Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: change withheld code for IdentityBased share strategy #3985

Merged
merged 1 commit into from
Sep 25, 2024
Merged

crypto: change withheld code for IdentityBased share strategy #3985

merged 1 commit into from
Sep 25, 2024

Conversation

BillCarsonFr
Copy link
Member

Change the withheld code for the IdentityBasedStrategy from WithheldCode::Unauthorised
to WithheldCode::Unverified.

  • Public API changes documented in changelogs (optional)

Signed-off-by:

@BillCarsonFr BillCarsonFr force-pushed the valere/invisible_crypto/identity_based_withheld_code branch from 99f9d3c to 3d545a1 Compare September 11, 2024 17:29
@codecov Codecov
Copy link

codecov bot commented Sep 11, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 84.49%. Comparing base (d254217) to head (2bb0c50).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3985      +/-   ##
==========================================
- Coverage   84.54%   84.49%   -0.05%     
==========================================
  Files         266      266              
  Lines       28478    28478              
==========================================
- Hits        24076    24063      -13     
- Misses       4402     4415      +13

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@BillCarsonFr BillCarsonFr marked this pull request as ready for review September 11, 2024 20:25
@BillCarsonFr BillCarsonFr requested review from a team as code owners September 11, 2024 20:25
@BillCarsonFr BillCarsonFr requested review from stefanceriu and richvdh and removed request for a team September 11, 2024 20:25
stefanceriu
stefanceriu approved these changes Sep 12, 2024
View reviewed changes
Copy link
Member

@stefanceriu stefanceriu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me but can we have an explanation as to why this happened?

@BillCarsonFr
Copy link
Member Author

BillCarsonFr commented Sep 12, 2024
edited
Loading

Looks good to me but can we have an explanation as to why this happened?

You can find more here https://github.com/element-hq/element-web-rageshakes/issues/27055#issuecomment-2344092110

TL;DR It's for the new invisible crypto, and I was not sure of what withheld code would be the best to return (unauthorised, unverified, a new one?). After some discussion with @richvdh we decided to use m.unverified for now (also there is proper UX for that code)

@richvdh
Copy link
Member

richvdh commented Sep 12, 2024

Even more context:

m.unverified could be considered inappropriate because that code means that the sender is only sending to devices/users that the sender has verified (eg via emojis). That is not, strictly speaking, the problem here: the sender does not care that they have not done an interactive verification; they do care that the device owner has not done a verification.

Nevertheless, it feels less bad than co-opting m.unauthorised. The spec isn't very explicit, but the intention with m.unauthorised is that it be sent in response to a key-share request.

Ideally, we would have a different withheld code, more relevant to this case, but doing so would require spec changes and a bunch of work on the recipient side to handle the new code.

Using m.unverified feels like a pragmatic solution.

richvdh
richvdh approved these changes Sep 12, 2024
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM otherwise

@BillCarsonFr BillCarsonFr force-pushed the valere/invisible_crypto/identity_based_withheld_code branch from 3d545a1 to 2bb0c50 Compare September 25, 2024 14:58
@BillCarsonFr BillCarsonFr merged commit 14ec35e into main Sep 25, 2024
40 checks passed
@BillCarsonFr BillCarsonFr deleted the valere/invisible_crypto/identity_based_withheld_code branch September 25, 2024 15:24
richvdh added a commit to matrix-org/matrix-js-sdk that referenced this pull request Sep 30, 2024
@richvdh
Bump matrix-rust-sdk to 9.1.0
d29f2b8 
Mostly, to pick up matrix-org/matrix-rust-sdk#3985
@richvdh richvdh mentioned this pull request Sep 30, 2024
Merged
github-merge-queue bot pushed a commit to matrix-org/matrix-js-sdk that referenced this pull request Sep 30, 2024
@richvdh
Bump matrix-rust-sdk to 9.1.0 (#4435)
866fd6f 
Mostly, to pick up matrix-org/matrix-rust-sdk#3985
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richvdh richvdh richvdh approved these changes

@stefanceriu stefanceriu stefanceriu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@BillCarsonFr @richvdh @stefanceriu