Per participant key lost between js-sdk and EC in embedded mode

[hughns]

10:27:25.999 Decryption failed for event $V41v4SurT7YQYmPqw8-Ja_aNedyzC9X_7FP6K0d8Bd0: MEGOLM_UNKNOWN_INBOUND_SESSION_ID will retry once only
...
10:27:27.000 Decryption succeeded for event $V41v4SurT7YQYmPqw8-Ja_aNedyzC9X_7FP6K0d8Bd0 after retry
...
10:27:27.000 Setting key at index 0 for @hughns:ess-ecall-poc.ems-support.element.dev:YERKDYHWCR with timestamp 1723541245901: Jq4FqHsIlxdcje1qY4hJog

Then there is no subsequent log entry like:

MatrixKeyProvider Sent new key to livekit room=!ZWXChHvbxzRiDtOPzC:matrix.org participantId=@hughns:ess-ecall-poc.ems-support.element.dev:YERKDYHWCR encryptionKeyIndex=0: Jq4FqHsIlxdcje1qY4hJog

[hughns]

Looking at possible causes:

• Key had older timestamp: if (existingKeyAtIndex && existingKeyAtIndex.timestamp > timestamp) { but there is no Ignoring new key at index log entry
• Key matched existing key: if (existingKeyAtIndex && keysEqual(existingKeyAtIndex.key, keyBin)) { would silently fail, but there is no previous Setting key at index entry for the same key
• if (delayBeforeUse) { but delayBeforeUse is only true when creating your own key not consuming one from elsewhere
• this.emit(MatrixRTCSessionEvent.EncryptionKeyChanged, keyBin, encryptionKeyIndex, participantId); failed - TODO: what is the code path from here via the widget API in to the embedded EC?

[hughns]

So, the log lines are confusing as we have two JavaScript contexts: EW and embedded EC within the iframe.

The log lines above are entirely expected within the EW context. And there is actually no-one listening in to this.emit(MatrixRTCSessionEvent.EncryptionKeyChanged, keyBin, encryptionKeyIndex, participantId); within EW.

What is supposed to happen is the that (decrypted) events get sent via the StopGapWidget in EW which in turn forward to the EC context. In that context the events are processed by the MatrixRTC code again and passed on to EC as expected.

n.b. There is an optimisation by making it so that the EW context does not track the encryption keys as it doesn't need to.

The underlying issue is that we keep hitting the condition here because we see sequences of emits like this:

• ClientEvent.Event => event1 with isDecryptionFailure()=true
• ClientEvent.Event => event2 with isDecryptionFailure()=false
• MatrixEventEvent.Decrypted => event1 with isDecryptionFailure()=false

When event1 is emitted for the second time it is ignore as it appears in the timeline before event2 which has already been "seen".

[hughns]

n.b. There is an optimisation by making it so that the EW context does not track the encryption keys as it doesn't need to.

This is being tracked by https://github.com/element-hq/element-call/issues/2566.

[hughns]

I've done a possible fix for this in https://github.com/matrix-org/matrix-react-sdk/pull/12890 but I don't know if this is the right place/direction to fix it as it would change the semantics for other users of the widget API.

[hughns]

The conclusion is that we won't fix this until we use to-device messaging for key distribution.