Signed Chat
First things first, it’s important to set the story straight. Mojang had always had a reporting toolset for anyone who wished to use it however with the introduction of 1.19.1 changes were made to this system that a reasonable portion of the community didn’t like.
This patch specially introduces a couple of new features being:
- In-Game UI reporting
- Cryptography and signing
The purpose of this page serves as an advisory for those who wish to understand further what this means and what options are available to them.
How does it work
This is accurate to the best of our abilities, if there is someone with a better understanding of cryptography that can help improve this page please submit a PR.
Technical aspects
These new keys are stored in .json format under the ‘%appdata%/.minecraft/profilekeys’ folder on your PC.
The ‘process’ now works as follows:
- User opens up their Minecraft client
- Check for keys / generation of new keys occurs if required
- User launches Game
- User joins their desired Minecraft server
- On join the client also makes it’s public key available to the server
- User sends a message in chat
- Client signs the message using the private key providing a level of authenticity
- Signed message is sent to the server
- Server can validate the message came from your client using your public key
- Server displays the chat messages
User Reports
When a user is reported via the new in-game screen ui the following process occurs:
- User selects the offending user and messages they wish to report
- The message in question and surrounding message are also sent to Microsoft for review
Once a report is sent, it is reviewed by Mojang’s moderation team who will gauge an appropriate punishment for the offender(s). Any Microsoft punishment is in-line with it’s current community guidelines and effect your entire account not just the single Minecraft server, these punishments can result in removal of your Multiplayer access.
In-depth Review
The best current source of data for the chat reporting is on Github created by KennyTV. A link to the document can be found here
Below is a list of ways server owners and players can effectively disable the new chat reporting feature, by using one or more of these features you may limit either your own or your communities functionality.
Options
Client Side
Option one is disabling ‘chat-signing’ within your client, this will prevent you from joining any server where this setting is enforced.
Server Side
If you’re running your own server there are a few options that can be used depending if you’re running vanilla, modded or a plugin based server, these are as follows.
Edit server.properties file Global
You can edit the following switch to ‘false’ which will disable the requirement for users to use chat-signing.
...
enforce-secure-profile = false
...No Chat Reports Modded Only
No Chat Reports is a Minecraft mod created by Aizistral that works on both the client and server sides. It strips cryptographic signatures from player chat messages, effectively converting them to system messages, thus making them non-reportable.
FreedomChat Spigot / Paper & forks only
FreedomChat effectively serves the same purpose as No Chat Reports would on a modded server, it converts player chat messages to system messages at the packet level, making them once again non-reportable by players.
AntiPopup Spigot / Paper & forks only
While this plugin works, manual setup is required - the command /antipopup setup must be ran in console unless enforce-secure-profile is set to false already.
UnSignedVelocity Velocity only
This plugin works by removing signed information from commands and messages sent by clients 1.19.1 or higher, allowing plugins that cancel proxy messages to work again. Requires VPacketEvents