Signed Chat

First things first, it’s important to set the story straight. Mojang had always had a reporting toolset for anyone who wished to use it however with the introduction of 1.19.1 changes were made to this system that a reasonable portion of the community didn’t like.

This patch specially introduces a couple of new features being:

• In-Game UI reporting
• Cryptography and signing

The purpose of this page serves as an advisory for those who wish to understand further what this means and what options are available to them.

---

How does it work

This is accurate to the best of our abilities, if there is someone with a better understanding of cryptography that can help improve this page please submit a PR.

Technical aspects

These new keys are stored in .json format under the ‘%appdata%/.minecraft/profilekeys’ folder on your PC.

Note

These keys are regenerated after 48 hours

The ‘process’ now works as follows:

• User opens up their Minecraft client
• Check for keys / generation of new keys occurs if required
• User launches Game
• User joins their desired Minecraft server
• On join the client also makes it’s public key available to the server
• User sends a message in chat
• Client signs the message using the private key providing a level of authenticity
• Signed message is sent to the server
• Server can validate the message came from your client using your public key
• Server displays the chat messages

Every time a message is sent in chat the last 2 steps are repeated.

User Reports

When a user is reported via the new in-game screen ui the following process occurs:

• User selects the offending user and messages they wish to report
• The message in question and surrounding message are also sent to Microsoft for review

Once a report is sent, it is reviewed by Mojang’s moderation team who will gauge an appropriate punishment for the offender(s). Any Microsoft punishment is in-line with it’s current community guidelines and effect your entire account not just the single Minecraft server, these punishments can result in removal of your Multiplayer access.

In-depth Review

The best current source of data for the chat reporting is on GitHub created by KennyTV. A link to the document can be found here

Below is a list of ways server owners and players can effectively disable the new chat reporting feature, by using one or more of these features you may limit either your own or your communities functionality.

---

Options

Client Side

Option one is disabling ‘chat-signing’ within your client, this will prevent you from joining any server where this setting is enforced.

Server Side

If you’re running your own server there are a few options that can be used depending if you’re running vanilla, modded or a plugin based server, these are as follows.

Edit server.properties file Global

You can edit the following switch to ‘false’ which will disable the requirement for users to use chat-signing.

...

enforce-secure-profile = false

...

No Chat Reports Modded Only

No Chat Reports is a Minecraft mod created by Aizistral that works on both the client and server sides. It strips cryptographic signatures from player chat messages, effectively converting them to system messages, thus making them non-reportable.

Note

Joining a server with enforce-secure-profile=true on a client with No Chat Reports installed will display a prompt warning the user that chat will be signed if they agree to it.

Download Download a copy of No Chat Reports via modrinth.com

FreedomChat Spigot / Paper & forks only

FreedomChat effectively serves the same purpose as No Chat Reports would on a modded server, it converts player chat messages to system messages at the packet level, making them once again non-reportable by players.

Download Download a copy of freedomchat via modrinth.com

AntiPopup Spigot / Paper & forks only

While this plugin works, manual setup is required - the command /antipopup setup must be ran in console unless enforce-secure-profile is set to false already.

Download Download a copy of AntiPopup via spigotmc.org

UnSignedVelocity Velocity only

This plugin works by removing signed information from commands and messages sent by clients 1.19.1 or higher, allowing plugins that cancel proxy messages to work again. Requires VPacketEvents

Download Download a copy of UnSignedVelocity via github.com from 4drian3d

Caution

All of the above plugins could give you issues with the recent EULA changes as of Aug 2023, the above plugins are no-longer considered endorsed by setup.md.