search

matrix-org / synapse

Synapse: Matrix homeserver written in Python/Twisted.
https://matrix-org.github.io/synapse
Apache License 2.0
11.83k stars 2.13k forks source link

Database stores multiple cross-signing keys of the same type for a given user #16398

Open richvdh opened 1 year ago

richvdh commented 1 year ago

The Matrix protocol assumes that each user will have at most one cross-signing key of a given type (master, self_signing, user_signing) at a time.

However, it is possible for clients to replace the existing keys with further calls to POST /_matrix/client/v3/keys/device_signing/upload. When that happens, Synapse appears to just add the new key to e2e_cross_signing_keys without deleting the old one. Some matrix.org users have accumulated over 2000 keys of each type.

This is redundant data which we have no business keeping (and it sucks up disk space).

There also seems to be a codepath somewhere where we end up with multiple copies of a key for a remote user get stored in the database.

Ideally the e2e_cross_signing_keys table should be UNIQUE in (user_id, keytype).

erikjohnston commented 1 year ago

Is this causing any user visible problems? Though I agree we should fix it.

richvdh commented 1 year ago

No, it's just a case of filling up a database with stuff a user would reasonably expect us to have deleted.