feat(hydra): Initial public commit for v12 support

# Conflicts: # src/core/info/room_version.rs # src/service/rooms/timeline/create.rs # Conflicts: # Cargo.lock # src/core/matrix/state_res/event_auth.rs # Conflicts: # Cargo.toml
2026-05-26 20:49:55 +00:00 · 2025-07-25 11:17:29 +01:00
parent 51423c9d7d
commit 96a58f6d69
56 changed files with 950 additions and 385 deletions
@@ -17,8 +17,12 @@ pub const STABLE_ROOM_VERSIONS: &[RoomVersionId] = &[
 ];

 /// Experimental, partially supported room versions
-pub const UNSTABLE_ROOM_VERSIONS: &[RoomVersionId] =
-	&[RoomVersionId::V3, RoomVersionId::V4, RoomVersionId::V5];
+pub const UNSTABLE_ROOM_VERSIONS: &[RoomVersionId] = &[
+	RoomVersionId::V3,
+	RoomVersionId::V4,
+	RoomVersionId::V5,
+	RoomVersionId::V12,
+];

 type RoomVersion = (RoomVersionId, RoomVersionStability);

@@ -10,7 +10,7 @@ mod unsigned;
 use std::fmt::Debug;

 use ruma::{
-	CanonicalJsonObject, EventId, MilliSecondsSinceUnixEpoch, OwnedEventId, RoomId,
+	CanonicalJsonObject, EventId, MilliSecondsSinceUnixEpoch, OwnedEventId, OwnedRoomId, RoomId,
 	RoomVersionId, UserId, events::TimelineEventType,
 };
 use serde::Deserialize;
@@ -168,7 +168,12 @@ pub trait Event: Clone + Debug {
 	fn redacts(&self) -> Option<&EventId>;

 	/// The `RoomId` of this event.
-	fn room_id(&self) -> &RoomId;
+	fn room_id(&self) -> Option<&RoomId>;
+
+	/// The `RoomId` or hash of this event.
+	/// This should only be preferred over room_id() if the event is a v12
+	/// create event.
+	fn room_id_or_hash(&self) -> OwnedRoomId;

 	/// The `UserId` of this event.
 	fn sender(&self) -> &UserId;
@@ -32,12 +32,16 @@ impl<E: Event> Matches<E> for &RoomEventFilter {
 }

 fn matches_room<E: Event>(event: &E, filter: &RoomEventFilter) -> bool {
-	if filter.not_rooms.iter().any(is_equal_to!(event.room_id())) {
+	if filter
+		.not_rooms
+		.iter()
+		.any(is_equal_to!(event.room_id().unwrap()))
+	{
 		return false;
 	}

 	if let Some(rooms) = filter.rooms.as_ref() {
-		if !rooms.iter().any(is_equal_to!(event.room_id())) {
+		if !rooms.iter().any(is_equal_to!(event.room_id().unwrap())) {
 			return false;
 		}
 	}
@@ -31,7 +31,7 @@ use crate::Result;
 pub struct Pdu {
 	pub event_id: OwnedEventId,

-	pub room_id: OwnedRoomId,
+	pub room_id: Option<OwnedRoomId>,

 	pub sender: OwnedUserId,

@@ -110,7 +110,19 @@ impl Event for Pdu {
 	fn redacts(&self) -> Option<&EventId> { self.redacts.as_deref() }

 	#[inline]
-	fn room_id(&self) -> &RoomId { &self.room_id }
+	fn room_id(&self) -> Option<&RoomId> { self.room_id.as_deref() }
+
+	#[inline]
+	fn room_id_or_hash(&self) -> OwnedRoomId {
+		if let Some(room_id) = &self.room_id {
+			room_id.clone()
+		} else {
+			let constructed_hash = "!".to_owned() + &self.event_id.as_str()[1..];
+			RoomId::parse(&constructed_hash)
+				.expect("event ID can be indexed")
+				.to_owned()
+		}
+	}

 	#[inline]
 	fn sender(&self) -> &UserId { &self.sender }
@@ -163,7 +175,19 @@ impl Event for &Pdu {
 	fn redacts(&self) -> Option<&EventId> { self.redacts.as_deref() }

 	#[inline]
-	fn room_id(&self) -> &RoomId { &self.room_id }
+	fn room_id(&self) -> Option<&RoomId> { self.room_id.as_ref().map(AsRef::as_ref) }
+
+	#[inline]
+	fn room_id_or_hash(&self) -> OwnedRoomId {
+		if let Some(room_id) = &self.room_id {
+			room_id.clone()
+		} else {
+			let constructed_hash = "!".to_owned() + &self.event_id.as_str()[1..];
+			RoomId::parse(&constructed_hash)
+				.expect("event ID can be indexed")
+				.to_owned()
+		}
+	}

 	#[inline]
 	fn sender(&self) -> &UserId { &self.sender }
@@ -406,7 +406,7 @@ where

 	Pdu {
 		event_id: id.try_into().unwrap(),
-		room_id: room_id().to_owned(),
+		room_id: Some(room_id().to_owned()),
 		sender: sender.to_owned(),
 		origin_server_ts: ts.try_into().unwrap(),
 		state_key: state_key.map(Into::into),
@@ -2,10 +2,10 @@ use std::{borrow::Borrow, collections::BTreeSet};

 use futures::{
 	Future,
-	future::{OptionFuture, join3},
+	future::{OptionFuture, join, join3},
 };
 use ruma::{
-	Int, OwnedUserId, RoomVersionId, UserId,
+	Int, OwnedRoomId, OwnedUserId, RoomVersionId, UserId,
 	events::room::{
 		create::RoomCreateEventContent,
 		join_rules::{JoinRule, RoomJoinRulesEventContent},
@@ -44,6 +44,15 @@ struct RoomMemberContentFields {
 	join_authorised_via_users_server: Option<Raw<OwnedUserId>>,
 }

+#[derive(Deserialize)]
+struct RoomCreateContentFields {
+	room_version: Option<Raw<RoomVersionId>>,
+	creator: Option<Raw<IgnoredAny>>,
+	additional_creators: Option<Vec<Raw<OwnedUserId>>>,
+	#[serde(rename = "m.federate", default = "ruma::serde::default_true")]
+	federate: bool,
+}
+
 /// For the given event `kind` what are the relevant auth events that are needed
 /// to authenticate this `content`.
 ///
@@ -56,16 +65,24 @@ pub fn auth_types_for_event(
 	sender: &UserId,
 	state_key: Option<&str>,
 	content: &RawJsonValue,
+	room_version: &RoomVersion,
 ) -> serde_json::Result<Vec<(StateEventType, StateKey)>> {
 	if kind == &TimelineEventType::RoomCreate {
 		return Ok(vec![]);
 	}

-	let mut auth_types = vec![
-		(StateEventType::RoomPowerLevels, StateKey::new()),
-		(StateEventType::RoomMember, sender.as_str().into()),
-		(StateEventType::RoomCreate, StateKey::new()),
-	];
+	let mut auth_types = if room_version.room_ids_as_hashes {
+		vec![
+			(StateEventType::RoomPowerLevels, StateKey::new()),
+			(StateEventType::RoomMember, sender.as_str().into()),
+		]
+	} else {
+		vec![
+			(StateEventType::RoomPowerLevels, StateKey::new()),
+			(StateEventType::RoomMember, sender.as_str().into()),
+			(StateEventType::RoomCreate, StateKey::new()),
+		]
+	};

 	if kind == &TimelineEventType::RoomMember {
 		#[derive(Deserialize)]
@@ -141,6 +158,7 @@ pub async fn auth_check<E, F, Fut>(
 	incoming_event: &E,
 	current_third_party_invite: Option<&E>,
 	fetch_state: F,
+	create_event: &E,
 ) -> Result<bool, Error>
 where
 	F: Fn(&StateEventType, &str) -> Fut + Send,
@@ -169,12 +187,6 @@ where
 	//
 	// 1. If type is m.room.create:
 	if *incoming_event.event_type() == TimelineEventType::RoomCreate {
-		#[derive(Deserialize)]
-		struct RoomCreateContentFields {
-			room_version: Option<Raw<RoomVersionId>>,
-			creator: Option<Raw<IgnoredAny>>,
-		}
-
 		debug!("start m.room.create check");

 		// If it has any previous events, reject
@@ -184,14 +196,16 @@ where
 		}

 		// If the domain of the room_id does not match the domain of the sender, reject
-		let Some(room_id_server_name) = incoming_event.room_id().server_name() else {
-			warn!("room ID has no servername");
-			return Ok(false);
-		};
-
-		if room_id_server_name != sender.server_name() {
-			warn!("servername of room ID does not match servername of sender");
-			return Ok(false);
+		if incoming_event.room_id().is_some() {
+			let Some(room_id_server_name) = incoming_event.room_id().unwrap().server_name()
+			else {
+				warn!("room ID has no servername");
+				return Ok(false);
+			};
+			if room_id_server_name != sender.server_name() {
+				warn!("servername of room ID does not match servername of sender");
+				return Ok(false);
+			}
 		}

 		// If content.room_version is present and is not a recognized version, reject
@@ -204,7 +218,15 @@ where
 			return Ok(false);
 		}

-		if !room_version.use_room_create_sender {
+		// TODO(hydra): If the create event has a room_id, reject
+		if room_version.room_ids_as_hashes && incoming_event.room_id().is_some() {
+			warn!("this room version does not support room IDs in m.room.create");
+			return Ok(false);
+		}
+
+		if !room_version.use_room_create_sender
+			&& !room_version.explicitly_privilege_room_creators
+		{
 			// If content has no creator field, reject
 			if content.creator.is_none() {
 				warn!("no creator field found in m.room.create content");
@@ -216,6 +238,8 @@ where
 		return Ok(true);
 	}

+	// NOTE(hydra): We must have an event ID from this point forward.
+
 	/*
 	// TODO: In the past this code was commented as it caused problems with Synapse. This is no
 	// longer the case. This needs to be implemented.
@@ -242,54 +266,102 @@ where
 	}
 	*/

-	let (room_create_event, power_levels_event, sender_member_event) = join3(
-		fetch_state(&StateEventType::RoomCreate, ""),
+	let (power_levels_event, sender_member_event) = join(
+		// fetch_state(&StateEventType::RoomCreate, ""),
 		fetch_state(&StateEventType::RoomPowerLevels, ""),
 		fetch_state(&StateEventType::RoomMember, sender.as_str()),
 	)
 	.await;

-	let room_create_event = match room_create_event {
-		| None => {
-			warn!("no m.room.create event in auth chain");
-			return Ok(false);
-		},
-		| Some(e) => e,
+	// TODO(hydra): Re-enable <v12 checks
+	// let room_create_event = match room_create_event {
+	// 	| None => {
+	// 		// Room was either v11 with no create event, or v12+ room
+	// 		if incoming_event.room_id().is_some() {
+	// 			// invalid v11
+	// 			warn!("no m.room.create event found in claimed state");
+	// 			return Ok(false);
+	// 		}
+	// 		// v12 room
+	// 		debug!("no m.room.create event found, assuming v12 room");
+	// 		create_event.clone()
+	// 	},
+	// 	| Some(e) => e,
+	// };
+	let room_create_event = create_event.clone();
+
+	// Get the content of the room create event, used later.
+	let room_create_content: RoomCreateContentFields =
+		from_json_str(room_create_event.content().get())?;
+	if room_create_content
+		.room_version
+		.is_some_and(|v| v.deserialize().is_err())
+	{
+		warn!("invalid room version found in m.room.create event");
+		return Ok(false);
+	}
+	let expected_room_id = match room_version.room_ids_as_hashes {
+		// If the room version uses hashes, we replace the create event's event ID leading sigil
+		// with !
+		| true => OwnedRoomId::try_from(room_create_event.event_id().as_str().replace('$', "!"))
+			.expect("Failed to convert event ID to room ID")
+			.clone(),
+		| false => room_create_event.room_id().unwrap().to_owned(),
 	};

-	if incoming_event.room_id() != room_create_event.room_id() {
-		warn!("room_id of incoming event does not match room_id of m.room.create event");
+	if incoming_event.room_id().unwrap() != expected_room_id {
+		warn!(
+			expected = %expected_room_id,
+			received = %incoming_event.room_id().unwrap(),
+			"room_id of incoming event ({}) does not match room_id of m.room.create event ({})",
+			incoming_event.room_id().unwrap(),
+			expected_room_id,
+		);
+		return Ok(false);
+	}
+
+	// If the create event is referenced in the event's auth events, and this is a
+	// v12 room, reject
+	let claims_create_event = incoming_event
+		.auth_events()
+		.any(|id| id == room_create_event.event_id());
+	if room_version.room_ids_as_hashes && claims_create_event {
+		warn!("m.room.create event incorrectly found in auth events");
+		return Ok(false);
+	} else if !room_version.room_ids_as_hashes && !claims_create_event {
+		// If the create event is not referenced in the event's auth events, and this is
+		// a v11 room, reject
+		warn!("no m.room.create event found in auth events");
 		return Ok(false);
 	}

 	if let Some(ref pe) = power_levels_event {
-		if pe.room_id() != room_create_event.room_id() {
-			warn!("room_id of power levels event does not match room_id of m.room.create event");
+		if *pe.room_id().unwrap() != expected_room_id {
+			warn!(
+				expected = %expected_room_id,
+				received = %pe.room_id().unwrap(),
+				"room_id of power levels event does not match room_id of m.room.create event"
+			);
 			return Ok(false);
 		}
 	}

 	// 3. If event does not have m.room.create in auth_events reject
-	if !incoming_event
-		.auth_events()
-		.any(|id| id == room_create_event.event_id())
-	{
-		warn!("no m.room.create event in auth events");
-		return Ok(false);
-	}
+	// removed as part of Hydra.
+	// TODO: reintroduce this for <v12 lol
+	// if !incoming_event
+	// 	.auth_events()
+	// 	.any(|id| id == room_create_event.event_id())
+	// {
+	// 	warn!("no m.room.create event in auth events");
+	// 	return Ok(false);
+	// }

 	// If the create event content has the field m.federate set to false and the
 	// sender domain of the event does not match the sender domain of the create
 	// event, reject.
-	#[derive(Deserialize)]
-	#[allow(clippy::items_after_statements)]
-	struct RoomCreateContentFederate {
-		#[serde(rename = "m.federate", default = "ruma::serde::default_true")]
-		federate: bool,
-	}
-	let room_create_content: RoomCreateContentFederate =
-		from_json_str(room_create_event.content().get())?;
-	if !room_create_content.federate
+	if !room_version.room_ids_as_hashes
+		&& !room_create_content.federate
 		&& room_create_event.sender().server_name() != incoming_event.sender().server_name()
 	{
 		warn!(
@@ -321,7 +393,7 @@ where
 		debug!("starting m.room.member check");
 		let state_key = match incoming_event.state_key() {
 			| None => {
-				warn!("no statekey in member event");
+				warn!("no state key in member event");
 				return Ok(false);
 			},
 			| Some(s) => s,
@@ -377,6 +449,7 @@ where
 			&user_for_join_auth_membership,
 			&room_create_event,
 		)? {
+			warn!("membership change not valid for some reason");
 			return Ok(false);
 		}

@@ -394,8 +467,16 @@ where
 		},
 	};

-	if sender_member_event.room_id() != room_create_event.room_id() {
-		warn!("room_id of incoming event does not match room_id of m.room.create event");
+	if sender_member_event
+		.room_id()
+		.expect("we have a room ID for non create events")
+		!= room_create_event.room_id_or_hash()
+	{
+		warn!(
+			"room_id of incoming event ({}) does not match room_id of m.room.create event ({})",
+			sender_member_event.room_id_or_hash(),
+			room_create_event.room_id_or_hash()
+		);
 		return Ok(false);
 	}

@@ -417,7 +498,7 @@ where
 	}

 	// If type is m.room.third_party_invite
-	let sender_power_level = match &power_levels_event {
+	let mut sender_power_level = match &power_levels_event {
 		| Some(pl) => {
 			let content =
 				deserialize_power_levels_content_fields(pl.content().get(), room_version)?;
@@ -439,6 +520,24 @@ where
 			if is_creator { int!(100) } else { int!(0) }
 		},
 	};
+	if room_version.explicitly_privilege_room_creators {
+		// If the user sent the create event, or is listed in additional_creators, just
+		// give them Int::MAX
+		if sender == room_create_event.sender()
+			|| room_create_content
+				.additional_creators
+				.as_ref()
+				.is_some_and(|creators| {
+					creators
+						.iter()
+						.any(|c| c.deserialize().is_ok_and(|c| c == *sender))
+				}) {
+			trace!("privileging room creator or additional creator");
+			// This user is the room creator or an additional creator, give them max power
+			// level
+			sender_power_level = Int::MAX;
+		}
+	}

 	// Allow if and only if sender's current power level is greater than
 	// or equal to the invite level
@@ -554,6 +653,7 @@ where
 	struct GetThirdPartyInvite {
 		third_party_invite: Option<Raw<ThirdPartyInvite>>,
 	}
+	let create_content = from_json_str::<RoomCreateContentFields>(create_room.content().get())?;
 	let content = current_event.content();

 	let target_membership = from_json_str::<GetMembership>(content.get())?.membership;
@@ -576,20 +676,40 @@ where
 		| None => RoomPowerLevelsEventContent::default(),
 	};

-	let sender_power = power_levels
+	let mut sender_power = power_levels
 		.users
 		.get(sender)
 		.or_else(|| sender_is_joined.then_some(&power_levels.users_default));

-	let target_power = power_levels.users.get(target_user).or_else(|| {
+	let mut target_power = power_levels.users.get(target_user).or_else(|| {
 		(target_membership == MembershipState::Join).then_some(&power_levels.users_default)
 	});

-	let join_rules = if let Some(jr) = &join_rules_event {
-		from_json_str::<RoomJoinRulesEventContent>(jr.content().get())?.join_rule
-	} else {
-		JoinRule::Invite
-	};
+	let mut creators = BTreeSet::new();
+	creators.insert(create_room.sender().to_owned());
+	if room_version.explicitly_privilege_room_creators {
+		// Explicitly privilege room creators
+		// If the sender sent the create event, or in additional_creators, give them
+		// Int::MAX. Same case for target.
+		if let Some(additional_creators) = &create_content.additional_creators {
+			for c in additional_creators {
+				if let Ok(c) = c.deserialize() {
+					creators.insert(c);
+				}
+			}
+		}
+		if creators.contains(sender) {
+			sender_power = Some(&Int::MAX);
+		}
+		if creators.contains(target_user) {
+			target_power = Some(&Int::MAX);
+		}
+	}
+
+	let mut join_rules = JoinRule::Invite;
+	if let Some(jr) = &join_rules_event {
+		join_rules = from_json_str::<RoomJoinRulesEventContent>(jr.content().get())?.join_rule;
+	}

 	let power_levels_event_id = power_levels_event.as_ref().map(Event::event_id);
 	let sender_membership_event_id = sender_membership_event.as_ref().map(Event::event_id);
@@ -598,7 +718,7 @@ where

 	let user_for_join_auth_is_valid = if let Some(user_for_join_auth) = user_for_join_auth {
 		// Is the authorised user allowed to invite users into this room
-		let (auth_user_pl, invite_level) = if let Some(pl) = &power_levels_event {
+		let (mut auth_user_pl, invite_level) = if let Some(pl) = &power_levels_event {
 			// TODO Refactor all powerlevel parsing
 			let invite =
 				deserialize_power_levels_content_invite(pl.content().get(), room_version)?.invite;
@@ -614,6 +734,9 @@ where
 		} else {
 			(int!(0), int!(0))
 		};
+		if creators.contains(user_for_join_auth) {
+			auth_user_pl = Int::MAX;
+		}
 		(user_for_join_auth_membership == &MembershipState::Join)
 			&& (auth_user_pl >= invite_level)
 	} else {
@@ -623,6 +746,7 @@ where

 	Ok(match target_membership {
 		| MembershipState::Join => {
+			debug!("starting target_membership=join check");
 			// 1. If the only previous event is an m.room.create and the state_key is the
 			//    creator,
 			// allow
@@ -634,7 +758,10 @@ where
 			let no_more_prev_events = prev_events.next().is_none();

 			if prev_event_is_create_event && no_more_prev_events {
-				let is_creator = if room_version.use_room_create_sender {
+				debug!("checking if sender is a room creator for initial membership event");
+				let is_creator = if room_version.explicitly_privilege_room_creators {
+					creators.contains(target_user) && creators.contains(sender)
+				} else if room_version.use_room_create_sender {
 					let creator = create_room.sender();

 					creator == sender && creator == target_user
@@ -648,10 +775,15 @@ where
 				};

 				if is_creator {
+					debug!("sender is room creator, allowing join");
 					return Ok(true);
 				}
+				debug!("sender is not room creator, proceeding with normal auth checks");
 			}
-
+			let membership_allows_join = matches!(
+				target_user_current_membership,
+				MembershipState::Join | MembershipState::Invite
+			);
 			if sender != target_user {
 				// If the sender does not match state_key, reject.
 				warn!("Can't make other user join");
@@ -660,39 +792,48 @@ where
 				// If the sender is banned, reject.
 				warn!(?target_user_membership_event_id, "Banned user can't join");
 				false
-			} else if (join_rules == JoinRule::Invite
-                    || room_version.allow_knocking && (join_rules == JoinRule::Knock || matches!(join_rules, JoinRule::KnockRestricted(_))))
-                // If the join_rule is invite then allow if membership state is invite or join
-                    && (target_user_current_membership == MembershipState::Join
-                        || target_user_current_membership == MembershipState::Invite)
-			{
-				true
-			} else if room_version.restricted_join_rules
-				&& matches!(join_rules, JoinRule::Restricted(_))
-				|| room_version.knock_restricted_join_rule
-					&& matches!(join_rules, JoinRule::KnockRestricted(_))
-			{
-				// If the join_rule is restricted or knock_restricted
-				if matches!(
-					target_user_current_membership,
-					MembershipState::Invite | MembershipState::Join
-				) {
-					// If membership state is join or invite, allow.
-					true
-				} else {
-					// If the join_authorised_via_users_server key in content is not a user with
-					// sufficient permission to invite other users, reject.
-					// Otherwise, allow.
-					user_for_join_auth_is_valid
-				}
 			} else {
-				// If the join_rule is public, allow.
-				// Otherwise, reject.
-				join_rules == JoinRule::Public
+				match join_rules {
+					| JoinRule::Invite if !membership_allows_join => {
+						warn!("Join rule is invite but membership does not allow join");
+						false
+					},
+					| JoinRule::Knock if !room_version.allow_knocking => {
+						warn!("Join rule is knock but room version does not allow knocking");
+						false
+					},
+					| JoinRule::Knock if !membership_allows_join => {
+						warn!("Join rule is knock but membership does not allow join");
+						false
+					},
+					| JoinRule::KnockRestricted(_) if !room_version.knock_restricted_join_rule =>
+					{
+						warn!(
+							"Join rule is knock_restricted but room version does not support it"
+						);
+						false
+					},
+					| JoinRule::KnockRestricted(_) if !membership_allows_join => {
+						warn!("Join rule is knock_restricted but membership does not allow join");
+						false
+					},
+					| JoinRule::Restricted(_) | JoinRule::KnockRestricted(_) =>
+						if !user_for_join_auth_is_valid {
+							warn!(
+								"Join rule is a restricted one but no valid authorising user \
+								 was given"
+							);
+							false
+						} else {
+							true
+						},
+					| _ => true,
+				}
 			}
 		},
 		| MembershipState::Invite => {
 			// If content has third_party_invite key
+			debug!("starting target_membership=invite check");
 			match third_party_invite.and_then(|i| i.deserialize().ok()) {
 				| Some(tp_id) =>
 					if target_user_current_membership == MembershipState::Ban {
@@ -850,6 +991,7 @@ fn can_send_event(event: &impl Event, ple: Option<&impl Event>, user_level: Int)
 		required_level = i64::from(event_type_power_level),
 		user_level = i64::from(user_level),
 		state_key = ?event.state_key(),
+		power_level_event_id = ?ple.map(|e| e.event_id().as_str()),
 		"permissions factors",
 	);

@@ -92,6 +92,11 @@ where
 	Pdu: Event + Clone + Send + Sync,
 	for<'b> &'b Pdu: Event + Send,
 {
+	use RoomVersionId::*;
+	let stateres_version = match room_version {
+		| V2 | V3 | V4 | V5 | V6 | V7 | V8 | V9 | V10 | V11 => 2.0,
+		| _ => 2.1,
+	};
 	debug!("State resolution starting");

 	// Split non-conflicting and conflicting state
@@ -108,13 +113,27 @@ where
 	debug!(count = conflicting.len(), "conflicting events");
 	trace!(map = ?conflicting, "conflicting events");

+	let conflicted_state_subgraph: HashSet<_> = if stateres_version >= 2.1 {
+		calculate_conflicted_subgraph(&conflicting, event_fetch)
+			.await
+			.ok_or_else(|| {
+				Error::InvalidPdu("Failed to calculate conflicted subgraph".to_owned())
+			})?
+	} else {
+		HashSet::new()
+	};
+	debug!(count = conflicted_state_subgraph.len(), "conflicted subgraph");
+	trace!(set = ?conflicted_state_subgraph, "conflicted subgraph");
+
 	let conflicting_values = conflicting.into_values().flatten().stream();

 	// `all_conflicted` contains unique items
 	// synapse says `full_set = {eid for eid in full_conflicted_set if eid in
 	// event_map}`
+	// Hydra: Also consider the conflicted state subgraph
 	let all_conflicted: HashSet<_> = get_auth_chain_diff(auth_chain_sets)
 		.chain(conflicting_values)
+		.chain(conflicted_state_subgraph.into_iter().stream())
 		.broad_filter_map(async |id| event_exists(id.clone()).await.then_some(id))
 		.collect()
 		.await;
@@ -150,6 +169,7 @@ where
 	// Sequentially auth check each control event.
 	let resolved_control = iterative_auth_check(
 		&room_version,
+		stateres_version,
 		sorted_control_levels.iter().stream().map(AsRef::as_ref),
 		clean.clone(),
 		&event_fetch,
@@ -183,10 +203,11 @@ where
 	let sorted_left_events =
 		mainline_sort(&events_to_resolve, power_event.cloned(), &event_fetch).await?;

-	trace!(list = ?sorted_left_events, "events left, sorted");
+	trace!(list = ?sorted_left_events, "events left, sorted, running iterative auth check");

 	let mut resolved_state = iterative_auth_check(
 		&room_version,
+		stateres_version,
 		sorted_left_events.iter().stream().map(AsRef::as_ref),
 		resolved_control, // The control events are added to the final resolved state
 		&event_fetch,
@@ -198,6 +219,7 @@ where
 	resolved_state.extend(clean);

 	debug!("state resolution finished");
+	trace!( map = ?resolved_state, "final resolved state" );

 	Ok(resolved_state)
 }
@@ -250,6 +272,52 @@ where
 	(unconflicted_state, conflicted_state)
 }

+/// Calculate the conflicted subgraph
+async fn calculate_conflicted_subgraph<F, Fut, E>(
+	conflicted: &StateMap<Vec<OwnedEventId>>,
+	fetch_event: &F,
+) -> Option<HashSet<OwnedEventId>>
+where
+	F: Fn(OwnedEventId) -> Fut + Sync,
+	Fut: Future<Output = Option<E>> + Send,
+	E: Event + Send + Sync,
+{
+	let conflicted_events: HashSet<_> = conflicted.values().flatten().cloned().collect();
+	let mut subgraph: HashSet<OwnedEventId> = HashSet::new();
+	let mut stack: Vec<Vec<OwnedEventId>> =
+		vec![conflicted_events.iter().cloned().collect::<Vec<_>>()];
+	let mut path: Vec<OwnedEventId> = Vec::new();
+	let mut seen: HashSet<OwnedEventId> = HashSet::new();
+	let next_event = |stack: &mut Vec<Vec<_>>, path: &mut Vec<_>| {
+		while stack.last().is_some_and(|s| s.is_empty()) {
+			stack.pop();
+			path.pop();
+		}
+		stack.last_mut().and_then(|s| s.pop())
+	};
+	while let Some(event_id) = next_event(&mut stack, &mut path) {
+		path.push(event_id.clone());
+		if subgraph.contains(&event_id) {
+			if path.len() > 1 {
+				subgraph.extend(path.iter().cloned());
+			}
+			path.pop();
+			continue;
+		}
+		if conflicted_events.contains(&event_id) && path.len() > 1 {
+			subgraph.extend(path.iter().cloned());
+		}
+		if seen.contains(&event_id) {
+			path.pop();
+			continue;
+		}
+		let evt = fetch_event(event_id.clone()).await?;
+		stack.push(evt.auth_events().map(ToOwned::to_owned).collect());
+		seen.insert(event_id);
+	}
+	Some(subgraph)
+}
+
 /// Returns a Vec of deduped EventIds that appear in some chains but not others.
 #[allow(clippy::arithmetic_side_effects)]
 fn get_auth_chain_diff<Id, Hasher>(
@@ -513,8 +581,10 @@ where
 /// For each `events_to_check` event we gather the events needed to auth it from
 /// the the `fetch_event` closure and verify each event using the
 /// `event_auth::auth_check` function.
+#[tracing::instrument(level = "trace", skip_all)]
 async fn iterative_auth_check<'a, E, F, Fut, S>(
 	room_version: &RoomVersion,
+	stateres_version: f32,
 	events_to_check: S,
 	unconflicted_state: StateMap<OwnedEventId>,
 	fetch_event: &F,
@@ -538,12 +608,15 @@ where
 		.try_collect()
 		.boxed()
 		.await?;
+	trace!(list = ?events_to_check, "events to check");

 	let auth_event_ids: HashSet<OwnedEventId> = events_to_check
 		.iter()
 		.flat_map(|event: &E| event.auth_events().map(ToOwned::to_owned))
 		.collect();

+	trace!(set = ?auth_event_ids, "auth event IDs to fetch");
+
 	let auth_events: HashMap<OwnedEventId, E> = auth_event_ids
 		.into_iter()
 		.stream()
@@ -553,9 +626,15 @@ where
 		.boxed()
 		.await;

+	trace!(map = ?auth_events.keys().collect::<Vec<_>>(), "fetched auth events");
+
 	let auth_events = &auth_events;
-	let mut resolved_state = unconflicted_state;
+	let mut resolved_state = match stateres_version {
+		| 2.1 => StateMap::new(),
+		| _ => unconflicted_state,
+	};
 	for event in events_to_check {
+		trace!(event_id = event.event_id().as_str(), "checking event");
 		let state_key = event
 			.state_key()
 			.ok_or_else(|| Error::InvalidPdu("State event had no state key".to_owned()))?;
@@ -565,13 +644,29 @@ where
 			event.sender(),
 			Some(state_key),
 			event.content(),
+			room_version,
 		)?;
+		trace!(list = ?auth_types, event_id = event.event_id().as_str(), "auth types for event");

 		let mut auth_state = StateMap::new();
+		if room_version.room_ids_as_hashes {
+			trace!("room version uses hashed IDs, manually fetching create event");
+			let create_event_id_raw = event.room_id_or_hash().as_str().replace('!', "$");
+			let create_event_id = EventId::parse(&create_event_id_raw).map_err(|e| {
+				Error::InvalidPdu(format!(
+					"Failed to parse create event ID from room ID/hash: {e}"
+				))
+			})?;
+			let create_event = fetch_event(create_event_id.into())
+				.await
+				.ok_or_else(|| Error::NotFound("Failed to find create event".into()))?;
+			auth_state.insert(create_event.event_type().with_state_key(""), create_event);
+		}
 		for aid in event.auth_events() {
 			if let Some(ev) = auth_events.get(aid) {
 				//TODO: synapse checks "rejected_reason" which is most likely related to
 				// soft-failing
+				trace!(event_id = aid.as_str(), "found auth event");
 				auth_state.insert(
 					ev.event_type()
 						.with_state_key(ev.state_key().ok_or_else(|| {
@@ -600,8 +695,9 @@ where
 				auth_state.insert(key.to_owned(), event);
 			})
 			.await;
+		trace!(map = ?auth_state.keys().collect::<Vec<_>>(), event_id = event.event_id().as_str(), "auth state for event");

-		debug!("event to check {:?}", event.event_id());
+		debug!(event_id = event.event_id().as_str(), "Running auth checks");

 		// The key for this is (eventType + a state_key of the signed token not sender)
 		// so search for it
@@ -617,16 +713,29 @@ where
 			)
 		};

-		let auth_result =
-			auth_check(room_version, &event, current_third_party, fetch_state).await;
+		let auth_result = auth_check(
+			room_version,
+			&event,
+			current_third_party,
+			fetch_state,
+			&fetch_state(&StateEventType::RoomCreate, "")
+				.await
+				.expect("create event must exist"),
+		)
+		.await;

 		match auth_result {
 			| Ok(true) => {
 				// add event to resolved state map
+				trace!(
+					event_id = event.event_id().as_str(),
+					"event passed the authentication check, adding to resolved state"
+				);
 				resolved_state.insert(
 					event.event_type().with_state_key(state_key),
 					event.event_id().to_owned(),
 				);
+				trace!(map = ?resolved_state, "new resolved state");
 			},
 			| Ok(false) => {
 				// synapse passes here on AuthError. We do not add this event to resolved_state.
@@ -638,7 +747,8 @@ where
 			},
 		}
 	}
-
+	trace!(map = ?resolved_state, "final resolved state from iterative auth check");
+	debug!("iterative auth check finished");
 	Ok(resolved_state)
 }

@@ -909,6 +1019,7 @@ mod tests {

 		let resolved_power = super::iterative_auth_check(
 			&RoomVersion::V6,
+			2.1,
 			sorted_power_events.iter().map(AsRef::as_ref).stream(),
 			HashMap::new(), // unconflicted events
 			&fetcher,
@@ -61,25 +61,34 @@ pub struct RoomVersion {
 	pub extra_redaction_checks: bool,
 	/// Allow knocking in event authentication.
 	///
-	/// See [room v7 specification](https://spec.matrix.org/latest/rooms/v7/) for more information.
+	/// See [room v7 specification](https://spec.matrix.org/latest/rooms/v7/)
 	pub allow_knocking: bool,
 	/// Adds support for the restricted join rule.
 	///
-	/// See: [MSC3289](https://github.com/matrix-org/matrix-spec-proposals/pull/3289) for more information.
+	/// See: [MSC3289](https://github.com/matrix-org/matrix-spec-proposals/pull/3289)
 	pub restricted_join_rules: bool,
 	/// Adds support for the knock_restricted join rule.
 	///
-	/// See: [MSC3787](https://github.com/matrix-org/matrix-spec-proposals/pull/3787) for more information.
+	/// See: [MSC3787](https://github.com/matrix-org/matrix-spec-proposals/pull/3787)
 	pub knock_restricted_join_rule: bool,
 	/// Enforces integer power levels.
 	///
-	/// See: [MSC3667](https://github.com/matrix-org/matrix-spec-proposals/pull/3667) for more information.
+	/// See: [MSC3667](https://github.com/matrix-org/matrix-spec-proposals/pull/3667)
 	pub integer_power_levels: bool,
 	/// Determine the room creator using the `m.room.create` event's `sender`,
 	/// instead of the event content's `creator` field.
 	///
-	/// See: [MSC2175](https://github.com/matrix-org/matrix-spec-proposals/pull/2175) for more information.
+	/// See: [MSC2175](https://github.com/matrix-org/matrix-spec-proposals/pull/2175)
 	pub use_room_create_sender: bool,
+	/// Whether the room creators are considered superusers.
+	/// A superuser will always have infinite power levels in the room.
+	///
+	/// See: [MSC4289](https://github.com/matrix-org/matrix-spec-proposals/pull/4289)
+	pub explicitly_privilege_room_creators: bool,
+	/// Whether the room's m.room.create event ID is itself the room ID.
+	///
+	/// See: [MSC4291](https://github.com/matrix-org/matrix-spec-proposals/pull/4291)
+	pub room_ids_as_hashes: bool,
 }

 impl RoomVersion {
@@ -97,6 +106,8 @@ impl RoomVersion {
 		knock_restricted_join_rule: false,
 		integer_power_levels: false,
 		use_room_create_sender: false,
+		explicitly_privilege_room_creators: false,
+		room_ids_as_hashes: false,
 	};
 	pub const V10: Self = Self {
 		knock_restricted_join_rule: true,
@@ -107,6 +118,11 @@ impl RoomVersion {
 		use_room_create_sender: true,
 		..Self::V10
 	};
+	pub const V12: Self = Self {
+		explicitly_privilege_room_creators: true,
+		room_ids_as_hashes: true,
+		..Self::V11
+	};
 	pub const V2: Self = Self {
 		state_res: StateResolutionVersion::V2,
 		..Self::V1
@@ -144,6 +160,7 @@ impl RoomVersion {
 			| RoomVersionId::V9 => Self::V9,
 			| RoomVersionId::V10 => Self::V10,
 			| RoomVersionId::V11 => Self::V11,
+			| RoomVersionId::V12 => Self::V12,
 			| ver => return Err(Error::Unsupported(format!("found version `{ver}`"))),
 		})
 	}
@@ -24,7 +24,7 @@ use serde_json::{

 use super::auth_types_for_event;
 use crate::{
-	Result, info,
+	Result, RoomVersion, info,
 	matrix::{Event, EventTypeExt, Pdu, StateMap, pdu::EventHash},
 };

@@ -154,6 +154,7 @@ pub(crate) async fn do_check(
 			fake_event.sender(),
 			fake_event.state_key(),
 			fake_event.content(),
+			&RoomVersion::V6,
 		)
 		.unwrap();

@@ -398,7 +399,7 @@ pub(crate) fn to_init_pdu_event(

 	Pdu {
 		event_id: id.try_into().unwrap(),
-		room_id: room_id().to_owned(),
+		room_id: Some(room_id().to_owned()),
 		sender: sender.to_owned(),
 		origin_server_ts: ts.try_into().unwrap(),
 		state_key: state_key.map(Into::into),
@@ -446,7 +447,7 @@ where

 	Pdu {
 		event_id: id.try_into().unwrap(),
-		room_id: room_id().to_owned(),
+		room_id: Some(room_id().to_owned()),
 		sender: sender.to_owned(),
 		origin_server_ts: ts.try_into().unwrap(),
 		state_key: state_key.map(Into::into),