cross-posted from: https://lemmy.ml/post/1230440
Been having issues with folks logging out…then unable to decrypt after signing in again. Even tho they use their passkey, prior messages will not decrypt as they were not logged in anywhere.
So trying to understand some use-cases:
- If someone is only logged-in on their phone, go somewhere without a signal (e.g., plane, hiking), and then get signal again…will they be able to decrypt messages sent while they were offline (but never chose to sign-out)?
- If NO…will they be able to decrypt prior messages they had been able to decrypt (i.e., just not the ones sent while offline)?
- If they lose their phone (again, only source of logging in)…will they be able to backfill messages when setting up a new device with their passkey?
Sorry for the perhaps basic E2EE questions…getting traction with my family using Matrix, but worried about some spouse-acceptance concerns.
These are all good questions.
The lose of signal won’t matter. It happens to me all the time as I move from wifi to wifi.
For your third question, it depends on if you a have a key backup with a key security code. That’s something you should set up asap after your initial client login. If you do, then you can recover. You might want to look at https://github.com/vector-im/element-web/issues/16202 for more explanation. The question comes up a lot.
Regardless, I’d make sure you’re always logged in twice if you can. Do you have Element Web running alongside Matrix? If you do, keep logged in on a desktop, or laptop. Just in case you lose the phone.
Definitely have backup passphrase/passkey. But is it true that (again assuming just one device) if I log out…then later log back in with the Passkey…that messages received while signed out won’t decrypt? That will be hard to explain to family.
I had the exact same issues when I ran matrix with my friends and family. I see this as a major bug with the encryption.
AKA it’s not just you. I’ll probably encounter it again soon when I setup the server again soon and open a bug report.
I don’t care if I setup an encryption key backup at sign up. If my session should still be valid I’m not entering that long thing, I’m just quitting the use of the app. The encryption had to work and not just randomly bug out.
Your keys get loaded when you connect. They get unloaded when you click the disconnect button.
As long as you don’t purposefully disconnect (why would you do that) then you will be able to simply open element and continue as if no keys were involved.
Keys are shared between devices AFAIK so temporary signal loss on the phone is a non-issue.
Keys are derived from the passphrase, so by inputting the passphrase you generate the same key as before. It might take a while to load though, because you have to decrypt every message in order of send time before you can decrypt the latest messages.
My parents save files in the Trash on their computer they dont want deleted…so them signing out purposefully isnt the most surprising thing they do.
I still find it confusing that when logging back in with the passphrase (or passkey), not all messages are decrypted (note there is only like 10 messages right now while testing things out). It seems to be the ones from when they were logged out. Is that expected? I’m using a selfhosted dendrite server if that matters.
