Open GregSutcliffe opened 2 years ago
@GregSutcliffe symptoms you describe here make this look very like to be the same as #2436 .
Are you using server-side keybackups or just verify with the other session? I can reproduce this when just verifying with the other session, server-side keybackup seems to be working fine. Also, if you re-request the keys, are the messages decryptable?
For the record:
Directly after login and verification I see ** Unable to decrypt: The sender's device has not sent us the keys for this message. **
, after refreshing Element Web I see ** Unable to decrypt: The secure channel with the sender was corrupted. Trying to create a new secure channel and re-requesting the keys. **
, but re-requesting the keys from the other sessions makes the messages readable.
Still didn't figure out why verification doesn't seem to be enough, Element Web seems to send sendToDevice
messages requesting the keys (m.room_key_request
), the other sessions replies happily with m.room_encrypted
messages, which make their way to the new session (which should decrypt the messages at this point, AFAIK).
Thanks for the reply @S7evinK!
Are you using server-side keybackups or just verify with the other session?
I'm unsure how to check this, to be honest. I presume it's one of the settings under Security & Privacy, can you point me to the right one? Taking a guess, I do see this "Secure Backup -> ✅ This session is backing up your keys." so I think that means I am backing them up serverside?
The current state seems to be weird. I have a chat with just myself (2 accounts, matrix.org and dendrite) and that works fine, I created a new session on app.element.io
, verified the login, and my matrix.org account could read messages from either session. However, my friend still claims he is seeing key errors - I will ask him to see if he is getting what you are getting before/after refresh.
Right, that's the server-side backup.
Is your friend on matrix.org or on your Dendrite server? If he's on Dendrite, it sounds like he didn't get a device list update. If he's also on matrix.org, it's really a bit weird, since your account received the update.
My friend is on matrix.org, and yes, I cannot understand why he still has problems with my messages. I am going to set up a new room with him and both my accounts, and test from scratch - are there any logs that would help while I'm doing it?
OK, my friend and I went ahead an made a new room. Things got weird very fast. Here's a timeline:
You'll note this is the exact opposite of what I reported before (last time I could read messages and my friend could not). So I wondered if the fact we're in a new room matters (though I cannot imagine how). But no, even in our original chat, I could not read the broken message from matrix.org, but my friend could.
This makes me wonder if there's something ephemeral or race-ish going on? I can't imagine how the situation has been reversed otherwise.
Happy to do more debugging, let me know what. If you want to start a chat to debug, I'm happy to do that too, and I'm sure my friend would be as well. Alternatively I suppose I could break out my security key and nuke all my sessions, maybe it would help :P
This might be fixed with the recent fixes to the js sdk. It was notable to me that SchildiChat was never affected, it was my one reliable client, and since the sdk fix, element web on both my laptops appears to function correctly - messages are not failing to decrypt in all the ways I could get them to fail before.
Might need some testing to see if it's still reproducible, but at the moment this seems to be working...
Background information
go version
: 1.17.9 linux/arm64Description
** Unable to decrypt: The secure channel with the sender was corrupted. Trying to create a new secure channel and re-requesting the keys. **
Steps to reproduce
I'm assuming there is something weird in my account state, so I expect this will not reproduce for others, but this is consistent for me:
Screenshots:
Sessions on Client A:
Sessions on Client B:
So, both are present, and I can confirm the session IDs match. How the chat looks:
Looking in the logs, I do see this: