Key Backup not restored automatically after verification

[aWeinzierl]

Steps to reproduce

1. Have properly verified and backed up session
   
2. Log out
3. Log in
4. Click verify with other device
   
5. change language
6. Open encrypted chats, see Unable to decrypt message
7. wait 5 Minutes, see nothing changed
8. Click restore from Backup
9. Type security key, click Continue
10. See keys being restored, see readable messages
11. After restoring keys: dialogue:
    
12. Click cancel,
13. Click restore from Backup, see keys being restored without security key request
14. arrive at step 1

Outcome

What did you expect?

.6. all my messages decrypted, or being decrypted
.9. no request for security key
.11. see success dialogue

What happened instead?

.6. messages not decryptable
.9. security key was requested, despite verification
.11. see request for security key again

Operating system

Windows 10

Application version

Element version: 1.11.58 Crypto version: Rust SDK 0.7.0 (691ec63), Vodozemac 0.5.0

How did you install the app?

https://element.io/get-started

Homeserver

matrix.org

Will you send logs?

Yes

[richvdh]

In legacy crypto, we used to download the full key backup after verification (in the background); element R no longer does this. (Element-R does try to download individual keys, but it's unclear if, for example, it will retry any UTDs that are already on-screen)

[richvdh]

do we need to sort out element-hq/element-meta#2176 for this ?

[richvdh]

In legacy crypto, we used to download the full key backup after verification (in the background); element R no longer does this. (Element-R does try to download individual keys, but it's unclear if, for example, it will retry any UTDs that are already on-screen)

Oddly, if you verify with the security key/phrase, it seems we do attempt to restore the backup in the background. (Though we don't show that in the UI, see #17839)

[richvdh]

Update 2024-10-21: Some of this is outdated: the intention is now to switch to using the rust-sdk implementation of key backup download.

This is therefore blocked on matrix-org/matrix-rust-sdk#3611.

Thoughts on implementing this:

• Move the existing MatrixClient.restoreKeyBackup* methods into the legacy crypto codebase. Add some thin, deprecated, wrappers in MatrixClient which do nothing unless legacy crypto is being used. Remove CryptoBackend.getBackupDecryptor. (cf also Rip out legacy crypto code #26922)
• We will need somewhere to store a persistent record of whether we have successfully restored the current backup. The obvious place to do this is inside the rust crypto store, alongside the backup keys -- then it can be returned by get_backup_keys. We'll need to add support to all the crypto stores and expose setters and getters in the bindings.
• Rename PerSessionKeyBackupDownloader into BackupDownloadManager.
• In BackupDownloadManager.internalCheckFromServer, where it updates the configuration, fire off a task which will:
  • Download the backup; keep retrying until success.
  • Parse the result, and split it up
  • Decrypt and import the keys
  • Maintain some status information in BackupDownloadManager
  • Stop when configuration is null or stop is true
• Expose some status information via CryptoApi
• Expose the status in the UI.