Skip to content

Instantly share code, notes, and snippets.

@kennytv
Last active Aug 14, 2022
Embed
What would you like to do?
Signed Chat and Chat Types

Signed chat

This gist intends on clearing up some of the misinformation surrounding signed chat/the reporting feature Mojang has added to Minecraft 1.19.1. Here you can find both technical information as well as a general explanation of how these work.

Profile keys

When joining a server, clients now send an extra profile key used for verifying a message's authenticity. This key and thus the whole signing process is optional, but by default, servers enforce secure profiles. Whenever the player sends a chat message and has joined with a key, the message will be signed using their own private key, which the server then verifies using the public key sent on join. Assuming signature, timestamp, and message contents line up, the message goes through.

On the other end, clients can also require all broadcasted player messages to be signed, disregarding the ones without sender verified signatures.

Message signatures

Every signed message's signature include the sender's UUID matching the profile key's identity, a timestamp (though that cannot be verified with untrusted clients/servers), the signed message, and a random salt.

A message's signature also includes the previous message's signature of that same player. This means that, with at least one message of a player provided, you can be sure that messages before that were sent in correct order and no message of that player was omitted in a report.

Another important part of the signature is the list last seen messages. For the last 5 players of which you've seen any messages, their last message's signature will be included. This is used to verify that, up to a certain point to guarantee fully faithful context, no messages of other players have been omitted in a report and that no messages have been added to the given context after the fact either.

Hiding or retroactively removing messages

With signed messages, Mojang finally introduced a packet servers can use to retroactively remove already sent out messages. So if you want to clear chat or remove individual messages without having to spam empty messages that only move up the previous messages, you can properly remove them now using the ClientboundDeleteChatPacket packet - the only requirement for this is that the message to be removed is a properly signed player message.

With message signature now depending on previous messages' signatures as well, you obviously cannot omit any message signatures of online players without breaking the chain. In order to keep a valid chain of signatures, players that shouldn't receive the contents of a signed player message, the server instead sends out the signature data only. This means a player will know that a certain other player sent some message via a chat message or signed command argument, but they won't know what the message was or who received it.

Modifying chat messages through chat previews

Since servers often want to modify chat messages with custom formatting, prefixes, and suffixes before broadcasting a message, you can modify the final message to your heart's content as long as the client agrees to it. Servers can send a chat preview while the player is currently typing their message, making them sign that formatted preview instead of the original plain text.

Depending on the mode you set this to on the client, you have to press enter twice in order to send out the last given preview, so that you can be sure the server doesn't trick you into something you don't want to send by giving you no time to react to a change. When only one press is required as per client setting, there still is at least a short window where you don't sign the preview (signified by slighty faded background and an orange indicator before the delay has passed), but your actual input text.

Here's a nice example of such a preview, where the colored component will be signed once the player presses enter to send the message: Chat preview text This ensures you can change parts of the message and apply formatting (as long as the player agrees to the changes).

Signed command arguments

Since commands such as /say, as well as custom commands to broadcast messages or send them to a certain group of people also result in "player messages" that you would want to have verified, text arguments in commands will also be signed by the client. With the given signature, you can then distribute the message yourself and still have it show up as a signed player message.

In the wild, you can see this being used in Vanilla's say, me, msg, teammsg, ban, banip, and kick commands.

Signed/unsigned player chat and system chat

There are two different kinds of chat messages now; player chat and system chat. Player chat is accompanied by the message signature, system chat has no special format or signature attached. You can optionally attach an unsigned component to any player chat message, which will make it look like this (the informative popup is only displayed when you hover over the icon, which you can only see when you focus the chat window): unsigned chat part

If you go as far as sending a player chat message with an invalid signature, it will look like this: invalid signature

System chat messages have a gray indicator.

Custom formats using chat types

While the message always needs to be verified by the player that sent it, player display name, team name, and surrounding format can be freely defined by the server.

One of the default chat types looks like this when serialized:

         {
            "name":"minecraft:team_msg_command",
            "id":3,
            "element":{
               "chat":{
                  "translation_key":"chat.type.team.text",
                  "parameters":[
                     "team_name",
                     "sender",
                     "content"
                  ]
               },
               "narration":{
                  "translation_key":"chat.type.text.narrate",
                  "parameters":[
                     "sender",
                     "content"
                  ]
               }
            }
         },

The decoration format for the chat display here resolves as %s <%s> %s, then using the 3 parameters team_name, sender, and content. Even though the decoration element only takes a translatable argument, you can simply enter a plain string as the key that will be displayed; you can try this out by using the following command: /tellraw @s {"translate":"Hello [%s]", "with":["world"]}

Chat type formats can be easily made custom, e.g. turning the translatable into plain text like: 🚩 Broadcast by %s: %s 🚩 and only taking the sender and content parameters, to give just one example. In addition to the text display, you can also define the message to be narrated (also using a different number of arguments and a different surrounding format) and/or displayed in the actionbar as "game info". In the style field you can also apply custom formatting (color, font, italics, hover/click events, etc.) to the entire message/until the sender or content component changes the format again.

Custom chat types can be added using datapacks or by modifying the chat_type registry in the server (which modded servers such as Paper will need to add API for in the future). Custom chat types will then be sent to each player once when they join. With this, you can in theory also send the same message using different formats to different players, only the actual content is always fixed as part of the signed message.

You can find a full list of the Vanilla chat types here.

The login and chat sequence

The full login and chat flow has been visualized in this beautiful graphic: Chat flow

FAQ (Frequently Asked Questions)

Before we part ways again, here are answers to some of the more common questions. Mojang's FAQ has been updated to answer more of the pressing questions, so it's definitely worth taking a look at.

Can Microsoft/Mojang see all of my messages?

No, only reported messages are sent away for processing.

What about the currently known exploits?

Mostly non-issues: guardian always leaves a trace when you're reported, gaslightv2 usually leaves a trace or just becomes silly when you report someone else, and gaslightv3 falls into the same category, where "yes" or "I hate them" are nothing that will reasonably be acted upon (also see below for more info). Basically, this Tweet.

In any case, if you still want to be cautious and want a way to immediately realize a server is trying to dupe you, you can use this mod: https://modrinth.com/mod/disablemessagedeletion. It will show you if someone quickly tries to remove a message, and with you seeing the deletion attempt and other messages in their full, fishy form, you'll know you should leave that server for good and never return (being a very effective way for the server in question to lose their userbase).

Am I going to be banned for joking with my friends or writing in all caps?

No, Mojang have made clear they only intend on hunting down the worst of the worst (suicide threats, racial slurs, doxing, etc.). All reports will be handled in human review (aside from them most likely pre-filtering malicious reports before the final decision is made). See here for a detailed list of punishment reasons. You can still dick around with your friends.

What if someone spam reports me?

Then they get temporarily or permanently banned; the number of reports does not matter.

Can't someone impersonate me and get me banned?

No, they need the private key only you and Mojang have to sign messages as coming from your account. You cannot be impersonated unless you download a stupidly malicious client/mod, and even then you can still appeal.

What if my messages are taken out of context?

Reports require and automatically send a handful of messages around the selected ones to be included as context. You cannot omit or add messages from/to reports without making it look fishy. There are yet to be given examples of messing with context that would realistically get you banned, even just temporarily.

While you can theoretically remove the body of messages and only leave a signature, if even one other player writes something inbetween, reports become invalid. Even if not, you still know there was some message you either removed or the other person didn't see. Sending private messages also does nothing to incriminate a reported player, as that also breaks with other players writing messages, you still need a publicly visible (!) message with its full message content right before the other player replies (which also has to be included in the report), and with that it becomes obvious the other player did not reply to any of the private messages.

Bedrock's text filtering is horrible, is that also going to come to Java?

That's simply not going to happen considering how different the underlying tech of filtering vs. reporting/chat signing is and the general nature of 3rd party servers.

Are all bans permanent?

No, and if you think you were banned without reason, you can make an appeal.

Can servers disable the reporting feature?

Yes, very easily. However, considering this comes at the cost of effectively taking power away from your users, making them more vulnerable to repeated bullying, it'd not be as merciful of a move as you might think it is.

Players may also opt-in to only display signed (and thus reportable) messages.

What if their moderation team is terrible?

A lot of people have voiced concerns regarding Mojang possibly outsourcing message moderation and thus having a poor quality of report processing. While it is a somewhat reasonable fear, this is still based on extremely high amounts of speculation. Looking at the facts, Microsoft already has a well working chat moderation at xbox live, where no such drama of false bans or being banned because you spoke out negatively about Microsoft has occurred - the rules regarding Minecraft chat are also a lot more lenient compared to that.

With this in mind, such speculation does not make for a good argument and I implore you to wait and see what actually happens. If your worst fears do end up coming true and false bans occur with an additional lack of appeal processing, I myself will be sure to join the riot as well and provide easy to use means to disable reporting.

Why can I be banned when playing on a private server I own?

You're using Mojang's client, Mojang's server, and Mojang's services on a massive social platform they still have the responsibility to moderate; they're very much in their right to do that. You won't be banned if either your friends don't feel attacked by your messages or you just disable reporting with a plugin or mod.

Howvever, opinion time: Everything you do or say has consequences, even towards friends, and even if you don't realize they exist. You're not going to be banned for a playful and harmless insult, but considering the large number of children and young adults playing the game, such a reporting feature was long overdue.

Someone who is toxic on one server is likely to behave the same on other servers as well. You might be capable of handling simple disputes and insults, but Mojang is better equipped to properly deal with people putting out personal threats, child predators and the alike than you are. This also includes the smaller or even private servers.

Proper moderation takes time, and a lot of servers aren't able to provide that or willfully neglect it. Nevertheless, you can still easily lever out reporting on your server if you wish to do so.

I still have issues with this, what can I do about it?

Whatever you do, don't join the angry mob; instead, provide constructive and useful feedback either on Minecraft's feedback site or open a ticket on their bug tracker - and remember to keep it civil.

... what if I just want an opt-out

You already have one. Ignoring the technical side of it, just imagine what Mojang would look like if they gave bad people the option to disable industry-standard player safety features.

@nathan130200
Copy link

nathan130200 commented Aug 1, 2022

@ImDaBigBoss
Does Mojang sign these keys or something? Or are they just a key pair that anyone could generate without the need for Mojang?

Since when you had migrated your account to MS. They generated that crypto keys. All was planned internally, including account migration.

@kennytv Still an problem they cannot solve. Server admins still have full message history and past message that help understand context to determines if player has broke or not chat rules. Mojang still don't have that history.

Once your game client is closed, you loose all chat history, this isn't saved in anywere on local disk, neither on server both on client.

Its easy to someone join in an server. Do spam, so other people begin say bad words for that player about the spam him/her did, that player can quit and rejoin in server and report other people, and chat history will ONLY include newer messages...

In performance POV, its more memory usage to save that many chat history.

@GreatWyrm
Copy link

GreatWyrm commented Aug 1, 2022

Since when you had migrated your account to MS. They generated that crypto keys. All was planned internally, including account migration.

Just gonna step in briefly and say that this is flat out wrong. Key generation was introduced in the snapshot where chat signing was introduced, and the public/private key pairs are periodically regenerated (iirc a key lasts 2 days before it expires).

You're gonna need to provide some pretty substantial proof that this was all planned internally. I even recall some statements from Mojang that the account migration and chat reporting were entirely separate, although I don't have the links with me currently as a source. Regardless, unless you've got some proof that is not speculation, you cannot back up that statement.

@joakime
Copy link

joakime commented Aug 2, 2022

Someone should write a client mod that just sends obfuscated messages to other users of the same mod.

It'll look just gibberish to normal users, and would be useless to submit to mojang/microsoft as proof.
Still signed, still from you.

@HyperSoop
Copy link

HyperSoop commented Aug 2, 2022

Someone should write a client mod that just sends obfuscated messages to other users of the same mod.

It'll look just gibberish to normal users, and would be useless to submit to mojang/microsoft as proof. Still signed, still from you.

maybe not gibberish, but invisible messages. like, composed of invisible characters of different kind

@bluebear94
Copy link

bluebear94 commented Aug 2, 2022

You're gonna need to provide some pretty substantial proof that this was all planned internally. I even recall some statements from Mojang that the account migration and chat reporting were entirely separate, although I don't have the links with me currently as a source. Regardless, unless you've got some proof that is not speculation, you cannot back up that statement.

/u/MojangMeesh on Reddit claimed that they were separate, although to what extent you’re willing to take them at their word is debatable.

@boyswithluv
Copy link

boyswithluv commented Aug 2, 2022

@ImDaBigBoss
Does Mojang sign these keys or something? Or are they just a key pair that anyone could generate without the need for Mojang?

Since when you had migrated your account to MS. They generated that crypto keys. All was planned internally, including account migration.

@kennytv Still an problem they cannot solve. Server admins still have full message history and past message that help understand context to determines if player has broke or not chat rules. Mojang still don't have that history.

Once your game client is closed, you loose all chat history, this isn't saved in anywere on local disk, neither on server both on client.

Its easy to someone join in an server. Do spam, so other people begin say bad words for that player about the spam him/her did, that player can quit and rejoin in server and report other people, and chat history will ONLY include newer messages...

In performance POV, its more memory usage to save that many chat history.

chat logs are saved in your .minecraft folder
EDIT: also your last example doesn't make any sense, the other players (considering they don't leave the server) will have the full history of messages, while you (the player doing the spam) won't (bc according to you, the moment you leave a server you lose all chat history).

@collinlove
Copy link

collinlove commented Aug 3, 2022

I am so sick and tired of the pandering, borderline conspiratorial nonsense that the Minecraft community at-large keeps perpetuating, and it's so disappointing seeing it spill over to community projects that have no standing to change it. It's just like the meltdown people had in 2014 when Mojang "changed" the EULA. Unproductive fear mongering. An (optional!) centralized moderation system is hardly uncharted territory; any online, multiplayer game the size of Minecraft has an interest in adopting it.

Thank you @kennytv for the writeup and for dealing with the cruft.

I just want to point out that the EULA changes financially damaged the world's largest Minecraft server (Hypixel) so badly that they had to make their own game in order to stay solvent (they have published extensive information about how it affected their business). And their paid ranks were reasonable even pre-EULA. Considering the sheer volume of demonstrable evidence of its negative impacts (such as the above), it is simply incorrect to dismiss criticism of their EULA enforcement as "conspiratorial."

@wordandahalf
Copy link

wordandahalf commented Aug 3, 2022

I just want to point out that the EULA changes financially damaged the world's largest Minecraft server (Hypixel) so badly that they had to make their own game in order to stay solvent (they have published extensive information about how it affected their business). And their paid ranks were reasonable even pre-EULA. Considering the sheer volume of demonstrable evidence of its negative impacts (such as the above), it is simply incorrect to dismiss criticism of their EULA enforcement as "conspiratorial."

They never changed the terms in the EULA. It is simply incorrect to suggest that. Mojang just started telling people to look more closely at them. It is hardly their fault that Hypixel, et al. didn't bother reading the legal documentation that restricted how they can make money. How can you pin their lack of due diligence on Mojang?
So yes, it was exactly unproductive fear mongering: despite the community's fears, Mojang never went on a massive legal rampage, destroying multiplayer Minecraft as we knew it. They very easily could have, but--believe it or not--Mojang is invested in the wellbeing of their game's community, despite what nonsense the community may spew. Just because they don't coalesce to every demand doesn't mean that they are just money-hungry, corporate demons.

@collinlove
Copy link

collinlove commented Aug 4, 2022

I just want to point out that the EULA changes financially damaged the world's largest Minecraft server (Hypixel) so badly that they had to make their own game in order to stay solvent (they have published extensive information about how it affected their business). And their paid ranks were reasonable even pre-EULA. Considering the sheer volume of demonstrable evidence of its negative impacts (such as the above), it is simply incorrect to dismiss criticism of their EULA enforcement as "conspiratorial."

They never changed the terms in the EULA. It is simply incorrect to suggest that. Mojang just started telling people to look more closely at them. It is hardly their fault that Hypixel, et al. didn't bother reading the legal documentation that restricted how they can make money. How can you pin their lack of due diligence on Mojang? So yes, it was exactly unproductive fear mongering: despite the community's fears, Mojang never went on a massive legal rampage, destroying multiplayer Minecraft as we knew it. They very easily could have, but--believe it or not--Mojang is invested in the wellbeing of their game's community, despite what nonsense the community may spew. Just because they don't coalesce to every demand doesn't mean that they are just money-hungry, corporate demons.

I'm aware that they didn't actually update the EULA, but rather started to enforce it for the first time. (And that's not really the point here, anyway.) What I'm saying is that it wasn't at all conspiratorial or unreasonable for people to express concern about it -- nor was it fear mongering.

Mojang's change in policy from not enforcing the EULA to enforcing it was very much enforced (yes that sounds weird) even though they never took anyone to court over it. In fact, my own network was blacklisted. Whether or not one agrees with Mojang's change in policy, it definitely had a major impact on multiplayer Minecraft, so expressing major concern about it wasn't at all unreasonable.

@boyswithluv
Copy link

boyswithluv commented Aug 4, 2022

I am so sick and tired of the pandering, borderline conspiratorial nonsense that the Minecraft community at-large keeps perpetuating, and it's so disappointing seeing it spill over to community projects that have no standing to change it. It's just like the meltdown people had in 2014 when Mojang "changed" the EULA. Unproductive fear mongering. An (optional!) centralized moderation system is hardly uncharted territory; any online, multiplayer game the size of Minecraft has an interest in adopting it.
Thank you @kennytv for the writeup and for dealing with the cruft.

I just want to point out that the EULA changes financially damaged the world's largest Minecraft server (Hypixel) so badly that they had to make their own game in order to stay solvent (they have published extensive information about how it affected their business). And their paid ranks were reasonable even pre-EULA. Considering the sheer volume of demonstrable evidence of its negative impacts (such as the above), it is simply incorrect to dismiss criticism of their EULA enforcement as "conspiratorial."

The game that's been in development since 2015? hytale had a budget of almost 4 million dollars, and they obviously had to pay all the hypixel devs and staff. So no, I don't think hypixel was running out of money because the EULA changed, not even close to closing the server (because from reading your comment it looks like that's what you were trying to say). Of course it was going to damage the largest minecraft server, they were taking advantage of people and charging for stupid stuff lol

@wordandahalf
Copy link

wordandahalf commented Aug 4, 2022

I'm aware that they didn't actually update the EULA, but rather started to enforce it for the first time. (And that's not really the point here, anyway.) What I'm saying is that it wasn't at all conspiratorial or unreasonable for people to express concern about it -- nor was it fear mongering.

Mojang's change in policy from not enforcing the EULA to enforcing it was very much enforced (yes that sounds weird) even though they never took anyone to court over it. In fact, my own network was blacklisted. Whether or not one agrees with Mojang's change in policy, it definitely had a major impact on multiplayer Minecraft, so expressing major concern about it wasn't at all unreasonable.

Of course it had an effect, but the key factor being that the only reason that it did was due to server administrators not doing their due diligence. And to clarify, I was describing the current backlash as conspiratorial, not the reaction to the EULA enforcement. In any case, the reaction was by and large fear mongering: just because there existed a rational basis for concern does not mean that the nonsense claims lodged at Mojang were based in reality. Mojang explained their prerogative, outlined which monetization strategies are allowed, and more than generous with the enforcement outcomes.

In any case, we're obviously seeing right past each other, and our conversation only serves to distract from the technical motivation of this gist. If @kennytv would want to clean up this thread, I have no qualms.

@nathan130200
Copy link

nathan130200 commented Aug 4, 2022

@GreatWyrm
Just gonna step in briefly and say that this is flat out wrong. Key generation was introduced in the snapshot where chat signing was introduced, and the public/private key pairs are periodically regenerated (iirc a key lasts 2 days before it expires). You're gonna need to provide some pretty substantial proof that this was all planned internally.

Then prove how you consider your argument to be more valid than mine. You even contradict yourself by saying that these are internal factors, both of us don't know how and when the keys were generated. Stop wanting to say "others are wrong" if you are making the same mistake. It's pathetic.


In final considerations, servers need to make income somehow. This global ban system only favors the pocket of mojang/microsoft, in which the banned user will have to buy another account. For those who buy in dollar currency, it is super cheap, but there are many countries where the currency is extremely expensive, and this will have an impact. Now think about being reported "by a troll" and still the report is considered valid and the punishment is applied. It just proves that this system doesn't work.

Server owners should have the sole right to do whatever they want with their servers. Currently, huge moderation teams from famous servers continue to do an excellent job of reducing toxicity and insults in game chats. mojang/microsoft just wants to take advantage of that. "Oh after this system was implemented the problems in the chat have been reduced". STOP defending this disgusting, rotten, horrible system.

What will mojang's next decision be? "For the sake of the poor children" will they remove the mobs? Will you leave peaceful difficulty forever? Will they remove damage anyway? Remove swords and explosions as a child cannot see scenes of violence in the game.

Stop defending this decision, 99.9% of the community is against it. And of course there are always those 0.1% who want to troll.

@GreatWyrm
Copy link

GreatWyrm commented Aug 4, 2022

@nathan130200
I wasn't making an argument in my post. I was stating that what you said in your post (keys were generated when you migrated your account), was wrong, and that you don't have any sort of proof that this was all planned internally. There's a statement from a Mojang official that states that account migration and this chat reporting feature were planned entirely separately, but I'd imagine you don't believe that.

How keys are generated is known, I'm not making any sort of mistake here. This has been studied and understood by the community, and there's a handy set of details right here.

I am not defending this system, I am incredibly wary of it right now, but I do think with a little more consideration from Mojang this could be somewhat helpful. And I highly doubt Mojang will do a "Please won't someone think of the children", and start removing core elements of the game.

And lastly, just to cap it off, I'm not particularly interested in arguing about chat reporting as a whole, when I stepped in I just wanted to correct a statement that you made that were incorrect, and one that was pure speculation.

@xXGucciferXx
Copy link

xXGucciferXx commented Aug 4, 2022

https://www.youtube.com/watch?v=4SfH7Pnu8vM (" Minecraft 1.19.1 Report System Kick Exploit (Gatekeep) ")
It's getting concerning. Another exploit discovered.

@GreatWyrm
Copy link

GreatWyrm commented Aug 4, 2022

Pretty sure that's what the 1.19.2 pre-release fixed, but yeah

I think it's going to be a bit before this system has all the nuances worked out.

@kennytv
Copy link
Author

kennytv commented Aug 4, 2022

It was an issue, already fixed on Paper 1.19.1 and Vanilla 1.19.2-rc1, but the "only" damage it was able to cause was disconnecting newly joining players (as opposed to exploiting chat reporting). Just make sure you're on the latest version of Paper if you're on 1.19.1.

@kennytv
Copy link
Author

kennytv commented Aug 4, 2022

PSA if you use the popular NoChatReports Fabric/Forge mod: Remove it immediately or at the very least don't join servers enforcing secure chat with the mod enabled, since there is a very high likelyhood the mod actually opens you up to an otherwise non-existent exploit by disabling basic chat chain validation the Vanilla client usually executes.

This is pretty much a confirmed attack vector and the author has been notified in private (... as you should do with any exploit). He doesn't seem to understand the underlying technicalities and thus the severity of the issue yet, but other people around him, including nodus devs, seem to have at least realized there is some issue.

@Madis0
Copy link

Madis0 commented Aug 5, 2022

If you know what exactly is broken, why not PR a fix?

@kennytv
Copy link
Author

kennytv commented Aug 5, 2022

I told him exactly what he has to do yesterday, he can use that information to fix it himself if he cares to. I don't use the mod and it's obvious the author doesn't fully understand secure chat functionality, so even with this fixed I still wouldn't recommend actually using it. There are far simpler and safer mods that remove the profile key and signing, but otherwise leave the security relevant parts of code untouched... There's just too much irony in a mod wanting to protect you from false reports allowing you to be falsely reported.

@Madis0
Copy link

Madis0 commented Aug 5, 2022

Right. Isn't this something Mojang can and should fix server-side/implementation-side though?

@kennytv
Copy link
Author

kennytv commented Aug 5, 2022

No, this has nothing to do with the vanilla server or client. A malicious server and client were able to pretty easily properly gaslight any player with NCR (!) that joined their server, leaving no traces for Mojang to find out the chain was tampered with (unlike guardian and the most damning cases of gaslightv2 for example, where there are certain traces of tampering). Looks like NCR's vulnerability has been fixed now, but I'd still very much recommend not using that mod specifically, as he tries to downplay the issue as "unchecked speculation" and still has other (less severe) validation issues in the server implementation of the mod for example.

If you really want to continue using such a mod, instead, use FreedomChat as a server-side Paper plugin, Simply No Report as a Fabric server mod, or anything else on the client (I don't know of any good examples, but there probably is at least one).

@ItsCryptic
Copy link

ItsCryptic commented Aug 7, 2022

Question regarding version support on servers: Since some servers do use ViaVersion and other methods to support older clients, and if you have enforce-secure-profile on, will the client still be able to see the message from a 1.18.2 player?

@ItsCryptic
Copy link

ItsCryptic commented Aug 7, 2022

As far as I know 1.18.2 has no chat signing at all

@kennytv
Copy link
Author

kennytv commented Aug 7, 2022

You just have to disable the option if you want to let older clients join

@AceSevenFive
Copy link

AceSevenFive commented Aug 8, 2022

Since kenny deleted the previous comment (I can't imagine why):

PSA if you use the popular NoChatReports Fabric/Forge mod: Remove it immediately or at the very least don't join servers enforcing secure chat with the mod enabled, since there is a very high likelyhood the mod actually opens you up to an otherwise non-existent exploit by disabling basic chat chain validation the Vanilla client usually executes.

NoChatReports won't let you join a server with enforce-secure-profile enabled anyway without bypassing a warning screen.

@xXGucciferXx
Copy link

xXGucciferXx commented Aug 9, 2022

Gaslighting V3 (Server-side) was released, demonstrating even more ways to abuse the Chat Reporting feature.
https://www.youtube.com/watch?v=Pz5iGzuNnNU

@kennytv
Copy link
Author

kennytv commented Aug 9, 2022

Gaslighting V3 (Server-side) was released, demonstrating even more ways to abuse the Chat Reporting feature. https://www.youtube.com/watch?v=Pz5iGzuNnNU

Yep, definitely not good such an issue exists. Although it falls into the same category as v2, where "yes" or "I hate them" is nothing that will reasonably be acted upon anyways, so 🤷‍♀️. Basically, https://twitter.com/Xilefian/status/1556998020285300737.

In any case, if you want a way to immediately realize a server is trying to dupe you with that and that you should probably leave it and never come back, you can use this mod: https://modrinth.com/mod/disablemessagedeletion to see if someone quickly tries to remove a message and you see that and other messages in their full, fishy form.

@xXGucciferXx
Copy link

xXGucciferXx commented Aug 11, 2022

Basically, https://twitter.com/Xilefian/status/1556998020285300737.

I see. I just saw a response by a Nodus dev on that tweet.
According to Gildfesh:

The mod is both a client and server mod. When installed on the server, it has that behaviour. On the client it uses the previously demonstrated DM trick. It has had a "detectability challenge" in the repo for a few days and so far no one has been able to tell which is which.

(https://twitter.com/Gildfesh/status/1556999614439751681)

Although it falls into the same category as v2, where "yes" or "I hate them" is nothing that will reasonably be acted upon anyways

Well, to be fair, that obviously was just an example though.

@QuickWrite
Copy link

QuickWrite commented Aug 14, 2022

In any case, if you want a way to immediately realize a server is trying to dupe you with that and that you should probably leave it and never come back, you can use this mod: https://modrinth.com/mod/disablemessagedeletion to see if someone quickly tries to remove a message and you see that and other messages in their full, fishy form.

The problem with that is that many people don't even know about the issue and so are vulnerable to that and secondly another problem is that I need to download a mod so that I am safer. Why doesn't Mojang do that as they are the reason why this is a problem in the first place (sending for example the time it was hidden with it).

@kennytv
Copy link
Author

kennytv commented Aug 14, 2022

Well as I said, it's unlikely such reports will actually put you into any danger, most likely even have the opposite effect and incriminate the reporter. My mod is just to put such attempts to light, even if they don't go anywhere. People forget that context wasn't added so you can incriminate someone, but to make sure you're not unfairly banned when looking at the invidual messages of the reported player. Just taking Mojang's word on it, a referential/vague response is not going to get you banned, no matter what a malicious party might try to pretend you replied to.

... that doesn't mean it's not an issue at all, it very much is an issue; it's just not an actual exploit or dealbreaker that needs a proper solution immediately as it can (and supposedly is) reasonably taken into account when handling reports

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment