12:03.520 --> 12:09.560]  I could just get all my friends to install Element or Signal or Telegram or whatever and
[12:09.560 --> 12:15.800]  we could just have our chat rooms and we would go from there and we would all be happy.
[12:15.800 --> 12:20.120]  That's really what it seems like people are doing now, but I think we can do something
[12:20.120 --> 12:26.960]  that's even easier and more convenient for a lot of use cases.
[12:26.960 --> 12:31.360]  So before we work up to how we're going to do something better with Matrix chat rooms
[12:31.360 --> 12:35.920]  on the back end, first let's take a look at kind of like the easy mode.
[12:35.920 --> 12:41.320]  So let's think about another online social network tool, which is Facebook groups or
[12:41.320 --> 12:45.280]  Google groups or any other branded groups.
[12:45.280 --> 12:46.280]  So what's that look like?
[12:46.280 --> 12:49.800]  Well with a group, you have really well-defined membership.
[12:49.800 --> 12:53.560]  It's really easy to know exactly who is in the group, who should see the posts that go
[12:53.560 --> 12:56.160]  into the group and who shouldn't.
[12:56.160 --> 13:01.040]  And moreover, once you're a member of the group, you're connected to every other member
[13:01.040 --> 13:05.980]  of the group in pretty much exactly the same way.
[13:05.980 --> 13:09.560]  And so again, this is like easy mode, right?
[13:09.560 --> 13:13.040]  So what's the difference between in terms of like data structures and how we're going
[13:13.040 --> 13:17.560]  to store stuff on the servers and how we're going to transfer that to the clients?
[13:17.560 --> 13:22.400]  How is that any different from a normal Matrix chat room?
[13:22.400 --> 13:24.440]  Really it's only different in terms of the UI.
[13:24.440 --> 13:27.160]  It's just drawn and presented differently to the user.
[13:27.160 --> 13:32.280]  The actual data that we store on the server can be exactly the same.
[13:32.280 --> 13:37.000]  And so just like when we have one interactive chat room for interactive chat, we can have
[13:37.000 --> 13:44.280]  one Matrix room for an asynchronous online social network type of group discussion.
[13:44.280 --> 13:46.880]  So we create one Matrix room.
[13:46.880 --> 13:51.880]  Everybody who's a member of the group gets added as a member of the room.
[13:51.880 --> 13:56.040]  And then when somebody posts into the room, everybody in the group can see it.
[13:56.040 --> 14:02.240]  That's pretty much exactly what we wanted for a Facebook group's type of feature.
[14:02.240 --> 14:11.640]  And so then the only difference between this and the traditional Matrix real-time chat
[14:11.640 --> 14:16.360]  is just that the client needs to be different and it just needs to render each post.
[14:16.360 --> 14:20.480]  It's not as a little chat bubble, but instead it needs to render it like a social post,
[14:20.480 --> 14:21.480]  right?
[14:21.480 --> 14:25.440]  And then the convention that we've developed in the world is that a social post has the
[14:25.440 --> 14:27.360]  little profile photo.
[14:27.360 --> 14:34.240]  It's got the little user name, the display name, and maybe the user ID.
[14:34.240 --> 14:38.200]  And then it has the body of the post, and it's got this nice little border around it.
[14:38.200 --> 14:42.760]  And that's what users have been trained to expect with Twitter and Facebook and G+.
[14:42.760 --> 14:44.160]  And everything else.
[14:44.160 --> 14:45.320]  And so that's pretty easy.
[14:45.320 --> 14:49.760]  That's just, we just need a slightly different Matrix client with a different UI.
[14:49.760 --> 14:50.760]  Cool.
[14:50.760 --> 14:51.760]  We can do that.
[14:51.760 --> 14:56.880]  Okay, now that we have that, let's think about how we can extend this to represent
[14:56.880 --> 14:59.280]  friend relationships.
[14:59.280 --> 15:04.840]  So again, the tricky thing about friend relationships is that it's asymmetric, right?
[15:04.840 --> 15:09.480]  If we make a really simple Venn diagram here of my friends and your friends, maybe you and
[15:09.480 --> 15:16.040]  I have some mutual friends, it's really obvious that not all of your friends are also my friends.
[15:16.040 --> 15:18.960]  And not all of my friends are also your friends.
[15:18.960 --> 15:24.160]  And so the insight that I think the internet has taught us all over the last 10 or 20 years
[15:24.160 --> 15:28.400]  is that whatever you do, do not put everybody all into the same room.
[15:28.400 --> 15:32.400]  That is a recipe for drama and pain and strife.
[15:32.400 --> 15:37.920]  And so really, if we want to make people happy, well, your friends are, they're here to see
[15:37.920 --> 15:40.560]  updates from you, right?
[15:40.560 --> 15:43.600]  They don't know or care about me necessarily.
[15:43.600 --> 15:46.680]  So let's make one room where you can post your updates.
[15:46.680 --> 15:49.880]  All your friends can be members of that room.
[15:49.880 --> 15:50.880]  And then you're good.
[15:51.120 --> 15:58.200]  If we're using matrixes into an encryption, then it also follows that nobody outside of
[15:58.200 --> 16:01.520]  the circle can read your posts at all.
[16:01.520 --> 16:02.520]  Cool.
[16:02.520 --> 16:04.320]  That's good.
[16:04.320 --> 16:06.120]  Then we also have these people who are my friends.
[16:06.120 --> 16:07.120]  Well, okay, cool.
[16:07.120 --> 16:12.480]  Let's make one room for me where I can post my updates and all of my friends can be members
[16:12.480 --> 16:17.360]  of that room and they can get the decryption keys and they can see the stuff that I post.
[16:17.360 --> 16:19.360]  Cool.
[16:19.360 --> 16:22.320]  So then what if I, what if there's somebody who's our mutual friend, right?
[16:22.320 --> 16:24.200]  They're my friend and they're your friend.
[16:24.200 --> 16:25.200]  Okay.
[16:25.200 --> 16:26.360]  Well, no big deal.
[16:26.360 --> 16:29.560]  They just need to be a member of both rooms.
[16:29.560 --> 16:31.860]  And this structure generalizes, right?
[16:31.860 --> 16:36.440]  So for each user in the system, we give them their own room and that's their room where
[16:36.440 --> 16:38.880]  they're going to post their updates.
[16:38.880 --> 16:44.800]  And then everybody who's their friend or whatever the relationship is that we're capturing here,
[16:44.800 --> 16:45.800]  right?
[16:45.840 --> 16:51.680]  For their neighbors, their family members, their coworkers, whatever it is, right?
[16:51.680 --> 16:55.880]  Whoever it is that they've invited to follow them is a member of that room and they get
[16:55.880 --> 16:58.440]  to see those posts.
[16:58.440 --> 17:02.040]  So we create one of these rooms for each user.
[17:02.040 --> 17:06.960]  And then now when I want to see, hey, what have my friends been up to?
[17:06.960 --> 17:12.360]  My client goes out and it fetches all the recent messages from all the rooms of all my friends
[17:12.600 --> 17:16.440]  and it goes and it collates these into one nice unified timeline.
[17:16.440 --> 17:20.200]  And then I can scroll through this like I'm on Twitter, like I'm on Facebook, like I'm
[17:20.200 --> 17:25.480]  on any other traditional centralized social network that is collecting all your data and
[17:25.480 --> 17:27.440]  spying on you.
[17:27.440 --> 17:34.820]  But again, now all of these posts came from matrix rooms that are doing end to end encryption.
[17:34.820 --> 17:38.960]  And so now the only people that can see that content are the people who are the members
[17:38.960 --> 17:41.200]  of those rooms.
[17:41.200 --> 17:44.960]  The other cool thing to point out while we're here is that you're not limited to having
[17:44.960 --> 17:48.520]  only one copy of the structure that I'm showing on the slide here.
[17:48.520 --> 17:52.160]  So right here I've got a circle of three friends.
[17:52.160 --> 17:54.040]  Maybe these are my college friends.
[17:54.040 --> 17:55.240]  Maybe these are my high school friends.
[17:55.240 --> 18:01.000]  I could have six other circles that I'm a member of that would give me different timelines
[18:01.000 --> 18:06.000]  that I could scroll through and see what that group of people is up to.
[18:06.000 --> 18:10.480]  So we have a prototype app built that does this.
[18:10.480 --> 18:12.960]  It's called FutoCircles.
[18:12.960 --> 18:16.840]  We originally built the app on iOS.
[18:16.840 --> 18:18.480]  We had a beta.
[18:18.480 --> 18:21.200]  We got some really good user feedback.
[18:21.200 --> 18:23.640]  And then we had some decryption errors.
[18:23.640 --> 18:27.560]  And we're reworking some of the SDK layer right now.
[18:27.560 --> 18:31.280]  We're hoping to wrap that up by the time that FOSSTEM happens.
[18:31.280 --> 18:36.480]  And so hopefully very soon after you see this talk, we'll have another beta on iOS ready
[18:36.480 --> 18:39.520]  for you to try out.
[18:39.520 --> 18:41.600]  But it's not quite there yet.
[18:41.600 --> 18:44.720]  On Android, we have a current beta that's up and running.
[18:44.720 --> 18:48.800]  You can get that from the Google Play Store or from our own FDroid repository where we
[18:48.800 --> 18:50.320]  have our beta releases.
[18:50.320 --> 18:53.960]  I've got the information here with the URL and the QR code.
[18:53.960 --> 18:56.080]  I'll give that again later too.
[18:56.080 --> 18:58.800]  I've got some screenshots for you.
[18:58.800 --> 19:00.240]  It's a pretty simple app.
[19:00.240 --> 19:02.400]  It does what I talked about earlier.
[19:02.400 --> 19:03.400]  You can choose.
[19:03.400 --> 19:08.080]  You can see a list of all of the social circles that you're a member of.
[19:08.080 --> 19:10.360]  You can see a list of all your groups.
[19:10.360 --> 19:14.960]  Once you tap on either of those, you can go and you can scroll through the posts.
[19:14.960 --> 19:21.480]  And again, we render matrix messages just like their Twitter posts or Facebook posts
[19:21.480 --> 19:23.760]  or Google Plus posts.
[19:23.760 --> 19:26.280]  And you can scroll through your timelines.
[19:26.280 --> 19:30.600]  And the app takes care of all the work of figuring out which rooms are involved in which
[19:30.600 --> 19:35.400]  timelines, fetching the data, decrypting, and displaying it to you.
[19:35.400 --> 19:40.160]  And so again, the user doesn't have to worry too much about all of the underlying technology.
[19:40.160 --> 19:47.880]  We also have on this screenshot on the right side photo, we can also do photo galleries.
[19:47.880 --> 19:51.320]  I didn't talk too much about that now, but it's pretty straightforward to imagine how
[19:51.320 --> 19:57.040]  we can have a matrix room full of image posts that represents a photo gallery.
[19:57.040 --> 19:59.520]  You can have those that are just for your own use.
[19:59.520 --> 20:05.080]  You can use that as an easy way to share photos with your friends and family too.
[20:05.080 --> 20:07.200]  So we have the apps right now.
[20:07.200 --> 20:11.400]  We're continuing to work on them and try to make them better.
[20:11.400 --> 20:15.360]  At the moment, we're working on improving our discoverability.
[20:15.360 --> 20:20.760]  We have some cool work working on profiles as matrix spaces.
[20:20.760 --> 20:27.200]  This is inspired by a cool proposal from Henri who works on mind tricks.
[20:27.200 --> 20:30.360]  We're also working on notifications.
[20:30.360 --> 20:36.280]  And then in the rest of 2023, we're hoping to work towards eventually having a full production
[20:36.280 --> 20:40.080]  release on both iPhone and on Android.
[20:40.080 --> 20:43.280]  The first step towards that, I think we're going to have another round of public beta
[20:43.280 --> 20:44.720]  tests.
[20:44.720 --> 20:49.400]  And then we need to make sure that we get support for MSC 3917.
[20:49.400 --> 20:53.520]  If you're not familiar with that one, that's the fixes for a lot of the security vulnerability
[20:53.520 --> 20:57.480]  that was released late last year.
[20:57.480 --> 21:01.400]  It's the cryptographic verification of all room membership events.
[21:01.400 --> 21:06.280]  That'll give us a really nice security and privacy story.
[21:06.280 --> 21:12.560]  And so with that, we will work on adding subscriptions via the Google Play Store and the Apple App
[21:12.560 --> 21:16.960]  Store so that then if you have friends who don't have their own matrix server or don't
[21:16.960 --> 21:21.640]  have a matrix account, but they want to connect with you on the circles app, we'll make it
[21:21.640 --> 21:26.440]  very easy for them to go in the app, tap a couple of buttons and sign up for a subscription
[21:26.440 --> 21:32.520]  and we can host their account for hopefully very cheap, just a couple of dollars a month.
[21:32.520 --> 21:36.920]  And then once we get a production release, then we're hoping to try to grow this thing
[21:36.920 --> 21:42.800]  and try to reach normal people and help provide them with a more private and secure way to
[21:42.800 --> 21:47.520]  stay in touch with the people that matter in their lives.
[21:47.520 --> 21:50.720]  So thanks for watching my talk.
[21:50.720 --> 21:55.920]  If you want to connect with us on matrix, our main room for the project has the alias
[21:55.920 --> 21:58.320]  circles on matrix.org.
[21:58.320 --> 22:03.480]  You can also find the code for the iOS and the Android version of the app.
[22:03.480 --> 22:04.480]  Both of these are open source.
[22:04.480 --> 22:08.160]  They're available on our GitHub with the URLs shown on the slide.
[22:08.160 --> 22:10.360]  And again, you can try the Android beta.
[22:10.360 --> 22:15.560]  If you have the FDroid app, you can just scan this QR code that I'm showing on the slide
[22:15.560 --> 22:16.560]  right now.
[22:16.560 --> 22:18.800]  Once again, thanks and take care.
[22:25.920 --> 22:40.840]  Okay, so I think we're available now for a Q&A for the talk on building a social app.
[22:40.840 --> 22:54.760]  And if anybody has questions about circles, I am around, had a little bit of difficulty
[22:54.760 --> 23:01.040]  here with getting the upvoted questions widget working again.
[23:01.040 --> 23:06.040]  But now it seems to be, let me be a little lag.
[23:06.040 --> 23:07.040]  There we go.
[23:07.040 --> 23:08.040]  Hey, good.
[23:08.040 --> 23:09.040]  Okay.
[23:09.040 --> 23:10.040]  Thanks, Julian.
[23:10.040 --> 23:22.840]  It's a little bit hard to tell if it was working.
[23:22.840 --> 23:29.600]  Oh, no, and getting a little bit of issues with the widget.
[23:29.600 --> 23:32.280]  I saw some questions and then they went away.
[23:32.280 --> 23:34.960]  I don't know.
[23:34.960 --> 23:35.960]  Let's see.
[23:35.960 --> 23:36.960]  Can I...
[23:36.960 --> 23:37.960]  Cool.
[23:37.960 --> 23:38.960]  All right.
[23:38.960 --> 24:07.520]  Let's see if I can go into the dev room and then...
[24:07.520 --> 24:16.080]  I have too many widgets.
[24:16.080 --> 24:17.080]  Too many things going on.
[24:17.080 --> 24:20.800]  Let's see if I can move this one so I can see.
[24:20.800 --> 24:24.520]  Ah, let's see.
[24:24.520 --> 24:27.760]  There's a question about the website and the...
[24:27.760 --> 24:34.000]  Oh, there's a question about making a web version.
[24:34.000 --> 24:35.000]  It's tempting.
[24:35.000 --> 24:37.400]  It's a little hard.
[24:37.400 --> 24:46.120]  Coming from a security and privacy background, the idea of having a web app makes me nervous.
[24:46.120 --> 24:49.120]  The security story there is a little bit weaker.
[24:49.120 --> 24:56.040]  Originally, I was very, I guess, afraid of the idea of having all these very short-lived
[24:56.040 --> 24:57.040]  sessions.
[24:57.040 --> 25:03.160]  I don't know how much of the down-of-the-weeds details people know about Matrix's end-to-end
[25:03.160 --> 25:07.160]  encryption, but every time you log in with a new session, with a new device ID, you get
[25:07.160 --> 25:13.360]  a new key pair, and that creates a little bit more work for the E2E system to manage
[25:13.360 --> 25:18.840]  all these different public-private key pairs that you've had.
[25:18.840 --> 25:23.960]  It gets a bit messy, and I was very afraid of that as a new developer.
[25:23.960 --> 25:28.480]  Now with a little bit more familiarity with the way Matrix works, for example, Element
[25:28.480 --> 25:32.320]  handles this really well.
[25:32.320 --> 25:36.680]  Most of the time, you can use Element Web with these little sessions that come and go,
[25:36.680 --> 25:39.040]  and it's totally fine.
[25:39.040 --> 25:45.440]  Maybe in the future, if we can find a really great intern, we could have a prototype of
[25:45.440 --> 25:52.360]  circles that runs on a web page or in a desktop thing similar to Element.
[25:52.360 --> 25:54.280]  Maybe that would be something we could try out.
[25:54.280 --> 25:59.640]  I guess, personally, I'm coming around to the idea that it's probably going to be something
[25:59.640 --> 26:01.320]  that's going to be necessary.
[26:01.320 --> 26:06.560]  Because with the mobile platforms, we're just so locked in, and we're so dependent on these
[26:06.560 --> 26:11.800]  two companies to say yes or no, whether we can have an app at all.
[26:11.800 --> 26:18.680]  It's kind of the opposite of independence, right?
[26:18.680 --> 26:21.840]  We don't have a web version right now.
[26:21.840 --> 26:29.800]  We might in the future, I guess, stay tuned.
[26:29.800 --> 26:39.200]  I think our focus for 2023 is definitely getting the mobile apps working.
[26:39.200 --> 26:42.200]  Let's see if I can...
[26:42.200 --> 26:46.320]  Oh, and another question.
[26:46.320 --> 26:50.240]  If it's paid subscription and open source, does this mean that the client is tied to
[26:50.240 --> 26:51.880]  the FUTO server?
[26:51.880 --> 26:52.880]  Not at all.
[26:52.880 --> 26:57.560]  The client right now, I think we have probably about as many users on the beta that are using
[26:57.560 --> 27:01.200]  their own servers as are using ours.
[27:01.200 --> 27:06.360]  The goal is to have it always work with any matrix server, so you can stand up your own.
[27:06.360 --> 27:09.160]  The idea is to just make it...
[27:09.160 --> 27:12.160]  If you don't want to run your own server, we want to make it easy for you to get on
[27:12.160 --> 27:14.680]  to one.
[27:14.680 --> 27:21.400]  We have one more minute, and Andreas asks about, do we have any plans for gaining growth?
[27:21.400 --> 27:25.680]  In the short term, it's going to be going around and trying to recruit expert users,
[27:25.680 --> 27:26.680]  right?
[27:26.680 --> 27:30.520]  We're going to security conferences, we're going to talk to matrix people, and then let
[27:30.520 --> 27:37.960]  you recommend to your friends.
[27:37.960 --> 27:46.280]  Let's see.
[27:46.280 --> 27:52.360]  We're continuing here in the room for the talk.
[27:52.360 --> 27:56.480]  If you're still with us, I think we've been booted out of the matrix online dev room.
[27:56.480 --> 27:58.480]  Yeah.
[28:56.480 --> 29:03.480]  Let's see.
[29:26.480 --> 29:37.360]  I just posted the address for this Q&A room into the matrix dev room, in case anybody
[29:37.360 --> 29:40.280]  wants to come in here and chat.
[29:40.280 --> 29:42.400]  Let's see.
[29:42.400 --> 29:46.480]  Juggling lots of widgets on a laptop screen here.
[29:46.480 --> 29:48.680]  All right.
[29:48.680 --> 29:55.640]  Sorry for the confusion earlier, having a little trouble juggling it all.
[29:55.800 --> 29:56.800]  Let's see.
[29:56.800 --> 30:03.320]  I'll stick around for another couple of minutes.
[30:03.320 --> 30:07.960]  If nobody has any questions right here, you can feel free to ask.
[30:07.960 --> 30:08.960]  Let's see.
[30:08.960 --> 30:27.400]  Oh, no, Andreas' question.
[30:27.400 --> 30:28.400]  The answer got cut off.
[30:28.400 --> 30:29.400]  Oh, no.
[30:29.400 --> 30:30.400]  That was too slow.
[30:30.400 --> 30:37.280]  This was about growth and monetization, I think.
[30:37.280 --> 30:44.520]  So the short answer is that once we get the apps working reasonably well and the bugs
[30:44.520 --> 30:52.120]  ironed out, I think our first step to getting adoption is to go to basically the people
[30:52.120 --> 30:57.440]  like you, the people in this room, the people who go to FOSTA, the people who go to the
[30:57.440 --> 31:02.480]  academic security research conferences is where I used to hang out and so all the people
[31:02.480 --> 31:06.520]  who really know that this is good, right, and the people who can make an authoritative
[31:06.560 --> 31:09.800]  recommendation to their friends that, yeah, this thing is not a scam.
[31:09.800 --> 31:13.560]  Yes, the security of this is actually up to par.
[31:13.560 --> 31:17.480]  The protection of this is actually what you want and what you need, and if we can grow
[31:17.480 --> 31:25.720]  from there by getting kind of like the expert recommenders, then they can tell their friends
[31:25.720 --> 31:29.000]  and by word of mouth, we can grow kind of family by family.
[31:29.160 --> 31:37.600]  Eventually, we will have families where they're both on and then people can start to find
[31:37.600 --> 31:42.840]  their friends, but I think the growth strategy is probably one family at a time and we'll
[31:42.840 --> 31:47.440]  use things like Apple and Google provide these family subscription options where one person
[31:47.440 --> 31:53.440]  can pay and they can get accounts for like five or six of their people and I think Apple
[31:53.440 --> 31:54.440]  calls it family sharing.
[31:54.440 --> 32:00.440]  I forget the name of what Google calls it, so that's kind of the plan.
[32:00.440 --> 32:09.160]  Let's see if I can catch up on any of the other questions that I missed.
[32:09.160 --> 32:17.760]  It was a little hard to see my video and the chat on the side at the same time.
[32:17.760 --> 32:20.760]  Maybe I need a bigger screen.
[32:20.760 --> 32:32.760]  It's still difficult, okay.
[32:32.760 --> 32:40.720]  Okay, cool.
[32:40.720 --> 32:42.880]  Thank you all for watching.
[32:42.880 --> 32:48.120]  Give the app a try and let us know if you run into any difficulties or anything that
[32:48.120 --> 32:54.680]  feels weird that isn't easy or convenient and we'll try to get it as good as we can
[32:54.680 --> 32:57.760]  make it this year before we do a public release.
[32:57.760 --> 33:04.600]  I'll hang out in the circles room over on circlesonmatrix.org for a few more minutes.
[33:04.600 --> 33:05.600]  Anybody wants to talk there?
[33:05.600 --> 33:12.520]  I check that every day, so if you have questions or ideas or anything else, stop by and let
[33:12.520 --> 33:13.520]  us know.
[33:13.520 --> 33:14.520]  Thank you.
[33:14.520 --> 33:14.520]  Bye.
[33:44.520 --> 33:45.520]  Bye.
[33:45.520 --> 33:45.520]  Bye.