Inviting a user to an E2EE room does not share keys for history with them, causing UISIs everywhere.

[ara4n]

Steps to reproduce

1. In EX, Invite a user to an E2EE room.
2. The user accepts the invite
3. They never receive the keys for the shared history, so will not be able to catch up on history.
4. EX will show these messages as UISIs rather than surpressing them.

Outcome

What did you expect?

If you invite a user to a room, you should share them the keys they need to decrypt the messages they have permission to. (RHUL might have undermined this, given it lets malicious servers fake invites to steal keys, in which case we might instead need to wait until we have client-controlled group membership).

What happened instead?

UISIs everywhere.

Your phone model

No response

Operating system version

No response

Application version

343

Homeserver

No response

Will you send logs?

No

[kegsay]

I don't think this is true anymore. The complement-crypto tests at least pass for invited users.

[stefanceriu]

I think K is right, closing

[ara4n]

Sorry, it looks like the bug wasn't clear enough - this bug is definitely still open. When you invite a user into a room, EX does not share the historical keys with the user.

This is:

• Implement MSC3061: Sharing room keys for past messages  matrix-org/matrix-rust-sdk#580 at the rust level
• crypto: Implemented sharing room keys for past messages (MSC3061)  matrix-org/matrix-rust-sdk#2650 as an implementation at rust

...but is snarled in RHUL fallout still. But from a product perspective, it's a real black eye.

[kegsay]

Ah, it would help if you didn't mention invites then. This is a general "we don't share historical keys" bug, invites are not a pre-req.

[ara4n]

but this is specifically about invites! the missing behaviour is that when Alice invites Bob to a room with shared hist viz, she should (in theory) use MSC3061 to send a tonne of keyshares for the history in that room so that Bob can actually read history.

In other words, it's the EX implementation of:

• Add function to share megolm keys for historical messages, take 2 matrix-org/matrix-js-sdk#1640
• Sharing room keys for past messages element-ios#4947
• Sharing room keys for past messages element-android#4153

Now, i think these got backed out post-RHUL, which is why this is now all in limbo, but from a product perspective i'm trying to point out that it's an awful experience and we've regressed here without a clear path forwards.

[moritzdietz]

Just ran into this when inviting a user (he is using EX) to a E2EE room with 8 others. He got the message to get the keys for the previous messages, but nothing happens. New messages decrypt just fine on his phone. He is using only EX on his account and this is the only session he has

Would it help if he logged into his account on ED or EW? Would the keys then eventually sync up so his EX shows the messages?