One option that you sort-of mentioned but missed: go with the static groups, but don’t let the users feel that.
In other words, show the kick/invite options to users when it does happen, but destroy and create a new group behind the scenes.
There's a truly decentralized alternative to MLS:
Key Agreement for Decentralized Secure Group Messaging with Strong Security Guarantees [0]
This is a nice little write up and I kinda feel like the author (sensibly) chose centralization just on a smaller scale. I also think that the algorithm is pretty similar to the og textsecure2[1] protocol signal used (and still uses?) in terms of key generation. It's different in that messages are in a distributed hash table instead of sent through a server and also that there's less cross-verification by chat members, but I'm not sure the author would lose any of their goals by using the signal approach (with distributed storage).
I am not sorry for commenting that a public blockchain is not a server and it would satisfy this use case.
@Realman78 Have you looked into how SimpleX does it?
https://github.com/simplex-chat/simplex-chat/blob/stable/doc...
Decentralization is not really a feasible option when you have more than one actors. Either you embed the centralization from beginning with some good and verifiable contracts or a certain majority is going to hijack the platform and act as centralized controllers.
Like Bitchat https://news.ycombinator.com/item?id=48852405
The hardest problem is social. Who is going to use this?
[dead]
[flagged]
Neat, thanks for the writeup! I think a single creator-admin for small groups is a nice, simple, and practical design point.
I did want to point out that Matrix does do distributed eventually-consistent authorization, which is their key invention IMHO. (Rooms are distributed among the homeservers, none of which are privileged over the others. You could (and their long-term plan from back in the day) was to run a tiny little single-device homeserver on every device to achieve P2P.)
It's tricky, but a very cool algorithm! Several entities (including myself as a hobby project) are working in combining the Matrix eventually-consistent CRDT with MLS for encryption for a no-compromise distributed E2EE system. It's possible, but very hard, as you might imagine.
Edit: Here's one academic paper writing up the abstract algorithm behind Matrix https://dl.acm.org/doi/10.1145/3381991.3395399