Confused by new Secure Backup feature

[matthijskooijman]

Describe the bug In the past, I've set up "Key Backup", which AFAIU stores my encryption keys for rooms on my homeserver, encrypted using a specific passphrase (distinct from my login password) that I can enter when I set up a new device. I've also understood that "verifying" a new login from another device allows it to share keys (though I'm not sure if it can then access the key backup storage, or just request keys from other logged in clients).

I recently upgraded from RiotX to the new Element, and noticed a new "Secure Backup" section in the privacy settings. Some googling suggest that "Secure backup" is not the same as "Key backup". However, things are a bit confusing to me:

• For Secure Backup, it says "Safeguard against losing access to encrypted messages & data by backing up encryption keys on your server". AFAIU, this is exactly what the older "Key backup" feature also did.
• Below "Secure backup", there is a section that says "Cryptography Keys Management", that has a "Manage Key Backup" option, so I suppose that this is the old key backup feature. When I tap it, it says "Key Backup has been correctly set up for this session", so that's good. Do I still need "Secure backup" then?
• When I tap "Secure backup: Set up on this device", I get a prompt "Verify this login: Use an existing session to verify this one, granting it access to encrypted messages". But I'm pretty sure I already verified this login. Goging to "Active sessions", I indeed get green shields on all my sessions, including the current one. The same when I look at my sessions from Element web. So is this "Secure backup verification" a different one from the normal verification? That would bring more confusion. Or is there a bug where "Set up on this device" does not realize that I'm already verified?
• When I actually go through with the verification procedure offered by "Set up on this device" by scanning a QR code shown by, I can complete the flow successfully, but then nothing changes, "Secure Backup" in the settings still shows "Set up on this device" and selecting it asks to verify again (I think this might be #1820).

I also Googled around for documentation, but mostly found GH issues and pullrequest from the iOS app, nothing that actually explains how this works. Maybe "Key Backup" is the older passphrase-based backup and "Secure backup" is the newer verification-based backup (or maybe just key sharing? That would not be a real backup, since key sharing does not help if all your clients are lost)?

Ideally, the UI in the app itself would offer sufficient explanation for users to make the right choices and not be confused like I am now.

Screenshots

Smartphone (please complete the following information):

• Device: Fairphone 2
• OS: Android 7.1.2

Additional context

• App version and store: 1.0.5 [40100051] (G-b3529) from Play Store
• Homeserver: matrix.org

[BillCarsonFr]

KeyBackup: Is a mechanism to keep an auto-updating server backup of your encrypted room keys (megolm key)

Secure Backup (a.k.a 4S): Is a generic feature to store any kind of secrets on the server (a vault)

For history, before KeyBackup you had to manually export your keys to restore your account for desperate cases (like device lost). And you had to save it periodically in order to have a recent backup. Now with keybackup, it's automatic it will safely upload keys as you get them to the backup.

Regarding 4S, recently cross-signing has been introduced, and with that we have added a couple of new secrets that are only on your device; 4S was introduced to allow you to save a secured server backup that contains those secrets (to recover fom disasters)

The introduction of 4S was the opportunity to save also your KeyBackup secret key in it!

[js-dot]

@BillCarsonFr Correct me if I am wrong. In May 2020 cross-signing with SSSS, etc. has been released. As far as I remember the UI looked like this:

We can see Cross-Signing and Secret Storage down below but also Key Backup in the middle.

I set up Key backup also in May 2020. The UI lead me believe that this was not the old Key Backup but the "new" one using SSSS. After all, Key Backup was set up correctly.

Since some days / weeks (I can't say) I have the same issues as @matthijskooijman (new "Secure Backup" section, not being able to set it up, etc.; I read in another issue that this might be related to some missing key locally and other clients not sharing all secrets).

Can you maybe clarify this, too?