skylord123/node-red-contrib-matrix-chat
1
0
Fork 0
mirror of https://github.com/Skylar-Tech/node-red-contrib-matrix-chat.git synced 2026-05-23 07:33:37 -06:00
Code Issues Releases Wiki Activity
Files
939fe42b40a516997bfd42bd0bd410654776e832
node-red-contrib-matrix-chat/README.md
T
skylord123 ebcb1eab81 Upgrade to matrix-js-sdk 41.5.0; add device verification 
Upgrades matrix-js-sdk from 34.13.0 to 41.5.0. This crosses the v37
removal of the legacy libolm crypto stack, so E2EE is migrated to the
Rust crypto implementation. Also adds device verification, cross-signing
setup, and authenticated media support.

Dependencies
- Bump matrix-js-sdk ^34.13.0 -> ^41.5.0; require Node.js >= 22.
- Drop the `olm` dependency (legacy crypto only); add `fake-indexeddb`.

Rust crypto
- Replace initCrypto() with initRustCrypto(); the legacy crypto stack
  was removed upstream in v37.
- Add src/matrix-crypto-store.js: the Rust crypto store requires
  IndexedDB, absent in Node.js, so it is backed by fake-indexeddb and
  snapshotted to disk (rust-crypto-store.v8) to survive restarts.
- Migrate existing libolm crypto state into the Rust store on first run,
  and discard the stored crypto state when the device ID changes.

Homeserver discovery
- Resolve the homeserver via .well-known, so a delegating domain
  (e.g. example.org) works as the configured server URL.

Cross-signing & secure backup
- Add a secured /matrix-chat/secure-backup admin endpoint and a modal
  dialog on the server config node: check status, unlock an existing
  secure backup with its recovery key, or reset and create a new one.

Device verification (new nodes)
- matrix-verification: event source emitting verification requests and
  phase changes, with on-node filters (phase, initiated by, type,
  self-verification, user allowlist, room).
- matrix-verification-action: request, accept, start SAS, confirm,
  mismatch, or cancel an in-flight verification.

Authenticated media
- matrix-receive and matrix-crypt-file use the authenticated media
  endpoints, send a bearer token via msg.headers, and fall back between
  the v3 and v1 media endpoints on a 404.

Fixes
- Surface connection/auth errors in the log; node.error() calls were
  passed an empty msg object, which routed the error and suppressed
  console logging.
- matrix-get-user: await getProfileInfo()/getPresence().
- matrix-invite-room: pass the reason as the third invite() argument
  (the removed callback parameter was shifting it out).
- Guard the verification handlers so a throwing SDK getter cannot crash
  Node-RED.

Docs
- Add the device-verification example flow; update the READMEs and node
  help, correcting stale claims that device verification, secure backup,
  and encrypted file uploads were unsupported.
2026-05-22 14:40:00 -06:00

5.1 KiB
Raw Blame History

node-red-contrib-matrix-chat

Matrix chat server client for Node-RED

Currently in beta. Please report any issues in our repository to help us reach a stable, well-tested release. Breaking changes may occur before our first stable release, so be sure to check the changelog before updating.

Join our public Matrix room for help: #node-red-contrib-matrix-chat:skylar.tech

ko-fi

Features

Supported functionality in this package includes:

  • End-to-end encryption (E2EE) — send and receive encrypted messages (see the encryption notes)
  • Cross-signing & secure backup — interactive setup from the server config node so the bot's own device shows as verified
  • Device verification — flow-driven SAS (emoji) verification via the matrix-verification and matrix-verification-action nodes
  • Receive events from rooms: Messages, reactions, images, audio, locations, files, encrypted or unencrypted
  • Fetch/modify room state: Update room settings
  • Paginate room history
  • Send files to rooms, encrypted or unencrypted
  • Send/edit messages (supports plain text and HTML formats)
  • Send typing notifications
  • Delete events (messages, reactions, etc.)
  • Decrypt files in E2EE rooms
  • React to messages
  • Admin tools:
    • Register users on closed Synapse servers (registration_shared_secret)
    • Manage users, including listing, adding, editing, deactivating (Synapse API)
    • Force-add users to rooms
  • Room management: Invite, kick, ban, join, create, and leave rooms

These features allow you to easily build bots, set up chat relays, or even administrate your Matrix server directly from Node-RED.

Installing

Requires Node.js 22 or newer (this is a requirement of the bundled matrix-js-sdk).

Install through Node-RED's UI by searching for node-red-contrib-matrix-chat, or use the following command inside your Node-RED directory:

npm install node-red-contrib-matrix-chat

Usage

Explore our examples to see the module in action.

Extending functionality

You're not limited to just the nodes we've created. Enable global access in your Matrix Client to directly interact with the client from function nodes and create custom logic.

View an example here.

End-to-End Encryption Notes

  • E2EE uses the Rust crypto stack from matrix-js-sdk. The first time a bot starts after upgrading from an older version, any existing (legacy libolm) crypto state is migrated automatically.
  • Storage: E2EE state is saved in a folder called matrix-client-storage within your Node-RED directory. Each account's Rust crypto store is persisted there as rust-crypto-store.v8 (snapshotted on shutdown and every 5 minutes). Back up this folder regularly! If lost, you wont be able to decrypt messages from E2EE rooms.
  • To move your bot to a different installation, migrate this folder and ensure the old and new clients don't run simultaneously.
  • Its simplest to dedicate the account to the bot and run it only within Node-RED. The account can also be signed in elsewhere — if so, verify those sessions against the bot (see below) so they trust each other and share keys.
  • Cross-signing & secure backup: open the server config node and use the Set up secure backup & cross-signing button. It checks the account and lets you unlock an existing secure backup with its recovery key, or create a fresh one — after which the bot's own device is cross-signed and shows as verified to others.
  • Device verification: the matrix-verification node emits verification requests and phase changes, and matrix-verification-action accepts, starts, confirms, or cancels them — so you can build your own approval flow (e.g. emailing the SAS emoji for a human to confirm). See the device verification example.

Registering a User

This module includes a node to register users using the Synapse secret registration endpoint. It returns both an access_token and a device_id, perfect for setting up the bot.

Guide on registering a user via the web browser

Guide on registering using shared secret registration (for server owners)

Other Packages

Contributing

We welcome all contributions! Please submit a pull request if you add a feature so the whole community can benefit.

Sharing is caring!

Reference in New Issue View Git Blame Copy Permalink