Open turt2live opened 3 years ago
The first message should have outbound to-device traffic while the second message will be a (needlessly) new session ID without any to-device messages going out.
FWIW, the reason that it creates a new session ID is that Element Web doesn't (yet) store outgoing megolm sessions, so when you refresh, it needs to create all new megolm sessions for sending messages.
No idea why it wouldn't share the session, though.
FWIW, the reason that it creates a new session ID is that Element Web doesn't (yet) store outgoing megolm sessions, so when you refresh, it needs to create all new megolm sessions for sending messages.
Ah, yea, that became https://github.com/vector-im/element-web/issues/18561
Disclaimer
I'm still somewhat trying to figure out how all the encryption pieces work so may have misdiagnosed this - please be cautious and feel free to tell me I'm wrong š
Steps to reproduce
As a prerequisite: you'll need some sort of thin client/bot to easily see this. In my case, that's a bot-sdk example bot which is trying to respond to a
!ping
command. At the time of writing, the bot knows nothing about keyshare requests so is expecting them.room_key
to be sent to it.As additional checks, during 2 and 5 check the session IDs used by Element and monitor for to-device traffic in the network logs. The first message should have outbound to-device traffic while the second message will be a (needlessly) new session ID without any to-device messages going out.
What happened?
The message failed to decrypt in a client which did not support/understand keysharing.
What did you expect?
The message should have been decrypted. Specifically, the keys for the new session should have been sent.
Operating system
Windows 10
Browser information
Edge 92.0.902.67 (Official build) (64-bit)
URL for webapp
local build of develop.element.io