Only permit the v1 send_join endpoint for v1/v2 rooms

time -> get_time
Add pre-commit configuration
2025-11-05 12:30:51 -05:00 · 2025-11-05 11:53:26 -05:00 · 2025-10-29 23:38:26 -04:00 · 2025-10-29 21:29:10 -04:00 · 2025-10-29 03:58:08 -04:00 · 2025-10-29 02:39:30 -04:00
28 changed files with 1596 additions and 533 deletions
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,18 @@
+default_install_hook_types:
+  - pre-commit
+  - commit-msg
+default_stages:
+  - pre-commit
+  - manual
+
+repos:
+- repo: https://github.com/astral-sh/ruff-pre-commit
+  rev: v0.14.2
+  hooks:
+    - id: ruff-check
+      args: [ "--fix" ]
+
+- repo: https://foundry.fsky.io/vel/ty-pre-commit
+  rev: 0.0.1-alpha.25
+  hooks:
+    - id: ty-check
--- a/MSCs.md
+++ b/MSCs.md
@@ -0,0 +1,44 @@
+# MSCs
+List of MSCs implemented by Vona.
+
+Merged MSCs:
+
+* [MSC971: Groups](https://github.com/matrix-org/matrix-spec-proposals/issues/971)
+* [MSC1708: .well-known for server name resolution](https://github.com/velikopter/matrix-spec-proposals/blob/edutypes/proposals/1708-well-known-for-federation.md)
+* [MSC1753: C2S Capabilities API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1753-capabilities.md)
+* [MSC1794: Federation v2 Invite API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1794-federation-v2-invites.md)
+* [MSC1802: Better format for send_join and send_leave](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1802-standardised-federation-response-format.md)
+* [MSC1812: Federation Make Membership Room Version](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1812-federation-make-membership.md)
+* [MSC1929: Homeserver Admin Contact and Support page](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1929-admin-contact.md)
+* [MSC2320: Versions information for identity servers](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2320-identity-versions.md)
+* [MSC2659: Application service ping endpoint](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2659-appservice-ping.md)
+* [MSC2713: Remove deprecated Identity Service endpoints](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2713-remove-deprecated-identity-endpoints.md)
+* [MSC3266: Room Summary API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3266-room-summary.md)
+* [MSC3383: Include destination in X-Matrix Auth Header](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3383-fed-auth-destination.md)
+* [MSC4133: Extended User Profile API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/4133-extended-profiles.md)
+* [MSC4151: Reporting rooms](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/4151-report-room.md)
+* [MSC4260: Reporting users](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/4260-report-user.md)
+
+
+Non-merged MSCs:
+
+* [MSC2666: Get rooms in common with another user](https://github.com/matrix-org/matrix-spec-proposals/pull/2666)
+* [MSC4358: Out-of-room server discovery](https://github.com/matrix-org/matrix-spec-proposals/pull/4358)
+* [MSC4367: via routes in the published room directory](https://github.com/matrix-org/matrix-spec-proposals/pull/4367)
+* [MSC4370: Federation endpoint for retrieving current extremities](https://github.com/matrix-org/matrix-spec-proposals/pull/4370)
+* [MSC4373: Server opt-out of specific EDU types](https://github.com/matrix-org/matrix-spec-proposals/pull/4373)
+* [MSC4375: Admin Room Management](https://github.com/matrix-org/matrix-spec-proposals/pull/4375)
+
+
+Room version MSCs:
+
+* [MSC1759: Room V2](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1759-rooms-v2.md)
+* [MSC1659: Room V3](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1659-event-id-as-hashes.md)
+* [MSC2002: Room V4](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2002-rooms-v4.md)
+* [MSC2077: Room V5](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2077-rooms-v5.md)
+* [MSC2240: Room V6](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2240-rooms-v6.md)
+* [MSC2998: Room V7](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2998-rooms-v7.md)
+* [MSC3289: Room V8](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3289-rooms-v8.md)
+* [MSC3375: Room V9](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3375-room-v9.md)
+* [MSC3604: Room V10](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3604-rooms-v10.md)
+* [MSC3820: Room V11](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3820-rooms-v11.md)
--- a/TODO.md
+++ b/TODO.md
@@ -1 +1,2 @@
-Nothing yet...
+- use `resolvematrix` async instead of sync
+- implement groups over federation
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -2,7 +2,7 @@
 name = "vona"
 description = "Flazing bast Matrix homeserver"
 license = {text = "Velicense"}
-requires-python = ">=3.12"
+requires-python = "<4,>=3.12"

 dependencies = [
 	"httpx (>=0.28.1,<0.29.0)",
--- a/vona/init.py
+++ b/vona/init.py
@@ -1 +0,0 @@
-# read __main__.py
--- a/vona/main.py
+++ b/vona/main.py
@@ -1,4 +1,3 @@
-from flask import Flask, jsonify, request, redirect
 import vona.globals as globals
 from datetime import datetime
 import vona.config as config
@@ -6,6 +5,14 @@ import threading
 import logging
 import os

+from flask import (
+	Flask,
+	jsonify,
+	request,
+	redirect,
+	abort,
+)
+
 from vona.federation import server
 from vona.custom import custom
 from vona.identity import identity
@@ -37,7 +44,7 @@ async def validate_json():

 		try:
 			request.get_json(force=True)
-		except Exception as e:
+		except Exception:
 			return jsonify({"error": "Content not JSON.", "errcode": "M_NOT_JSON"}), 400


@@ -71,9 +78,12 @@ async def handle_logging(response):
 			else:
 				origin = "client"

-	except:
+	except Exception:
 		pass

+	if request.path.startswith("/.well-known/matrix/"):
+		return response
+
 	print(
 		f"[{origin}] " +
 		f'[{datetime.now().strftime("%d/%b/%Y:%H:%M:%S")}] ' + 
@@ -137,7 +147,10 @@ def federation_self_test():
 			destination=config.server_name,
 		)

-		resp.raise_for_status()
+		if str(resp.status_code).startswith("5") or str(resp.status_code).startswith("4"):
+			print(f"[FATL] Federation self-test failed: status code is not acceptable ({str(resp.status_code)})")
+			os._exit(1)
+
 		print("[INFO] Federation self-test OK")
 	except Exception as e:
 		print(f"[FATL] Federation self-test failed: {e}")
--- a/vona/appservice/init.py
+++ b/vona/appservice/init.py
@@ -1,7 +1,11 @@
-from flask import Blueprint, jsonify
 from vona.config import the_funny_number
 import asyncio

+from flask import (
+	Blueprint,
+	jsonify,
+)
+
 apps = Blueprint("appservice", __name__)

 # This implements both being a homeserver and
@@ -10,6 +14,7 @@ apps = Blueprint("appservice", __name__)
 # Endpoints invoked by the homeserver are put
 # lower than ones invoked by the appservice.

+
@apps.route("/_matrix/client/v1/appservice/<app>/ping", methods=["POST"])
 async def homeserver_ping(app):
 	# Sleeping here makes it more realistic
--- a/vona/client/init.py
+++ b/vona/client/init.py
@@ -1,12 +1,25 @@
-from flask import Blueprint, jsonify, request, send_file
 from vona.federation import send_join
 import vona.globals as globals
 import vona.config as config
+
 import asyncio
 import random
 import os

-client = Blueprint("c2s", __name__)
+from .groups import groups
+from .admin import admin
+
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+	send_file,
+)
+
+client = Blueprint("client", __name__)
+
+client.register_blueprint(groups)
+client.register_blueprint(admin)


@client.route("/_matrix/client/v3/account/password", methods=["POST"])
@@ -22,16 +35,18 @@ client = Blueprint("c2s", __name__)
@client.route("/_matrix/client/v3/logout", methods=["POST"])
@client.route("/_matrix/client/r0/logout", methods=["POST"])
@client.route("/_matrix/client/v3/rooms/<room>/invite", methods=["POST"])
-@client.route("/_matrix/client/v3/rooms/<roomId>/leave", methods=["POST"])
-@client.route("/_matrix/client/r0/rooms/<roomId>/leave", methods=["POST"])
-@client.route("/_matrix/client/v3/rooms/<roomId>/read_markers", methods=["POST"])
-@client.route("/_matrix/client/r0/rooms/<roomId>/read_markers", methods=["POST"])
+@client.route("/_matrix/client/v3/rooms/<room>/leave", methods=["POST"])
+@client.route("/_matrix/client/r0/rooms/<room>/leave", methods=["POST"])
+@client.route("/_matrix/client/v3/rooms/<room>/read_markers", methods=["POST"])
+@client.route("/_matrix/client/r0/rooms/<room>/read_markers", methods=["POST"])
@client.route("/_matrix/client/v3/rooms/<room>/typing/<user>", methods=["PUT"])
+@client.route("/_matrix/client/api/v1/rooms/<room>/typing/<user>", methods=["PUT"])
@client.route("/_matrix/client/v3/keys/device_signing/upload", methods=["POST"])
@client.route("/_matrix/client/v3/rooms/<room>/receipt/<type>/<event>", methods=["POST"])
@client.route("/_matrix/client/v3/users/<user>/report", methods=["POST"])
@client.route("/_matrix/client/v3/voip/turnServer")
@client.route("/_matrix/client/r0/voip/turnServer")
+@client.route("/_matrix/client/api/v1/voip/turnServer")
@client.route("/_matrix/client/v3/rooms/<r>/report/<e>")
@client.route("/_matrix/client/v3/rooms/<r>/report")
@client.route("/_matrix/client/v3/users/<u>/report")
@@ -47,61 +62,19 @@ async def spec_versions():
 			["r0.6.1"] + [f"v1.{i}" for i in range(1, 17)]
 		),
 		"unstable_features": {
+			"uk.half-shot.msc2666.query_mutual_rooms": True,
+			"uk.half-shot.msc2666.mutual_rooms": True,
 			"uk.half-shot.msc2666": True,
-			"uk.timedout.msc4323": True
+			"uk.timedout.msc4323": True,
+			"uk.timedout.msc4375": True,
 		}
 	})


-@client.route("/_matrix/client/v3/admin/whois/<user>")
-@client.route("/_matrix/client/r0/admin/whois/<user>")
-async def whois(user):
-	if user.startswith("@"):
-		return jsonify({
-			"devices": {
-				"": {
-					"sessions": [{
-						"connections": [{
-							"ip": "127.0.0.1",
-							"last_seen": config.the_funny_number,
-							"user_agent": f"Vona/{globals.version}"
-						}]
-					}]
-				}
-			},
-			"user_id": user
-		})
-
-	return jsonify({
-		"errcode": "M_INVALID_PARAM",
-		"error": "Expected UserID string to start with '@'"
-	})
-
-@client.route("/_matrix/client/unstable/uk.timedout.msc4323/admin/suspend/<user>", methods=["GET", "PUT"])
-@client.route("/_matrix/client/v1/admin/suspend/<user>", methods=["GET", "PUT"])
-async def suspend(user):
-	if request.method == "PUT":
-		req = request.get_json()
-		if req and "suspended" in req:
-			return jsonify({"suspended": req["suspended"]})
-
-	return jsonify({"suspended": True})
-
-
-@client.route("/_matrix/client/unstable/uk.timedout.msc4323/admin/lock/<user>", methods=["GET", "PUT"])
-@client.route("/_matrix/client/v1/admin/lock/<user>", methods=["GET", "PUT"])
-async def lock(user):
-	if request.method == "PUT":
-		req = request.get_json()
-		if req and "locked" in req:
-			return jsonify({"locked": req["locked"]})
-
-	return jsonify({"locked": True})
-
-
-@client.route("/_matrix/client/v3/rooms/<roomId>/members")
-@client.route("/_matrix/client/r0/rooms/<roomId>/members")
-async def room_member_count(roomId):
+@client.route("/_matrix/client/api/v1/rooms/<room>/members")
+@client.route("/_matrix/client/v3/rooms/<room>/members")
+@client.route("/_matrix/client/r0/rooms/<room>/members")
+async def room_members(room):
 	return jsonify({
 		"chunk": [{
 			"content": {
@@ -109,9 +82,9 @@ async def room_member_count(roomId):
 				"displayname": "Vona",
 				"membership": "join"
 			},
-			"event_id": globals.make_event_id(),
+			"event_id": globals.make_event_id(seed=room),
 			"origin_server_ts": config.the_funny_number,
-			"room_id": roomId,
+			"room_id": room,
 			"sender": f"@vona:{config.server_name}",
 			"state_key": f"@vona:{config.server_name}",
 			"type": "m.room.member",
@@ -128,6 +101,7 @@ async def whoami():
 	})


+@client.route("/_matrix/client/v2_alpha/register", methods=["POST"])
@client.route("/_matrix/client/v3/register", methods=["POST"])
@client.route("/_matrix/client/v1/register", methods=["POST"])
@client.route("/_matrix/client/r0/register", methods=["POST"])
@@ -144,7 +118,7 @@ async def register():
 					"device_id": "VVOONNAA"
 				})

-		except:
+		except Exception:
 			pass

 		return jsonify({
@@ -161,6 +135,7 @@ async def register():

@client.route("/_matrix/client/r0/login", methods=["GET", "POST"])
@client.route("/_matrix/client/v3/login", methods=["GET", "POST"])
+@client.route("/_matrix/client/api/v1/login", methods=["POST"])
 async def login():
 	if request.method == "GET":
 		return jsonify({
@@ -231,7 +206,13 @@ async def capabilities():
 					"9": "stable",
 					"10": "stable",
 					"11": "stable",
-					"12": "stable"
+					"12": "stable",
+					"org.matrix.msc3757.10": "stable",
+					"org.matrix.msc3757.11": "stable",
+					"org.matrix.hydra.11": "stable",
+					"org.matrix.msc3667": "stable",
+					"org.matrix.msc3787": "stable",
+					"org.matrix.msc4014": "unstable",
 				},
 				"org.matrix.msc3244.room_capabilities": {
 					"knock": {
@@ -276,6 +257,7 @@ async def filter(**kwargs):
 	return jsonify({"filter_id": "vvvooonnnaaa"})


+@client.route("/_matrix/client/api/v1/join/<room>", methods=["POST"])
@client.route("/_matrix/client/v3/join/<room>", methods=["POST"])
@client.route("/_matrix/client/r0/join/<room>", methods=["POST"])
@client.route("/_matrix/client/v3/rooms/<room>/join", methods=["POST"])
@@ -284,6 +266,7 @@ async def join(room):
 	return jsonify({"room_id": room})


+@client.route("/_matrix/client/api/v1/initialSync")
@client.route("/_matrix/client/v3/initialSync")
@client.route("/_matrix/client/v3/sync")
@client.route("/_matrix/client/r0/sync")
@@ -292,39 +275,12 @@ async def sync():
 		def get_json():
 			return {}

-	async def remove_keys(l, keys_to_remove) -> dict:
-		if not isinstance(l, list):
-			return l
-
-		new_list = []
-		for d in l:
-			if not isinstance(d, dict):
-				new_list.append(d)
-				continue
-
-			new_dict = {}
-			for k, v in d.items():
-				if k in keys_to_remove:
-					continue
-				new_dict[k] = await remove_keys(v, keys_to_remove)
-			new_list.append(new_dict)
-		return new_list
-
 	room = globals.make_event_id().replace("$", "!")
-	old_room_state = send_join(
+	room_state = globals.strip_state(
+		send_join(
 			bullshit,
 			room
 		)["state"]
-
-	room_state = await remove_keys(
-		old_room_state,
-		[
-			"auth_events",
-			"prev_events",
-			"signatures",
-			"hashes",
-			"depth"
-		]
 	)

 	room_name = {
@@ -345,7 +301,7 @@ async def sync():
 	if "timeout" in request.args:
 		try:
 			wait_time = int(request.args.get("timeout")) / 1000
-		except:
+		except Exception:
 			pass
 	await asyncio.sleep(wait_time)

@@ -377,6 +333,78 @@ async def sync():
 	})


+@client.route("/_matrix/client/api/v1/rooms/<room>/initialSync")
+async def room_initsync(room):
+	class bullshit:
+		def get_json():
+			return {}
+
+	room_state = globals.strip_state(
+		send_join(
+			bullshit,
+			room
+		)["state"]
+	)
+
+	for evt in room_state:
+		evt["age"] = config.the_funny_number
+
+	return jsonify({
+		"membership": "join",
+		"room_id": room,
+		"messages": {
+			"chunk": [
+				{
+					"age": config.the_funny_number,
+					"content": {
+						"msgtype": "m.text",
+						"body": "Number 15: Burger King Foot Lettuce.\nThe last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement \"This is the lettuce you eat at Burger King.\". Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said \"Oh, I know who that is, hes getting fired\". Mystery solved, by 4chan. Now we can go back to eating our fast food in peace.",
+						"format": "org.matrix.custom.html",
+						"formatted_body": "Number 15: Burger King Foot Lettuce.<br />The last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement &quot;This is the lettuce you eat at Burger King.&quot;. Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said &quot;Oh, I know who that is, hes getting fired&quot;. Mystery solved, by 4chan. Now we can go back to eating our fast food in peace."
+					},
+					"event_id": globals.make_event_id(),
+					"origin_server_ts": 1432804485886,
+					"room_id": globals.make_event_id(),
+					"type": "m.room.message",
+					"user_id": f"@vona:{config.server_name}"
+				}
+			]
+		},
+		"state": room_state
+	})
+
+
+@client.route("/_matrix/client/api/v1/events")
+async def events():
+	if "timeout" in request.args:
+		try:
+			await asyncio.sleep(int(request.args["timeout"]) / 1000)
+		except Exception:
+			pass
+
+	return jsonify({
+		"start": os.urandom(32).hex(),
+		"end": os.urandom(32).hex(),
+		"chunk": [
+			{
+				"age": config.the_funny_number,
+				"content": {
+					"msgtype": "m.text",
+					"body": "Number 15: Burger King Foot Lettuce.\nThe last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement \"This is the lettuce you eat at Burger King.\". Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said \"Oh, I know who that is, hes getting fired\". Mystery solved, by 4chan. Now we can go back to eating our fast food in peace.",
+					"format": "org.matrix.custom.html",
+					"formatted_body": "Number 15: Burger King Foot Lettuce.<br />The last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement &quot;This is the lettuce you eat at Burger King.&quot;. Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said &quot;Oh, I know who that is, hes getting fired&quot;. Mystery solved, by 4chan. Now we can go back to eating our fast food in peace."
+				},
+				"event_id": globals.make_event_id(),
+				"origin_server_ts": 1432804485886,
+				"room_id": globals.make_event_id(),
+				"type": "m.room.message",
+				"user_id": f"@vona:{config.server_name}"
+			}
+		]
+	})
+
+
+@client.route("/_matrix/client/api/v1/rooms/<room>/send/<eventType>/<txnId>", methods=["POST", "PUT"])
@client.route("/_matrix/client/v3/rooms/<room>/send/<eventType>/<txnId>", methods=["POST", "PUT"])
@client.route("/_matrix/client/r0/rooms/<room>/send/<eventType>/<txnId>", methods=["POST", "PUT"])
 async def send_message(room, eventType, txnId):
@@ -431,10 +459,10 @@ async def refresh():
 	})


-@client.route("/_matrix/client/unstable/im.nheko.summary/rooms/<roomId>/summary")
-@client.route("/_matrix/client/unstable/im.nheko.summary/summary/<roomId>")
-@client.route("/_matrix/client/v1/room_summary/<roomId>")
-async def room_summary(roomId):
+@client.route("/_matrix/client/unstable/im.nheko.summary/rooms/<room>/summary")
+@client.route("/_matrix/client/unstable/im.nheko.summary/summary/<room>")
+@client.route("/_matrix/client/v1/room_summary/<room>")
+async def room_summary(room):
 	return jsonify({
 		"room_id": globals.make_event_id().replace("$", "!"),
 		"avatar_url": f"mxc://{config.server_name}/cat",
@@ -446,7 +474,7 @@ async def room_summary(roomId):
 		"join_rule": "public",
 		"room_type": "m.room",
 		"membership": "join",
-		"room_version": globals.room_version_from_id(roomId)
+		"room_version": globals.room_version_from_id(room)
 	})


@@ -461,6 +489,7 @@ async def room_query(room):

 	return jsonify({})

+
@client.route("/_matrix/client/v3/rooms/<room>/aliases")
 async def room_aliases(room):
 	return jsonify({
@@ -475,6 +504,7 @@ async def room_aliases(room):
 async def room_visibility(room):
 	return jsonify({"visibility": "public"})

+
@client.route("/_matrix/client/v3/search", methods=["POST"])
 async def search():
 	room = globals.make_event_id().replace("$", "!")
@@ -546,13 +576,15 @@ async def url_preview():
 		"og:title": "cool cat"
 	})

+
@client.route("/_matrix/client/v1/media/preview_url")
 async def media_preview():
 	response = send_file(config.cat)
-	response.headers["Content-Disposition"] = f'inline; filename="cat.jpg"'
+	response.headers["Content-Disposition"] = 'inline; filename="cat.jpg"'
 	response.headers["Content-Type"] = "image/jpg"
 	return response

+
@client.route("/_matrix/media/v3/upload", methods=["POST"])
@client.route("/_matrix/media/r0/upload", methods=["POST"])
@client.route("/_matrix/media/v1/create", methods=["POST"])
@@ -565,9 +597,10 @@ async def media_config():
 	return jsonify({"m.upload.size": config.the_funny_number * 69420})


-@client.route("/_matrix/client/v3/profile/<userId>/<key>", methods=["GET", "PUT", "DELETE"])
-@client.route("/_matrix/client/r0/profile/<userId>/<key>", methods=["GET", "PUT", "DELETE"])
-async def profile_keys(userId, key):
+@client.route("/_matrix/client/api/v1/profile/<user>/<key>", methods=["GET", "PUT", "DELETE"])
+@client.route("/_matrix/client/v3/profile/<user>/<key>", methods=["GET", "PUT", "DELETE"])
+@client.route("/_matrix/client/r0/profile/<user>/<key>", methods=["GET", "PUT", "DELETE"])
+async def profile_keys(user, key):
 	if request.method == "GET":
 		if key == "avatar_url":
 			return jsonify({"avatar_url": f"mxc://{config.server_name}/cat"})
@@ -581,18 +614,20 @@ async def profile_keys(userId, key):

 	return jsonify({})

-@client.route("/_matrix/client/v3/profile/<userId>")
-@client.route("/_matrix/client/r0/profile/<userId>")
-async def user_profile(userId):
+
+@client.route("/_matrix/client/v3/profile/<user>")
+@client.route("/_matrix/client/r0/profile/<user>")
+async def user_profile(user):
 	return jsonify({
 		"avatar_url": f"mxc://{config.server_name}/cat",
 		"displayname": "Vona"
 	})


-@client.route("/_matrix/client/v3/rooms/<roomId>/messages")
-@client.route("/_matrix/client/r0/rooms/<roomId>/messages")
-async def room_messages(roomId):
+@client.route("/_matrix/client/api/v1/rooms/<room>/messages")
+@client.route("/_matrix/client/v3/rooms/<room>/messages")
+@client.route("/_matrix/client/r0/rooms/<room>/messages")
+async def room_messages(room):
 	return jsonify({
 		"chunk": [{
 			"content": {
@@ -603,7 +638,7 @@ async def room_messages(roomId):
 			},
 			"event_id": globals.make_event_id(),
 			"origin_server_ts": config.the_funny_number,
-			"room_id": roomId,
+			"room_id": room,
 			"sender": f"@vona:{config.server_name}",
 			"type": "m.room.message"
 		}],
@@ -611,6 +646,7 @@ async def room_messages(roomId):
 		"start": f"{os.urandom(16).hex()}"
 	})

+
@client.route("/_matrix/client/v3/keys/query", methods=["POST"])
@client.route("/_matrix/client/r0/keys/query", methods=["POST"])
 async def query_keys():
@@ -622,6 +658,7 @@ async def query_keys():
 		"user_signing_keys": user
 	})

+
@client.route("/_matrix/client/api/v1/createRoom", methods=["POST"])
@client.route("/_matrix/client/v3/createRoom", methods=["POST"])
@client.route("/_matrix/client/r0/createRoom", methods=["POST"])
@@ -639,6 +676,7 @@ async def mutual_rooms():
 	})


+@client.route("/_matrix/client/api/v1/presence/<user>/status", methods=["GET", "PUT"])
@client.route("/_matrix/client/r0/presence/<user>/status", methods=["GET", "PUT"])
 async def presence(user):
 	if request.method == "PUT":
@@ -647,7 +685,20 @@ async def presence(user):
 	return jsonify({"presence": "online"})


+@client.route("/_matrix/client/api/v1/publicRooms", methods=["GET", "POST"])
@client.route("/_matrix/client/v3/publicRooms", methods=["GET", "POST"])
@client.route("/_matrix/client/r0/publicRooms", methods=["GET", "POST"])
 async def room_directory():
 	return jsonify(globals.room_dir)
+
+
+@client.route("/_matrix/client/api/v1/rooms/<room>/state/<evttype>/<key>", methods=["GET", "PUT"])
+@client.route("/_matrix/client/api/v1/rooms/<room>/state/<evttype>/", methods=["GET", "PUT"])
+async def state(room, evttype, key=None):
+	if request.method == "GET":
+		return jsonify({
+			"errcode": "M_NOT_FOUND",
+			"error": f"Event with type {evttype} and key {key} not found"
+		}), 404
+
+	return jsonify({"event_id": os.urandom(5).hex()})
--- a/vona/client/admin.py
+++ b/vona/client/admin.py
@@ -0,0 +1,153 @@
+import vona.globals as globals
+import vona.config as config
+
+from vona.federation import (
+	send_join,
+	bullshit,
+)
+
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
+admin = Blueprint("admin", __name__)
+
+# This implements misc standard admin APIs.
+
+
+@admin.route("/_matrix/client/v3/admin/whois/<user>")
+@admin.route("/_matrix/client/r0/admin/whois/<user>")
+async def whois(user):
+	if user.startswith("@"):
+		return jsonify({
+			"devices": {
+				"": {
+					"sessions": [{
+						"connections": [{
+							"ip": "127.0.0.1",
+							"last_seen": config.the_funny_number,
+							"user_agent": f"Vona/{globals.version}"
+						}]
+					}]
+				}
+			},
+			"user_id": user
+		})
+
+	return jsonify({
+		"errcode": "M_INVALID_PARAM",
+		"error": "Expected UserID string to start with '@'"
+	})
+
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4323/admin/suspend/<user>", methods=["GET", "PUT"])
+@admin.route("/_matrix/client/v1/admin/suspend/<user>", methods=["GET", "PUT"])
+async def suspend(user):
+	if request.method == "PUT":
+		req = request.get_json()
+		if req and "suspended" in req:
+			return jsonify({"suspended": req["suspended"]})
+
+	return jsonify({"suspended": True})
+
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4323/admin/lock/<user>", methods=["GET", "PUT"])
+@admin.route("/_matrix/client/v1/admin/lock/<user>", methods=["GET", "PUT"])
+async def lock(user):
+	if request.method == "PUT":
+		req = request.get_json()
+		if req and "locked" in req:
+			return jsonify({"locked": req["locked"]})
+
+	return jsonify({"locked": True})
+
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms")
+@admin.route("/_matrix/client/v1/admin/rooms")
+async def rooms():
+	return jsonify({
+		"chunk": [
+			f"!qa:{config.server_name}",
+			f"!br:{config.server_name}",
+			f"!3:{config.server_name}",
+			f"!D:{config.server_name}",
+			f"!U:{config.server_name}",
+			f"!f:{config.server_name}",
+			f"!gx:{config.server_name}",
+			f"!hx:{config.server_name}",
+			f"!iy:{config.server_name}",
+			f"!p0:{config.server_name}",
+			f"!jZ:{config.server_name}",
+		]
+	})
+
+
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms/<room>")
+@admin.route("/_matrix/client/v1/admin/rooms/<room>")
+async def room_state(room):
+	if ":" not in room:
+		return jsonify({
+			"errcode": "M_NOT_FOUND",
+			"error": "Unknown room"
+		}), 404
+	else:
+		if room.split(":")[1] != config.server_name:
+			return jsonify({
+				"errcode": "M_NOT_FOUND",
+				"error": "Unknown room"
+			}), 404
+
+	state = globals.strip_state(
+		send_join(bullshit, room)["state"]
+	)
+
+	return jsonify({
+		"state": [state]
+	})
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms/<room>/evacuate", methods=["POST"])
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms/<room>", methods=["DELETE"])
+@admin.route("/_matrix/client/v1/admin/rooms/<room>/evacuate", methods=["POST"])
+@admin.route("/_matrix/client/v1/admin/rooms/<room>", methods=["DELETE"])
+async def evacuate_room(room):
+	req = request.json
+
+	if (
+		isinstance(req, dict)
+		and "background" in req
+		and isinstance(req["background"], bool)
+	):
+		background = req["background"]
+	else:
+		background = True
+
+	resp = {
+		"background": background,
+	}
+
+	if not background:
+		resp["removed"] = config.the_funny_number
+
+	return resp
+
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms/<room>/evacuate/status")
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms/<room>/delete/status")
+@admin.route("/_matrix/client/v1/admin/rooms/<room>/evacuate/status")
+@admin.route("/_matrix/client/v1/admin/rooms/<room>/delete/status")
+async def evacuate_status(room):
+	return jsonify({
+		"started_at": globals.get_time(), # everything all at once always now!!!
+		"total": config.the_funny_number,
+		"evacuated": config.the_funny_number,
+		"failed": config.the_funny_number,
+	})
+
+
+@admin.route("/_matrix/client/unstable/uk.timedout.msc4375/admin/rooms/<room>/blocked", methods=["PUT"])
+@admin.route("/_matrix/client/v1/admin/rooms/<room>/blocked", methods=["PUT"])
+async def block(room):
+	return jsonify({})
--- a/vona/client/groups.py
+++ b/vona/client/groups.py
@@ -0,0 +1,119 @@
+import vona.globals as globals
+import vona.config as config
+
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
+groups = Blueprint("groups", __name__)
+
+# This implements the C2S API for groups
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/self/update_publicity", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/self/accept_invite", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/self/leave", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/admin/users/remove/<user>", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/admin/rooms/<room>", methods=["PUT", "DELETE"])
+async def empty(**k):
+	return jsonify({})
+
+
+@groups.route("/_matrix/client/r0/publicised_groups/<user>")
+@groups.route("/_matrix/client/r0/joined_groups")
+async def joined_groups(user=None):
+	return jsonify({
+		"groups": [f"+vona:{config.server_name}"]
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/summary")
+async def summary(group):
+	return jsonify({
+		"profile": {
+			"name": "Vona",
+			"short_description": "",
+			"long_description": "",
+			"avatar_url": "",
+			"is_public": 1,
+			"is_openly_joinable": True
+		},
+		"users_section": {
+			"users": [],
+			"roles": {},
+			"total_user_count_estimate": 0
+		},
+		"rooms_section": {
+			"rooms": [],
+			"categories": {},
+			"total_room_count_estimate": 0
+		},
+		"user": {
+			"membership": "join",
+			"is_public": 1,
+			"is_privileged": 1,
+			"is_publicised": True
+		}
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/rooms")
+async def rooms(group):
+	return jsonify({
+		"chunk": [],
+		"total_room_count_estimate": 0
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/invited_users")
+async def invited_users(group):
+	return jsonify({
+		"chunk": [],
+		"total_user_count_estimate": 0
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/users")
+async def users(group):
+	return jsonify({
+		"chunk": [
+			{
+				"user_id": f"@vona:{config.server_name}",
+				"displayname": "Vona",
+				"avatar_url": None,
+				"is_public": True,
+				"is_privileged": True,
+				"attestation": globals.sign_json({
+					"group_id": group,
+					"user_id": f"@vona:{config.server_name}",
+					"valid_until_ms": globals.get_time()
+				})
+			}
+		],
+		"total_user_count_estimate": 1
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/profile", methods=["GET", "POST"])
+async def profile(group):
+	if request.method == "POST":
+		return jsonify({})
+
+	return jsonify({
+		"name": "Vona",
+		"short_description": "",
+		"long_description": "",
+		"avatar_url": "",
+		"is_public": 1,
+		"is_openly_joinable": True
+	})
+
+
+@groups.route("/_matrix/client/r0/create_group", methods=["POST"])
+async def create_group():
+	return jsonify({
+		"group_id": f"+vona:{config.server_name}"
+	})
+
--- a/vona/config/init.py
+++ b/vona/config/init.py
@@ -1,6 +1,7 @@
-import os
 from pathlib import Path
 import tomllib
+import os
+

 addr: str = "127.0.0.1"
 port: int = 5000
@@ -35,6 +36,10 @@ def _load_toml(path: Path) -> dict:
 	except tomllib.TOMLDecodeError as e:
 		_fatal(f"Invalid TOML configuration: {e}")

+	# This will never be reached. It is here 
+	# specifically just to please ty
+	return {}
+

 def _read_signing_key_from_path(path_value) -> str | None:
 	p = Path(path_value)
@@ -110,11 +115,11 @@ def _apply_config(cfg: dict) -> None:
 	else:
 		_warn("No support contacts are defined")

-	if "enable_registration" in cfg:
-		users_can_register = cfg["enable_registration"]
-
 	support = support_obj

+	if "enable_registration" in cfg and isinstance(cfg["enable_registration"], bool):
+		users_can_register = cfg["enable_registration"]
+
 	print("[INFO] Configuration file was valid")


--- a/vona/config/main.py
+++ b/vona/config/main.py
@@ -1 +1,2 @@
 import vona.config
+str(vona.config.server_name) # Satisfy Ruff
--- a/vona/custom/init.py
+++ b/vona/custom/init.py
@@ -1,11 +1,6 @@
-from flask import Blueprint
-
-custom = Blueprint("custom", __name__)
-
-# This implements non-standard
-# endpoints created by other
-# homeserver implementations.
-
+from flask import (
+	Blueprint,
+)

 from .hammerhead import hammerhead
 from .conduwuit import conduwuit
@@ -14,6 +9,13 @@ from .telodendria import telo
 from .synapse import synapse
 from .citadel import citadel

+custom = Blueprint("custom", __name__)
+
+# This implements non-standard
+# endpoints created by other
+# homeserver implementations.
+
+
 custom.register_blueprint(hammerhead)
 custom.register_blueprint(conduwuit)
 custom.register_blueprint(dendrite)
--- a/vona/custom/citadel.py
+++ b/vona/custom/citadel.py
@@ -1,8 +1,14 @@
-from flask import Blueprint, jsonify, request
 import vona.config as config
+
 import base64
 import os

+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
 citadel = Blueprint("citadel", __name__)

 # These are endpoints made by Thales Citadel
@@ -24,7 +30,16 @@ async def news_stats(event):

@citadel.route("/_matrix/client/r0/citadel/rooms/<room>/closeRoom", methods=["POST"])
 async def close_room(room):
-	store_response = request.json.get("store_response", True)
+	req = request.json
+
+	if (
+		isinstance(req, dict)
+		and "store_response" in req
+		and isinstance(req["store_response"], bool)
+	):
+		store_response = req["store_response"]
+	else:
+		store_response = True

 	operation_id = base64.b64encode(
 		bytes(
--- a/vona/custom/conduwuit.py
+++ b/vona/custom/conduwuit.py
@@ -1,5 +1,8 @@
-from flask import Blueprint, jsonify
 import vona.globals as globals
+from flask import (
+	Blueprint,
+	jsonify,
+)

 conduwuit = Blueprint("conduwuit", __name__)

--- a/vona/custom/dendrite.py
+++ b/vona/custom/dendrite.py
@@ -1,10 +1,13 @@
-from flask import Blueprint, jsonify
 import vona.globals as globals
 import vona.config as config
+from flask import (
+	Blueprint,
+	jsonify,
+)

 dendrite = Blueprint("dendrite", __name__)

-# https://element-hq.github.io/dendrite/administration/adminapi
+# This implements the Dendrite admin API


@dendrite.route("/_dendrite/admin/purgeRoom/<room>", methods=["POST"])
--- a/vona/custom/hammerhead.py
+++ b/vona/custom/hammerhead.py
@@ -1,11 +1,18 @@
-from flask import Blueprint, request, jsonify
-from vona.config import the_funny_number
 from datetime import datetime, timezone
-from vona.federation import send_join
 import vona.globals as globals
 import vona.config as config
 import time

+from flask import (
+	Blueprint,
+	jsonify,
+)
+
+from vona.federation import (
+	send_join,
+	bullshit,
+)
+
 hammerhead = Blueprint("hammerhead", __name__)

 # Hammerhead endpoints. Not documented, but code is at:
@@ -16,11 +23,17 @@ hammerhead = Blueprint("hammerhead", __name__)
 async def uptime():
 	return jsonify({"started_at": config.the_funny_number})

+
@hammerhead.route("/_hammerhead/version")
 async def version():
 	return jsonify({"version": globals.version})


+@hammerhead.route("/_hammerhead/admin/reload-config")
+async def reload_config():
+	return jsonify({})
+
+
@hammerhead.route("/_hammerhead/admin/server-info/<server>")
 async def server_info(server):
 	return jsonify({
@@ -53,10 +66,6 @@ async def server_info(server):

@hammerhead.route("/_hammerhead/admin/rooms/<room>/state-resolver")
 async def room_state(room):
-	class bullshit:
-		def get_json():
-			return {}
-
 	state = send_join(bullshit, room)["state"]
 	formatted_state = {}
 	event_cache = {}
@@ -65,7 +74,14 @@ async def room_state(room):
 		key = f"({event["type"]},'{event["state_key"]}')"
 		formatted_state[key] = event

+		if "event_id" in event:
 			event_id = event["event_id"]
+		else:
+			event_id = globals.make_ref_hash(
+				event,
+				int(globals.room_version_from_id(room))
+			)
+
 		event_cache[event_id] = event


@@ -75,3 +91,44 @@ async def room_state(room):
 		"room_id": room,
 		"room_version": globals.room_version_from_id(room)
 	})
+
+
+@hammerhead.route("/_hammerhead/admin/rooms/<room>/debug")
+async def debug_room(room):
+	state = send_join(bullshit, room)["state"]
+	formatted_state = {}
+	event_cache = {}
+
+	for event in state:
+		key = f"({event["type"]},'{event["state_key"]}')"
+		formatted_state[key] = event
+
+		if "event_id" in event:
+			event_id = event["event_id"]
+		else:
+			event_id = globals.make_ref_hash(
+				event,
+				int(globals.room_version_from_id(room))
+			)
+
+		event_cache[event_id] = event
+
+
+	if globals.room_version_from_id(room) in ["1", "2"]:
+		extremity = globals.make_event_id(seed=f"6_{room}")
+	else:
+		extremity = globals.make_ref_hash(
+			state[5],
+			int(globals.room_version_from_id(room)),
+		)
+
+
+	return jsonify({
+		"aliases": [f"#vona:{config.server_name}"],
+		"current_state": formatted_state,
+		"event_cache": event_cache,
+		"room_id": room,
+		"room_version": globals.room_version_from_id(room),
+		"forward_extremities": [extremity],
+		"servers": None
+	})
--- a/vona/custom/synapse.py
+++ b/vona/custom/synapse.py
@@ -1,23 +1,28 @@
-from flask import Blueprint, jsonify, request, Response
+from vona.federation import send_join
 import vona.globals as globals
 import vona.config as config
-import base64
-import re
+
 import os

+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
 synapse = Blueprint("synapse", __name__)

 # The absolute giant known as the Synapse admin API.
-# Very messy, needs cleaning
+# TODO: Very messy, needs cleaning


-@synapse.route("/_synapse/admin/v1/suspend/<user_id>", methods=["PUT"])
-@synapse.route("/_synapse/admin/v1/deactivate/<user_id>", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/reset_password/<user_id>", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/users/<user_id>/admin", methods=["PUT"])
-@synapse.route("/_synapse/admin/v2/users/<user_id>/delete_devices", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/users/<user_id>/shadow_ban", methods=["DELETE", "POST"])
-@synapse.route("/_synapse/admin/v1/users/<user_id>/override_ratelimit", methods=["GET", "POST", "DELETE"])
+@synapse.route("/_synapse/admin/v1/suspend/<user>", methods=["PUT"])
+@synapse.route("/_synapse/admin/v1/deactivate/<user>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/reset_password/<user>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/admin", methods=["PUT"])
+@synapse.route("/_synapse/admin/v2/users/<user>/delete_devices", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/shadow_ban", methods=["DELETE", "POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/override_ratelimit", methods=["GET", "POST", "DELETE"])
@synapse.route("/_synapse/admin/v1/media/protect/<media_id>", methods=["POST"])
@synapse.route("/_synapse/admin/v1/media/unprotect/<media_id>", methods=["POST"])
@synapse.route("/_synapse/admin/v1/media/quarantine/<s>/<media_id>", methods=["POST"])
@@ -27,6 +32,7 @@ synapse = Blueprint("synapse", __name__)
@synapse.route("/_synapse/admin/v1/rooms/<room>/timestamp_to_event")
@synapse.route("/_synapse/admin/v2/rooms/delete_status/<delete_id>")
@synapse.route("/_synapse/admin/v1/rooms/<room>/make_room_admin", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/background_updates/start_job", methods=["POST"])
 async def response(**kwargs):
 	return jsonify({})

@@ -56,7 +62,7 @@ async def user_list():
 		"total": 1
 	})

-@synapse.route("/_synapse/admin/v2/users/<user_id>", methods=["GET", "PUT"])
+@synapse.route("/_synapse/admin/v2/users/<user>", methods=["GET", "PUT"])
 async def user_info(user_id):
 	if request.method == "GET":
 		return jsonify({
@@ -83,7 +89,7 @@ async def user_info(user_id):

 	return jsonify({}), 201

-@synapse.route("/_synapse/admin/v1/whois/<user_id>")
+@synapse.route("/_synapse/admin/v1/whois/<user>")
 async def whois(user_id):
 	return jsonify({
 		"user_id": f"@vona:{config.server_name}",
@@ -91,7 +97,7 @@ async def whois(user_id):
 			"": {
 				"sessions": [{
 					"connections": [{
-						"ip":f"127.0.0.1",
+						"ip":"127.0.0.1",
 						"last_seen":config.the_funny_number,
 						"user_agent":f"Vona/{globals.version}"
 					}]
@@ -100,22 +106,22 @@ async def whois(user_id):
 		}
 	})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/joined_rooms")
+@synapse.route("/_synapse/admin/v1/users/<user>/joined_rooms")
 async def user_joined_rooms(user_id):
 	return jsonify({
 		"joined_rooms": [globals.make_event_id().replace("$", "!")],
 		"total": 1
 	})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/sent_invite_count")
+@synapse.route("/_synapse/admin/v1/users/<user>/sent_invite_count")
 async def invite_count(user_id):
 	return jsonify({"invite_count": config.the_funny_number})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/accountdata")
+@synapse.route("/_synapse/admin/v1/users/<user>/accountdata")
 async def account_data(user_id):
 	return jsonify({"account_data":{"global":{}}})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/media", methods=["GET", "DELETE"])
+@synapse.route("/_synapse/admin/v1/users/<user>/media", methods=["GET", "DELETE"])
 async def account_media(user_id):
 	if request.method == "GET":
 		return jsonify({
@@ -137,15 +143,15 @@ async def account_media(user_id):
 		"total": config.the_funny_number
 	})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/login", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/login", methods=["POST"])
 async def account_login(user_id):
 	return jsonify({"access_token": "vona"})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/_allow_cross_signing_replacement_without_uia", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/_allow_cross_signing_replacement_without_uia", methods=["POST"])
 async def stupid_mas_bullshit(user_id):
 	return jsonify({"updatable_without_uia_before_ms": config.the_funny_number})

-@synapse.route("/_synapse/admin/v2/users/<user_id>/devices", methods=["GET", "POST"])
+@synapse.route("/_synapse/admin/v2/users/<user>/devices", methods=["GET", "POST"])
 async def device_list(user_id):
 	if request.method == "GET":
 		return jsonify({
@@ -161,7 +167,7 @@ async def device_list(user_id):

 	return jsonify({})

-@synapse.route("/_synapse/admin/v2/users/<user_id>/devices/<device_id>", methods=["GET", "PUT", "DELETE"])
+@synapse.route("/_synapse/admin/v2/users/<user>/devices/<device_id>", methods=["GET", "PUT", "DELETE"])
 async def device_info(user_id, device_id):
 	if request.method == "GET":
 		return jsonify({
@@ -174,7 +180,7 @@ async def device_info(user_id, device_id):

 	return jsonify({})

-@synapse.route("/_synapse/admin/v1/users/<user_id>/pushers")
+@synapse.route("/_synapse/admin/v1/users/<user>/pushers")
 async def pushers(user_id):
 	return jsonify({"pushers": [], "total": config.the_funny_number})

@@ -187,7 +193,7 @@ async def username_available():
 async def threepid(**kwargs):
 	return jsonify({"user_id": f"@vona:{config.server_name}"})

-@synapse.route("/_synapse/admin/v1/<user_id>/redact")
+@synapse.route("/_synapse/admin/v1/<user>/redact")
 async def redact(user_id):
 	return jsonify({"redact_id": os.urandom(16).hex()})

@@ -195,7 +201,7 @@ async def redact(user_id):
 async def redact_status(redact_id):
 	return jsonify({"status":"active","failed_redactions":[]})

-@synapse.route("/_synapse/admin/v1/experimental_features/<user_id>", methods=["GET", "PUT"])
+@synapse.route("/_synapse/admin/v1/experimental_features/<user>", methods=["GET", "PUT"])
 async def experimental_features(user_id):
 	return jsonify({"features": {}})

@@ -270,13 +276,7 @@ async def room_stats():
@synapse.route("/_synapse/admin/v1/background_updates/enabled", methods=["POST", "GET"])
@synapse.route("/_synapse/admin/v1/background_updates/status")
 async def change_bg_update():
-	return jsonify({"enabled":False})
-
-# No documentation on what Synapse actually returns for this API, so a blank dict for now
-@synapse.route("/_synapse/admin/v1/background_updates/start_job", methods=["POST"])
-async def bg_update_start_job():
-	return jsonify({})
-
+	return jsonify({"enabled": False})

@synapse.route("/_synapse/admin/v1/event_reports")
 async def event_reports():
@@ -447,3 +447,38 @@ async def forward_extremities(room):
 			"received_ts": config.the_funny_number
 		}]
 	})
+
+@synapse.route("/_synapse/admin/v1/media/<origin>/<media_id>")
+async def media_info(origin, media_id):
+	return jsonify({
+		"media_info": {
+			"media_origin": origin,
+			"user_id": None,
+			"media_id": media_id,
+			"media_type": "img/jpeg",
+			"media_length": 67,
+			"upload_name": "cat.jpg",
+			"created_ts": config.the_funny_number,
+			"filesystem_id": os.urandom(3).hex(),
+			"url_cache": None,
+			"last_access_ts": config.the_funny_number,
+			"quarantined_by": None,
+			"authenticated": False,
+			"safe_from_quarantine": None,
+			"sha256": os.urandom(32).hex()
+		}
+	})
+
+
+@synapse.route("/_synapse/admin/v1/fetch_event/<evt>")
+async def fetch_event(evt):
+	class bs:
+		def get_json():
+			return {}
+
+	return jsonify({
+		"event": send_join(
+			bs,
+			globals.make_event_id(seed=evt).replace("$", "!")
+		)["state"][5]
+	})
--- a/vona/custom/telodendria.py
+++ b/vona/custom/telodendria.py
@@ -1,7 +1,12 @@
-from flask import Blueprint, request, jsonify
 from vona.globals import version
 import vona.config as config

+from flask import (
+	Blueprint,
+	request,
+	jsonify,
+)
+
 telo = Blueprint("telodendria", __name__)

 # The telodendria admin API as specified by
--- a/vona/federation/init.py
+++ b/vona/federation/init.py
@@ -1,218 +1,32 @@
-from flask import jsonify, Response, request, send_file, abort, Blueprint
+import vona.federation.rooms as rooms
 import vona.globals as globals
 import vona.config as config
+
 import json
 import time
-import os
+
+from flask import (
+	jsonify,
+	Response,
+	request,
+	Blueprint,
+	abort,
+)

 server = Blueprint("federation", __name__)
+http = globals.http_client()


-def send_join(request, roomId) -> dict:
-	event_chain = []
-	event_hashes = []
+class bullshit:
+	def get_json():
+		return {}

-	event_ids = [
-		globals.make_event_id(seed=f"1_{roomId}"),
-		globals.make_event_id(seed=f"2_{roomId}"),
-		globals.make_event_id(seed=f"3_{roomId}"),
-		globals.make_event_id(seed=f"4_{roomId}"),
-		globals.make_event_id(seed=f"5_{roomId}"),
-		globals.make_event_id(seed=f"6_{roomId}"),
-	]

-	create_event = {
-		"content": {
-			"m.federate": True,
-			"creator": f"@vona:{config.server_name}",
-			"room_version": globals.room_version_from_id(roomId)
-		},
-		"event_id": event_ids[0],
-		"origin_server_ts": 1,
-		"room_id": roomId,
-		"sender": f"@vona:{config.server_name}",
-		"state_key": "",
-		"depth": 1,
-		"type": "m.room.create",
-		"auth_events": [],
-		"prev_events": []
-	}
-
-	screate_event = globals.hash_and_sign_event(create_event)
-	event_chain.append(screate_event)
-
-	our_join = {
-		"content": {
-			"displayname": "Vona",
-			"avatar_url": f"mxc://{config.server_name}/cat",
-			"membership": "join"
-		},
-		"origin_server_ts": 2,
-		"sender": f"@vona:{config.server_name}",
-		"state_key": f"@vona:{config.server_name}",
-		"type": "m.room.member",
-		"event_id": event_ids[1],
-		"room_id": roomId,
-		"depth": 2,
-		"auth_events": [[
-			screate_event["event_id"],
-			screate_event["hashes"]
-		]],
-		"prev_events": [[
-			screate_event["event_id"],
-			screate_event["hashes"]
-		]]
-	}
-
-	sour_join = globals.hash_and_sign_event(our_join)
-	event_chain.append(sour_join)
-
-	pls = {
-		"content": {
-			"users": {
-				f"@vona:{config.server_name}": "100"
-			}
-		},
-		"origin_server_ts": 3,
-		"room_id": roomId,
-		"sender": f"@vona:{config.server_name}",
-		"state_key": "",
-		"type": "m.room.power_levels",
-		"event_id": event_ids[2],
-		"depth": 3,
-		"user_id": f"@vona:{config.server_name}",
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			]
-		],
-		"prev_events": [[
-			sour_join["event_id"],
-			sour_join["hashes"]
-		]]
-	}
-
-	spls = globals.hash_and_sign_event(pls)
-	event_chain.append(spls)
-
-	join_rule = {
-		"content": {
-			"join_rule": "public"
-		},
-		"origin_server_ts": 4,
-		"sender": f"@vona:{config.server_name}",
-		"state_key": "",
-		"type": "m.room.join_rules",
-		"event_id": event_ids[3],
-		"room_id": roomId,
-		"depth": 4,
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			],
-			[
-				spls["event_id"],
-				spls["hashes"]
-			]
-		],
-		"prev_events": [[
-			spls["event_id"],
-			spls["hashes"]
-		]]
-	}
-
-	sjoin_rule = globals.hash_and_sign_event(join_rule)
-	event_chain.append(sjoin_rule)
-
-	guest_access = {
-		"content": {
-			"guest_access": "forbidden"
-		},
-		"origin_server_ts": 5,
-		"depth": 5,
-		"sender": f"@vona:{config.server_name}",
-		"state_key": "",
-		"type": "m.room.guest_access",
-		"event_id": event_ids[4],
-		"room_id": roomId,
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			],
-			[
-				spls["event_id"],
-				spls["hashes"]
-			]
-		],
-		"prev_events": [[
-			sjoin_rule["event_id"],
-			sjoin_rule["hashes"]
-		]]
-	}
-
-	sguest_access = globals.hash_and_sign_event(guest_access)
-	event_chain.append(sguest_access)
-
-	history = {
-		"content": {
-			"history_visibility": "shared"
-		},
-		"type": "m.room.history_visibility",
-		"sender": f"@vona:{config.server_name}",
-		"state_key": "",
-		"origin_server_ts": 6,
-		"depth": 6,
-		"event_id": event_ids[5],
-		"room_id": roomId,
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			],
-			[
-				spls["event_id"],
-				spls["hashes"]
-			]
-		],
-		"prev_events": [[
-			sguest_access["event_id"],
-			sguest_access["hashes"]
-		]]
-	}
-
-	shistory = globals.hash_and_sign_event(history)
-	event_chain.append(shistory)
-
-	remote_join = request.get_json()
-
-	response = {
-		"auth_chain": event_chain,
-		"event": remote_join,
-		"members_omitted": False,
-		"servers_in_room": [config.server_name],
-		"state": event_chain
-	}
-
-	return response
+def send_join(request, room) -> dict:
+	if globals.room_version_from_id(room) in ["1", "2"]:
+		return rooms.v1_v2(request, room)
+	else:
+		return rooms.v3(request, room)


@server.route("/_matrix/federation/v1/version")
@@ -224,6 +38,7 @@ async def version():
 		}
 	})

+
@server.route("/_matrix/key/v2/server")
 async def keys():
 	return jsonify(globals.sign_json({
@@ -237,6 +52,7 @@ async def keys():
 		}
 	}))

+
@server.route("/_matrix/federation/v1/query/directory")
 async def room_query():
 	return jsonify({
@@ -244,6 +60,7 @@ async def room_query():
 		"servers": [config.server_name]
 	})

+
@server.route("/_matrix/federation/v1/media/download/<media_id>")
 async def download_media(media_id):
 	# Auth media requires this to be
@@ -267,6 +84,7 @@ async def download_media(media_id):

 	return response

+
@server.route("/_matrix/federation/v1/media/thumbnail/<media_id>")
 async def thumbnail_media(media_id):
 	return jsonify({
@@ -274,51 +92,65 @@ async def thumbnail_media(media_id):
 		"error": "Cat is too cute to thumbnail"
 	}), 418

-@server.route("/_matrix/federation/v1/send_join/<roomId>/<eventId>", methods=["PUT"])
-async def send_join_v1(roomId, eventId):
-	return jsonify([200, send_join(request, roomId)])

-@server.route("/_matrix/federation/v2/send_join/<roomId>/<eventId>", methods=["PUT"])
-async def send_join_v2(roomId, eventId):
-	return jsonify(send_join(request, roomId))
+@server.route("/_matrix/federation/v1/send_join/<room>/<path:eventId>", methods=["PUT"])
+async def send_join_v1(room, eventId):
+	if globals.room_version_from_id(room) not in ["1", "2"]:
+		return jsonify({
+			"errcode": "M_INCOMPATIBLE_ROOM_VERSION",
+			"error": "This room is not v1 or v2."
+		}), 400

-@server.route("/_matrix/federation/v1/make_join/<roomId>/<userId>")
-async def make_join(roomId, userId):
-	def not_invited():
+	return jsonify([200, send_join(request, room)])
+
+
+@server.route("/_matrix/federation/v2/send_join/<room>/<path:eventId>", methods=["PUT"])
+async def send_join_v2(room, eventId):
+	if globals.room_version_from_id(room) in ["1", "2"]:
+		# Spec says to fallback to the v1 send_join endpoint if this fails
+		abort(404)
+
+	return jsonify(send_join(request, room))
+
+
+@server.route("/_matrix/federation/v1/make_join/<room>/<user>")
+async def make_join(room, user):
+	if ":" in room:
+		if room.split(":")[1] != config.server_name:
+			return jsonify({
+				"errcode": "M_FORBIDDEN",
+				"error": "You are not invited to this room."
+			}), 403
+	else:
 		return jsonify({
 			"errcode": "M_FORBIDDEN",
 			"error": "You are not invited to this room."
 		}), 403

-	try:
-		if roomId.split(":")[1] != config.server_name:
-			return not_invited()
-	except:
-		return not_invited()

-	class bullshit:
-		def get_json():
-			return {}
+	room_ver = globals.room_version_from_id(room)

 	state = send_join(
 		request=bullshit,
-		roomId=roomId
+		room=room
 	)["state"]

 	join = {
 		"content": {
-			"join_authorised_via_users_server": f"@vona:{config.server_name}",
 			"membership": "join"
 		},
 		"origin": config.server_name,
 		"origin_server_ts": 7,
-		"room_id": roomId,
-		"sender": userId,
-		"state_key": userId,
+		"room_id": room,
+		"sender": user,
+		"state_key": user,
 		"type": "m.room.member",
 		"depth": 7
 	}

+	if room_ver in ["1", "2"]:
+		join["event_id"] = globals.make_event_id(seed=f"{user}+{room}")
+
 		join["auth_events"] = [
 			[
 				state[0]["event_id"],
@@ -338,10 +170,21 @@ async def make_join(roomId, userId):
 			state[5]["event_id"],
 			state[5]["hashes"]
 		]]
+	else:
+		join["auth_events"] = [
+			globals.make_ref_hash(state[0], int(room_ver)),
+			globals.make_ref_hash(state[2], int(room_ver)),
+			globals.make_ref_hash(state[3], int(room_ver)),
+		]
+
+		join["prev_events"] = [
+			globals.make_ref_hash(state[5], int(room_ver)),
+		]
+

 	return jsonify({
-		"event": globals.hash_and_sign_event(join),
-		"room_version": globals.room_version_from_id(roomId)
+		"event": globals.hash_and_sign_event(join, int(room_ver)),
+		"room_version": room_ver
 	})


@@ -350,7 +193,6 @@ async def room_directory():
 	return jsonify(globals.room_dir)


-# https://spec.matrix.org/latest/server-server-api/#transactions
@server.route("/_matrix/federation/v1/send/<txnId>", methods=["PUT"])
 async def receive_txn(txnId):
 	# We will need to implement a way to store every
@@ -374,7 +216,13 @@ async def receive_txn(txnId):
 	if "pdus" in parsed_data:
 		for pdu in parsed_data["pdus"]:
 			if "event_id" in pdu:
-				response["pdus"][pdu["event_id"]] = {}
+				# For v1 and v2 rooms
+				event_id = pdu["event_id"]
+			else:
+				# Assume room v4 or over as most rooms will be anyway
+				event_id = globals.make_ref_hash(pdu, 4)
+
+			response["pdus"][event_id] = {}

 	return jsonify(response)

@@ -408,25 +256,32 @@ async def user_devices(user):

@server.route("/_matrix/federation/v1/user/keys/query", methods=["POST"])
 async def user_keys():
+	req = request.json
+
+	if (
+		isinstance(req, dict)
+		and "device_keys" in req
+		and isinstance(req["device_keys"], dict)
+	):
+		device_keys = req["device_keys"]
+	else:
+		device_keys = {}
+
 	return jsonify({
-		"device_keys": request.json.get("device_keys", {})
+		"device_keys": device_keys
 	})


@server.route("/_matrix/federation/v2/invite/<room>/<txnId>", methods=["PUT"])
 async def invite_user_v2(room, txnId):
-	return invite_user(request.data)
+	invite_data = request.json

-
-@server.route("/_matrix/federation/v1/invite/<room>/<txnId>", methods=["PUT"])
-async def invite_user_v1(room, txnId):
-	return [200, invite_user(request.json)]
-
-
-def invite_user(invite_data):
-	if "event" in invite_data:
+	if (
+		isinstance(invite_data, dict)
+		and "event" in invite_data
+	):
 		if "room_version" in invite_data:
-			if invite_data["room_version"] not in ["1", "2"]:
+			if invite_data["room_version"] not in [str(i) for i in range(1, 10)]:
 				return jsonify({
 					"errcode": "M_INCOMPATIBLE_ROOM_VERSION",
 					"error": "Unsupported room version",
@@ -436,7 +291,6 @@ def invite_user(invite_data):
 			event = invite_data.get("event", {})
 			content = event.get("content", {})

-			# NOTE to crispycat: I know you loooooove this syntax
 			if (
 				"content" in event
 				and "membership" in content
@@ -446,7 +300,7 @@ def invite_user(invite_data):
 				and event["state_key"] == f"@vona:{config.server_name}"
 			):
 				return jsonify({
-					"event": globals.sign_json_without_discard(invite_data["event"]),
+					"event": globals.sign_json_without_discard(event),
 					"room_version": invite_data["room_version"]
 				})

@@ -457,8 +311,42 @@ def invite_user(invite_data):
 	}), 403


-@server.route("/_matrix/federation/v1/hierarchy/<roomId>")
-async def space_hierachy(roomId):
+@server.route("/_matrix/federation/v1/invite/<room>/<txnId>", methods=["PUT"])
+async def invite_user_v1(room, txnId):
+	event = request.json
+	if (
+		isinstance(event, dict)
+		and "content" in event
+		and isinstance(event["content"], dict)
+	):
+		content = event["content"]
+	else:
+		content = {}
+
+	if (
+		isinstance(event, dict)
+		and isinstance(content, dict)
+		and "content" in event
+		and "membership" in content
+		and "state_key" in event
+		and "room_id" in event
+		and content["membership"] == "invite"
+		and event["state_key"] == f"@vona:{config.server_name}"
+		and "event_id" in event
+		and ":" in event["event_id"]
+	):
+		return jsonify({
+			"event": globals.sign_json_without_discard(event)
+		})
+
+	return jsonify({
+		"errcode": "M_FORBIDDEN",
+		"error": "Invalid invitation PDU"
+	}), 403
+
+
+@server.route("/_matrix/federation/v1/hierarchy/<room>")
+async def space_hierachy(room):
 	return jsonify({
 		"errcode": "M_NOT_FOUND",
 		"error": "Room does not exist."
@@ -468,7 +356,12 @@ async def space_hierachy(roomId):
@server.route("/_matrix/federation/v1/org.matrix.msc4358/discover_common_rooms", methods=["POST"])
@server.route("/_matrix/federation/v1/discover_common_rooms", methods=["POST"])
 async def discover_common_rooms():
-	tags = request.json.get("room_participation_tags", [])
+	req = request.json
+	if isinstance(req, dict):
+		tags = req.get("room_participation_tags", [])
+	else:
+		tags = []
+
 	return jsonify({"recognised_tags": tags})


@@ -476,12 +369,108 @@ async def discover_common_rooms():
 async def backfill(room):
 	# TODO: burger king foot lettuce

-	class bullshit:
-		def get_json():
-			return {}
-
 	return jsonify({
 		"origin": config.server_name,
-		"origin_server_ts": int(str(time.time() * 1000).split(".")[0]),
+		"origin_server_ts": globals.get_time(),
 		"pdus": send_join(bullshit, room)["state"]
 	})
+
+
+@server.route("/_matrix/federation/unstable/org.matrix.msc4370/extremities/<room>")
+@server.route("/_matrix/federation/v1/extremities/<room>")
+async def extremities(room):
+	if ":" in room:
+		if room.split(":")[1] != config.server_name:
+			return jsonify({
+				"errcode": "M_NOT_FOUND",
+				"error": "Room is unknown to this server"
+			}), 404
+
+	room_ver = globals.room_version_from_id(room)
+
+	if room_ver in ["1", "2"]:
+		event_id = globals.make_event_id(seed=f"6_{room}")
+	else:
+		event_id = globals.make_ref_hash(
+			send_join(bullshit, room)["state"][5],
+			int(room_ver)
+		)
+
+	return jsonify({
+		"prev_events": [event_id]
+	})
+
+
+@server.route("/_matrix/federation/v1/state_ids/<room>")
+async def state_ids(room):
+	if (
+		"event_id" in request.args
+		and request.args["event_id"].strip() != ""
+	):
+		evt = request.args["event_id"]
+		def explode():
+			return jsonify({
+				"errcode": "M_NOT_FOUND",
+				"error": f"Could not find event {evt}"
+			}), 404
+
+
+		if ":" not in evt:
+			return explode()
+		if ":" in room:
+			if room.split(":")[1] != config.server_name:
+				return explode()
+		else:
+			return explode()
+
+		server_name = evt.split(":")[1]
+
+		if server_name == config.server_name:
+			state = send_join(bullshit, room)["state"]
+			event_ids = []
+
+			for event in state:
+				if "event_id" in event:
+					event_ids.append(event["event_id"])
+				else:
+					event_ids.append(
+						globals.make_ref_hash(event)
+					)
+
+			if evt in event_ids:
+				return jsonify({
+					"auth_chain_ids": [event_ids],
+					"pdu_ids": [event_ids]
+				})
+			else:
+				return explode()
+
+		try:
+			resp = http.get(
+				path=request.full_path,
+				destination=server_name,
+			)
+
+			if resp.status_code != 200:
+				raise
+
+			return jsonify(resp.json())
+		except Exception:
+			pass
+
+		return explode()
+
+	return jsonify({
+		"errcode": "M_MISSING_PARAM",
+		"error": "Query parameter 'event_id' was not specified"
+	}), 400
+
+
+@server.route("/_matrix/federation/unstable/io.fsky.vel/edutypes")
+@server.route("/_matrix/federation/v1/edutypes")
+async def edutypes():
+	return jsonify({
+		"m.presence": False,
+		"m.receipt": False,
+		"m.typing": False,
+	})
--- a/vona/federation/rooms.py
+++ b/vona/federation/rooms.py
@@ -0,0 +1,284 @@
+import vona.globals as globals
+import vona.config as config
+
+# This file is responsible for creating Matrix rooms.
+
+# Room V1/V2
+def v1_v2(request, room) -> dict:
+	event_chain = []
+
+	event_ids = [
+		globals.make_event_id(seed=f"1_{room}"),
+		globals.make_event_id(seed=f"2_{room}"),
+		globals.make_event_id(seed=f"3_{room}"),
+		globals.make_event_id(seed=f"4_{room}"),
+		globals.make_event_id(seed=f"5_{room}"),
+		globals.make_event_id(seed=f"6_{room}"),
+	]
+
+	create_event = {
+		"content": {
+			"m.federate": True,
+			"creator": f"@vona:{config.server_name}",
+			"room_version": globals.room_version_from_id(room)
+		},
+		"event_id": event_ids[0],
+		"origin_server_ts": 1,
+		"room_id": room,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"depth": 1,
+		"type": "m.room.create",
+		"auth_events": [],
+		"prev_events": []
+	}
+
+	screate_event = globals.hash_and_sign_event(create_event)
+	event_chain.append(screate_event)
+
+	our_join = {
+		"content": {
+			"displayname": "Vona",
+			"avatar_url": f"mxc://{config.server_name}/cat",
+			"membership": "join"
+		},
+		"origin_server_ts": 2,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": f"@vona:{config.server_name}",
+		"type": "m.room.member",
+		"event_id": event_ids[1],
+		"room_id": room,
+		"depth": 2,
+		"auth_events": [[
+			screate_event["event_id"],
+			screate_event["hashes"]
+		]],
+		"prev_events": [[
+			screate_event["event_id"],
+			screate_event["hashes"]
+		]]
+	}
+
+	sour_join = globals.hash_and_sign_event(our_join)
+	event_chain.append(sour_join)
+
+	pls = {
+		"content": {
+			"users": {
+				f"@vona:{config.server_name}": "100"
+			}
+		},
+		"origin_server_ts": 3,
+		"room_id": room,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"type": "m.room.power_levels",
+		"event_id": event_ids[2],
+		"depth": 3,
+		"user_id": f"@vona:{config.server_name}",
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			]
+		],
+		"prev_events": [[
+			sour_join["event_id"],
+			sour_join["hashes"]
+		]]
+	}
+
+	spls = globals.hash_and_sign_event(pls)
+	event_chain.append(spls)
+
+	join_rule = {
+		"content": {
+			"join_rule": "public"
+		},
+		"origin_server_ts": 4,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"type": "m.room.join_rules",
+		"event_id": event_ids[3],
+		"room_id": room,
+		"depth": 4,
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			],
+			[
+				spls["event_id"],
+				spls["hashes"]
+			]
+		],
+		"prev_events": [[
+			spls["event_id"],
+			spls["hashes"]
+		]]
+	}
+
+	sjoin_rule = globals.hash_and_sign_event(join_rule)
+	event_chain.append(sjoin_rule)
+
+	guest_access = {
+		"content": {
+			"guest_access": "forbidden"
+		},
+		"origin_server_ts": 5,
+		"depth": 5,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"type": "m.room.guest_access",
+		"event_id": event_ids[4],
+		"room_id": room,
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			],
+			[
+				spls["event_id"],
+				spls["hashes"]
+			]
+		],
+		"prev_events": [[
+			sjoin_rule["event_id"],
+			sjoin_rule["hashes"]
+		]]
+	}
+
+	sguest_access = globals.hash_and_sign_event(guest_access)
+	event_chain.append(sguest_access)
+
+	history = {
+		"content": {
+			"history_visibility": "shared"
+		},
+		"type": "m.room.history_visibility",
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"origin_server_ts": 6,
+		"depth": 6,
+		"event_id": event_ids[5],
+		"room_id": room,
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			],
+			[
+				spls["event_id"],
+				spls["hashes"]
+			]
+		],
+		"prev_events": [[
+			sguest_access["event_id"],
+			sguest_access["hashes"]
+		]]
+	}
+
+	shistory = globals.hash_and_sign_event(history)
+	event_chain.append(shistory)
+
+	remote_join = request.get_json()
+
+	return {
+		"auth_chain": event_chain,
+		"event": remote_join,
+		"members_omitted": False,
+		"servers_in_room": [config.server_name],
+		"state": event_chain
+	}
+
+
+# Room V3 to V10
+def v3(request, room) -> dict:
+	initial_response = v1_v2(request, room)
+	state = list(initial_response["state"])
+	ver = int(globals.room_version_from_id(room))
+	events = {}
+	hash_map = {}
+
+	for event in state:
+		events[event["type"]] = event
+		del event["event_id"]
+		del event["hashes"]
+		del event["signatures"]
+
+	# m.room.create doesn't have prev_events or auth_events
+	if ver >= 11:
+		del events["m.room.create"]["content"]["creator"]
+	events["m.room.create"] = globals.hash_and_sign_event(events["m.room.create"], ver)
+	hash_map["m.room.create"] = globals.make_ref_hash(events["m.room.create"], ver)
+
+	events["m.room.member"]["auth_events"] = [hash_map["m.room.create"]]
+	events["m.room.member"]["prev_events"] = [hash_map["m.room.create"]]
+	events["m.room.member"] = globals.hash_and_sign_event(events["m.room.member"], ver)
+	hash_map["m.room.member"] = globals.make_ref_hash(events["m.room.member"], ver)
+
+	events["m.room.power_levels"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+	]
+	events["m.room.power_levels"]["prev_events"] = [hash_map["m.room.member"]]
+	if ver >= 10:
+		events["m.room.power_levels"]["content"]["users"][f"@vona:{config.server_name}"] = 100
+	events["m.room.power_levels"] = globals.hash_and_sign_event(events["m.room.power_levels"], ver)
+	hash_map["m.room.power_levels"] = globals.make_ref_hash(events["m.room.power_levels"], ver)
+
+	events["m.room.join_rules"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+		hash_map["m.room.power_levels"],
+	]
+	events["m.room.join_rules"]["prev_events"] = [hash_map["m.room.power_levels"]]
+	events["m.room.join_rules"] = globals.hash_and_sign_event(events["m.room.join_rules"], ver)
+	hash_map["m.room.join_rules"] = globals.make_ref_hash(events["m.room.join_rules"], ver)
+
+	events["m.room.guest_access"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+		hash_map["m.room.power_levels"],
+	]
+	events["m.room.guest_access"]["prev_events"] = [hash_map["m.room.join_rules"]]
+	events["m.room.guest_access"] = globals.hash_and_sign_event(events["m.room.guest_access"], ver)
+	hash_map["m.room.guest_access"] = globals.make_ref_hash(events["m.room.guest_access"], ver)
+
+	events["m.room.history_visibility"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+		hash_map["m.room.power_levels"],
+	]
+	events["m.room.history_visibility"]["prev_events"] = [hash_map["m.room.guest_access"]]
+	events["m.room.history_visibility"] = globals.hash_and_sign_event(events["m.room.history_visibility"], ver)
+
+	new_state = []
+
+	for event in events:
+		new_state.append(events[event])
+
+
+	return {
+		"auth_chain": new_state,
+		"event": initial_response["event"],
+		"members_omitted": False,
+		"servers_in_room": [config.server_name],
+		"state": new_state
+	}
--- a/vona/globals/init.py
+++ b/vona/globals/init.py
@@ -1,20 +1,23 @@
 from resolvematrix import ServerResolver
 from types import SimpleNamespace
 from collections import Counter
+
 import vona.config as config
+import nacl.encoding
 import nacl.signing
 import hashlib
 import base64
 import random
 import httpx
-import copy
 import json
+import copy
+import time
 import re

-version = "1.4.4"
+version = "1.5.0"


-def canonical_json(value):
+def canonical_json(value: dict | list) -> bytes:
 	return json.dumps(
 		value,
 		ensure_ascii=False,
@@ -23,7 +26,7 @@ def canonical_json(value):
 	).encode("UTF-8")


-def sign_json(data):
+def sign_json(data: dict) -> dict:
 	parts = config.signing_key.split()
 	base64_key = parts[2]

@@ -52,7 +55,7 @@ def sign_json(data):
 	return signed_json


-def sign_json_without_discard(data):
+def sign_json_without_discard(data: dict) -> dict:
 	parts = config.signing_key.split()
 	base64_key = parts[2]

@@ -85,7 +88,7 @@ def sign_json_without_discard(data):
 	return data


-def make_event_id(seed=None):
+def make_event_id(seed: str | int | None = None) -> str:
 	if seed is not None:
 		random.seed(seed)

@@ -103,7 +106,7 @@ def make_event_id(seed=None):
 	return event_id


-def event_hash(event_object):
+def event_hash(event_object: dict) -> str:
 	event_object = dict(event_object)

 	event_object.pop("unsigned", None)
@@ -169,9 +172,13 @@ def make_auth_header(
 	return authorization_headers[0].decode("utf-8")


-def redact_event(event):
+def redact_event(
+	event: dict,
+	for_event_id: bool = False,
+	room_ver: int = 1,
+) -> dict:
 	# Returns a redacted event as per
-	# the algorithm for v1/v2 rooms.
+	# the algorithm for v1 to v11 rooms.

 	allowed_keys = [
 		"event_id",
@@ -181,16 +188,20 @@ def redact_event(event):
 		"state_key",
 		"content",
 		"hashes",
-		"signatures",
 		"depth",
 		"prev_events",
-		"prev_state",
 		"auth_events",
-		"origin",
 		"origin_server_ts",
-		"membership",
 	]

+	if not for_event_id:
+		allowed_keys.append("signatures")
+
+	if room_ver < 11:
+		allowed_keys.append("origin")
+		allowed_keys.append("membership")
+		allowed_keys.append("prev_state")
+
 	redacted_event = {k: v for k, v in event.items() if k in allowed_keys}

 	if "type" in redacted_event and "content" in redacted_event:
@@ -214,52 +225,124 @@ def redact_event(event):
 			"m.room.history_visibility": ["history_visibility"],
 		}

+		if room_ver >= 6:
+			del content_key_rules["m.room.aliases"]
+
+		if room_ver >= 8:
+			content_key_rules["m.room.join_rules"].append("allow")
+
+		if room_ver >= 9:
+			content_key_rules["m.room.member"].append("join_authorised_via_users_server")
+
+		if room_ver >= 11:
+			content_key_rules["m.room.redaction"] = ["redacts"]
+			del content_key_rules["m.room.create"] # All keys will be permitted
+
+
 		if event_type in content_key_rules:
 			allowed_content_keys = content_key_rules[event_type]
+
+			if (
+				room_ver >= 11
+				and "third_party_invite" in redacted_event
+				and "signed" in redacted_event["third_party_invite"]
+			):
+				third_party_invite_signature = copy.deepcopy(redacted_event["third_party_invite"]["signed"])
+			else:
+				third_party_invite_signature = None
+
 			redacted_event["content"] = {
 				k: v
 				for k, v in redacted_event["content"].items()
 				if k in allowed_content_keys
 			}
+
+			if third_party_invite_signature:
+				redacted_event["content"]["third_party_invite"] = {
+					"signed": third_party_invite_signature
+				}
+
+		else:
+			if room_ver >= 11 and event_type == "m.room.create":
+				pass
 			else:
 				redacted_event["content"] = {}

 	return redacted_event


-def hash_and_sign_event(event_object):
+def hash_and_sign_event(
+	event_object: dict,
+	room_ver: int = 1,
+) -> dict:
 	content_hash = event_hash(event_object)
 	event_object["hashes"] = {"sha256": content_hash}
-	stripped_object = redact_event(event_object)
+	stripped_object = redact_event(
+		event=event_object,
+		for_event_id=False,
+		room_ver=room_ver,
+	)
 	signed_object = sign_json(stripped_object)
 	event_object["signatures"] = signed_object["signatures"]
 	return event_object


-def room_version_from_id(room_id):
-	room_id_no_sigil = room_id.replace("!", "")
+def make_ref_hash(
+	event: dict,
+	room_ver: int = 3,
+) -> str:
+	stripped = redact_event(
+		event=event,
+		for_event_id=True,
+		room_ver=room_ver,
+	)
+	evt_bytes = canonical_json(stripped)

+	evt_hash = base64.b64encode(
+		hashlib.sha256(evt_bytes).digest()
+	).decode("utf-8").rstrip("=")
+
+	if room_ver > 3:
+		while "+" in evt_hash:
+			evt_hash = evt_hash.replace("+", "-")
+		while "/" in evt_hash:
+			evt_hash = evt_hash.replace("/", "_")
+
+	return "$" + evt_hash
+
+
+def room_version_from_id(room) -> str:
+	room_id_no_sigil = (
+		room
+		.replace("!", "")
+		.replace(f":{config.server_name}", "")
+	)
 	hexadecimal_room_id = bytes(room_id_no_sigil, "utf-8").hex()

-	if "1" not in hexadecimal_room_id and "2" not in hexadecimal_room_id:
-		# NOTE: v2 if impossible from room ID alone
+	versions = [str(i) for i in range(0, 10)]
+	versions.append("a")
+
+	if not any(ver in hexadecimal_room_id for ver in versions):
 		hexadecimal_room_id = "2" + hexadecimal_room_id[1:]

 	def remove_chars(s):
-		return re.sub("[^12]", "", s)
+		return re.sub(f"[^{''.join(versions)}]", "", s)

 	nums = remove_chars(hexadecimal_room_id)

 	def most_common_character(s):
 		s = s.replace(" ", "").lower()
-
 		counts = Counter(s)
-
 		most_common = counts.most_common(1)

-		return most_common[0] if most_common else None
+		actual_most_common = most_common[0] if most_common else ("4",)
+		if actual_most_common[0] == "0":
+			return ("10",)
+		elif actual_most_common[0] == "a":
+			return ("11",)
+		return actual_most_common

-	return most_common_character(nums)[0]
+	return str(most_common_character(nums)[0])


 room_dir = {
@@ -312,6 +395,7 @@ class http_client:
 				method="PUT",
 				destination=destination,
 				path=path,
+				content=json,
 			)

 		headers["Host"] = resolved.host_header
@@ -320,7 +404,7 @@ class http_client:
 			f"{resolved.base_url}{path}",
 			headers=headers,
 			extensions={"sni_hostname": resolved.sni},
-			json=json
+			json=json,
 		)

 	def get(
@@ -344,5 +428,43 @@ class http_client:
 		return self.http.get(
 			f"{resolved.base_url}{path}",
 			headers=headers,
-			extensions={"sni_hostname": resolved.sni}
+			extensions={"sni_hostname": resolved.sni},
 		)
+
+
+def strip_state(state_events) -> list:
+	if not isinstance(state_events, list):
+		return state_events
+
+	keys_to_remove = [
+		"auth_events",
+		"prev_events",
+		"signatures",
+		"hashes",
+		"depth"
+	]
+
+	new_list = []
+	for d in state_events:
+		if not isinstance(d, dict):
+			new_list.append(d)
+			continue
+
+		if "room_id" in d:
+			ver = int(room_version_from_id(d["room_id"]))
+		else:
+			ver = 4
+
+		event_id = make_ref_hash(d, ver)
+		new_dict = {}
+		for k, v in d.items():
+			if k in keys_to_remove:
+				continue
+			new_dict[k] = strip_state(v)
+		new_dict["event_id"] = event_id
+		new_list.append(new_dict)
+	return new_list
+
+
+def get_time() -> int:
+	return int(str(time.time() * 1000).split(".")[0])
--- a/vona/identity/init.py
+++ b/vona/identity/init.py
@@ -1,6 +1,13 @@
-from flask import Blueprint, jsonify, request
-from vona.config import server_name, the_funny_number
+import vona.config as config
+import vona.globals as globals
 import time
+import os
+
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)

 identity = Blueprint("identity", __name__)

@@ -8,10 +15,8 @@ identity = Blueprint("identity", __name__)
 # I'm pretty sure only Element uses this,
 # but oh well.

-# https://spec.matrix.org/latest/identity-service-api/#api-version-check
@identity.route("/_matrix/identity/versions")
 async def versions():
-	# Stolen from the vector.im identity server
 	return jsonify({
 		"versions": [
 			"r0.1.0",
@@ -27,10 +32,11 @@ async def versions():
 	})


-# https://spec.matrix.org/latest/identity-service-api/#authentication
@identity.route("/_matrix/identity/v2/account")
 async def account_info():
-	return jsonify({"user_id": f"@vona:{server_name}"})
+	return jsonify({
+		"user_id": f"@vona:{config.server_name}"
+	})


@identity.route("/_matrix/identity/v2/account/logout", methods=["POST"])
@@ -40,113 +46,143 @@ async def logout():

@identity.route("/_matrix/identity/v2/account/register", methods=["POST"])
 async def register():
-	return jsonify({"token":"vona"})
+	return jsonify({"token": "vona"})


-# https://spec.matrix.org/latest/identity-service-api/#terms-of-service
@identity.route("/_matrix/identity/v2/terms", methods=["GET", "POST"])
 async def policies():
 	if request.method == "GET":
-		return jsonify({"policies":{}})
+		return jsonify({
+			"policies": {}
+		})

 	return jsonify({})

+
@identity.route("/_matrix/identity/v2")
 async def status():
 	return jsonify({})

+
@identity.route("/_matrix/identity/v2/pubkey/ephemeral/isvalid")
@identity.route("/_matrix/identity/v2/pubkey/isvalid")
 async def pubkey_validity():
 	return jsonify({"valid": True})

+
@identity.route("/_matrix/identity/v2/pubkey/<key>")
 async def get_key(key):
 	return jsonify({
-		"errcode": "M_NOT_FOUND",
-		"error": "The public key was not found"
-	}), 404
+		"public_key": globals.pubkey()
+	})
+

@identity.route("/_matrix/identity/v2/hash_details")
 async def hash_details():
-	return jsonify({"algorithms":["none","sha256"],"lookup_pepper": "vona"})
+	return jsonify({
+		"algorithms": [
+			"none",
+			"sha256",
+		],
+		"lookup_pepper": "vona"
+	})
+

@identity.route("/_matrix/identity/v2/lookup", methods=["POST"])
 async def lookup():
 	req = request.json

-	if "addresses" in req:
-		return jsonify({"mappings": {req["addresses"][0]: f"@vona:{server_name}"}})
-	else:
-		return jsonify({"errcode": "M_INVALID_PEPPER","error": "Invalid pepper"})
+	if (
+		isinstance(req, dict)
+		and "addresses" in req
+		and isinstance(req["addresses"], list)
+		and len(req["addresses"]) > 0
+	):
+		return jsonify({
+			"mappings": {
+				req["addresses"][0]: f"@vona:{config.server_name}"
+			}
+		})
+
+	return jsonify({
+		"errcode": "M_INVALID_PEPPER",
+		"error": "Invalid pepper"
+	})
+

@identity.route("/_matrix/identity/v2/validate/email/requestToken", methods=["POST"])
@identity.route("/_matrix/identity/v2/validate/msisdn/requestToken", methods=["POST"])
 async def request_validation_token():
-	return jsonify({"sid": str(the_funny_number)})
+	return jsonify({
+		"sid": os.urandom(16).hex()
+	})
+

@identity.route("/_matrix/identity/v2/validate/email/submitToken", methods=["GET", "POST"])
@identity.route("/_matrix/identity/v2/validate/msisdn/submitToken", methods=["GET", "POST"])
 async def submit_validation_token():
 	return jsonify({"success": True})

+
@identity.route("/_matrix/identity/v2/3pid/bind", methods=["POST"])
 async def threepid_bind():
 	if "mxid" in request.get_json():
 		mxid = request.get_json()["mxid"]
 	else:
-		mxid = f"@vona:{server_name}"
+		mxid = f"@vona:{config.server_name}"

-	return jsonify(globals.sign_json({
+	return jsonify(
+		globals.sign_json({
 			"address": "abuse@matrix.org",
 			"medium": "email",
 			"mxid": mxid,
 			"not_after": int(time.time() * 1000 + 604800000),
 			"not_before": int(time.time() * 1000 - 604800000),
 			"ts": int(time.time() * 1000)
-	}))
+		})
+	)
+

@identity.route("/_matrix/identity/v2/3pid/unbind", methods=["POST"])
 async def threepid_unbind():
 	return jsonify({})

+
@identity.route("/_matrix/identity/v2/3pid/getValidated3pid")
 async def threepid_validated():
 	# Please email abuse@matrix.org
 	return jsonify({
 		"address": "abuse@matrix.org",
 		"medium": "email",
-		"validated_at": the_funny_number
+		"validated_at": config.the_funny_number
 	})


-# https://spec.matrix.org/latest/identity-service-api/#invitation-storage
@identity.route("/_matrix/identity/v2/store-invite", methods=["POST"])
 async def invite():
 	return jsonify({
 		"display_name": "Vona",
 		"public_keys": [
 			{
-				"key_validity_url": f"https://{server_name}/_matrix/identity/v2/pubkey/isvalid",
-				"public_key":"ohyeah"
+				"key_validity_url": f"https://{config.server_name}/_matrix/identity/v2/pubkey/isvalid",
+				"public_key": "ohyeah"
 			},
 			{
-				"key_validity_url": f"https://{server_name}/_matrix/identity/v2/pubkey/ephemeral/isvalid",
-				"public_key":"thisssssss"
+				"key_validity_url": f"https://{config.server_name}/_matrix/identity/v2/pubkey/ephemeral/isvalid",
+				"public_key": "burgerkingfootlettuce"
 			}
 		],
 		"token": "vona"
 	})


-# https://spec.matrix.org/latest/identity-service-api/#ephemeral-invitation-signing
@identity.route("/_matrix/identity/v2/sign-ed25519", methods=["POST"])
 async def invite_signing():
 	required_keys = {"mxid", "private_key", "token"}
-	d = data.get_json()
+	d = request.data.get_json()

 	if set(d.keys()) == required_keys:
-		return jsonify(sign_json(d))
+		return jsonify(globals.sign_json(d))
 	else:
 		return jsonify({
 			"errcode": "M_UNRECOGNIZED",
--- a/vona/policy/init.py
+++ b/vona/policy/init.py
@@ -1,4 +1,8 @@
-from flask import jsonify, Blueprint, request
+from flask import (
+	jsonify,
+	Blueprint,
+	request,
+)

 policy = Blueprint("policy", __name__)

--- a/vona/utils/main.py
+++ b/vona/utils/main.py
@@ -1,8 +1,9 @@
 print("Available utils:")

 a = [
-	"makekey",
-	"joinroom"
+	"makekey - Generate a signing key",
+	"joinroom - Join a remote room",
+	"roomwithver - Brute-force a room with a specific room version",
 ]

 for t in a:
--- a/vona/utils/joinroom.py
+++ b/vona/utils/joinroom.py
@@ -1,10 +1,37 @@
-from resolvematrix import ServerResolver
-import urllib.parse, time, json, httpx
 import vona.globals as globals
 import vona.config as config

+import urllib.parse
+import time
+import json
+import httpx
+
+
 http_client = globals.http_client()

+versions = [
+	"1",
+	"2",
+	"3",
+	"4",
+	"5",
+	"6",
+	"7",
+	"8",
+	"9",
+	"10",
+	"11",
+	"12",
+	"org.matrix.msc3757.10",
+	"org.matrix.msc3757.11",
+	"org.matrix.hydra.11",
+	"org.matrix.msc3667",
+	"org.matrix.msc3787",
+	"org.matrix.msc4014",
+]
+
+verparams = "&".join(f"ver={ver}" for ver in versions)
+

 def get_user_input(prompt):
 	try:
@@ -28,13 +55,11 @@ except Exception as e:
 	print(f"Error reading server names: {e}")
 	exit(1)

-resolver = ServerResolver(client=http_client)
-
 try:
 	print("\nSending make_join request..")

 	make_join_response = http_client.get(
-		path=f"/_matrix/federation/v1/make_join/{room_id}/%40{username}%3A{config.server_name}?ver=1&ver=2&ver=3&ver=4&ver=5&ver=6&ver=7&ver=8&ver=9&ver=10&ver=11&ver=12",
+		path=f"/_matrix/federation/v1/make_join/{room_id}/%40{username}%3A{config.server_name}?{verparams}",
 		destination=server_name,
 	)

@@ -57,13 +82,26 @@ if make_join.get("room_version", "1") in ["1", "2"]:
 	# NOTE: if we always make it opaque than Synapse will 500 lmao
 	join_event["event_id"] = globals.make_event_id()

+elif make_join.get("room_version", "1") == "org.matrix.msc4014":
+	# dendrite dislikes this :p
+	join_event["sender_key"] = globals.pubkey()
+
+	join_event["content"]["mxid_mapping"] = globals.sign_json({
+		"sender_key": globals.pubkey(),
+		"user_id": f"@{username}:{config.server_name}"
+	})
+
+
 timestamp = input("\nTimestamp (leave blank for now):\n\t")
 try:
 	join_event["origin_server_ts"] = int(timestamp)
 except ValueError:
 	join_event["origin_server_ts"] = int(f"{time.time() * 1000}".split(".")[0])

-signed_join = globals.hash_and_sign_event(join_event)
+signed_join = globals.hash_and_sign_event(
+	join_event,
+	int(make_join.get("room_version", "1"))
+)

 try:
 	send_join_response = http_client.put(
--- a/vona/utils/makekey.py
+++ b/vona/utils/makekey.py
@@ -1,25 +1,23 @@
-# Generates a key in the format compatible with Synapse and Vona.
-
 import base64
 import os

+# Generates a key in the format compatible with Synapse and Vona.
+

 def mkchar() -> str:
 	return os.urandom(4).hex()[:1]


-key = (
-	base64.b64encode(os.urandom(32))
-	.decode("utf-8")[:43]
+def random(length):
+	return (
+		base64.b64encode(os.urandom(length))
+		.decode("utf-8")[:length]
 		.replace("/", mkchar())
 		.replace("+", mkchar())
-)
+	)

-key_id = (
-	base64.b64encode(os.urandom(32))
-	.decode("utf-8")[:6]
-	.replace("/", mkchar())
-	.replace("+", mkchar())
-)
+
+key = random(43)
+key_id = random(6)

 print(f"ed25519 {key_id} {key}")
--- a/vona/utils/roomwithver.py
+++ b/vona/utils/roomwithver.py
@@ -0,0 +1,62 @@
+import vona.globals as globals
+import vona.config as config
+import multiprocessing
+
+versions = [str(i) for i in range(1, 10)]
+
+try:
+	desired_ver = input("Desired room version:\n\t")
+except (EOFError, KeyboardInterrupt):
+	print("")
+	exit(0)
+
+known = {
+	"1": "qa",
+	"2": "br",
+	"3": "3",
+	"4": "D",
+	"5": "U",
+	"6": "f",
+	"7": "gx",
+	"8": "hx",
+	"9": "iy",
+	"10": "p0",
+	"11": "jZ",
+}
+
+if desired_ver in known:
+	print(f"!{known[desired_ver]}:{config.server_name} (from known room ID list)")
+	try:
+		input("Press enter to bruteforce anyway:\n\t")
+	except (EOFError, KeyboardInterrupt):
+		print("")
+		exit(0)
+
+elif desired_ver not in versions:
+	print("Unsupported room version")
+	exit(1)
+
+def worker(room_found):
+	try:
+		while not room_found.value:
+			room_id = globals.make_event_id().replace("$", "!")
+			room_ver = globals.room_version_from_id(room_id)
+
+			if room_ver == desired_ver:
+				print(room_id)
+				room_found.value = True
+				break
+	except Exception:
+		pass
+
+
+room_found = multiprocessing.Value('b', False)
+processes = []
+
+for _ in range(multiprocessing.cpu_count()):
+	p = multiprocessing.Process(target=worker, args=(room_found,))
+	processes.append(p)
+	p.start()
+
+for p in processes:
+	p.join()
Author	SHA1	Message	Date
Kierre	a5b34fb4a8	Only permit the v1 send_join endpoint for v1/v2 rooms	2025-11-05 12:30:51 -05:00
Kierre	2212453a96	`time` -> `get_time`	2025-11-05 11:53:26 -05:00
Kierre	d9583f3472	Add pre-commit configuration	2025-10-29 23:38:26 -04:00
Kierre	3d9ff622fd	Make ty happy	2025-10-29 21:29:10 -04:00
Kierre	945f92e25f	MSC4375: Admin Room Management	2025-10-29 03:58:08 -04:00
Kierre	29ecfc0387	Move standardised admin APIs to a new file	2025-10-29 02:39:30 -04:00
Kierre	4bdeca6139	Implement Hammerhead `debug` API	2025-10-27 14:54:20 -04:00
Kierre	b8f8a1a7b1	Remove database	2025-10-27 10:19:03 -04:00
Kierre	35896ed1ee	Implement room V11	2025-10-27 10:05:33 -04:00
Kierre	da82f492e8	Implement redaction for v1 to v11 events	2025-10-26 22:38:22 -04:00
Kierre	17d5a6458e	Allow `/` in event IDs on `send_join`	2025-10-26 18:32:17 -04:00
Kierre	ad4c5cc5d2	Include event IDs on stripped state	2025-10-26 15:56:46 -04:00
Kierre	8999a5e414	Add known room IDs to room bruteforcer	2025-10-26 15:35:45 -04:00
Kierre	2fa647f7e7	Remove `join_authorised_via_users_server` from `make_join`	2025-10-26 07:36:09 -04:00
Kierre	1c87e8b5a5	Implement Room V10	2025-10-26 06:36:15 -04:00
Kierre	9d68082764	Add CouchDB stuffs	2025-10-26 05:53:44 -04:00
Kierre	32cdb239ff	Synapse `start_job` returns a blank dict	2025-10-26 00:52:22 -04:00
Kierre	626c865461	make Ruff happy	2025-10-25 23:53:17 -04:00
Kierre	fe5c0e23b5	Use ref hash for incoming v3+ events	2025-10-25 23:53:07 -04:00
Kierre	09cb708594	Improve method for brute-force of rooms	2025-10-25 17:32:40 -04:00
Kierre	ad72886fb3	Accept more room versions on invitations	2025-10-25 16:54:46 -04:00
Kierre	9b6988a029	Implement rooms V3 through V9	2025-10-25 04:22:48 -04:00
Kierre	2f891508ab	Adapt extremities endpoint for v3+	2025-10-25 00:59:20 -04:00
Kierre	f23a74de5c	Prepare for room v3+, misc bugfixes	2025-10-24 23:46:48 -04:00
Kierre	b71096663c	Add room v3+ event ID calculator	2025-10-24 20:34:20 -04:00
Kierre	1fce4d5ba1	Update MSC4373 implentation	2025-10-23 22:50:59 -04:00
Kierre	c1a4de06ce	Add list of implemented MSCs	2025-10-22 18:23:21 -04:00
Kierre	1e6c7adb41	MSC4373: Server opt-out of specific EDU types	2025-10-22 17:13:19 -04:00
Kierre	6cc08fcb02	The Codebase Consistency Update	2025-10-21 23:47:28 -04:00
Kierre	458d69da84	revert last commit	2025-10-21 16:39:05 -04:00
Kierre	8c513ac738	add option to disable TLS certificate validation in http_client	2025-10-21 16:32:59 -04:00
Kierre	3ec0f2ab4f	Hammerhead `reload-config` endpoint	2025-10-20 18:18:21 -04:00
Kierre	b5e74af72f	Allow SyWeb login	2025-10-20 18:18:05 -04:00
Kierre	d2e61a3b07	federation `state_ids`	2025-10-19 16:10:42 -04:00
Kierre	24133be98c	Partial SyWeb compatibility	2025-10-19 00:07:23 -04:00
Kierre	647916b749	MSC4014	2025-10-18 17:16:41 -04:00
Kierre	6056268a2e	oops	2025-10-18 12:14:22 -04:00
Kierre	b4d2f8e728	Fix federation self test	2025-10-18 10:23:59 -04:00
Kierre	2cb6fd005a	synadm: fetch event API, media info API	2025-10-18 09:58:10 -04:00
Kierre	fe43b77611	MSC4370: Federation endpoint for retrieving current extremities	2025-10-17 23:22:43 -04:00