Matrix is a secure, decentralized communication protocol that supports end-to-end encryption (E2EE). This guide covers creating a Matrix account, installing the Element app via F-Droid, setting it up, and using key features such as verification, encryption, key backup, and data backup.

• Decentralization: Matrix operates on a federated network, allowing users to choose or run their own homeserver, reducing reliance on centralized providers.
• End-to-End Encryption (E2EE): Messages in 1:1 chats and optionally in group rooms are encrypted by default, ensuring only communication partners can read the content.
• Privacy: By selecting privacy-friendly servers (e.g., in the EU) and using E2EE, users retain control over their personal data.
• Interoperability: Matrix supports bridges to other platforms (e.g., Signal, WhatsApp, IRC), enabling cross-platform communication.
• Open Source: The Matrix standard and clients like Element are open-source, promoting transparency and community development.
• Flexibility: Users can choose from various clients (e.g., Element, FluffyChat) and devices (desktop, mobile, web) without losing functionality.
• Self-Hosting: Organizations or individuals can run their own Matrix servers for full control over data and infrastructure.
• Scalability: Matrix is suitable for private chats, large community rooms, and even institutional communication (e.g., at universities).
• Verification: QR code or emoji-based verification ensures protection against man-in-the-middle attacks.
• Cost-Free: Matrix and clients like Element are free to use, with many public servers offering free registration.

The Element app is the recommended client for Matrix. For Android users, installing via F-Droid is a secure and privacy-friendly option. Alternatively, you can use the FluffyChat app, the Element browser app, or the Element or FluffyChat desktop app.

1. Download the F-Droid version of the Element X app from the official website (https://f-droid.org) and install it.
2. Open F-Droid and search for “Element X” (ensure you select the “Element X” app if creating a new account).
3. Install the app and open it.

Matrix accounts are created via a Matrix server (homeserver). You can create a new account on public servers like matrix.org or others listed below.

1. Download the Element app (see “Installing the Element App” section).
2. Open the app and select “Register” (for public servers).
3. Keep the default server as “matrix.org” or enter a server of your choice.
4. Enter a username, password, and optionally an email address during registration.
5. Follow the instructions for verification (e.g., via email).

Note: Ensure you update the app via F-Droid to receive the latest security updates.

After installation, configure the app to use Matrix optimally.

1. After successful registration or login:
2. Enable desktop notifications (optional, can be adjusted later).
3. Set up key backup (see “Key Backup and Data Backup”) to ensure encrypted chats remain accessible.
4. Verify your devices (see “Verification and Encryption”) to ensure security.

STORE YOUR PASSWORD AND KEYS IN A SECURE LOCATION!

Note: Use the Element desktop client or mobile app instead of a browser tab to avoid encryption issues. A closed browser tab may result in encrypted messages becoming unreadable.

Public Matrix servers allow new user registration and are ideal for those without access to institutional servers. Below is a selection of stable, public homeservers suitable for beginners (based on hello-matrix.net):

• matrix.org: The official homeserver of the Matrix Foundation. Very stable but occasionally overloaded due to its popularity. Suitable for general use, though it may test pre-release server software, causing occasional instability.
• allmende.io: Operated by the ecobytes association in Germany, focused on socio-ecological projects. Stable and privacy-friendly, ideal for users in Germany.
• matrix.sp-codes.de: A public server in Germany, operated by Samuel Philipp. Suitable for users preferring a smaller, community-oriented server.
• matrix.ctseuro.com: A public server focused on privacy, operated by Karl M. Joch. A good alternative to matrix.org.
• matrix.luug.ru: Operated by the Linux User Group Novosibirsk, hosted on Hetzner (Germany). Good connectivity for European users, especially from Russia.
• matrix.hackerspaces.be: A server run by the Belgian hackerspace community, open for public registration. Ideal for tech-savvy users.
• matrix.polish.social: A server in Poland, primarily serving the Polish Matrix community but open to all. Suitable for European users.
• chat.karotte.org: A server in France, operated by a computer science student. Offers a stable platform for international users.

Notes on Server Selection:

• Choose a server geographically close to you to minimize latency.
• Check the server’s privacy policies, as some may store metadata (e.g., usernames or room affiliations).
• Avoid registering only on matrix.org to support federation and reduce server overload.
• A more comprehensive list of public servers is available at https://www.hello-matrix.net.

Matrix supports end-to-end encryption (E2EE), where messages are decrypted only on the communication partners’ devices. This requires verification and key backup.

• How it works: Messages are encrypted on your device and decrypted only on the recipient’s device. Even the server operator cannot read the content.
• Default: 1:1 chats are E2EE-encrypted by default. For group rooms, E2EE must be manually enabled (Settings > Room > “Enable encryption”).
• Note: Once E2EE is enabled for a room, it cannot be disabled. Verifying all participants in large rooms can be time-consuming.

Verification ensures you are communicating with the correct person and prevents man-in-the-middle attacks.

1. Open a chat or room and click the person icon (top right).
2. Select the person to verify and click “Verify.”
3. Choose a verification method:

 * QR Code: Scan the other device’s QR code during an in-person meeting.
 * Emojis: Compare the displayed emojis with your communication partner (e.g., over the phone or in person).

1. Confirm if the codes/emojis match (“They match”).
2. Repeat for each device used by you or your communication partner.

Note: Without verification, messages may be marked as “unverified,” compromising security. Enable the setting (Security & Privacy > “Encrypt to verified sessions only”) to communicate only with verified devices.

Key backup is critical to access encrypted messages after logging out, switching devices, or closing a browser tab. Without key backup, encrypted chats may be lost.

1. After your first login, Element prompts you to set up key backup. Click “Continue.”
2. Choose between:

 * Security Phrase: Create a strong, memorable password. This is required at each login to sync keys.
 * Security Key: The generated security key (12 blocks of 4 characters, starting with “E”) is saved securely as “security-key.txt” and can be printed.

1. Store the security key securely (e.g., in a password manager, as a file, or printed).
2. Confirm your identity with your Element account password.

Note: Key backup stores your cryptographic keys encrypted on the homeserver. Without the security phrase or key, you cannot access old encrypted messages.

• Why it’s important: Without a backup, you lose access to encrypted chats if you log out, close a browser tab, or lose a device.
• Steps:

 # Export room keys manually (Settings > Security & Privacy > Encryption > “Export E2E room keys”).
 # Store the exported file securely (e.g., on a USB drive or in a password manager).
 # Import keys on a new device if needed (Settings > Security & Privacy > “Import E2E room keys”).

• Recommendation: Keep at least one verified session active (e.g., on a desktop client or smartphone) to avoid key loss. In the future, the “dehydrated devices” feature will simplify this.

If you lose your security phrase and key:

1. Log out of all sessions except one where you still have access to encrypted messages.
2. Export room keys (see above).
3. Delete the old key backup (Settings > Security & Privacy > “Secure Backup” > “Reset backup”).
4. Set up a new key backup and store the new security key securely.

Note: Without access to an existing session or security key, encrypted messages are permanently lost.

• Use the Element desktop client or mobile app to avoid key loss from closed browser tabs.
• Always verify new devices with an existing verified device or your security phrase/key.
• Matrix does not support email invitations. Use the username or Matrix ID (@username:server.de) to invite people.

• Matrix documentation from TU Dresden: https://doc.matrix.tu-dresden.de
• Matrix documentation from Darmstadt University of Applied Sciences: https://its.h-da.io
• Matrix documentation from KIT: https://docs.matrix.kit.edu
• Blog post on Matrix encryption: https://sp-codes.de
• List of public Matrix servers: https://www.hello-matrix.net