# ADR-003: Federation Strategy — Full Federation Enabled

**Status**: Accepted  
**Date**: 2026-04-05  
**Deciders**: Ezra (architect), Timmy Foundation  
**Scope**: Federation behavior for Conduit homeserver (#166, #183)

---

## Context

Matrix servers can operate in isolated mode (no federation) or federated mode (interoperate with matrix.org and other homeservers).

## Decision

Enable **full federation from day one**.

## Consequences

| Positive | Negative |
|----------|----------|
| Alexander can use any Matrix client/ID | Requires public DNS + TLS + port 8448 |
| Fleet bots can bridge to other networks | Slightly larger attack surface |
| Aligns with sovereign, open protocol ethos | Must monitor for abuse/spam |

## Prerequisites Introduced

- Valid TLS certificate (Let's Encrypt via Caddy)
- Public DNS A record + SRV record
- Firewall open on TCP 8448 inbound

## References

- Issue: [#166](http://143.198.27.163:3000/Timmy_Foundation/timmy-config/issues/166)
- Runbook: [`infra/matrix/docs/RUNBOOK.md`](http://143.198.27.163:3000/Timmy_Foundation/timmy-config/src/branch/main/infra/matrix/docs/RUNBOOK.md)