Non-Contributory Keys in the Matrix
Summary
The article analyzes a Matrix Vodzemac vulnerability involving all-zero ECDH outputs when identity keys are used, explains contributory behaviour per RFC 7748, and compares Matrix Olm to Signal PQXDH. It concludes that while defense-in-depth checks are nice, there isn't a direct vulnerability, and it recommends Signal for secure messaging.