dendrite: Sending E2EE messages dendrite -> matrix.org randomly fails to provide keys
Background information
- Dendrite version or git SHA: 5106cc807cf22a95420b24f6bfdd5c9ac8aa06de
- Monolith or Polylith?: monolith
- SQLite3 or Postgres?: postgres
- Running in Docker?: no
go version: 1.17.6- Client used (if applicable): element android, fluffychat android, element desktop/web, nheko
Description
- What is the problem: “sometimes” the message recipient is not sent keys to decrypt
- Who is affected: recipients of E2EE messages sent by dendrite users
- How is this bug manifesting: recipient sees only a notice that a message could not be decrypted, but from the dendrite user’s perspective, all the messages are readable in all clients
- When did this first appear: not sure this has ever been reliable, sometimes it works fine for a long period, other times it randomly fails even though it’s the same session sending the messages (and that client has not been restarted since the last time it was working)
Steps to reproduce
“Recently” I’ve noticed a new issue where clients will constantly spam the server with key related requests.
I had reliability issues with sending E2EE messages before that, but now element in firefox and element desktop and nheko are constantly making key related requests in an endless loop. I don’t know how to open a debug output in android but the CPU load on the phone from running Element is continuous and the network never idles when it’s open.
Describe how what happens differs from what you expected.
E2EE should reliably work (and if it can’t work there should be an error printed somewhere, not a silent failure that gives the impression the message was sent successfully).
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Reactions: 1
- Comments: 35 (9 by maintainers)
I’ve had unable to decrypt errors with both participants using Android client and connected to “same” Dendrite server. I’ve just upgraded to latest dendrite via pull request, still can’t get the keys. https://github.com/matrix-org/dendrite/issues/2436 https://github.com/vector-im/element-web/issues/19748
Just had an e2ee failure when another user of the same dendrite instance switched from element web to element android I could not decrypt the messages he sent from Android, and after re-syncing the android client he could no longer decrypt my messages. He’s using cross signing whereas I paste in the backup key whenever I log in to a client, so possibly cross signing is flakey.
I havn’t seen any e2ee failures on 0.10.7 yet 😃
@S7evinK appears to be working on making an e
@S7evinK appears to be working on an admin endpoint to streamline this procedure without requiring a dendrite server reboot (#2746 ) and messing around in the db.
The most recent commits that deal with parsing commit e1bf709 appears to have helped with e2ee as well. If anyone is still showing this problem, please try updating to the latest commit
I discussed the issue with a user in the Dendrite chat and was told to run some DB commands that “Instructs Dendrite to re-new the device lists/keys of the given user, so hopefully your client now received a device_list.changed entry for that user and encrypts messages successfully to that user”
I ran these commands on my postgres server, which seems to have resolved the issue for now:
SELECT * FROM keyserver_stale_device_lists WHERE user_id = 'MATRIX_USER_ID';UPDATE keyserver_stale_device_lists SET is_stale = true WHERE user_id = ‘MATRIX_USER_ID’;this seems to have helped with the issue. I am not sure how this could be worked into fixing the main issue, but thought it relevant.