Serverless Matrix: Post-Quantum Chat on the Edge

Reimagining Matrix: Serverless & Secure

The Cloudflare blog post showcases a compelling proof of concept for a serverless, post-quantum Matrix homeserver. The key insight is the successful mapping of traditional, stateful components (PostgreSQL, Redis, filesystem) to Cloudflare's serverless primitives (D1, KV, R2), enabling a cost-effective and globally distributed deployment. The integration of post-quantum cryptography (PQC) is a significant and forward-thinking security enhancement. The article's thoroughness in explaining the architectural choices and the benefits (cost, latency, security) makes it a valuable resource for developers. However, the post is still a proof of concept and has the limitation of being tied to the Cloudflare ecosystem. While the author mentions contributing from others, it may be hard for other developers to adopt since it relies on specific Cloudflare tools. Some areas like scaling on massive loads may have limitations. Future work involves evaluating the performance under heavy loads, and further optimization, especially regarding the eventual consistency of D1 and impact on complex matrix operations.

Key Points

• Cloudflare Workers is used to build a serverless Matrix homeserver, eliminating the operational burden of traditional deployments.
• The architecture leverages Cloudflare's D1 (for persistent storage), KV (for ephemeral state), and R2 (for media storage) services.
• Post-quantum cryptography (X25519MLKEM768) is automatically enabled for all TLS 1.3 connections, enhancing security.
• This approach offers advantages in cost, latency, and built-in security compared to traditional setups.
• The implementation supports the full Matrix E2EE stack, including OAuth 2.0/OIDC and Sliding Sync for mobile.

---

📖 Source: Building a serverless, post-quantum Matrix homeserver