Draupnir is being supported with a grant from NLnet

Important Trust & Safety work within Matrix⁷ has proceeded slowly over the course of the last 5+ years due to a lack of resources and split focus. Draupnir is built on this legacy, that is inherited from an older sister project called Mjolnir. Draupnir and Mjolnir are both moderation bots that collectively protect an overwhelming majority of Matrix's public facing communities. Both projects have outstanding issues that are blocked by a significant need for a refactoring and rearchitecting of their core concepts. Draupnir has now almost fulfilled this need with an open source library called the matrix-protection-suite. The plan is to complete this work and finally address the pain points for Matrix room moderators with Draupnir, and make it easier for Draupnir’s behaviour to be modified by developers, system administrators, and in some cases room moderators. This will be done with the aim to create less dependence and pressure on the maintainers of Draupnir itself to meet all the differing requirements of Matrix's communities.

The goals can be implemented in any order, but they're roughly in the order that they will be tackled in.

For an accurate picture of what is being worked on, please see the planning board on GitHub https://github.com/orgs/the-draupnir-project/projects/5.

I will keep the board up to date, and if I have neglected and failed at that, it shouldn't be too difficult to infer from this what the direction currently is. These goals directly map to a planning story or description within Draupnir's planning tracker https://github.com/the-draupnir-project/planning/issues. And we generally will describe any other big pieces of work there.

The goals certainly look ambitious, but there has already been a lot of work in the background over the past year on the matrix-protection-suite. These features were in mind and the code and architecture was designed somewhat explicitly to allow expansion towards these goals.

I really dropped the ball on the blog series over the past couple of months, but my mood had also dropped off a lot. It'll be coming back soon.

The current API for defining commands depends on too much ambient context that makes unit testing commands difficult. The API will be modified so that commands only have access to their direct dependencies and there is a separate layer of glue to provide these dependencies from a generic common context. The direct dependencies can now be faked on a per command basis in unit testing.

https://github.com/the-draupnir-project/planning/issues/22

The current command definition system, including the JSX templating system for rendering Matrix messages, is to be made available as a library and npm package.

https://github.com/the-draupnir-project/planning/issues/22

As a room moderator, I can see the active capability provider for each protection and read about the capability providers that they are compatible with. I should then be able to change the active capability provider for each protection as I see fit.

https://github.com/the-draupnir-project/planning/issues/6

Protection settings can be accessed and modified. Protections can establish subcommands⁹.

https://github.com/the-draupnir-project/planning/issues/18

Problems with runtime settings can be diagnosed and resolved without external tooling or editing.

https://github.com/the-draupnir-project/planning/issues/1

Draupnir v2.0.0 https://github.com/the-draupnir-project/planning/issues/17

Conceptual documentation exists to explain policy rooms, policy lists, revisions, protections, capabilities and protected rooms sets.

https://github.com/the-draupnir-project/planning/issues/12

A summary of changes that will be made to Matrix rooms will be presented when watching a list. A prompt is given to confirm or cancel the change. This essentially runs all protections in a dry run mode.

https://github.com/the-draupnir-project/planning/issues/2

Draupnir moderators will be able to rate policies in other lists with using a binary agree/disagree rating. Draupnir will ignore policies that have a disagree rating. Policies that conflict while unbanning a user that originate from lists that are not controlled by Draupnir will automatically be rated with disagree.

https://github.com/the-draupnir-project/planning/issues/3

A new policy list subscription mode is introduced, which allows a lists policies to be applied lazily. This means policies from a list in this mode are only enforced when a policy also has an agreement rating. Any entities marked by a policy from a list that is being watched by Draupnir in explicit agreement mode that are present within the protected rooms set will cause Draupnir to warn the management room.

https://github.com/the-draupnir-project/planning/issues/4

The appservice is redesigned such that Draupnir operates much more closely to the homeserver, providing an almost transparent integration to Matrix’s Spaces feature. When users create spaces or add rooms to them, the appservice automatically provisions a Draupnir for the space and protects all of the rooms, without any manual intervention.

https://github.com/the-draupnir-project/planning/issues/20

Allow protections defined externally to be loaded at startup from an arbitrary directory. Which will allow standalone protections to be developed and maintained for Draupnir by third parties without conflicting with the upstream.

https://github.com/the-draupnir-project/planning/issues/21

When searching for events from a given user, Draupnir has to call /messages in every single protected room. This is a very expensive operation, and on homeservers with less resources can prevent Draupnir from redacting harmful messages when the operation takes too long. A timeline cache of visible events would allow Draupnir and protections to cheaply scan and locate events matching arbitrary criteria. We also need an API to be able to extract all media that has been included within an event so that it can be accessed by protections.

https://github.com/the-draupnir-project/planning/issues/9

Draupnir and MPS have no standard way of determining how long a user has been participating in a community. Draupnir’s protections each have an adhoc way of doing this and then discriminating against newer users without considering all of the rooms in the entire community (leading to false positives). A metric needs to be derived representing how likely a moderator is likely to have observed a user’s behaviour, probably from participation.

https://github.com/the-draupnir-project/planning/issues/24

There are many reasons why policies may no longer be relevant. A room moderator often issues bans in the heat of the moment or when tensions are high. Things can change. There may no longer be any context for why a ban is in place. As a room moderator I should be notified when policies expire or are approaching expiry and be given options for how to proceed.

https://github.com/the-draupnir-project/planning/issues/25

Draupnir is made ready for internationalisation by translators.

Draupnir's accessibility will be audited against WCAG where applicable and Draupnir will receive a security quickscan at some point after the v2.0.0 release.