I think that heartbeats are going to be important. With the partial ordering UI I outlined, it's possible to reflow the conversation N seconds into the past, where N is whatever window is deemed acceptable. The way I expect it to work is that a user is not able to send a message that reflows the conversation too far in the past - that is, we just don't believe Bob if he claims he hasn't seen messages sent 5 seconds ago. If Bob's client attempts to do that, we reject it. If a heartbeat is sent out every N seconds, and acknowledged, you cannot pretend to not have seen messages prior to the heartbeat. If your client hasn't seen a heartbeat message in the past N seconds, it should lock up and prevent interaction, grey it out and saying 'reconnecting' and then unlock it when you've gotten the current state of the chat.
I agree that canonicalizing partial order into linear order is worth doing as well. But with heartbeats the transcript can be 'locked' prior to the last heartbeat, and everyone will know the state of the conversation prior to that (or know something is wrong.) Perhaps, to get around the 'master is malicious' problem, the master says a heartbeat with the current transcript state, the client signs it, and the master distributes it in the next heartbeat. So at any point in time you have a master-signed heartbeat value verifying the transcript as of N seconds ago, and an individual-group-member-signed heartbeat value verifying the transcript N*2 second ago. At this point, maybe Carol didn't sign the heartbeat, and you see Carol is 'reconnecting' and you know that they're not necessarily seeing everything said. But anyway, the the transcript is locked N or N*2 seconds in the past, and you should be able to a) prevent reflows and b) create a linear ordering that is at least consistent between members. (Indentation seems like a good compromise instead of columnular at the expense of discarding some specific details about who saw what). -tom _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
