Although I don't like Microsoft/Mojang centralizing the authority on whether to ban players, if you really are going to go through with this you really need to resolve this problem before you start banning people:
In the chat preview response packet, send an incriminating message. When the user sends their chat to the server, it does NOT sign the message they typed, instead it signs the message in the chat preview response packet. Look at: LocalPlayer.sendChat()
After the victim has sent the message to the server, you can then report that player using the chat report feature in 1.19.1.
In most situations, you never trust the client, but in this situation, you can't trust the server especially when the server is the one telling you what to sign! There isn't even a warning at any point that tells the player that the chat preview is what will stick to them and not the original message they typed! Not to mention the fact that even if you do add such warning, not many people will think much of it.
I don't see a way this can be resolved by signing the chat preview, even if you sign both the chat preview and original message. The only way is to sign only the original message and NOT the chat preview. Even if you only sign the original message, players can still send abusive messages. Because a server can "style" a message to contain incriminating text. Perhaps a server has a text expansion feature that players can configure on their own, and a player creates a text expansion that expands some short form of something they write to an abusive message. There's really no way for a moderator team at Mojang to know what's really going on.
There are other ways to abuse the reporting feature to get someone banned. All you need is a carefully crafted scripted conversation that causes the victim to type certain messages. You don't even need control of a server to do this, it can be done on any server! Because remember, a client is the one collecting evidence and sending it to the chat report server, messages can be taken out of context and mixed in with other signed messages that make the victim's messages look incriminating, and then sent to the reporting server. You can't trust the client even though the messages are signed. You can't trust the third party server where the chat took place to certify nothing was taken out of context either, because again, those servers aren't control by you.
I can see this chat reporting feature working on Realms if the chat log is fetched directly from the Realms server itself, not from the client. But it won't work on privately run servers. It's way too easy to abuse when the server owners have full control of the server, and hacked clients can mix in out of context messages to get someone banned.
This chat reporting feature does not stop servers from grooming young children as they can easily just strip the signature when forwarding chat messages.
Attachments
Comments 11
So are you going to ignore the fact that a server owner can trick a player into signing an incriminating message? That's a valid problem, it's not a suggestion!
Doesn't the incriminating message show up client-side in the chat preview? So the player approves of that message when they click send
It does not specifically tell the player that what shows up in the preview will be attached to their name, and that they can get in trouble based on what shows up in the preview instead of what they actually typed.
Not to mention the amount of people who might click through that without even reading it. When's the last time you read the terms of service when you created an account on a website?
If you live in the European Economic Area you're probably bombarded with cookie consent popups. Do you even read those?
So would you mind making a new report to be more clear that the issue is insufficient detail in the chat preview consent screen?
This is still an exploit since a server can change the chat preview response a split second before the user sends a message. An example attack scenario:
Player types "lo"
Server changes the response to something nasty
Player types "l" then sends the message shortly after, expecting to send "lol" but actually sending the nasty response
People often type short words like "lol" and then press enter very shortly after to save time when chatting, especially in a fast-moving chat with lots of players online. It is unreasonable for players to slow down and check the chat preview before sending a message or risk getting banned for a message they didn't type in the first place.
@unknown, from what I understand the message won't be signed in that case.
I'm going to resolve this report as Invalid as multiple issues are mixed in the same ticket, most of which have already been tracked separately as private issues. Feel free to create a new report if you think the chat preview consent screen is insufficient in explaining that the player is responsible for the previewed content they sent.
As mentioned in the original bug report, the message is signed in that case. Since you asked, I will create a new issue.
UPDATE: The new issue is at MC-253888
Thank you for your report!
However, this issue is Invalid.
You have posted a feature request or a suggestion. This site is for bug reports only.
For suggestions, please visit Minecraft Suggestions on Reddit or visit the Feedback website.
Quick Links:
📓 Bug Tracker Guidelines – 💬 Community Support – 📧 Mojang Support
📓 Project Summary – ✍️ Feedback and Suggestions – 📖 Game Wiki