bot remembers all keys for an address

[gfa]

Hi

I have an test email account, gfa@zumbi.xyz, which I've been using to play with autocrypt. From that account i sent multiple emails to bot@a.o and bot-mutual@a.o, which worked fine.

Before doing an autocrypt demo, I removed all keys from my test account and proceed to repeat the process, everything went fine except that bot-mutual send me back an email encrypted with my old key (which i no longer have)

After checking the keyring on botmutual account I found out it has 4 keys for my test email, instead of just the last one

bot@lists:~/.config/muacrypt/gpg/botmutual$ gpg --list-keys gfa@zumbi.xyz
pub   rsa2048 2018-02-25 [SC]
      E5DD3F69F746C992657A4F9BFF832FDAB37431CF
uid           [ unknown] gustavo <gfa@zumbi.xyz>
sub   rsa2048 2018-02-25 [E]

pub   rsa4096 2018-02-25 [SCA] [expires: 2023-02-24]
      AD4EAFBE0EA5956E76C017CC7B0B2F32F246CB28
uid           [ unknown] gustavo <gfa@zumbi.xyz>
sub   rsa4096 2018-02-25 [E] [expires: 2023-02-24]

pub   rsa4096 2018-02-25 [SCA] [expires: 2023-02-24]
      C0A49B0CEBBA236120AAC2E215A28D47C68BE10B
uid           [ unknown] gustavo <gfa@zumbi.xyz>
sub   rsa4096 2018-02-25 [E] [expires: 2023-02-24]

pub   rsa4096 2018-02-28 [SCA] [expires: 2023-02-27]
      47C500D6D8BAC2E8EC6C1D25DD19B204B6FDCF1B
uid           [ unknown] gustavo <gfa@zumbi.xyz>
sub   rsa4096 2018-02-28 [E] [expires: 2023-02-27]

[hpk42]

yes, keys are not deleted from the keyring. still the bot should use your latest key unless there is a logical processing problem (in the autocrypt processing logic). muacrypt keeps a peerstate which tells which key to use for which peer.