Skip to content

Fix enabling key backup not working if there is an untrusted key backup #30707

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Sep 15, 2025
Merged

Fix enabling key backup not working if there is an untrusted key backup #30707

merged 6 commits into from
Sep 15, 2025

Conversation

Half-Shot
Copy link
Member

@Half-Shot Half-Shot commented Sep 5, 2025
edited
Loading

Fixes #30706
Possibly fixes #29856, and certainly improves logging of it.

This a proposed fix for the linked issue, albeit this is mostly working off my debugging assumptions and needs crypto scrutiny here.

The summary of #30706 is users may have untrusted key backups on their account that are unusable by Element Web, and in those cases we should proceed to resetting and creating a new backup rather than flaking out. I've also added abundant logging to this section as it's important to understand the state of the user's account for future debugging.

Checklist

@Half-Shot Half-Shot requested review from a team and richvdh and removed request for a team September 5, 2025 08:30
@Half-Shot Half-Shot requested a review from a team as a code owner September 5, 2025 08:30
@Half-Shot Half-Shot changed the title Fix enabling key backup not working if there is an untrusted key back… Fix enabling key backup not working if there is an untrusted key backup Sep 5, 2025
richvdh
richvdh approved these changes Sep 11, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this, a couple of nits it might be nice to clean up but generally LGTM

src/components/viewmodels/settings/encryption/KeyStoragePanelViewModel.ts
currentKeyBackup.trustInfo,
);
// Check if the current key backup can be used. Either of these properties causes the key backup to be used.
if (currentKeyBackup.trustInfo.trusted || currentKeyBackup.trustInfo.matchesDecryptionKey) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

really feels like this ought to be exposed more explicitly by checkKeyBackupAndEnable (a result field, maybe?) rather than something you have to reverse-engineer, but I'll not insist on that change.

@Half-Shot Half-Shot added this pull request to the merge queue Sep 15, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Sep 15, 2025
@Half-Shot Half-Shot added this pull request to the merge queue Sep 15, 2025
Merged via the queue into develop with commit 08487aa Sep 15, 2025
35 checks passed
@Half-Shot Half-Shot deleted the hs/fix-key-backup-state branch September 15, 2025 12:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richvdh richvdh richvdh approved these changes

@florianduros florianduros Awaiting requested review from florianduros florianduros is a code owner automatically assigned from element-hq/element-web-reviewers

Assignees
No one assigned
Labels
T-Defect
Projects
None yet
Milestone
No milestone
2 participants
@Half-Shot @richvdh