Merge pull request #910 from the-draupnir-project/gnuxie/media-extraction

Use new `EventMixin` extraction API from MPS in protections.

This allows protections to retrieve extensible events style mixins from any event.

We also add a protection to automatically redact any event with an erroneous mixin that is likely to cause issues for other clients.

MPS Describes all `m.room.message` `msgtype`s as mixins too.

Author: Gnuxie

package.json

@@ -63,7 +63,7 @@
     "jsdom": "^24.0.0",
     "matrix-appservice-bridge": "^10.3.1",
     "matrix-bot-sdk": "npm:@vector-im/matrix-bot-sdk@^0.7.1-element.6",
-    "matrix-protection-suite": "npm:@gnuxie/matrix-protection-suite@3.6.2",
+    "matrix-protection-suite": "npm:@gnuxie/matrix-protection-suite@3.7.1",
     "matrix-protection-suite-for-matrix-bot-sdk": "npm:@gnuxie/[email protected]",
     "pg": "^8.8.0",
     "yaml": "^2.3.2"

src/appservice/AppService.ts

@@ -382,6 +382,7 @@ export class MjolnirAppService {
     await this.bridge.close();
     await this.dataStore.close();
     await this.api.close();
+    this.draupnirManager.unregisterListeners();
   }
 
   /**

src/appservice/AppServiceDraupnirManager.ts

@@ -83,6 +83,10 @@ export class AppServiceDraupnirManager {
     return `@${mjolnirRecord.local_part}:${this.serverName}` as StringUserID;
   }
 
+  public unregisterListeners(): void {
+    this.baseManager.unregisterListeners();
+  }
+
   /**
    * Create the draupnir manager from the datastore and the access control.
    * @param dataStore The data store interface that has the details for provisioned draupnirs.

src/draupnirfactory/DraupnirProtectedRoomsSet.ts

@@ -11,6 +11,7 @@
 import {
   ActionResult,
   ClientPlatform,
+  DefaultMixinExtractor,
   LoggableConfigTracker,
   Logger,
   MJOLNIR_PROTECTED_ROOMS_EVENT_TYPE,
@@ -219,6 +220,7 @@ export async function makeProtectedRoomsSet(
     protectedRoomsManager.ok,
     protectionsConfig.ok,
     userID,
+    DefaultMixinExtractor,
     makeHandleMissingProtectionPermissions(
       clientPlatform.toRoomMessageSender(),
       managementRoom.toRoomIDOrAlias()

src/draupnirfactory/StandardDraupnirManager.ts

@@ -42,6 +42,15 @@ export class StandardDraupnirManager {
     // nothing to do.
   }
 
+  public unregisterListeners(): void {
+    for (const [, draupnir] of this.draupnir) {
+      draupnir.stop();
+    }
+    for (const [, safeModeDraupnir] of this.safeModeDraupnir) {
+      safeModeDraupnir.stop();
+    }
+  }
+
   public makeSafeModeToggle(
     clientUserID: StringUserID,
     managementRoom: MatrixRoomID,
@@ -52,6 +61,7 @@ export class StandardDraupnirManager {
     const draupnirManager = this;
     const toggle: SafeModeToggle = Object.freeze({
       async switchToSafeMode(cause: SafeModeCause) {
+        draupnirManager.stopDraupnir(clientUserID);
         return draupnirManager.makeSafeModeDraupnir(
           clientUserID,
           managementRoom,
@@ -60,6 +70,7 @@ export class StandardDraupnirManager {
         );
       },
       async switchToDraupnir() {
+        draupnirManager.stopDraupnir(clientUserID);
         return draupnirManager.makeDraupnir(
           clientUserID,
           managementRoom,
@@ -216,12 +227,15 @@ export class StandardDraupnirManager {
 
   public stopDraupnir(clientUserID: StringUserID): void {
     const draupnir = this.draupnir.get(clientUserID);
-    if (draupnir === undefined) {
-      return;
-    } else {
+    if (draupnir !== undefined) {
       draupnir.stop();
       this.draupnir.delete(clientUserID);
     }
+    const safeModeDraupnir = this.safeModeDraupnir.get(clientUserID);
+    if (safeModeDraupnir) {
+      safeModeDraupnir.stop();
+      this.safeModeDraupnir.delete(clientUserID);
+    }
   }
 }
 

src/protections/DefaultEnabledProtectionsMigration.ts

@@ -18,6 +18,7 @@ import { RedactionSynchronisationProtection } from "./RedactionSynchronisation";
 import { PolicyChangeNotification } from "./PolicyChangeNotification";
 import { JoinRoomsOnInviteProtection } from "./invitation/JoinRoomsOnInviteProtection";
 import { RoomsSetBehaviour } from "./ProtectedRooms/RoomsSetBehaviourProtection";
+import { InvalidEventProtection } from "./InvalidEventProtection";
 
 export const DefaultEnabledProtectionsMigration =
   new SchemedDataManager<MjolnirEnabledProtectionsEvent>([
@@ -165,4 +166,25 @@ export const DefaultEnabledProtectionsMigration =
         [DRAUPNIR_SCHEMA_VERSION_KEY]: toVersion,
       });
     },
+    async function enableInvalidEventProtection(input, toVersion) {
+      if (!Value.Check(MjolnirEnabledProtectionsEvent, input)) {
+        return ActionError.Result(
+          `The data for ${MjolnirEnabledProtectionsEventType} is corrupted.`
+        );
+      }
+      const enabledProtections = new Set(input.enabled);
+      const protection = findProtection(InvalidEventProtection.name);
+      if (protection === undefined) {
+        const message = `Cannot find the ${RoomsSetBehaviour.name} protection`;
+        return ActionException.Result(message, {
+          exception: new TypeError(message),
+          exceptionKind: ActionExceptionKind.Unknown,
+        });
+      }
+      enabledProtections.add(protection.name);
+      return Ok({
+        enabled: [...enabledProtections],
+        [DRAUPNIR_SCHEMA_VERSION_KEY]: toVersion,
+      });
+    },
   ]);

src/protections/DraupnirProtectionsIndex.ts

@@ -16,6 +16,7 @@ import "./BanPropagation";
 import "./BasicFlooding";
 import "./FirstMessageIsImage";
 import "./HomeserverUserPolicyApplication/HomeserverUserPolicyProtection";
+import "./InvalidEventProtection";
 import "./JoinWaveShortCircuit";
 import "./RedactionSynchronisation";
 import "./MembershipChangeProtection";

src/protections/InvalidEventProtection.tsx

@@ -0,0 +1,214 @@
+// Copyright 2025 Gnuxie <[email protected]>
+//
+// SPDX-License-Identifier: AFL-3.0
+
+import { Type } from "@sinclair/typebox";
+import {
+  AbstractProtection,
+  describeProtection,
+  EDStatic,
+  EventConsequences,
+  EventWithMixins,
+  isError,
+  Logger,
+  Ok,
+  ProtectedRoomsSet,
+  Protection,
+  ProtectionDescription,
+  RoomMessageSender,
+  Task,
+  UserConsequences,
+} from "matrix-protection-suite";
+import { Draupnir } from "../Draupnir";
+import {
+  MatrixRoomID,
+  StringRoomID,
+  StringUserID,
+} from "@the-draupnir-project/matrix-basic-types";
+import { LazyLeakyBucket } from "../queues/LeakyBucket";
+import { DeadDocumentJSX } from "@the-draupnir-project/interface-manager";
+import {
+  renderMentionPill,
+  sendMatrixEventsFromDeadDocument,
+} from "@the-draupnir-project/mps-interface-adaptor";
+
+const log = new Logger("InvalidEventProtection");
+
+const InvalidEventProtectionSettings = Type.Object(
+  {
+    warningText: Type.String({
+      description:
+        "The reason to use to notify the user after redacting their infringing message.",
+      default:
+        "You have sent an invalid event that could cause problems in some Matrix clients, so we have had to redact it.",
+    }),
+  },
+  {
+    title: "InvalidEventProtectionSettings",
+  }
+);
+
+type InvalidEventProtectionSettings = EDStatic<
+  typeof InvalidEventProtectionSettings
+>;
+
+export type InvalidEventProtectionDescription = ProtectionDescription<
+  unknown,
+  typeof InvalidEventProtectionSettings,
+  InvalidEventProtectionCapabilities
+>;
+
+export type InvalidEventProtectionCapabilities = {
+  eventConsequences: EventConsequences;
+  userConsequences: UserConsequences;
+};
+
+export class InvalidEventProtection
+  extends AbstractProtection<InvalidEventProtectionDescription>
+  implements Protection<InvalidEventProtectionDescription>
+{
+  private readonly eventConsequences: EventConsequences;
+  private readonly userConsequences: UserConsequences;
+  private readonly consequenceBucket = new LazyLeakyBucket<StringUserID>(
+    1,
+    30 * 60_000 // half an hour will do
+  );
+  public constructor(
+    description: InvalidEventProtectionDescription,
+    capabilities: InvalidEventProtectionCapabilities,
+    protectedRoomsSet: ProtectedRoomsSet,
+    private readonly warningText: string,
+    private readonly roomMessageSender: RoomMessageSender,
+    private readonly managentRoomID: StringRoomID
+  ) {
+    super(description, capabilities, protectedRoomsSet, {});
+    this.eventConsequences = capabilities.eventConsequences;
+    this.userConsequences = capabilities.userConsequences;
+  }
+
+  private async redactEventWithMixin(event: EventWithMixins): Promise<void> {
+    const redactResult = await this.eventConsequences.consequenceForEvent(
+      event.sourceEvent.room_id,
+      event.sourceEvent.event_id,
+      "invalid event mixin"
+    );
+    if (isError(redactResult)) {
+      log.error(
+        `Failed to redact and event sent by ${event.sourceEvent.sender} in ${event.sourceEvent.room_id}`,
+        redactResult.error
+      );
+    }
+    const managementRoomSendResult = await sendMatrixEventsFromDeadDocument(
+      this.roomMessageSender,
+      this.managentRoomID,
+      <root>
+        <details>
+          <summary>
+            Copy of invalid event content from {event.sourceEvent.sender}
+          </summary>
+          <pre>{JSON.stringify(event.sourceEvent.content)}</pre>
+        </details>
+      </root>,
+      {}
+    );
+    if (isError(managementRoomSendResult)) {
+      log.error(
+        "Failed to send redacted event details to the management room",
+        managementRoomSendResult.error
+      );
+    }
+  }
+
+  private async sendWarning(event: EventWithMixins): Promise<void> {
+    const result = await sendMatrixEventsFromDeadDocument(
+      this.roomMessageSender,
+      event.sourceEvent.room_id,
+      <root>
+        {renderMentionPill(event.sourceEvent.sender, event.sourceEvent.sender)}{" "}
+        {this.warningText}
+      </root>,
+      { replyToEvent: event.sourceEvent }
+    );
+    if (isError(result)) {
+      log.error(
+        "Unable to warn the user",
+        event.sourceEvent.sender,
+        result.error
+      );
+    }
+  }
+
+  private async banUser(event: EventWithMixins): Promise<void> {
+    const banResult = await this.userConsequences.consequenceForUserInRoom(
+      event.sourceEvent.room_id,
+      event.sourceEvent.sender,
+      "Sending invalid events"
+    );
+    if (isError(banResult)) {
+      log.error(
+        "Unable to ban the sender of invalid events",
+        event.sourceEvent.sender,
+        event.sourceEvent.room_id,
+        banResult.error
+      );
+    }
+  }
+
+  public handleProtectionDisable(): void {
+    this.consequenceBucket.stop();
+  }
+
+  public handleTimelineEventMixins(
+    _room: MatrixRoomID,
+    event: EventWithMixins
+  ): void {
+    if (!event.mixins.some((mixin) => mixin.isErroneous)) {
+      return;
+    }
+    const infractions = this.consequenceBucket.getTokenCount(
+      event.sourceEvent.sender
+    );
+    if (infractions > 0) {
+      void Task(this.banUser(event), { log });
+    } else {
+      void Task(this.sendWarning(event), { log });
+    }
+    this.consequenceBucket.addToken(event.sourceEvent.sender);
+    void Task(this.redactEventWithMixin(event), { log });
+  }
+}
+
+describeProtection<
+  InvalidEventProtectionCapabilities,
+  Draupnir,
+  typeof InvalidEventProtectionSettings
+>({
+  name: "InvalidEventProtection",
+  description: `Protect the room against malicious events or evasion of other protections.`,
+  capabilityInterfaces: {
+    eventConsequences: "EventConsequences",
+    userConsequences: "UserConsequences",
+  },
+  defaultCapabilities: {
+    eventConsequences: "StandardEventConsequences",
+    userConsequences: "StandardUserConsequences",
+  },
+  configSchema: InvalidEventProtectionSettings,
+  factory: async (
+    decription,
+    protectedRoomsSet,
+    draupnir,
+    capabilitySet,
+    settings
+  ) =>
+    Ok(
+      new InvalidEventProtection(
+        decription,
+        capabilitySet,
+        protectedRoomsSet,
+        settings.warningText,
+        draupnir.clientPlatform.toRoomMessageSender(),
+        draupnir.managementRoomID
+      )
+    ),
+});