Invisible crypto: display message content instead of an error, when the sender's verified identity changed

[andybalaam]

Part of https://github.com/element-hq/element-meta/issues/2491, itself part of Invisible crypto.

We currently (web, EXA, EXI) show a decryption error (and no message content) when the sender is a user that we had previously verified but has since changed identity.

This issue covers the work to show the decrypted content as well as a warning about the change in identity.

Designs:

• web:

  See also dark theme colours.

• Mobile:

NOTE: make sure you handle notifications too. The design in that case is NOT to display the message, but show something like this:

[mxandreas]

Regarding push notifications, it was decided that we show the push notification but would not show the message content. Instead, we warn that the verified identity has changed. @americanrefugee also added an example of such push notification in the design but I can't find it anymore.

[americanrefugee]

Here is the design for the push notification: https://www.figma.com/design/0oUTCbYhROEDprSp7bdWhx/Identity-Changes?node-id=443-12319&t=IIEWvRUWrjnXNS9d-4

[uhoreg]

@americanrefugee do we have designs for how this should look like in web for:

1. message preview in the the room sidebar
2. thread preview in the timeline

(do the mobile apps also have an equivalent to message preview in their room list?)

[richvdh]

Some discussion here about how this might be implemented in EWR

[americanrefugee]

@americanrefugee do we have designs for how this should look like in web for:

1. message preview in the the room sidebar
2. thread preview in the timeline

(do the mobile apps also have an equivalent to message preview in their room list?)

@uhoreg Is this what you need?

• Threaded message in timeline and Threads list
• Thread message

FYI @mxandreas

[uhoreg]

@americanrefugee Yes, for threads. There's also the message preview in the room sidebar (on the left)

[americanrefugee]

@americanrefugee Yes, for threads. There's also the message preview in the room sidebar (on the left)

Is there? I don't see message previews in the Room List...

However, in general I think we should:

• NOT show an indicator for a room in the room list
• But DO show an indicator for a DM in the list room if the user was previously verified

[uhoreg]

Is there? I don't see message previews in the Room List...

Message preview in the room list is an optional thing that can be enabled by clicking on the "..." button that appears when you hover over the room type header (e.g. "People", "Rooms") in the room list.

Another thing is, should we do anything with incoming message notifications?

[mxandreas]

NOT show an indicator for a room in the room list But DO show an indicator for a DM in the list room if the user was previously verified

@americanrefugee What would be your reasoning of this?

Also, just in case a reminder that we have 2 related but not tightly coupled situations:

• a) Bob's verified identity has changed.
• b) A message was received from Bob (assumes a)).

So far, we have applied independent measures (decorations) to those and in this ticket we were focused on b).

However, if I think about the room list, then it will be probably hard to differentiate in there between a) and b); at least not so that the user understands. Thus we need to think we show something in there already in case of a) or only when b) happens.

Another thing is, should we do anything with incoming message notifications?

@uhoreg which notifications do you mean? I think this is where the topic started from; and Aaron provided the designs in here.

[americanrefugee]

@americanrefugee What would be your reasoning of this?

What we don't want to do is scare the user or clutter the interface with decorations. Imagine that the unverified person replied to 3 rooms. Your room list would look like there are multiple errors, but that's not true. Or else the error appears and then disappears when the next message comes in from a normal user. Which would also be confusing.

But if we decorate the DM from the unverified user, then you know that something is wrong with that user and not all the rooms.

Plus, you will see sufficient warning once in a room to know to take action. Before that, it isn't critical that you take action because everything else is working fine.

Also, just in case a reminder that we have 2 related but not tightly coupled situations:

• a) Bob's verified identity has changed.
• b) A message was received from Bob (assumes a)).

So far, we have applied independent measures (decorations) to those and in this ticket we were focused on b).

However, if I think about the room list, then it will be probably hard to differentiate in there between a) and b); at least not so that the user understands. Thus we need to think we show something in there already in case of a) or only when b) happens.

Not following you here... But still, whatever room that has that message will tell you what's going on.

Another thing is, should we do anything with incoming message notifications?

Yes, there is new text for notifications.