search

matrix-org / matrix-spec-proposals

Proposals for changes to the matrix specification
Apache License 2.0
994 stars 377 forks source link

Proposal for storing megolm keys serverside #1219

Closed benparsons closed 4 years ago

benparsons commented 6 years ago

Documentation: https://github.com/matrix-org/matrix-doc/pull/1538 Author: @ara4n, @uhoreg Date: 23/11/2017

uhoreg commented 6 years ago

The API was designed for option 1, and mostly works for option 2, but it seems like the /room_keys/version API could work better with the PK encryption, and doesn't seem to support the "Verifying the device [new] with an existing device, so the device gets a copy of the recovery-key public key, and can start backing up into the same session" use case.

I think one way to support that is to have the client use the version API to upload the public key for the backup, signed with the device's signing key, along with the device ID. When a new device signs in and wants to back up to that version, then it prompts the user to verify one of the devices that signed the public key. Once the device has been verified, the new device can sign the public key and upload its signature, so that newer devices can check the public key by verifying that device. (Alternatively, we could integrate with the cross-signing data somehow, so that we don't need multiple signatures.)

I think most of this (other than uploading other signatures) can be done with the existing API by changing the contents of the auth_data.

uhoreg commented 5 years ago

@mscbot fcp merge ?

mscbot commented 5 years ago

Team member @uhoreg has proposed to merge this. The next step is review by the rest of the tagged people:

No concerns currently listed.

Once at least 75% of reviewers approve (and none object), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for info about what commands tagged team members can give me.

mscbot commented 4 years ago

:bell: This is now entering its final comment period, as per the review above. :bell:

mscbot commented 4 years ago

The final comment period, with a disposition to merge, as per the review above, is now complete.

turt2live commented 4 years ago

This issue should remain open because it is under the legacy process - we'll close it when the spec PR has been merged.

turt2live commented 4 years ago

@uhoreg if you have proofs of implementation, please link to them here.

uhoreg commented 4 years ago

Synapse implementation: mainly in https://github.com/matrix-org/synapse/pull/4019, with some bits in https://github.com/matrix-org/synapse/pull/4123, https://github.com/matrix-org/synapse/pull/4580, https://github.com/matrix-org/synapse/pull/6189, and https://github.com/matrix-org/synapse/pull/5858 (the last one needs a bit of tweaking yet) JS-SDK implementation mainly: in https://github.com/matrix-org/matrix-js-sdk/pull/736 with a bit in https://github.com/matrix-org/matrix-js-sdk/pull/786

turt2live commented 4 years ago

Spec PR: https://github.com/matrix-org/matrix-doc/pull/2387

uhoreg commented 4 years ago

Merged! :tada: