"Connect to backup" does not report failures to connect backup

richvdh commented 10 months ago

For example, if your backup is not signed with a trusted key, then "connect to backup" will report:

... but we (correctly) do not actually start uploading keys to the backup.

The logs report:

22:37:24.716 FetchHttpApi: --> GET http://localhost:8008/_matrix/client/v3/room_keys/version [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:24.745 FetchHttpApi: <-- GET http://localhost:8008/_matrix/client/v3/room_keys/version [30ms 200] [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:24.754 FetchHttpApi: --> GET http://localhost:8008/_matrix/client/v3/room_keys/keys?version=xxx [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:24.811 FetchHttpApi: <-- GET http://localhost:8008/_matrix/client/v3/room_keys/keys?version=xxx [56ms 200] [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:24.820    INFO matrix_sdk_crypto::machine: Successfully imported room keys, total_count: 1, imported_count: 0, room_keys: {}
    at /home/rav/work/matrix-rust-sdk/crates/matrix-sdk-crypto/src/machine.rs:1775 [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:24.820 Checking key backup status... [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:24.821 FetchHttpApi: --> GET http://localhost:8008/_matrix/client/v3/room_keys/version [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:25.028 FetchHttpApi: <-- GET http://localhost:8008/_matrix/client/v3/room_keys/version [208ms 200] [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
22:37:25.053 Key backup present on server but not trusted: not enabling key backup [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)

Or, on legacy crypto:

15:06:40.724 Checking key backup status... [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.724 FetchHttpApi: --> GET http://localhost:8008/_matrix/client/v3/room_keys/version [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.785 FetchHttpApi: <-- GET http://localhost:8008/_matrix/client/v3/room_keys/version [61ms 200] [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.787 Backup is trusted locally [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.787 Ignoring signature from unknown key ed25519:T4lieB66JX4oVLHGYE7h+19mAX4LRXMh1Bc2vFpznO0 [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.787 Ignoring signature from unknown key ed25519:JLBLBBZUGL [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.787 No usable key backup: not enabling key backup [rageshake.ts:74:27](webpack:///matrix-react-sdk/src/rageshake/rageshake.ts)
15:06:40.788 RestoreKeyBackupDialog: found cached backup key

richvdh commented 10 months ago

sascha-wi commented 6 months ago

Interesting that you close a ticket which was opened earlier than this one...

schildbach commented 6 months ago

Interesting that you close a ticket which was opened earlier than this one...

This one doesn't even contain the "steps to reproduce" etc. from #23497.

schildbach commented 6 months ago

I'm copying the info from #23497 so that it doesn't get lost:

Steps to reproduce

Go to Safety & Privacy settings
Encryption→Secure Backup says: "This session is not backing up your keys, but you do have an existing backup you can restore from and add to going forward. Connect this session to key backup before signing out to avoid losing any keys that may only be on this session."
Click "Connect this session to Key Backup"
It restores the keys from the backup. (Why? I'd expect to actually backup my keys to the backup, rather than restoring from it.)
After the process is finished, nothing has changed. Encryption→Secure Backup still says: "This session is not backing up your keys, but you do have an existing backup you can restore from and add to going forward. Connect this session to key backup before signing out to avoid losing any keys that may only be on this session."

Outcome

What did you expect?

A message like "This session is backing up your keys"

What happened instead?

"This session is not backing up your keys"

Operating system

Ubuntu 22.04.1

Application version

1.11.10

How did you install the app?

flatpak install flathub im.riot.Riot

Homeserver

Synapse 1.68.0

Will you send logs?

Yes

schildbach commented 6 months ago

I think this issue should be tagged with S-Major like #23497 since it will lead to major data loss for many people.

HarHarLinks commented 6 months ago

And https://github.com/element-hq/element-web/issues/26932

BillCarsonFr commented 5 months ago

Some additional context on that. There used to be the notion of local trust for backup. So when the backup was not trusted, the UX was showing a Connect Backup button. This flow was asking the user for the passphrase, and if succesfull the backup was marked as locally trusted, meaning that it was then correctly backing up keys (upload).

For security concerns, the local trust was removed. Now the only way a backup is trusted is if it has a valid signature from the user cross-signing keys. So it's not technically possible at the moment to connect a backup.

We need to review the backup design, and properly handle backup with invalid signatures. We also need to properly define how to update backup signatures in case of cross-signing keys change

schildbach commented 5 months ago

@BillCarsonFr How can I sign a backup with my cross-signing keys, such that my session is properly and automatically backed up?

BillCarsonFr commented 5 months ago

@BillCarsonFr How can I sign a backup with my cross-signing keys, such that my session is properly and automatically backed up?

I can just give a work around for now. You have already imported the keys from backup, but out of security you should manually export them to a file (Security & Privacy > Export E2E room keys.

Then in the backup section, you can use the reset button (on the right of the Connect Backup). This will create a new empty backup that will be signed correctly. All the keys knowm locally will then get uploaded to that new backup (it will take some time). And any new key will get uploaded also as the backup will be trusted now

BillCarsonFr commented 5 months ago

Actually as pointed by @poljar, as per spec, there are 2 ways to trust a backup. The second way is:

by deriving the public key from a private key that it obtained from a trusted source. Trusted sources for the private key include the user entering the key, retrieving the key stored in secret storage, or obtaining the key via secret sharing from a verified device belonging to the same user.

So in that case, it would make sense to add the cross-signing signature if it was missing. Or at least consider the backup as locally trusted? and upload to it

element-hq / element-web