After Sign out, all messages in history marked 'Encrypted by deleted session'

[CouponCodeSwap]

Description

When Sign out is selected, all previous messages in a room associated with the signed out account get the red shield treatment, "Encrypted by deleted session". Furthermore, if another user in room sends a message the following error is shown to that user when they sign back in:

** Unable to decrypt: Error: OLM.UNKNOWN_MESSAGE_INDEX **
Re-request encryption keys from your other sessions.?

If user clicks "Re-request encryption keys from your other sessions.?" another error is shown:

** Unable to decrypt: Error: OLM.UNKNOWN_MESSAGE_INDEX **
Key request sent.?

This has been tested on two separate accounts.

Steps to reproduce

• Sign out of account.
• Send message from another account in room where conversation with signed out account was occurring.
• Sign back in and attempt to read message sent while signed out.

Users should be able to sign out of their accounts without warnings being placed on all existing messages they sent and there should not be any issue reading messages that were added to the room while signed out.

Logs being sent: no

Version information

• Platform: desktop
• OS: Windows 10, Arch Linux
• Version: Element version: 1.7.3, olm version: 3.1.3

[t3chguy]

there should not be any issue reading messages that were added to the room while signed out.

If you are signed out of all devices then there are no sessions of yours for the content to be encrypted for, this is a property of https://en.wikipedia.org/wiki/Forward_secrecy

Users should be able to sign out of their accounts without warnings being placed on all existing messages

Is #13701

[CouponCodeSwap]

Thanks for the explanation. I had never signed out myself since installing the desktop version of Element (Riot) in Arch almost a year ago. The reason I became aware of this is that a friend who had recently created an account was signing out every evening and was having the issues reported. I spent quite a bit of time searching for this issue and thought it was related to one of the cross-signing bugs that had been reported. I told him it is being worked on and we should just wait it out. Luckily, it somehow dawned on me to test signing out and then I knew exactly what is causing the issue; he probably would have gotten so frustrated with seeing the red shield warnings and not receiving messages sent to him while signed out that he would have abandoned Element. And, now that I signed out, there is the eyesore of my entire message history being marked with red shield warnings for anyone I have chatted with. Taking this from a user-friendliness perspective with the target of gaining wider adoption, these type of cosmetic warning things cause people to lose confidence in the app. Perhaps this could be handled better:

1. Allow users to read message upon signing in again by clicking "Re-request encryption keys from your other sessions.?" or some other means.
2. Warn user attempting to send message that unauthenticated user is not signed in and message will be delivered after they have signed in again.
3. Warn user that other user is not signed in and not allow message to be sent, thus avoiding the confusing error message with link that does not work when they sign in again and attempt to read the message.
4. Make the red shield warning for "Encrypted by deleted session" optional with toggle in settings that is turned off by default. If somebody wants to see that, they can turn it on, but it won't be alarming to people who do not know what is going on.

Of course, 2 & 3 would be problematic in rooms with more than two people and only useful in DM scenario. There should be some way for users to either retrieve new messages after signing back in or a warning when Sign out is selected that any messages sent while they are signed out will not be accessible.

Would it be possible to put those in as feature requests?

Thank you for all your work on this project! I am really enjoying Element after having researched and demoed quite a few Skype alternatives and have been recommending it to friends / acquaintances. Happy to help promote the project and would like to see more people choosing Element over the other alternatives.