Open fkwp opened 2 years ago
Some notes how to make bootstrapping more reliable from eleweb: https://github.com/vector-im/element-web/issues/13581#issuecomment-1154420509
We are starting to groom this epic in more depth.
To remain fast, we would like to cache and persist the signature validations of:
deviceIdentities
store?userIdentities
store?userIdentities
store?account
store?roomSummary
store?We were discussing whether there are cases whether we won't be told if any of these keys change, and therefore we could see a different trust than clients that would fetch the signatures everytime trust is calculated (not sure anyone does that?) but the spec seems to mentions that key changes are communicated in sync in the device_lists
field.
https://spec.matrix.org/latest/client-server-api/#cross-signing
Would still be good to ask other clients if there is any good reason not to implement this cache.
A change in any device or any users trust needs to purge the cache and recalculate trust from device to the user to all the room that user is in (which we already store in the userIdentities
store).
Need to split out detailed tickets for all tasks:
After having checked with other app teams about the caching strategy, valere said this:
It's cached on current implementation too. We store a trusted boolean attached to user identities (like for devices actually). We are probably recomputing too much, mainly because we prefer to be up to date on shields rather then out of sync. We only recently started optimize that a bit on android. The real problem we have in EA now is that at some point a shield (person or room) is dirty and need to be validated again, but we don't have that reflected in the model. In the model it's a boolean, but it should be 3 states (trusted, untrusted, checking/loading). The lack of this state leads to several races and unwanted popups, like you just verified, and you see a popup to verify your existing devices. Actually they are fine but it's still checking (trusted=false still though).. If you are fast enough, it maybe not needed, but I'd recommand to have a 3 state flag for trust? Also android modelize user trust by using the 3 keys MSK/USK/SSK (own user) - or 2 MSK/SSK(other user) each of them having a trusted flag, It's probably better to have a single UserIdentity object and hides the key details(edited)
Order of implementation:
Implement shields:
There is already crosssinging in features. what is done of this issue?
@genofire You can only sign your own device now
Highlevel description
Prevent man-in-the-middle attacks on e2ee by adding the ability to a) verify a user (rather than a device) and automatically trust any devices they have verified themselves, and b) publish the verification of our own devices to the network. In the context of Hydrogen, this will also require a framework to establish trust of other devices, which is lacking currently.
This is an epic issue. List of individual issues is below: