Open duxovni opened 3 years ago
I'm not entirely sure how big of an issue it is in terms of security, but it's definitely annoying from terms of UX. @dbkr please advise.
Looks like the nag popup display condition is calculated in Matrix react sdk https://github.com/matrix-org/matrix-react-sdk/blob/81098b991414c9414a62a747b1ad97e2505411e0/src/DeviceListener.ts#L240
Steps to reproduce
What happened?
What did you expect?
You shouldn't be able to set up secure backup from an unverified device
What happened?
There are buttons in the "Secure Backup" and "Cross-signing" sections prompting you to set up secure backup, even though this device doesn't have the cross-signing keys
Operating system
No response
Browser information
No response
URL for webapp
No response
Homeserver
No response
Have you submitted a rageshake?
No