-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Megolm Backup | Client should always have a local copy of all their megolm keys to limit the possibility of key loss #2446
Comments
I wrote some notes on how we might do this for web at element-hq/element-web#27009. Notes:
|
Question: is there any value in attempting to download individual keys on-demand once the full backup has been successfully downloaded? I'd think not? |
@richvdh will remodel this item based on https://docs.google.com/document/d/1eEj_BagixDuny_fhF_WjoKEm0SD538mTXA3s436-c2I/edit - we chose the "Update Rust backup manager, and refactor EW to use it" option |
Short answer: Once it has been successfully downloaded, no. But while it's beeing downoaladed definitly yes. Longer answer:
|
We do not proactively download message keys from key storage (and instead, download keys on demand after a UTD).
This means that, if the user then resets their key backup (for example because they forgot their recovery key), it is likely that a significant number of message keys will be lost.
To address this, we will make each new client download (in the background) a copy of all the message keys in key storage as soon as it can. The operation should be resilient to app restart and should have a UI to report progress.
We'd rather not implement this twice, so our plan as of this writing is to switch Element Web to using the key-backup management code in matrix-rust-sdk, and then implement this once there.
Tasks:
matrix-sdk::encryption::backups
to matrix-sdk-crypto so that it can be used by clients using that crate matrix-org/matrix-rust-sdk#3611Previous description
Context
We implemented a recent change to the way we get the room keys from backup. Previously, the full backup was downloaded after verification, as soon as the backup decryption key was known, but that did not result in a good user experience when your backup was too big. The time to download the full backup and decrypt it could be taking 10s of minutes depending on the platform.
In order to improve that (and in the absence of pagination for the backup), keys are now downloaded on-demand when we try to decrypt an historical message.
This results in a better user experience, as the messages get decrypted faster after a new login.
Problem
With this new way of getting the keys, all user sessions will now have only a partial set of the backed up keys. This can cause key loss if for example a user tries to reset his backup (without importing first from the previous backup).
Notice that the previous implementation of full backup import has several issues:
Solution
We want to ensure that each new client gets a copy of all the keys in backup as soon as it can. The operation should be resilient to app restart and should have an API [richvdh: or, more to the point: a UI?] to report progress.
Related/Existing issues
The text was updated successfully, but these errors were encountered: