As per spec: When adding a new key to the secret storage the client must encrypt a "zero"/dummy secret to allow for key checks.
Currently web is not using that information. That means that when we need to access the 4S we directly try to decrypt the secret without first checking if the key is correct.
For example if you try to import megolm keys from backup on a session that has not the key in cache, it will ask for the 4S recovery key, and if you enter a wrong key the current error is quite generic:
(this is an error due to fail to decrypt the master key secret)
Doing so could allow us to return a better error to the user.
As per spec: When adding a new key to the secret storage the client must encrypt a "zero"/dummy secret to allow for key checks.
Currently web is not using that information. That means that when we need to access the 4S we directly try to decrypt the secret without first checking if the key is correct.
For example if you try to import megolm keys from backup on a session that has not the key in cache, it will ask for the 4S recovery key, and if you enter a wrong key the current error is quite generic:
(this is an error due to fail to decrypt the master key secret)
Doing so could allow us to return a better error to the user.
Ref: https://github.com/element-hq/crypto-internal/issues/180 Ref: https://github.com/element-hq/element-web/issues/26721