Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EW: Make identity reset consistent with EX #29227

Open
Tracked by #2700
mxandreas opened this issue Feb 6, 2025 · 0 comments
Open
Tracked by #2700

EW: Make identity reset consistent with EX #29227

mxandreas opened this issue Feb 6, 2025 · 0 comments
Labels
A-E2EE A-Login T-Enhancement T-User Story Team: Crypto

Comments

@mxandreas
Copy link

mxandreas commented Feb 6, 2025
edited
Loading

Background

Historically EW had many different identity resets, some of which only reset the cross-signing keys and some of which also reset "everything" (meaning any server-side copies of any keys as well as the server side storage as such). The other difference was that in some variants, EW also automatically asked user to set up recovery (on EX this step was separated from the reset flow).

To simplify it for the end users, and make it consistent with EX behavior, only one type of reset will be kept - the one that resets "everything" and does not set up recovery as part of it.

Problem

This new reset, including the new designs has been implemented for the scenarios:

  • when the user goes proactively to Settings > Encryption > Advanced and triggers it.
  • when user is notified that their key storage is out of sync, and the user chooses the Forgot recovery key option.

However, there are other scenarios which are not currently covered.

All of them have the same cause - the user needs to verify their device but is not able to - but the entry points in UI are several:

  • The user tries to login.
  • The user is already in the app but the device not verified:
    • Tries to access Settings > Encryption.
    • Tries to proactively verify the device (e.g. in the Sessions / Devices)
    • Gets a toast that prompts to verify the device.

Designs

Clarifications on the designs:

  • All the current confirmation modals that currently appear right after clicking reset (there are a few variations depending on the starting point), should be removed. The very first screen is the one linked above (on the left are old, on the right the new design).

    • Image

  • Modernizing the screen that is used in case of OIDC (user is directed to MAS web app) is a stretch goal. The minimum is to make sure that the copy of the current modal follows the copy of new designs (current modal on the left, new designs on the right).

    • Image
@mxandreas mxandreas mentioned this issue Feb 6, 2025
Open
@mxandreas mxandreas changed the title EW: Update the reset cryptographic identity flow when triggered from "verify device" modal or when "key storage is out of sync." so that it is consistent with EX and also matches the flow that is triggered from Settings > Encryption > Advanced EW: Make identity reset consistent with EX Feb 6, 2025
@richvdh richvdh transferred this issue from element-hq/element-meta Feb 10, 2025
@dosubot dosubot bot added A-E2EE A-Login T-Task Tasks for the team like planning labels Feb 10, 2025
@andybalaam andybalaam mentioned this issue Feb 10, 2025
Open
@MidhunSureshR MidhunSureshR added T-Enhancement and removed T-Task Tasks for the team like planning labels Feb 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-E2EE A-Login T-Enhancement T-User Story Team: Crypto
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MidhunSureshR @mxandreas