Olm sessions are vulnerable to wedging on OS crash or power failure, leading to UTDs

matrix-org / matrix-rust-sdk

Matrix Client-Server SDK for Rust

Apache License 2.0

1.26k stars 252 forks source link

Olm sessions are vulnerable to wedging on OS crash or power failure, leading to UTDs #3354

Open richvdh opened 6 months ago

richvdh commented 6 months ago

Consider:

Alice and Bob have an active Olm session.
Alice is using a client which uses the indexeddb backend of matrix-crypto-sdk. She wants to send a new Olm message, so she generates a new Olm ratchet key and updates the session. She can then encrypt the new message, and stores the updated session in the database
Alice sends the message.
Alice's computer crashes.
Alice reboots
If the updated session was not correctly persisted before the crash, this Olm session is now wedged: Alice cannot decrypt any replies from Bob, and, because Alice will use the wrong ratchet key in the next sender chain, Bob will be unable to decrypt any further messages from Alice.

Currently, we use the "default" durability mode of IndexedDB, which can lead to data loss. We should instead use "strict", at least for transactions which update Olm sessions.

kegsay commented 6 months ago

Amazingly.. Firefox still doesn't support the durability property. https://developer.mozilla.org/en-US/docs/Web/API/IDBTransaction/durability though pre-release versions do.

EDIT: Ah that's reading the durability from an existing transaction, the option to enable it has been supported much longer https://developer.mozilla.org/en-US/docs/Web/API/IDBDatabase/transaction#options

kegsay commented 6 months ago

Filed https://github.com/rustwasm/wasm-bindgen/issues/3959 which needs to land first before we can specify the durability mode.

Pamplemousse commented 4 months ago

Ugh, I believe this just happened to me (Alice is a bot running on my server, and Bob is myself)... Any idea on how to "reinitialise" the Olm session?

poljar commented 4 months ago

Do you happen to run the bot using the IndexedDB based store? Do you have logs for this? I suspect that the cause might be a different one.

The Olm session will attempt to reinitialize itself, though you might need to drop the currently active room key for the new session to be used: https://matrix-org.github.io/matrix-rust-sdk/matrix_sdk/room/struct.Room.html#method.discard_room_key. That's at least required if you don't use a SDK version which includes: https://github.com/matrix-org/matrix-rust-sdk/pull/3604.

Pamplemousse commented 4 months ago

@poljar Probably not indeed. I would have loved to try your fix by bumping the version of the SDK I use, but I can't because of #3689 .

kegsay commented 2 months ago

wasm-bindgen 0.2.93 has updated the IndexedDB API so it should now be possible to set a durability.