Improve error display for messages sent from insecure devices #50

uhoreg · 2024-09-18T04:35:55Z

#92 provides a mode in which we will reject:

messages sent from devices which their owners have not cross-signed
messages sent from users who we had previously verified, but who have now rotated their identity.

This PR improves the display of both kinds of message.

The former is shown like this:

The latter is shown like this:

This is based on the designs at element-hq/element-meta#2523, but we don't yet show the content of the event (that being the point of element-hq/element-meta#2523).

Checklist

Tests written for new code (and old code if feasible).
New or updated public/exported symbols have accurate TSDoc documentation.
Linter and other CI checks pass.
I have licensed the changes to Element by completing the Contributor License Agreement (CLA)

uhoreg · 2024-09-18T05:05:41Z

Ah. Forgot that SonarCloud doesn't take into account the end-to-end tests, so I'll have to add jest tests.

src/components/views/messages/DecryptionFailureBody.tsx

res/css/views/messages/_DecryptionFailureBody.pcss

src/components/views/messages/DecryptionFailureBody.tsx

src/settings/Settings.tsx

src/components/views/messages/DecryptionFailureBody.tsx

uhoreg · 2024-09-18T23:02:15Z

A couple of issue with this PR:

we don't retry decryption after we've verified a user. I've created [invisible crypto] re-try decrypting messages after we've verified a user (or withdraw verification) element-web#28102 to track the issue.
we don't have any special handling for the display in the roomlist message preview, or the thread preview in the main timeline. So we end up with things like

I've asked for designs for these at Invisible crypto: display message content instead of an error, when the sender's verified identity changed element-meta#2523 (comment) so we may want to just wait until we implement Invisible crypto: display message content instead of an error, when the sender's verified identity changed element-meta#2523 to address this.

dbkr

Seems plausible otherwise

src/settings/Settings.tsx

uhoreg · 2024-09-21T01:44:55Z

We should check whether this get counted in the PostHog stats. I suspect it does, and we should probably track it as a separate code.

Add a labs option which will, when set, switch into the "invisible crypto" mode of refusing to send keys to, or decrypt messages from, devices that have not been signed by their owner.

Improve the error messages shown for messages from insecure devices.

richvdh · 2024-09-27T00:27:27Z

We should check whether this get counted in the PostHog stats. I suspect it does, and we should probably track it as a separate code.

Filed as element-hq/element-meta#2541

richvdh · 2024-09-27T00:32:06Z

Closing in favour of #93

uhoreg added the T-Enhancement label Sep 18, 2024

github-actions bot requested a deployment to Netlify September 18, 2024 04:38 In progress

uhoreg force-pushed the invisible_crypto_decryption branch 2 times, most recently from 034cedc to e1081e4 Compare September 18, 2024 04:56

uhoreg force-pushed the invisible_crypto_decryption branch from e1081e4 to 9afdc75 Compare September 18, 2024 05:10

uhoreg commented Sep 18, 2024

View reviewed changes

src/components/views/messages/DecryptionFailureBody.tsx Outdated Show resolved Hide resolved

github-actions bot deployed to Netlify September 18, 2024 05:26 View deployment

github-actions bot deployed to EndToEndTests September 18, 2024 05:26 View deployment

richvdh reviewed Sep 18, 2024

View reviewed changes

res/css/views/messages/_DecryptionFailureBody.pcss Outdated Show resolved Hide resolved

richvdh suggested changes Sep 18, 2024

View reviewed changes

src/components/views/messages/DecryptionFailureBody.tsx Outdated Show resolved Hide resolved

src/settings/Settings.tsx Outdated Show resolved Hide resolved

src/components/views/messages/DecryptionFailureBody.tsx Show resolved Hide resolved

github-actions bot deployed to Netlify September 18, 2024 22:38 View deployment

github-actions bot deployed to EndToEndTests September 18, 2024 22:38 View deployment

uhoreg force-pushed the invisible_crypto_decryption branch from de8c5fb to c2fc124 Compare September 18, 2024 22:43

uhoreg requested a review from richvdh September 18, 2024 22:50

uhoreg mentioned this pull request Sep 25, 2024

[invisible crypto] re-try decrypting messages after we've verified a user (or withdraw verification) element-hq/element-web#28102

Open

github-actions bot deployed to Netlify September 18, 2024 22:58 View deployment

github-actions bot deployed to EndToEndTests September 18, 2024 22:59 View deployment

uhoreg marked this pull request as ready for review September 18, 2024 23:02

uhoreg requested a review from a team as a code owner September 18, 2024 23:02

uhoreg requested a review from dbkr September 18, 2024 23:02

dbkr reviewed Sep 19, 2024

View reviewed changes

src/settings/Settings.tsx Outdated Show resolved Hide resolved

richvdh mentioned this pull request Sep 23, 2024

Invisible Crypto | configure key sharing strategy based on labs feature flag element-hq/element-web#28038

Closed

richvdh marked this pull request as draft September 26, 2024 22:29

richvdh force-pushed the invisible_crypto_decryption branch from c2fc124 to 076f097 Compare September 26, 2024 22:31

richvdh changed the title ~~Add invisible decryption config flag and show invisible crypto decryption errors~~ Improve error display for messages sent from verified users who have changed identity Sep 26, 2024

richvdh changed the title ~~Improve error display for messages sent from verified users who have changed identity~~ Improve error display for messages sent from insecure devices Sep 26, 2024

richvdh force-pushed the invisible_crypto_decryption branch from 076f097 to 72649d2 Compare September 27, 2024 00:01

richvdh force-pushed the invisible_crypto_decryption branch from 72649d2 to 777be6f Compare September 27, 2024 00:04

richvdh added 4 commits September 27, 2024 01:07

Add labs option to exclude unverified devices

bff059a

Add a labs option which will, when set, switch into the "invisible crypto" mode of refusing to send keys to, or decrypt messages from, devices that have not been signed by their owner.

DecryptionFailureBody: better error messages

2a132a6

Improve the error messages shown for messages from insecure devices.

playwright: factor out createSecondBotDevice utility

b6fd430

Playwright test for messages from insecure devices

4940648

richvdh force-pushed the invisible_crypto_decryption branch from 777be6f to 4940648 Compare September 27, 2024 00:10

richvdh closed this Sep 27, 2024

github-actions bot deployed to Netlify September 27, 2024 02:12 View deployment

github-actions bot deployed to EndToEndTests September 27, 2024 02:12 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Improve error display for messages sent from insecure devices #50

Improve error display for messages sent from insecure devices #50

uhoreg commented Sep 18, 2024 •

edited by richvdh

Loading

uhoreg commented Sep 18, 2024

uhoreg commented Sep 18, 2024

dbkr left a comment

uhoreg commented Sep 21, 2024

richvdh commented Sep 27, 2024

richvdh commented Sep 27, 2024

Improve error display for messages sent from insecure devices #50

Improve error display for messages sent from insecure devices #50

Conversation

uhoreg commented Sep 18, 2024 • edited by richvdh Loading

Checklist

uhoreg commented Sep 18, 2024

uhoreg commented Sep 18, 2024

dbkr left a comment

Choose a reason for hiding this comment

uhoreg commented Sep 21, 2024

richvdh commented Sep 27, 2024

richvdh commented Sep 27, 2024

uhoreg commented Sep 18, 2024 •

edited by richvdh

Loading