Open richvdh opened 1 year ago
This will happen 100% of the time in cases where the server is rolled back and someone has claimed a OTK during the bad new deployment.
A fix to https://github.com/element-hq/element-meta/issues/1992 would also solve this.
@uhoreg proposes an interesting mitigation measure: don't back up the OTKs table
pg_dump
has an option, --exclude-table-data=...
, to exclude the data from certain tables, but still back up the table definition
pg_dump
has an option,--exclude-table-data=...
, to exclude the data from certain tables, but still back up the table definition
This idea seems good. It will mean that we fall back to fallback keys after the rollback, but that's fine. (Fallback keys are in a separate table to OTKs)
We could also document that you could TRUNCATE TABLE on the OTKs table after restore.
This is somewhat related to https://github.com/vector-im/element-web/issues/3309, in that both are fundamentally about OTKs getting out of sync between client and server.