Verification over federation results in strange state

[lampholder]

@alice:lant.uk (fresh account, secret storage enabled, 2 devices, both verified) verified @dogtanian:matrix.org (fresh account, secret storage enabled, 1 device) by clicking Verify .

The emoji verification completed successfully, but the end result was:

• @alice:lant.uk sees dogtanian as having a black shield, with one session that is verified. The Verify link is still available:
  
• @dogtanian:matrix.org sees alice as having a red shield, with one verified session and one untrusted session. The Verify link is gone:
  

[lampholder]

I was able to reproduce this with a second runthrough

[lampholder]

Specifically:

• @alice:lant.uk has two verified devices; @somebody:notlant.uk has one device and SSSS enabled
• @alice:lant.uk clicks on @somebody:notlant.uk's profile
• @alice:lant.uk initiates verification
• @somebody:notlant.uk accepts request
• They both see QR codes
• @alice:lant.uk chooses to verify by emoji
• They both confirm the emoji are the same
• Verification success prompt appears in right panel (at this point @alice:lant.uk still sees a black shield)
• @alice:lant.uk dismisses the success notification and sees @somebody:notlant.uk as green-shielded
• @somebody:notlant.uk dismisses the success notification and sees @alice:lant.uk as red-shielded, with one untrusted session (and no option to verify). As if Alice had not cross-signed her device.

[jryans]

I believe this is the same or at least similar to what @turt2live and I just saw over the federation:

• we each had all of our devices verified for our own account
• we verified our user accounts by emoji
• we each see the other person as having only 1 verified session (the current one they were using) but all others are unverified

[jryans]

We seem to see same trust status on RiotX as well, so this suggests there is a Synapse issue with federating the keys.

[uhoreg]

This is fixed by matrix-org/synapse#6844