DESOSA 2022

Element - Product Vision & Problem Analysis

Element1 aims to achieve a more decentralized alternative to other communication tools. Meaning that you are in control of your data by choosing where it is stored. There are also no parties mining the data you create with your peers. This is accomplished due to Element being built on Matrix2, which is an open network created for secure and decentralized communication. Besides being able to manage your data, messages are also end-to-end encrypted to protect your conversations from prying eyes. Allowing users to enjoy a secure form of communication with one another.

Furthermore, Element also offers enterprise collaboration as well as community discussions to provide an all-in-one communication tool. Much like its network, Element is not developed by one single entity, but rather as an open-source project. Being built on Matrix offers more than just the decentralized network. It also presents the opportunity to interoperate with other communication apps with which we are all familiar. Meaning that users can communicate along with different apps through Element, which offers a solution to installing new communication apps for a different use case.

The architecture3 consists of multiple APIs responsible for the decentralized communications and everything that comes with it, whilst keeping it simple. Users can communicate with one another by syncing their communication history with their home server. This is done with the use of the Client-Server API. These home servers are the ones to talk to each other to allow clients to converse. This exchanged data is referred to as Events in Matrix. For those interested, Element is available on iOS, Android, and the Web.

Capabilities

Element is an extremely fast-growing platform with an abundance of features available. The main feature is sending decentralized encrypted messages to other users. However, this is not all it can do. This platform also allows people to create safe communities and help enterprises to collaborate more efficiently.

Main Capabilities4

  • Secure messaging: through the use of Matrix2
  • You’re in control: you decide where to host your data and no tracking is used
  • No limits: unlimited messages, calls, videos, and rooms
  • Talk to Anyone: not just limited to Element, but also on other applications such as Whatsapp, Signal, and MS Teams
  • Cross-Platform Accessibility: use Element on all popular devices and browsers

Secondary Capabilities5

  • Transparency: Element is Open Source which allows everyone to see the code. Multiple case studies approve of Element6
  • Cross-Signed Device Verification: verify new logins on new devices
  • Single Sign-On (SSO): enterprise solutions allow SSO for easy access
  • Moderation: powerful moderation tools e.g. content blocking, anti-spam.
  • Compliance and Auditing: use bots in rooms to capture official records of discussions for regulation and compliance
  • Antivirus: ability to deploy antivirus in End-to-End environments

Figure: Element vs the competition (source: https://element.io/enterprise/enterprise-functionality)

Application Context

User Plans

Element is a useful application that is directed to all clients. Therefore, Element’s clients can be divided into multiple groups:

  • Free Personal
  • Paid Personal
  • Enterprise

Personal plans The free personal plan allows the user to access the entire Element app. This is not limited by the number of messages or rooms. However, in order to access other applications Element can access such as Whatsapp, the user needs to buy the Element One plan7. If the user wants to host his data on a dedicated server for even faster performance, personalize their matrix domain and gain extra bridging options, Element offers the Element Home plan8. This plan offers 5 accounts in one, to share with your family and friends.

Figure: Element Personal Plans (source: https://element.io/personal-plans)

Enterprise Element also offers enterprise solutions for large corporations. This includes options for cloud hosting or on-premise hosting. Besides that, enterprises are able to get their own customized mobile app, receive data retention policies, and much more9.

External Systems

The core external system Element used is Matrix. Matrix is an open-source decentralized encrypted communication network. Element used the native SDKs provided by Matrix for their IOS, Android, Web, and Desktop app. As well as Matrix their HTTP APIs. Since Element and Matrix are so intertwined (it is from the same founders), Element can actually be defined as a skin of Matrix10.

Besides the actual application, Element also provides a hosting service called Element Matrix Services (EMS)11. Element uses its own service to host the public domains for users and communities who do not want to host their data themselves. EMS also provides hosting solutions for users who want to host their own dedicated domain and cloud-based enterprise solutions.

Stakeholders

A few stakeholders have an interest in the Element project. These stakeholders all have different use cases for the project. In this section, the four main stakeholders will be described.

Founders The project was started by a team of the Matrix Foundation. This team wanted to bring the Matrix protocol to the mainstream. The project is owned by the Element company. Element does most of the development and decides which direction the product goes. They also have to make a profit by selling services related to the Element applications. The matrix core team guides the matrix project 12, which is used as the underlying protocol of Element.

Private users One group of end-users are people that use the Element applications for their private messaging. They may use bridges to connect Element to different platforms or they simply want a messaging platform that is encrypted, decentralized and for which they can host their own server. This category of stakeholders also includes communities that want a secure and private way to communicate.

Enterprises Another group of end-users is enterprises that use the Element applications to collaborate on their projects. This group also includes governments, such as the French, German and US governments 13. These users want a secure way to communicate, with ownership of their data.

Open-source community Since the project is open-source, not only the Element company works on the code. The open-source community is also involved in extending and improving the Element applications.

Quality attributes

The goal of Element is to enable everyone to have conversations over the internet with the same level of privacy as a face-to-face conversation 13. Three important quality attributes that align with this goal will be considered.

Security An obvious quality attribute that aligns with this goal is security. No one should be able to read the messages that are sent, except for the sender and the recipient 14. In addition, the sender of a message should be able to trust that the message is actually sent to the targeted recipient and not to another party. These two goals are accomplished by using end-to-end encryption.

Interoperability Another important quality attribute is interoperability. As said, the goal is to enable anyone to have a conversation with everyone. However, not everyone uses Element to have an online conversation. With bridges, Element enables users to connect with different platforms, such that they can have a conversation with even more people 15.

Availability The last important quality attribute is availability. This can be interpreted in two ways. The most important one for Element is that the applications are available for everyone to use. Another interpretation of this quality attribute is that the services offered by Element are highly available. Both of these interpretations are achieved by using decentralized communication. Anyone can run a server and start communicating 14.

Product roadmap

The roadmap for Element can be found on their website and it is managed by the Element core team16. It mainly focuses on adding new features that can enrich the user experience. Currently, they are working on the implementation of threads, polls, and other features.

Next up on the agenda is improving invites and making encrypted room history available when a user joins an encrypted room. Later they are planning on adding features such as knocking, which allows users to ask for permission to join a room instead of waiting for an invitation. Besides this they also want to add custom emojis, a “what’s new” section, and many more features. Furthermore, they have plans to improve the performance for new users and add the possibility of incremental sign-up, where you build your profile along the way.

Figure: Element roadmap (source: https://github.com/vector-im/roadmap/projects/1)

Ethical considerations

One of Element’s key features is that it offers universally secure communication for all its users. Furthermore, Element also promises that there will not be eavesdropping on conversations between users 17. Element is almost as transparent as one could be by being an open-source project. This creates more trust in the features that distinguish Element from other platforms 18. Because they are an open-source project this also means that ill-intended people could build in a backdoor or that they could find vulnerabilities in the code that could be exploited. However, the opposite could also be said, where people can find vulnerabilities and patch them.

Of course, the fact that Element is universally secure for all of its users could also be of interest to other parties than just your regular user. For example, the fact that Element does not allow eavesdropping from other parties could be of interest to people with criminal intentions. This way Element could be used to discuss criminal activities. Activities such as these have already been happening on other platforms such as Telegram 19. In fact, it has already happened to Element in the past as well, in January 2021, Element was suspended from the Google Play store for alleged extreme content on the Matrix.org server 20.

Clearly, it is undesirable that a communication platform such as Element is infested with criminal activities such as the sale of illegal products. On the other hand, you would not want to use a platform that has been infiltrated, includes a backdoor, or any other form of intrusion by other parties.

This is a difficult decision to make and Element has made the decision to not let other parties eavesdrop on users that are using the platform. However, it is possible to report content on the platform, which can be another way to moderate the platform.

References

  1. Element | Secure collaboration and messaging. (n.d.). Element. Retrieved March 2, 2022, from https://element.io/ ↩︎

  2. Matrix. (n.d.). An open network for secure, decentralized communication. Matrix.Org. Retrieved March 1, 2022, from https://matrix.org/ ↩︎

  3. Matrix Specification. (n.d.). Matrix. Retrieved March 2, 2022, from https://spec.matrix.org/ ↩︎

  4. Element. (n.d.). Secure messaging app | End-to-end encrypted messenger. Element.Io. Retrieved March 1, 2022, from https://element.io/personal ↩︎

  5. Element. (n.d.-b). Enterprise functionality | E2EE environment. Element.Io. Retrieved March 1, 2022, from https://element.io/enterprise/enterprise-functionality ↩︎

  6. Element. (n.d.-a). Element case studies and customer success stories. Element.Io. Retrieved March 1, 2022, from https://element.io/case-studies ↩︎

  7. Element. (n.d.-b). Element One | All messages in the Element App. Element.Io. Retrieved March 1, 2022, from https://element.io/element-one ↩︎

  8. Element. (n.d.-b). Element Home | Encrypted messaging and chat. Element.Io. Retrieved March 1, 2022, from https://element.io/element-home ↩︎

  9. Element. (n.d.-f). Secure enterprise collaboration and messaging. Element.Io. Retrieved March 1, 2022, from https://element.io/enterprise-collaboration ↩︎

  10. V. (2020, July 17). element-web/theming.md at develop · vector-im/element-web. GitHub. Retrieved March 1, 2022, from https://github.com/vector-im/element-web/blob/develop/docs/theming.md ↩︎

  11. Element. (n.d.-c). Element Matrix Services | Matrix Infrastructure | Matrix IaaS. Element.Io. Retrieved March 1, 2022, from https://element.io/matrix-services ↩︎

  12. The Matrix.org Foundation. (z.d.). The Matrix.org Foundation. Retrieved March 1, 2022, from https://matrix.org/foundation/ ↩︎

  13. Element Secure Messenger | About. (z.d.). Element About. Retrieved March 1, 2022, from https://element.io/about ↩︎

  14. France embraces Matrix to build Tchap. (z.d.). Element. Retrieved March 1, 2022, from https://element.io/case-studies/tchap ↩︎

  15. Element Matrix Services | App Store. (z.d.). Element Apps. Retrieved March 1, 2022, from https://element.io/element-matrix-store ↩︎

  16. Element public roadmap · vector-im/roadmap. (n.d.). GitHub. Retrieved March 1, 2022, from https://github.com/vector-im/roadmap/projects/1 ↩︎

  17. Element Secure Messenger | About. (n.d.). Element. Retrieved March 1, 2022, from https://element.io/about ↩︎

  18. Mercuri, R. T. (2005). Trusting in transparency. Communications of the ACM, 48(5), 15-19. ↩︎

  19. Paganini, P. (2021, September 27). Telegram is becoming the paradise of cyber criminals. Security Affairs. Retrieved March 1, 2022, from https://securityaffairs.co/wordpress/122609/cyber-crime/telegram-cybercrime.html ↩︎

  20. Element on. (n.d.). Twitter. Retrieved March 1, 2022, from https://twitter.com/element_hq/status/1355290296947499013?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1355290296947499013%7Ctwgr%5E%7Ctwcon%5Es1_&ref_url= ↩︎

Element
Authors
Ivo Kroskinski
Robin Kouwenhoven
Raymond d'Anjou
Boris van Groeningen
Print this article