search

element-hq / element-web

A glossy Matrix collaboration client for the web.
https://element.io
GNU Affero General Public License v3.0
11.02k stars 1.96k forks source link

Do we mark messages as authenticated if a room key turns up late (having meanwhile used keyshare or key-restore to grab an unauthenticated key?) #22840

Closed ara4n closed 5 months ago

ara4n commented 2 years ago

Steps to reproduce

  1. User receives a message whose megolm keys are delayed for some reason
  2. The user now can retrieve the missing megolm key directly from the online backup, meaning they get a "can't authenticate" shield on the message, which is a bit scary.
  3. When the missing authenticated key turns up, do we mark the message as authenticated?

Outcome

What did you expect?

When delayed keys arrive, unauthenticated keys should be replaced the authenticated ones.

What happened instead?

I have a feeling this doesn't happen.

Operating system

No response

Application version

No response

How did you install the app?

No response

Homeserver

No response

Will you send logs?

Yes

dkasak commented 2 years ago

Possibly related to https://github.com/vector-im/element-web/issues/16318?

richvdh commented 5 months ago

Do we mark messages as authenticated if a room key turns up late (having meanwhile used keyshare or key-restore to grab an unauthenticated key?)

In general, no; see https://github.com/element-hq/element-web/issues/26526.