m.unverified: the user/device was not verified, and the sender is only sharing keys with verified users/devices.
... and indeed, this withheld code is used to indicate when the key is being withheld because the user has not been verified (as well as being used when the key is withheld due to the device has not been verified). The warning is therefore misleading at best.
When a room key is withheld and we receive a withheld message with reason code
m.unverified, the recipient sees the following text:"The sender has blocked you from receiving this message because your device is unverified"
However, the spec for
m.unverifiedsays:m.unverified: the user/device was not verified, and the sender is only sharing keys with verified users/devices.... and indeed, this withheld code is used to indicate when the key is being withheld because the user has not been verified (as well as being used when the key is withheld due to the device has not been verified). The warning is therefore misleading at best.
Ideally these two cases would have different
m.withheldcodes (for which, see https://github.com/element-hq/element-meta/issues/2621), but in the meantime we should update the text to be more accurate.See parent issue for wording suggestions.