-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clients should be trusted to write to online megolm backups if they own the priv half of the backup key. #7399
Labels
A-E2EE
A-E2EE-Key-Backup
P1
S-Major
Severely degrades major functionality or product features, with no satisfactory workaround
T-Defect
Comments
Yup, that seems correct. |
lampholder
added
T-Defect
P1
S-Major
Severely degrades major functionality or product features, with no satisfactory workaround
A-E2EE
labels
Sep 27, 2018
This seems to have been implemented. |
su-ex
added a commit
to SchildiChat/element-web
that referenced
this issue
Jan 17, 2022
* Add permission dropdown for sending reactions ([\element-hq#7492](matrix-org/matrix-react-sdk#7492)). Fixes element-hq#20450. * Ship maximised widgets and remove feature flag ([\element-hq#7509](matrix-org/matrix-react-sdk#7509)). * Properly maintain aspect ratio of inline images ([\element-hq#7503](matrix-org/matrix-react-sdk#7503)). * Add zoom buttons to the location view ([\element-hq#7482](matrix-org/matrix-react-sdk#7482)). * Remove bubble from around location events ([\element-hq#7459](matrix-org/matrix-react-sdk#7459)). Fixes element-hq#20323. * Disable "Publish this room" option in invite only rooms ([\element-hq#7441](matrix-org/matrix-react-sdk#7441)). Fixes element-hq#6596. Contributed by @aaronraimist. * Give secret key field an `id` ([\element-hq#7489](matrix-org/matrix-react-sdk#7489)). Fixes element-hq#20390. Contributed by @SimonBrandner. * Display a tooltip when you hover over a location ([\element-hq#7472](matrix-org/matrix-react-sdk#7472)). * Open map in a dialog when it is clicked ([\element-hq#7465](matrix-org/matrix-react-sdk#7465)). * a11y - wrap notification level radios in fieldsets ([\element-hq#7471](matrix-org/matrix-react-sdk#7471)). * Wrap inputs in fieldsets in Space visibility settings ([\element-hq#7350](matrix-org/matrix-react-sdk#7350)). * History based navigation with new right panel store ([\element-hq#7398](matrix-org/matrix-react-sdk#7398)). Fixes element-hq#19686 element-hq#19660 and element-hq#19634. * Associate room alias warning with public option in settings ([\element-hq#7430](matrix-org/matrix-react-sdk#7430)). * Disable quick reactions button when no permissions ([\element-hq#7412](matrix-org/matrix-react-sdk#7412)). Fixes element-hq#20270. * Allow opening a map view in OpenStreetMap ([\element-hq#7428](matrix-org/matrix-react-sdk#7428)). * Display the user's avatar when they shared their location ([\element-hq#7424](matrix-org/matrix-react-sdk#7424)). * Remove the Forward and Share buttons for location messages only ([\element-hq#7423](matrix-org/matrix-react-sdk#7423)). * Add configuration to disable relative date markers in timeline ([\element-hq#7405](matrix-org/matrix-react-sdk#7405)). * Space preferences for whether or not you see DMs in a Space ([\element-hq#7250](matrix-org/matrix-react-sdk#7250)). Fixes element-hq#19529 and element-hq#19955. * Have LocalEchoWrapper emit updates so the app can react faster ([\#7358](matrix-org/matrix-react-sdk#7358)). Fixes element-hq#19749. * Use semantic heading on dialog component ([\element-hq#7383](matrix-org/matrix-react-sdk#7383)). * Add `/jumptodate` slash command ([\element-hq#7372](matrix-org/matrix-react-sdk#7372)). Fixes element-hq#7677. * Update room context menu copy ([\element-hq#7361](matrix-org/matrix-react-sdk#7361)). Fixes element-hq#20133. * Use lazy rendering in the AddExistingToSpaceDialog ([\element-hq#7369](matrix-org/matrix-react-sdk#7369)). Fixes element-hq#18784. * Tweak FacePile tooltip to include whether or not you are included ([\element-hq#7367](matrix-org/matrix-react-sdk#7367)). Fixes element-hq#17278. * Ensure group audio-only calls don't switch on the webcam on join ([\element-hq#20234](element-hq#20234)). Fixes element-hq#20212. * Fix wrongly wrapping code blocks, breaking line numbers ([\element-hq#7507](matrix-org/matrix-react-sdk#7507)). Fixes element-hq#20316. * Set header buttons to no phase when right panel is closed ([\element-hq#7506](matrix-org/matrix-react-sdk#7506)). * Fix active Jitsi calls (and other active widgets) not being visible on screen, by showing them in PiP if they are not visible in any other container ([\element-hq#7435](matrix-org/matrix-react-sdk#7435)). Fixes element-hq#15169 and element-hq#20275. * Fix layout of message bubble preview in settings ([\element-hq#7497](matrix-org/matrix-react-sdk#7497)). * Prevent mutations of js-sdk owned objects as it breaks accountData ([\element-hq#7504](matrix-org/matrix-react-sdk#7504)). Fixes matrix-org/element-web-rageshakes#7822. * fallback properly with pluralized strings ([\element-hq#7495](matrix-org/matrix-react-sdk#7495)). Fixes element-hq#20455. * Consider continuations when resolving whether a tile is last in section ([\element-hq#7461](matrix-org/matrix-react-sdk#7461)). Fixes element-hq#20368 and element-hq#20369. * Fix read receipts and sent indicators for bubble layout ([\element-hq#7460](matrix-org/matrix-react-sdk#7460)). Fixes element-hq#18298 and element-hq#20345. * null-guard dataset mxTheme to prevent html exports from exploding ([\element-hq#7493](matrix-org/matrix-react-sdk#7493)). Fixes element-hq#20453. * Fix avatar container overlapping give feedback cta ([\element-hq#7491](matrix-org/matrix-react-sdk#7491)). Fixes matrix-org/element-web-rageshakes#7987. * Fix jump to bottom button working when on a permalink ([\element-hq#7494](matrix-org/matrix-react-sdk#7494)). Fixes element-hq#19813. * Remove the Description from the location picker ([\element-hq#7485](matrix-org/matrix-react-sdk#7485)). * Fix look of the untrusted device dialog ([\#7487](matrix-org/matrix-react-sdk#7487)). Fixes element-hq#20447. Contributed by @SimonBrandner. * Hide maximise button in the sticker picker ([\element-hq#7488](matrix-org/matrix-react-sdk#7488)). Fixes element-hq#20443. Contributed by @SimonBrandner. * Fix space ordering to match newer spec ([\element-hq#7481](matrix-org/matrix-react-sdk#7481)). * Fix typing notification colors ([\element-hq#7490](matrix-org/matrix-react-sdk#7490)). Fixes element-hq#20144. Contributed by @SimonBrandner. * fix fallback for pluralized strings ([\element-hq#7480](matrix-org/matrix-react-sdk#7480)). Fixes element-hq#20426. * Fix right panel soft crashes chat rooms ([\element-hq#7479](matrix-org/matrix-react-sdk#7479)). Fixes element-hq#20433. * update yarn.lock and i18n ([\element-hq#7476](matrix-org/matrix-react-sdk#7476)). Fixes element-hq#20426 and element-hq#20423. * Don't send typing notification when restoring composer draft ([\element-hq#7477](matrix-org/matrix-react-sdk#7477)). Fixes element-hq#20424. * Fix room joining spinner being incorrect if you change room mid-join ([\element-hq#7473](matrix-org/matrix-react-sdk#7473)). * Only return the approved widget capabilities instead of accepting all requested capabilities ([\element-hq#7454](matrix-org/matrix-react-sdk#7454)). Contributed by @dhenneke. * Fix quoting messages from the search view ([\element-hq#7466](matrix-org/matrix-react-sdk#7466)). Fixes element-hq#20353. * Attribute fallback i18n strings with lang attribute ([\element-hq#7323](matrix-org/matrix-react-sdk#7323)). * Fix spotlight cmd-k wrongly expanding left panel ([\element-hq#7463](matrix-org/matrix-react-sdk#7463)). Fixes element-hq#20399. * Fix room_id check when adding user widgets ([\element-hq#7448](matrix-org/matrix-react-sdk#7448)). Fixes element-hq#19382. Contributed by @bink. * Add new line in settings label ([\element-hq#7451](matrix-org/matrix-react-sdk#7451)). Fixes element-hq#20365. * Fix handling incoming redactions in EventIndex ([\element-hq#7443](matrix-org/matrix-react-sdk#7443)). Fixes element-hq#19326. * Fix room alias address isn't checked for validity before being shown as added ([\element-hq#7107](matrix-org/matrix-react-sdk#7107)). Fixes element-hq#19609. Contributed by @Palid. * Call view accessibility fixes ([\element-hq#7439](matrix-org/matrix-react-sdk#7439)). Fixes element-hq#18516. * Fix offscreen canvas breaking with split-brained firefox support ([\element-hq#7440](matrix-org/matrix-react-sdk#7440)). * Removed red shield in forwarding preview. ([\element-hq#7447](matrix-org/matrix-react-sdk#7447)). Contributed by @ankur12-1610. * Wrap status message ([\element-hq#7325](matrix-org/matrix-react-sdk#7325)). Fixes element-hq#20092. Contributed by @SimonBrandner. * Move hideSender logic into state so it causes re-render ([\element-hq#7413](matrix-org/matrix-react-sdk#7413)). Fixes element-hq#18448. * Fix dialpad positioning ([\element-hq#7446](matrix-org/matrix-react-sdk#7446)). Fixes element-hq#20175. Contributed by @SimonBrandner. * Hide non-functional list options on Suggested sublist ([\element-hq#7410](matrix-org/matrix-react-sdk#7410)). Fixes element-hq#20252. * Fix width overflow in mini composer overflow menu ([\element-hq#7411](matrix-org/matrix-react-sdk#7411)). Fixes element-hq#20263. * Fix being wrongly sent to Home space when creating/joining/leaving rooms ([\element-hq#7418](matrix-org/matrix-react-sdk#7418)). Fixes matrix-org/element-web-rageshakes#7331 element-hq#20246 and element-hq#20240. * Fix HTML Export where the data-mx-theme is `Light` not `light` ([\element-hq#7415](matrix-org/matrix-react-sdk#7415)). * Don't disable username/password fields whilst doing wk-lookup ([\element-hq#7438](matrix-org/matrix-react-sdk#7438)). Fixes element-hq#20121. * Prevent keyboard propagation out of context menus ([\element-hq#7437](matrix-org/matrix-react-sdk#7437)). Fixes element-hq#20317. * Fix nulls leaking into geo urls ([\element-hq#7433](matrix-org/matrix-react-sdk#7433)). * Fix zIndex of peristent apps in miniMode ([\element-hq#7429](matrix-org/matrix-react-sdk#7429)). * Space panel should watch spaces for space name changes ([\element-hq#7432](matrix-org/matrix-react-sdk#7432)). * Fix list formatting alternating on edit ([\element-hq#7422](matrix-org/matrix-react-sdk#7422)). Fixes element-hq#20073. Contributed by @renancleyson-dev. * Don't show `Testing small changes` without UIFeature.Feedback ([\element-hq#7427](matrix-org/matrix-react-sdk#7427)). Fixes element-hq#20298. * Fix invisible toggle space panel button ([\element-hq#7426](matrix-org/matrix-react-sdk#7426)). Fixes element-hq#20279. * Fix legacy breadcrumbs wrongly showing up ([\element-hq#7425](matrix-org/matrix-react-sdk#7425)). * Space Panel use SettingsStore instead of SpaceStore as source of truth ([\element-hq#7404](matrix-org/matrix-react-sdk#7404)). Fixes element-hq#20250. * Fix inline code block nowrap issue ([\element-hq#7406](matrix-org/matrix-react-sdk#7406)). * Fix notification badge for All Rooms space ([\element-hq#7401](matrix-org/matrix-react-sdk#7401)). Fixes element-hq#20229. * Show error if could not load space hierarchy ([\element-hq#7399](matrix-org/matrix-react-sdk#7399)). Fixes element-hq#20221. * Increase gap between ELS and the subsequent event to prevent overlap ([\element-hq#7391](matrix-org/matrix-react-sdk#7391)). Fixes element-hq#18319. * Fix list of members in space preview ([\element-hq#7356](matrix-org/matrix-react-sdk#7356)). Fixes element-hq#19781. * Fix sizing of e2e shield in bubble layout ([\element-hq#7394](matrix-org/matrix-react-sdk#7394)). Fixes element-hq#19090. * Fix bubble radius wrong when followed by a state event from same user ([\element-hq#7393](matrix-org/matrix-react-sdk#7393)). Fixes element-hq#18982. * Fix alignment between ELS and Events in bubble layout ([\element-hq#7392](matrix-org/matrix-react-sdk#7392)). Fixes element-hq#19652 and element-hq#19057. * Don't include the accuracy parameter in location events if accuracy could not be determined. ([\element-hq#7375](matrix-org/matrix-react-sdk#7375)). * Make compact layout only apply to Modern layout ([\element-hq#7382](matrix-org/matrix-react-sdk#7382)). Fixes element-hq#18412. * Pin qrcode to fix e2e verification bug ([\element-hq#7378](matrix-org/matrix-react-sdk#7378)). Fixes element-hq#20188. * Add internationalisation to progress strings in room export dialog ([\element-hq#7385](matrix-org/matrix-react-sdk#7385)). Fixes element-hq#20208. * Prevent escape to cancel edit from also scrolling to bottom ([\element-hq#7380](matrix-org/matrix-react-sdk#7380)). Fixes element-hq#20182. * Fix narrow mode composer buttons for polls labs ([\element-hq#7386](matrix-org/matrix-react-sdk#7386)). Fixes element-hq#20067. * Fix useUserStatusMessage exploding on unknown user ([\element-hq#7365](matrix-org/matrix-react-sdk#7365)). * Fix room join spinner in room list header ([\element-hq#7364](matrix-org/matrix-react-sdk#7364)). Fixes element-hq#20139. * Fix room search sometimes not opening spotlight ([\element-hq#7363](matrix-org/matrix-react-sdk#7363)). Fixes matrix-org/element-web-rageshakes#7288.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
A-E2EE
A-E2EE-Key-Backup
P1
S-Major
Severely degrades major functionality or product features, with no satisfactory workaround
T-Defect
In the current implementation we only trust an online megolm backup as a valid destination for our megolm keys if we have verified the device who signed the backup's pubkey when it was created.
This is problematic if we're logging into a new device and restore the backup by providing our recovery key, because by definition we won't have access to other devices for crossverification (otherwise we'd be accessing the backup via crossverification rather than providing the recovery key).
So instead we need a different mechanism to decide whether we should write our keys into the backup and ensure it wasn't created by a malicious server admin.
Proposal is that we should take our copy of the recovery privkey, generate the pubkey from it via Curve25519, and then do a binary comparison with the pubkey which the server is advertising for the backup before letting the user trust the backup for storing keys. This code doesn't exist yet, and needs to be written.
@uhoreg, does this seem correct? ^
[sidenote @lampholder: n.b. that is completely independent of the question of whether the private key is provided directly by the user from their sock, or whether the user downloaded an encrypted copy of their privkey from the server and decrypted it via their passphrase.... other than by implementing this correctly, it should be very unusual for users to start new backups, unless they are deliberately rotating their recovery key every N days, in which case they'll have to deal with the faff of maintaining the sock-copy of the private key themselves if they're not storing it on the server, but that's entirely the user's problem.]
The text was updated successfully, but these errors were encountered: