richvdh
commented
1 week ago Implementation notes:
in matrix-sdk-crypto, we need to extendnot sure this is neededUserIdentitiesto exposeidentity_needs_user_approval- [x] in matrix-sdk-crypto-wasm, extend
UserIdentityandOwnUserIdentityto exposeidentity_needs_user_approval- already done for
UserIdentityby https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm/pull/141. Don't think it's needed forOwnUserIdentity.
- already done for
- [ ] in matrix-js-sdk, extend
RustCrypto.getUserVerificationStatusandUserVerificationStatusto includeidentityNeedsUserApproval - [ ] in matrix-react-sdk, create a component which will:
- on start, call
Room.getEncryptionTargetMembersto get a list of users of interest, and then call getUserVerificationStatus on each, to build a list of users with pin violations - register callback for room membership updates; when we get one, check if the user is on the target encryption list, and check for pin violations (or remove from list if they have left)
- register callback for trust updates; when we get one:
- if the user is not in our list and there is a pin violation, check if they are on the target encryption list, and update the list if so
- if the user is on our list and there is not a pin violation, remove them immediately
- on start, call
andybalaam
Followup to https://github.com/element-hq/element-meta/issues/2492. Part of https://github.com/element-hq/element-meta/issues/2491, itself part of Invisible crypto.
When an unverified user changes their identity, we need to make our user aware of this. In the long term, the intention is just to show a notice in the timeline (#2493); however, that is difficult to implement and we need a stop-gap.
This task is for Element Web.
The proposal is to show a warning above the composer, in much the same way as we would for verified users (#2491), but without locking the composer.
Figma designs: