Element-R: lock out multiple tabs to avoid races

[richvdh]

Using the Rust crypto SDK from two tabs at once will cause data corruption, due to the fact that the rust-sdk caches information in memory.

Examples of the sorts of problems that could arise:

• If you send messages from both tabs to the same room, we could use the same megolm ratchet index (this is exactly the problem in Wrong message index when sending an image via Share Extension, message not decryptable in Element-Web, can break rooms when session-ID is affected! element-ios#7499)

• We might create two Olm one-time-keys with the same ID, causing problems like Lost OTK, leading to "OneTime key already exists" error and later UTDs matrix-org/matrix-rust-sdk#1415.

• Most disasterously of all, suppose:

  • You share two encrypted rooms with your colleague Bob
  • In one tab, you send a message in one room; in the other tab, you send a message in the other room.

  In this case, each message will necessitate a megolm keyshare, which will cause the ratchet for the Olm session shared between you and Bob to be advanced. However, this will cause unrecoverable corruption to the Olm session.
  In other words, you and Bob will never be able to communicate again.

[richvdh]

A (somewhat hacky) option might be to lock out multiple tabs, by sending messages over a BroadcastChannel

[richvdh]

for now at least, we will lock out one of the tabs.

Element Call have done something like this and we may be able to benefit from their implementation

[richvdh]

I could probably do with some design input on this. Currently I have thrown together a page that looks like this:

[nadonomy]

@richvdh can we add some kind of interaction to choose which tab to use Element in? For example, WhatsApp web has this:

Separately, can we use Element UI components? Or does this page need to be some kind of barebones HTML/styling?

If the latter, I'll whip something together copying the mobile install guide.

[richvdh]

the answer is (I think) "yes" to both, though we're deliberately trying to keep this feature lightweight as it's meant to be a quick alternative to "proper" multitab support.

I might need help from someone like @germain-gg in using UI components in EW properly, but it's just react components like the rest of EW so should be fine.

[richvdh]

@nadonomy I made a loading screen that looks like this:

[Flightkick]

@richvdh Thanks, this is awesome! Had my config drop twice this week because I accidentally opened element in another tab. Quite frustrating to re-auth and verify again. Lovely QOL feature!

[richvdh]

1. There's no need to be sarcastic. We know this is frustrating, but we didn't do it just to annoy people. The description at the top of the issue explains the reasons it is necessary.
2. This shouldn't cause you to have to re-auth. Please open a new issue describing your symptoms more clearly.

[Flightkick]

@richvdh sorry for not replying earlier, I just noticed your response. My enthusiasm was genuine, although I can understand how it may have come across as sarcasm.

I added my frustration for context. I can't quite remember how I landed here at the time, but the concurrent access of browser storage may have had something to do with it. The exact details are vague to me at this point.

Anyhow, upon looking for a solution I stumbled upon this feature you made very recently and I was pleased to discover that opening another tab will soon be handled more gracefully. Sharing the frustration was meant to let you know that this solves a PITA for me, hence the compliment on the QOL feature.

[nukeop]

This sucks: not only do I open multiple tabs so that I don't have to switch between different contexts manually, this triggers even if it's open in a single tab, and I have to reload Element to fix it, with all the usual punishments for reloading. Please revert this.

[richvdh]

I'm afraid we can't revert this, as it is currently required to support use of the new cryptography library, which is central to our strategy for making encryption more reliable.

We will track restoring multi-tab support at #26231.