I’m not downvoting but I can say I was definitely hoping for more a study where data is probably leaking (ie theory vs practice). I know there had been some things like this the better part of a decade ago hence my time restriction, but maybe nothing new.

Looking at the shared data section you mentioned I don’t really get how it’s possible to avoid the system knowing who is in a room – except by limiting yourself to safe servers. Signal does that with a central system, but matrix certainly would allow self hosting such that this data doesn’t leak between servers.

The weird thing about that section to me is it says the messages are listed as json objects but…I don’t see how that works with room encryption. I suppose the json objects include the encryption data but I thought they had to do something weird for room encryption to make the double ratchet perform well.