Inviting a user to an E2EE room does not share keys for history with them, causing UISIs everywhere. #1496
Comments
Velin92
added
A-Timeline
S-Major
|
I don't think this is true anymore. The complement-crypto tests at least pass for invited users. |
manuroe
added
A-E2EE
|
I think K is right, closing |
ara4n
changed the title
|
Sorry, it looks like the bug wasn't clear enough - this bug is definitely still open. When you invite a user into a room, EX does not share the historical keys with the user. This is:
...but is snarled in RHUL fallout still. But from a product perspective, it's a real black eye. |
|
Ah, it would help if you didn't mention invites then. This is a general "we don't share historical keys" bug, invites are not a pre-req. |
|
but this is specifically about invites! the missing behaviour is that when Alice invites Bob to a room with shared hist viz, she should (in theory) use MSC3061 to send a tonne of keyshares for the history in that room so that Bob can actually read history. In other words, it's the EX implementation of:
Now, i think these got backed out post-RHUL, which is why this is now all in limbo, but from a product perspective i'm trying to point out that it's an awful experience and we've regressed here without a clear path forwards. |
Steps to reproduce
Outcome
What did you expect?
If you invite a user to a room, you should share them the keys they need to decrypt the messages they have permission to. (RHUL might have undermined this, given it lets malicious servers fake invites to steal keys, in which case we might instead need to wait until we have client-controlled group membership).
What happened instead?
UISIs everywhere.
Your phone model
No response
Operating system version
No response
Application version
343
Homeserver
No response
Will you send logs?
No
The text was updated successfully, but these errors were encountered: