Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing encryption keys in secret storage #8814

Open
yostyle opened this issue Apr 30, 2024 · 6 comments
Open

Missing encryption keys in secret storage #8814

yostyle opened this issue Apr 30, 2024 · 6 comments
Labels
T-Defect Something isn't working: bugs, crashes, hangs and other reported problems

Comments

@yostyle
Copy link
Contributor

yostyle commented Apr 30, 2024
edited by dkasak

Steps to reproduce

  1. Install Element 1.5.32 or older (any other version without crypto rust)
  2. Send some events in rooms to have a significant history.
  3. Upgrade to Element 1.6.8 (higher version could crash, it's another problem to report...)
  4. Don't open the rooms
  5. Reset secure backup
  6. Create a new session on any Matrix client like Element X (or Element Web)
  7. On the new session restore from backup
  8. Open a room

Outcome

What did you expect?

All events should be decryptable.

What happened instead?

All events are undecryptable because message keys (Megolm sessions) are not backed up.

Only message keys migrated to the Rust crypto store are backed up to the server-side key backup. Message keys that are not present in the Rust crypto store are missing in the key backup.

Your phone model

Pixel 8 Pro

Operating system version

Android 14

Application version and app store

No response

Homeserver

matrix.org

Will you send logs?

No

Are you willing to provide a PR?

No
@yostyle yostyle added the T-Defect Something isn't working: bugs, crashes, hangs and other reported problems label Apr 30, 2024
@giomfo
Copy link
Member

giomfo commented Apr 30, 2024

This is possible to reproduce this issue on any Element-Android client which has been updated from Element (without crypto rust) to ElementR (with crypto rust).
After a reset of the Secure Backup on ER-Android, the keys stored locally in the Realm DB are uploaded in the key backup only when they are used to decrypt an event. These keys are missing in the backup by default

@yostyle
Copy link
Contributor Author

yostyle commented Apr 30, 2024
edited

On Element Web and Element iOS it seems the realm db is migrated totally. A similar behavior is needed on Android.

Element iOS :
https://github.com/matrix-org/matrix-ios-sdk/blob/develop/MatrixSDK/Crypto/Migration/MXCryptoMigrationV2.swift
https://github.com/matrix-org/matrix-ios-sdk/blob/develop/MatrixSDK/Crypto/MXCryptoV2.swift

Element Web :
https://github.com/matrix-org/matrix-js-sdk/blob/develop/src/rust-crypto/libolm_migration.ts

@yostyle
Copy link
Contributor Author

yostyle commented May 16, 2024

@giomfo do you have a plan about this issue ?

It could impact some users on Element X, Element 1.6.8 and higher.

@giomfo
Copy link
Member

giomfo commented May 17, 2024

@yostyle internal discussions are still in progress about this key migration issue

@toshanmugaraj
Copy link

Here is another issue in open related to the crash happening on migration in Android:

#8799

@yostyle yostyle mentioned this issue May 28, 2024
Open
@toshanmugaraj
Copy link

toshanmugaraj commented Jun 2, 2024
edited

@yostyle internal discussions are still in progress about this key migration issue

@giomfo we reached any conclusion on the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
T-Defect Something isn't working: bugs, crashes, hangs and other reported problems
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@toshanmugaraj @yostyle @giomfo