Open scotboyd opened 7 months ago
My understanding is that new installations do not get existing conversations, only new messages in the group. This is for security (an attacker can't steal your signature and get your message history). This is part of MLS. However, it is also my understanding that all successfully installed devices should be included in the group chat, and this is checked on a per-message basis.
So, something like:
"The Messaging Layer Security (MLS) protocol we use for Group Chats emphasizes Forward Secrecy and Post-Compromise Secrecy. For Post-Compromise Secrecy, new users added to a group do not get access to the group chat history. This includes new installations for an existing member of the group chat. This is because each message for each installation is encrypted separately, for security, at the time the message is created.
When group chat members send a new message, a copy of the message goes to every installation for every member of the group chat, including the sender. This means new messages will sync across all of a user's active installations, starting from when the installation is created."
Originally posted by @fabriguespe in https://github.com/xmtp/xmtp-dot-org/pull/649#pullrequestreview-1896539851