@ggazzo FYI, At least in RC 3.12.0-rc1 all messages are saved completely unencrypted into the database regardless of the state of the E2E-option on the channel.

@Gummikavalier This is a critical bug. Do you mind explaining this regression in a new issue? I've seen #20596, but I believe it's unrelated.

@tassoevan Yes that other E2E issue is unrelated to this.

What I did after updating our test environment from 3.11.1 to 3.12-rc.1 was that I started testing whether that other bug was fixed or not. It wasn't but I also happened to test whether pointing with @ would work, and noticed it was working. Hurrah, until I realized that also searches worked, even though I know that server side searches are nigh impossible to implement in E2E solution.

At this point I checked new messages of both my direct E2E test room and E2E group test room in the database, and noticed msg field in new test messages were unencrypted plain text.

To troubleshoot further I disabled existing E2E on the group channel, enabled it again as well as ran few F5s in between for participants web clients to reset the situation after disabling and enabling again. Both participants saw green key go off and back on as they should.

After both had green key on again, I sent few more messages on the group channel and checked the database, and I saw that all new messages were still unencrypted.

After I restored our test instance from a VM snapshot back to 3.11.1, I tested E2E again on it, and there msg fields were getting encrypted properly.

If necessary and messages in your test systems are properly encrypted in the database, I can have another look with 3.12-rc.1 for comparison. It is only few minutes of work with VM snapshots.

I didn't read first line correctly, I'll create a new issue about this with the above explanation. :)

If necessary and messages in your test systems are properly encrypted in the database, I can have another look with 3.12-rc.1 for comparison. It is only few minutes of work with VM snapshots.

please check #20922 I think it solves your problem

@ggazzo Thanks! Unfortunately the issue is fixed in admin E2E-enabled channels but when I enabled E2E as regular owner on a group channel, the message content stays still unencrypted.

Difference of the two:
{ "_id" : "sbYr9zqnW8u2JPw6Y", "rid" : "icywQ4eXj9BJxJS8ptSjwXfPXwugG2fqkD", "msg" : "eyJhbGciOiJBvCw5fWBRz9J0oWmeIpmlxXZmUiXPoN0W95LOKr4038cwA6Sim86Zv6P3HAcpXkQZ8ZA0RjJC0gUYzaVH8VFQcWpG+7RF+uTqN6aSdh/cBTMepKc+lsuCPD6t8NIrXS5dxdwTbUddmGWxK547EULELvsDnqr8THonq1lkcfKdeU8=", "t" : "e2e", "e2e" : "pending", "ts" : ISODate("2021-03-01T15:20:41.707Z"), "u" : { "_id" : "icywQ4eXj9BJxJS8p", "username" : "xxxxxx", "name" : "yyyyyy" }, "_updatedAt" : ISODate("2021-03-01T15:20:41.751Z"), "mentions" : [ ], "channels" : [ ] }

{ "_id" : "HtTrt3fKTpGevD2vj", "rid" : "M3dkN4ACZmregvpWy", "msg" : "tsubadui", "ts" : ISODate("2021-03-01T15:21:21.227Z"), "u" : { "_id" : "icywQ4eXj9BJxJS8p", "username" : "xxxxxx", "name" : "yyyyyy" }, "_updatedAt" : ISODate("2021-03-01T15:21:21.252Z"), "mentions" : [ ], "channels" : [ ] }

I can confirm that the issue happens on 3.12.0 when E2E is enabled by common owner of the room. Should the owner be also admin on the RC instance, it works.

@ggazzo Sorry for trouble, seems to work now in 3.12.0. Just the first message is not encrypted until key exchange has been completed, after which the rest are. Explanation at:
#20910