feat: Encrypted state events (MSC3414)

[kaylendog]

Implements support for encrypted state events under m.room.encrypted, as outlined in MSC3414.

• (base) Modifies state_events::sync::dispatch to require E2EE when end-to-end encryption is enabled, using it to decrypt m.room.encrypted state events when received.
• (base) Declares m.room.encrypted as required state by default.
• (crypto) Introduces encrypt_state_event and encrypt_state_event_raw to OlmMachine and OutboundGroupSession;
• (sdk) Modifies Room::send_state_event and Room::send_state_event_Raw to return SendStateEvent and SendStateEventRaw futures respectifely, that each function similarly to their message-like counterparts.
• (integration) Add an integration test for encrypted room renaming.

[richvdh]

This is part of #5397

[codspeed-hq]

CodSpeed Performance Report

Merging #5456 will not alter performance

_{Comparing kaylendog:kaylendog/encrypted-state-events-compat (61d40bd) with main (669ebf2)}

Summary

✅ 31 untouched benchmarks

[zecakeh]

For information, #5473 upgrades Ruma and brings in the encrypted state events changes.

[codecov]

Codecov Report

❌ Patch coverage is 80.78818% with 39 lines in your changes missing coverage. Please review.
✅ Project coverage is 88.56%. Comparing base (669ebf2) to head (a8b7d11).
⚠️ Report is 16 commits behind head on main.
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
crates/matrix-sdk/src/room/futures.rs	79.43%	13 Missing and 9 partials ⚠️
crates/matrix-sdk-crypto/src/machine/mod.rs	44.44%	15 Missing ⚠️
...k-crypto/src/session_manager/group_sessions/mod.rs	87.50%	0 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5456      +/-   ##
==========================================
- Coverage   88.57%   88.56%   -0.01%     
==========================================
  Files         339      339              
  Lines       93603    93800     +197     
  Branches    93603    93800     +197     
==========================================
+ Hits        82910    83078     +168     
- Misses       6560     6577      +17     
- Partials     4133     4145      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[richvdh]

General comments:

• Yay! excites! It generally looks very sensible.

• I wonder if all this functionality should be behind compile-time cfg guards, since it's entirely unspecced. @poljar: any thoughts on this?

• For future reference: your commit comments could do with a little more detail. Try and explain how the bit of functionality that bit introduces fits in with the whole.

• Before this is ready to land in the rust SDK, I think we need some more (or, indeed, any) unit tests, which exercise individual parts of the functionality without rolling it into a big integration test.

  For sure an integration test is nice to make sure it all works as a whole, but integration tests are slooow and make it painful to figure out which bit of the code is misbehaving. Plus, unit tests make it easier to exercise the non-happy paths since you can mock out the homeserver. Codecov is having one of its "special" days, but when it recovers I'd expect it to complain about lack of code coverage. There's a concept called the Test Pyramid which says you should have lots of low-level tests and a few high-level tests.

  (Generally, I'd expect to see code, and unit tests that exercise that code, landing in the same commit.)

• We should be able to break this PR into smaller chunks, especially if we have more tests. Smaller PRs are generally a good thing since it means that author and reviewer have less state to keep in their head as the PR goes through multiple rounds of review. (Some guy called richvdh wrote a blog post mentioning this.)

[richvdh]

Suggested change

	/// Panics if no such session exists for the given room ID, or the session
	/// Panics if no session exists for the given room ID, or the session

[richvdh]

event_type is missing here, and the order is inconsistent with the actual arguments

[richvdh]

what does this TODO mean?

[richvdh]

🤔 I wonder if this should be called sendRawStateLikeEvent for consistency with SendRawMessageLikeEvent.

[kaylendog]

I was going for consistency with Ruma - it uses StateEvent and MessageLikeEvent.

[jplatte]

(and Ruma uses "message-like" to disambiguate from m.room.message / m.message)

[richvdh]

Looks like you've forgotten to use $msg here.

[richvdh]

Some examples might help me understand how to use this.

[richvdh]

The documentation could do with mentioning that the macro uses the second and subsequent arguments, if provided, as an error message if the content does not match.

[richvdh]

We need to find something to wait for, rather than just sleeping for 3 seconds. There's a wait_until_some helper which I imagine you could combine with is_state_encrypted to do what you need.

[richvdh]

that said... didn't we agree this was a bug in enable_encryption[_with_state] which should be fixed in a separate PR?

[richvdh]

RoomSettings is serialized and persisted in clients' local stores. We'll need to make sure it behaves sensibly when the serialized version omits the field. (In other words, needs #[serde(default)] or something)

The commit comment is a bit weird too: it says "WASM SDK" but ... this isn't the wasm bindings project.

TBH I'd suggest pulling this RoomSettings stuff out to a separate PR.

[kaylendog]

I included WASM SDK in the commit message since this change (afaik) will only affect it and not the rest of the Rust SDK, since it uses the m.room.encryption event to decide whether to encrypt rather than this - I can change?

[richvdh]

I think this probably just falls into the more general bracket of "your commit comments could do with a little more detail". You're allowed to use more than one line ;)

[kaylendog]

I have pulled this out to #5511 - I'll drop the commit that introduces this after our meeting.

[codspeed-hq]

Unable to generate the performance report

There was an internal error while processing the run's data. We're working on fixing the issue. Feel free to contact us on Discord or at [email protected] if the issue persists.

[kaylendog]

Closing in favour of split pull requests:

• feat(crypto): Add RoomSettings::encrypt_state_events #5511
• feat: Change type of DecryptedRoomEvent::event to Raw<AnyTimelineEvent> #5512
• feat(base): Add EncryptionState::StateEncrypted #5523
• feat(crypto): Add support for encrypted state events to matrix-sdk-crypto #5519
• SDK encrypt
• SDK decrypt/sync