Replace custom crypto implementation with Rust

[turt2live]

Using the rust-sdk's WASM bindings, we replace our entire crypto implementation for performance, stability, security, and maintenance reasons. This project is already approved for work to begin.

The intent is to support both old & new crypto implementations side-by-side through a labs flag up until we're ready to ship.

Phasing is approximate and used as an estimation tool. This list will be updated often - check back frequently.

Phase 1: Prove it works

• [--] Bindings exist on NPM (in progress)
• [ 5] Introduce labs flag for js-sdk
• [13] Hook up rust stores to storage. Rudimentary one-way migration.
• [13] Hook up to sync loop, basic encryption and decryption support.
  • Including attachment/media support
• [ 8] Key backup (protocol level, not UI)
• [ 8] Key sharing (protocol level, not UI)
• [13] Cross-signing (protocol level, not UI)
• [21] Two-way migration for labs flag, allowing users to "switch" between implementations
  • Potential to implement this as an implementation which writes to both stores saving us from migration

Phase 2: Establish trust in the plan

• [ 8] Benchmark old crypto & new crypto to establish performance targets
• [??] Tests which prove old crypto was working
  • "Working" is defined as behavioural traits, not necessarily bug-free.
• [??] Tests which prove the new crypto isn't any more broken than old

Phase 3: Build a plausible client

• [??] Self verification
• [??] Other user verification
• [??] Visual indicators for user trust (cross-signing, 4S)
• [??] UI bits for key backup, key sharing, and cross-signing
• [??] Manual key export
• [??] Historical key sharing (for room history)
• [??] Device management

Phase 4: Polish and remaining bits

• [13] Support for customisation endpoints/modules as needed
• [13] MCS integration (if needed)
• [??] Device dehydration
• [??] Functions required by Element Call and widgets (custom to-device messages?)
• [??] Posthog metrics
• [??] TBD stuff from https://github.com/matrix-org/matrix-rust-sdk/milestone/1
• [??] Get design involved for migration experience

Phase 5: Stability

• [??] Enable by default on Nightly and Develop (not production, EMS, app, or staging)
• [??] Fix bugs & build comfort
• [??] Enable by default in production (EMS, app, and staging alongside existing develop channels)
• [??] Fix bugs & build comfort

Phase 6: Release

• [??] Convert migration to a one-way migration
• [??] Remove old crypto code (keep migrator)
• [??] Remove labs flag
• [??] Eternal maintenance

[turt2live]

argh, except a tracker already exists for this: #21972