Posted by foresto 1 hour ago
Their solution is for everyone to pay for Matrix with a credit card to verify age. I assume that means there must be a way to force only paid registered accounts to join ones instance? What percentage of the accounts on Discord are paid for with a credit or debit card? Or boosted? I don't keep up with terminology
[0] - https://en.wikipedia.org/wiki/Online_age_verification_in_the...
> isn't Matrix based out of the UK and primary hosted instances on AWS in the UK?
It doesn't matter what country you run your server in or where your company is based; if you're providing public signup to a chat server then the countries (UK, AU, NZ etc) which require age verification will object if you don't age verify the users from those countries. (This is why Discord is doing it, despite being US HQ'd). In other words, the fact that The Matrix.org Foundation happens to be UK HQ'd doesn't affect the situation particularly.
(Edit: also, as others have pointed out, Matrix is a protocol, not a service or a product. The Matrix Foundation is effectively a standards body which happens to run the matrix.org server instance, but the jurisdiction that the standards body is incorporated in makes little difference - just like IETF being US-based doesn't mean the Internet is actually controlled by the US govt).
> Their solution is for everyone to pay for Matrix with a credit card to verify age.
Verifying users in affected countries based on owning a credit card is one solution we're proposing; suspect there will be other ways to do so too. However: this would only apply on the matrix.org server instance. Meanwhile, there are 23,306 other servers currently federating with matrix.org (out of a total of 156,055) - and those other servers, if they provide public signup, can figure out how to solve the problem in their own way.
Also, the current plan on the matrix.org server is to only verify users who are in affected countries (as opposed to try to verify the whole userbase as Discord is).
Whether it matters depends very much on what sort of organization you are.
Discord is a multinational for-profit corporation planning an IPO. It takes payments from users in those countries, likely partners with companies in those countries, and likely wants to sell stock to investors in those countries. Every one of those countries has the ability to punish Discord if it does not obey their laws, even if it does not have a physical presence there.
The situation is likely quite different for most of the 23,306 Matrix servers that federate widely. The worst thing Australia, for example could do to one of their operators is make it legally hazardous for them to visit Australia.
Clueless lawmakers will see this app called Element full of kids chatting without restrictions and tell it to add a filter. When the app says "we can't", the government says "sucks to be you, figure it out" and either hands out a fine or blocks the app.
There are distinctions between the community vibe Discord is going for (with things like forums and massive chat rooms with thousands of people) and Matrix (which has a few chatrooms but mostly contains small groups of people). No in-app purchases, hype generation, or kyhrt predatory designs, just the bare basics to get a functional chat app (and even less than that if you go for some clients).
I'd say being based in the UK will put matrix.org and Element users at risk, but with Matrix development being funded mostly by the people behind matrix.org that implies an impact to the larger decentralized network.
That might happen here, but I don’t think that principle holds generally. If that were true, wouldn’t every component of the service provider chain be sued for people e.g. downloading pirated or illegal stuff? The government cracks down on e.g. torrent trackers and ISPs, but they haven’t seriously attacked torrent clients or the app stores/OSes that allow users to run those clients. Why not?
More likely, it just won't become popular enough for lawmakers to notice because the UX is a little rough, and people have very little patience for such things anymore.
I thought it was both and their hosted service is in the UK. Is it not? I know people can host their own but I have had very little success in getting people to host their own things. Most here at HN will not do anything that requires more than their cell phone. Who knows maybe Discords actions will incentivize more people to self host.
You're just talking to the wrong ones :-)
Whether or not authorities with jurisdiction over you would notice your instance (homeserver) or bother you about age verification is an issue you'd have to consider for yourself.
I honestly have no idea. As much as they love money I am not paying my lawyers to research AI this one. I would probably wait for others to get made example of.
Matrix is basically labeled "adults only" everywhere, so restricting certain servers/rooms due to possible innocent eyes is likely out of scope.
> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it. Last summer we announced a series of changes to the terms and conditions of the Matrix.org homeserver instance, to ensure UK-based users are handled in alignment with the UK’s Online Safety Act (OSA).
At least you can self-host matrix and messages are end to end encrypted, unlike IRC.
Practically speaking, I would just ignore this requirement. The UK government has no jurisdiction on this side of the pond.
There are a few IRC clients that support OTR. irssi-otr is one [1] weechat-otr is another [2]. Pidgin though I have not used it in a very long time. Hexchat using an always work in progress plugin. There may be others.
OTR could use some updates to include modern ciphers similar to the recent work of OpenSSH but probably good enough for most people.
E2EE aside having chat split up into gazillions of self hosted instances makes it much harder for chat to be hoovered up all in one place. It takes more effort to target each person and that becomes a government scalability issue. Example effort: [3]
[1] - https://github.com/cryptodotis/irssi-otr
[2] - https://github.com/mmb/weechat-otr
[3] - https://archive.ph/4wi5t
Additionally, OTRv3 does not allow multiple clients per account, which makes it unusable for anyone who wants to chat from two devices.
In that kind of environment, end to end encryption really doesn't add value.
Even without registering my nick, I would expect a modern protocol to keep my pm communication private by default.
Discord/Twitch/Snapchat age verification bypass - https://news.ycombinator.com/item?id=46982421 - Feb 2026 (435 comments)
Discord faces backlash over age checks after data breach exposed 70k IDs - https://news.ycombinator.com/item?id=46951999 - Feb 2026 (21 comments)
Discord Alternatives, Ranked - https://news.ycombinator.com/item?id=46949564 - Feb 2026 (465 comments)
Discord will require a face scan or ID for full access next month - https://news.ycombinator.com/item?id=46945663 - Feb 2026 (2018 comments)`
> From our perspective, the matrix.org homeserver instance has never been a service aimed at children, which our terms of use reflect by making it clear that users need to be at least 18 years old to use the server. However, the various age-verification laws require stricter forms of age verification measures than a self-declaration. Our Safety team and DPO are evaluating options that preserve your privacy while satisfying the age verification requirements in the jurisdictions where we have users.
Which is actually more strict than Discord's upcoming policy which allows accounts to operate for free without any verification, with some limitations around adult-oriented servers and content.
There has been a lot of FUD about the Discord age verification, so a refresher: The upcoming changes do not actually require you to verify anything to use Discord. It just leaves the account in teen mode by default. This means the account can't join age-restricted channels, can't unblur images marked as sensitive, and incoming message requests from unknown users will go to a second inbox with a warning by default.
You can, of course, run your own Matrix server. Having been there before I would suggest reading up on some typical experiences in running one of these servers. Unless you have someone willing to spend a lot of time running the server and playing IT person for people using it, it can be a real headache. They also note that running a server doesn't actually get around any age requirements:
> Practically speaking, that means that people and organisations running a Matrix server with open registration must verify the ages of users in countries which require it.
> Last summer we announced a series of changes to the terms and conditions of the Matrix.org homeserver instance, to ensure UK-based users are handled in alignment with the UK’s Online Safety Act (OSA). Since then Australia, New Zealand and the EU have introduced similar legislation, with movement in the US and Canada too.
If it doesn't have enough of the utility, performance, and positive UX, it will never gain enough market share to matter.
E2EE encryption doesn't matter if you don't have someone else to communicate over it with!
I'm hopeful the experience will improve in the future.
> Finally: we’re painfully aware that none of the Matrix clients available today provide a full drop-in replacement for Discord yet. All the ingredients are there, and the initial goal for the project was always to provide a decentralised, secure, open platform where communities and organisations could communicate together. However, the reality is that the team at Element who originally created Matrix have had to focus on providing deployments for the public sector (see here or here) to be able to pay developers working on Matrix. Some of the key features expected by Discord users have yet to be prioritised (game streaming, push-to-talk, voice channels, custom emoji, extensible presence, richer hierarchical moderation, etc).
And even if I was able to register, that "automated system" still randomly bans people whenever it feels like it. Search the r/discordapp subreddit or just google "discord random ban", it's a widespread problem with no solution and I have no idea how so many other people seem to have no issues, yet at the same time you can find lots of people just as frustrated as me.
A bug blocking functionality is an annoyance, but a Scarlet Letter branded onto a secret dossier is terrifying.
There should be no reason for a phone number and nor do I want to waste my time trying to buy pass it with internet provided single use numbers.
Unless it is a service I must use, then I will provide a phone number. If it is a service I get to choose to use then I will never provide a number.
So… choose your poison? I’m sure Matrix/Element works for someone or they would be out of business, but it does not work for me.
Apparently my monopoly ISP rotates IPs fairly often and I am sharing them with people that have been doing bad things with them, so not only are many Matrix channels blocked but even large regular websites like etsy or locals are completely blocked for me as well. Anything with a CF captcha is also an infinite loop.