Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Set up Secure backup" toast shown while the current session is not verified #29145

Open
BillCarsonFr opened this issue Jan 30, 2025 · 1 comment
Open

"Set up Secure backup" toast shown while the current session is not verified #29145

BillCarsonFr opened this issue Jan 30, 2025 · 1 comment
Labels
A-E2EE-Cross-Signing O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Minor Impairs non-critical functionality or suitable workarounds exist T-Defect

Comments

@BillCarsonFr
Copy link
Member

BillCarsonFr commented Jan 30, 2025
edited by richvdh
Loading

Web is showing this toast

Image

But the current session is not verified, as can be seen here:

Image

Setting up secure backup from an unverified session should be impossible.

Steps to reproduce

  • I initially had a web session logged in, with all setup properly
  • Then I logged in EXI and said I couldn't verify and that I forgot my recovery code
  • I did the reset flow on EXI.

This flow is resets the identity, creating a new Key Storage, and deleting 4S (recovery).

Additional info

From web

Image

Clicking on restore fails with:

Image Image

If I try to send a message, I see that

Image

If I try to proceed with Set up secure backup:

It asks twice for the passphrase, then there is a 3rd modal ( for which I have no passphrase/key that works)

Image
@dosubot dosubot bot added A-E2EE-Key-Backup O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Major Severely degrades major functionality or product features, with no satisfactory workaround T-Defect labels Jan 30, 2025
@richvdh
Copy link
Member

richvdh commented Jan 30, 2025

The problem here is that "Set up Secure backup" doesn't really mean "Set up Secure backup"; rather it is a catch-all "fix my encryption" toast.

It's hitting this path:

element-web/src/DeviceListener.ts

Lines 309 to 312 in 12932e2

if (!crossSigningReady) {
// This account is legacy and doesn't have cross-signing set up at all.
// Prompt the user to set it up.
showSetupEncryptionToast(SetupKind.SET_UP_ENCRYPTION);

@richvdh richvdh added A-E2EE-Cross-Signing S-Minor Impairs non-critical functionality or suitable workarounds exist and removed A-E2EE-Key-Backup S-Major Severely degrades major functionality or product features, with no satisfactory workaround labels Jan 30, 2025
@richvdh richvdh mentioned this issue Jan 30, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-E2EE-Cross-Signing O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Minor Impairs non-critical functionality or suitable workarounds exist T-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@richvdh @BillCarsonFr