Error: This room is configured to use encryption, but your client does not support encryption

[jeena]

I installed the bridge and everything worked well until I realized that the rooms the bot creates are unencrypted, which kind of defeats the purpose of communicating with people via Signal. So I went in and set the first room to encrypted. Since then I'm not able to communicate with that room. I'm getting the error:

Error in handleThirdPartyRoomMessage Error: This room is configured to use encryption, but your client does not support encryption.
    at _encryptEventIfNeeded (/home/jeena/matrix-puppet-signal/node_modules/matrix-js-sdk/lib/client.js:2660:11)
    at /home/jeena/matrix-puppet-signal/node_modules/matrix-js-sdk/lib/client.js:2544:31
    at async App._handleThirdPartyRoomMessage (/home/jeena/matrix-puppet-signal/node_modules/matrix-puppet-bridge/src/base.js:1136:12)
...

... and so on. Like the UI says it's impossible to revert the encryption on a room. Therefor I thought I would delete the room and let the bot recreate it (I don't care about the previous data in it). But there is no way to delete a room. Then I found a script which would do it via the API https://gist.github.com/karl007/521f6ab84a398ee27118ab89aae7a9dc but when I run it it can't kick the @signalbot:jeena.net from the room even though my user is an admin user. I was able to kick the other user @signal_=2b46223947758:jeena.net from it but not the @signalbot:jeena.net user. This means that I can't uso https://github.com/matrix-org/synapse/blob/master/docs/admin_api/purge_room.md to restart the room.

I didn't anticipate those problems and I'm a bit worried that I can't encrypt the rooms which I use to talk to Signal, this makes at least all the attachments available publicly (when I use a proxy and the URLs are logged there). I guess HTTPS encrypts at least the connection between riot and my server, but it feels kind of dirty that the messages are not "end to end" encrypted between riot and the bridge.

Anyway, does someone have an idea how I can reestablish the one room so I can use it? Or is the only way to purge everything and start over?

[witchent]

Okay so first of all, this bridge is meant to be run on your own homeserver, which should communicate via a secure channel with your clients only. If no other person has access to your homeserver this should be "as secure" as end-to-end encryption. You will most likely never be able to have true end-to-end encryption with a bridge running, simply because the bridged service (signal here) and matrix do not speak the same encryption language (even though in signals case they are very close). What one could achieve is what they call "end to bridge encryption", but again, if you run the bridge on your own homeserver this will not change anything. And I won't even implement this because I don't see the point while the bridge is working as it is right now (i.e. single bridge for single user), and everything else will only come if I eventually do a complete rewrite using another base bridge class.

Now for your new problem, I would suggest you try and stop the bridge, remove/replace any alias ("addresses") the room has (for example through riot) and then restart the bridge. The bridge should not be saving the real ids of the room but it handles them via aliases, so if you can free up the alias (#signal_number:domain) then it should just create a new room and set that alias.

Please let me know if this works or which step is failing. And I will add a note about encryption to the readme.

[jeena]

The problem I have is that I can't kick the bot @signalbot:jeena.net out of that room even though I'm server admin for some reason. And therefor I can't remove/replace the room/alias.

[witchent]

I just tried on my server, I can remove the alias from within riot without any problem, so this is probably something with your homeserver.

[jeena]

Perhaps I'm just not up to speed with all the naming and get confused, when you say alias, is that a room name or the bot user?

I guess in your case you have the possibility to kick the signalbot under "Admin tools" and I don't, or did you mean something else?

[jeena]

Ok, I got it working, what I needed to do was to make the bot to demote itself from admin which hat 100, the same as my user.

My precedure:

• I switched off the bridge like you mentioned.
• For modifying power levels, you need to GET /_matrix/client/r0/rooms/!roomid:server/state/m.room.power_levels, then modify the content json as you like, then make a PUT request with the modified content to the same path.
• You need to use the bots access token which you can find in the signal-registration.yaml which you create while setting up the bridge.
• I also did one more thing, I set the Main address to "not specified", because someone mentioned that this is most probably necessary for the room to delete itself.
• After that you can kick the bot and all the other users and then leave yourself.
• Just to be sure I also run https://gist.github.com/karl007/521f6ab84a398ee27118ab89aae7a9dc but I don't think that did anything.
• I switched the bridge back on.
• I wrote something in that room and the bot joined and everything seems to work now.

Most probably this is more complicated than it needs to be, I guess now afterwards I could just have used the bots access token in the https://gist.github.com/karl007/521f6ab84a398ee27118ab89aae7a9dc and it would be able to kick all the users and purge the room in one go, but I didn't test it.

Thanks for all the help!

[witchent]

Glad to hear it worked out. What I meant by aliases is aliases for the room (your main address is one for example). Anyway, good to know what you did in case someone else attempts the same thing.