The release post specifies the spec changes.
I’m not entirely sure what the entirety of the change regarding metadata reduction is, but this MSC seems relevant:
- Deprecate the sender_key and device_id on m.megolm.v1.aes-sha2 events, and the sender_key on m.room_key_request to-device messages, as per MSC3700. (#1101)
This is brilliant! I love Element/Matrix and have been hoping that it would get more secure with time; now they just need to finish adding P2P communication so that the service is entirely federated and secure.