Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Session verification fails after transfering phones #1947

Closed
stefanceriu opened this issue Oct 24, 2023 · 1 comment
Closed

Session verification fails after transfering phones #1947

stefanceriu opened this issue Oct 24, 2023 · 1 comment
Labels
A-E2EE Encryption O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Major Severely degrades major functionality or product features, with no satisfactory workaround T-Defect

Comments

@stefanceriu
Copy link
Member

We're receiving reports that the app stops responding to verification attempts after transfering phones (using apple's own magic transfer flow described here at step 5.

What we believe happens is that:

  • the keychain gets transferred over (doesn't in a normal backup as per https://developer.apple.com/forums/thread/93373)
  • the app group application support directory (including the crypto db) isn't, possibly because it's in an app group or maybe because we mark it as excludedFromBackup
  • the app the uses the token stored in the keychain to restore the old session
  • a new crypto db, keys and everything else gets created
  • verification stops working as the keys don't match
@stefanceriu stefanceriu added T-Defect A-E2EE Encryption S-Major Severely degrades major functionality or product features, with no satisfactory workaround O-Uncommon Most users are unlikely to come across this or unexpected workflow labels Oct 24, 2023
@pixlwave
Copy link
Member

Copying a set of steps from #2169

Steps to reproduce

  1. Make an iTunes backup
  2. Restore to another device (maybe works with same too, I didn't test)
  3. Open Element X
  4. Try verifying the new device
  5. Verification will always say you cancelled it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-E2EE Encryption O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Major Severely degrades major functionality or product features, with no satisfactory workaround T-Defect
Projects
None yet
Development

No branches or pull requests

2 participants