Skip to content
This repository has been archived by the owner on Oct 22, 2024. It is now read-only.

Improve error display for messages sent from insecure devices #50

Closed
wants to merge 4 commits into from

Conversation

uhoreg
Copy link
Member

@uhoreg uhoreg commented Sep 18, 2024

#92 provides a mode in which we will reject:

  • messages sent from devices which their owners have not cross-signed
  • messages sent from users who we had previously verified, but who have now rotated their identity.

This PR improves the display of both kinds of message.

The former is shown like this:

image

The latter is shown like this:

image

This is based on the designs at element-hq/element-meta#2523, but we don't yet show the content of the event (that being the point of element-hq/element-meta#2523).

Checklist

  • Tests written for new code (and old code if feasible).
  • New or updated public/exported symbols have accurate TSDoc documentation.
  • Linter and other CI checks pass.
  • I have licensed the changes to Element by completing the Contributor License Agreement (CLA)

@uhoreg uhoreg force-pushed the invisible_crypto_decryption branch 2 times, most recently from 034cedc to e1081e4 Compare September 18, 2024 04:56
@uhoreg
Copy link
Member Author

uhoreg commented Sep 18, 2024

Ah. Forgot that SonarCloud doesn't take into account the end-to-end tests, so I'll have to add jest tests.

@uhoreg uhoreg force-pushed the invisible_crypto_decryption branch from e1081e4 to 9afdc75 Compare September 18, 2024 05:10
src/components/views/messages/DecryptionFailureBody.tsx Outdated Show resolved Hide resolved
src/settings/Settings.tsx Outdated Show resolved Hide resolved
@uhoreg
Copy link
Member Author

uhoreg commented Sep 18, 2024

A couple of issue with this PR:

@uhoreg uhoreg marked this pull request as ready for review September 18, 2024 23:02
@uhoreg uhoreg requested a review from a team as a code owner September 18, 2024 23:02
@uhoreg uhoreg requested a review from dbkr September 18, 2024 23:02
Copy link
Member

@dbkr dbkr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems plausible otherwise

src/settings/Settings.tsx Outdated Show resolved Hide resolved
@uhoreg
Copy link
Member Author

uhoreg commented Sep 21, 2024

We should check whether this get counted in the PostHog stats. I suspect it does, and we should probably track it as a separate code.

@richvdh richvdh marked this pull request as draft September 26, 2024 22:29
@richvdh richvdh force-pushed the invisible_crypto_decryption branch from c2fc124 to 076f097 Compare September 26, 2024 22:31
@richvdh richvdh changed the title Add invisible decryption config flag and show invisible crypto decryption errors Improve error display for messages sent from verified users who have changed identity Sep 26, 2024
@richvdh richvdh changed the title Improve error display for messages sent from verified users who have changed identity Improve error display for messages sent from insecure devices Sep 26, 2024
@richvdh richvdh force-pushed the invisible_crypto_decryption branch from 076f097 to 72649d2 Compare September 27, 2024 00:01
@richvdh richvdh force-pushed the invisible_crypto_decryption branch from 72649d2 to 777be6f Compare September 27, 2024 00:04
Add a labs option which will, when set, switch into the "invisible crypto"
mode of refusing to send keys to, or decrypt messages from, devices that have
not been signed by their owner.
Improve the error messages shown for messages from insecure devices.
@richvdh richvdh force-pushed the invisible_crypto_decryption branch from 777be6f to 4940648 Compare September 27, 2024 00:10
@richvdh
Copy link
Member

richvdh commented Sep 27, 2024

We should check whether this get counted in the PostHog stats. I suspect it does, and we should probably track it as a separate code.

Filed as element-hq/element-meta#2541

@richvdh
Copy link
Member

richvdh commented Sep 27, 2024

Closing in favour of #93

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants