element-meta icon indicating copy to clipboard operation
element-meta copied to clipboard
verified publisher icon element-hq

Making device verification more robust

Open andybalaam opened this issue 7 months ago • 4 comments

We did a quick review of problems we sometimes come across, where device verification can go wrong, usually because the list of secrets we have locally is incorrect or incomplete.

(There is an internal doc with more discussion, but the useful info is here.)

Here is a list of tasks we could do that would make us handle unexpected situations more robustly:

  • MOST IMPORTANT: Check what happens on other devices when we create a backup key - do they notice and self-heal? If not, fix them: https://github.com/element-hq/element-meta/issues/2865
  • Ensure correct order of operations for changing or creating secrets (add secret to 4S before creating thing) - enforce in crypto SDK. To do this, move 4S-handling into shared Rust code.
  • Add handling of unknown secrets - some generic 4S thing in the crypto SDK that just handles all secrets together. (E.g. dehydrated device key is unknown to EX)
  • Don't create a backup key when there is 4S set up - must either delete 4S or ask for recovery key to upload it. (Applies to new logins as well as turning on backup in an existing login)
  • If we have a local dehydration key and there is no recovery, prompt user to create recovery (or disable dehydration).
  • If fixing crypto by fetching from 4S doesn't work, force user to reset.
  • If fixing crypto by verifying against another device doesn't work, suggest 4S (if exists), or suggest reset.
  • Whenever we create a new identity, we should either delete 4S or upload to 4S.
  • If there is no 4S but you are missing secrets, offer to try verifying again against another device, but push user towards reset.
  • Send key bundle as last step of verification (avoids being verified but not having all keys) (requires a spec change)

Related issues

  • https://github.com/element-hq/element-web/issues/13542
  • https://github.com/matrix-org/matrix-spec/issues/2209
  • https://github.com/element-hq/element-web/issues/30988
  • https://github.com/element-hq/element-web/issues/30443

andybalaam avatar Jun 16 '25 14:06 andybalaam

MOST IMPORTANT: Check what happens on other devices when we create a backup key - do they notice and self-heal? If not, fix them.

I think this is https://github.com/element-hq/element-meta/issues/2865

richvdh avatar Jun 19 '25 10:06 richvdh

Related: https://github.com/element-hq/element-web/issues/13542

richvdh avatar Jun 30 '25 20:06 richvdh

  • If fixing crypto by fetching from 4S doesn't work, force user to reset.

We should be able to detect some of these cases before prompting the user to unlock 4S, if we can see that the secret is simply missing from 4S.

uhoreg avatar Jul 07 '25 20:07 uhoreg

Also related: https://github.com/matrix-org/matrix-spec/issues/2209

richvdh avatar Sep 12 '25 08:09 richvdh