Handle public cross signing keys getting out of sync with private keys in SSSS

[dbkr]

We're seeing quite a few instances of people's public cross-signing keys getting out of sync with the private copies in SSSS (secure secret storage and sharing), resulting in the error: Key type master from getCrossSigningKey callback did not match in the console when entering the passphrase.

matrix.org slowness is probably causing accounts to get into this state (there's no API for publishing public keys & saving private keys atomically so this will inevitably happen sometimes, but the slowness is making it much more commonplace).

The main problem here is that Riot handles this state terribly and just fails whatever operation it was trying to do with no error. It should detect the situation and suggest resetting keys.

https://github.com/vector-im/riot-web/issues/13338#issuecomment-624481088 is a detailed account of this https://github.com/vector-im/riot-web/issues/13519 is likely to also be the same problem

https://github.com/vector-im/riot-web/issues/13338 is general is related but in that specific case, resetting also fails.

[bwindels]

The main problem here is that Riot handles this state terribly and just fails whatever operation it was trying to do with no error. It should detect the situation and suggest resetting keys.

Or perhaps upload the private keys to 4S first, and only then upload the public keys, and also add a persisted retry mechanism for retrying account data uploads, so that on startup/coming back online we can check if there's any xsign account data uploads pending, and show a notification/progress somewhere.

[jryans]

Definitely agree we should at least detect and mitigate this one way or another.

[dkasak]

So, I just encountered this on Element Desktop 1.7.5. I ran out of disk space, so Element informed me that some session data was missing, probably because the client deleted it when disk space was scarce. It instructed me to fix it by logging out and then in.

I proceeded to do that, entering my Recovery Key on the "Verify this login" screen, and the window closed immediately. Then I saw in the console the ominous Key type master from getCrossSigningKey callback did not match message.

I have no idea how the keys got out of sync. Cross-signing was working well and I verified all my devices and also verified with other people I was talking to. This is also not on matrix.org, so the above slowness explanation doesn't particularly hold water, I think.

Is there anything I can do now to work around this and not have to redo all verification?

EDIT: Nope, seems my other devices don't have the private key.