MSC4362: Simplified Encrypted State Events #4362
Conversation
kaylendog
added
e2e
feature
turt2live
added
needs-implementation
kaylendog
changed the title
kaylendog
changed the title
| An encrypted state event looks very similar to a regular encrypted room message: the `type` becomes | ||
| `m.room.encrypted` and the `content` is the same shape as a regular `m.room.encrypted` event. The |
There was a problem hiding this comment.
This doesn't seem to address the core problem with encrypted state events, where state events have a different lifecycle from timeline events. But I also don't see the problem mentioned on the MSC at all.
Say you have this timeline in a room with history visibility invite:
m.room.name <- A
m.room.message <-B
invite to X
X joins
To make the room name sent at A visible to X, you need to share the megolm key for it, which might include the key for decrypting message B as well.
To prevent that, you basically need a different megolm session for every (event_type, state_key) tuple. Otherwise you might leak an arbitrary set of past messages or states.
There was a problem hiding this comment.
Yes! I do not intend to address the issue of key-sharing in this MSC, except for what I've said about history sharing. I briefly covered my thoughts on how this would be done for the HMAC key distribution below, and I imagine we could re-use this infrastructure to resolve this..
4 participants
Rendered
Implementations:
matrix-js-sdk: Implement experimental encrypted state events. matrix-js-sdk#4994matrix-rust-sdk: There are quite a lot of PRs involved in this implementation, you can view the list here.element-web: Implement lab for encrypted state events (MSC3414/MSC4362) element-hq/element-web#30877, Netlify deployment