Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Delayed membership responses in /sync cause UTDs #3622

Closed
Tracked by #245
kegsay opened this issue Jun 28, 2024 · 0 comments · Fixed by #3672
Closed
Tracked by #245

Delayed membership responses in /sync cause UTDs #3622

kegsay opened this issue Jun 28, 2024 · 0 comments · Fixed by #3672
Labels
bug Something isn't working encryption

Comments

@kegsay
Copy link
Member

kegsay commented Jun 28, 2024

This outlines a race condition in the CSAPI which can cause UTDs.

Consider:

  • Alice is in a E2EE room and invites Bob. The request 200 OKs but has yet to come down /sync.
  • Alice tries to send a message in the room.
  • Alice should encrypt for Bob.

In practice, clients will not encrypt for Bob, causing a UTD if you very quickly send an encrypted message after inviting a user. This can happen due to:

  • A bot is using the SDK so message sending is very quick after an invite
  • DMs: for better UX a room is only made / user invited / message sent, when someone sends a message in a DM room rather than just selects the user's room. This means the message is already ready to go at the same time as invite time.

Rust SDK is slightly better than JS SDK on this, because Rust SDK will hit /members for the first message it sends, so it isn't reliant on /sync for that one request. In practice, this means it handles the DM case.

To fix this, we should be remembering that we, the client, have modified the membership state of the room, and invalidate the room member list (so we hit /members again). We can't assume that a 200 OK to /invite will guarantee that the user is in an invited state, so we still need to defer to the server.

A test for this is in matrix-org/complement-crypto#98
@kegsay kegsay added bug Something isn't working encryption labels Jun 28, 2024
@richvdh richvdh mentioned this issue Jul 4, 2024
Open
82 tasks
@bnjbvr bnjbvr mentioned this issue Jul 9, 2024
Closed
@MarcWadai MarcWadai mentioned this issue Jul 9, 2024
Open
@jmartinesp jmartinesp mentioned this issue Jul 9, 2024
Merged
1 task
bnjbvr pushed a commit that referenced this issue Jul 10, 2024
@jmartinesp
fix(sdk): force room member reload after inviting a user (#3672)
40343aa 
This is needed to prevent the race condition where the invite request finished, the `/sync` one didn't fetch the new membership event yet and we send a message in the room. This message won't be encrypted for the newly invited user and will result in an UTD.

I added a new integration test and I can confirm this [complement-crypto test](matrix-org/complement-crypto#98) now passes instead of being skipped.

Fixes #3622.

---

* fix(sdk): force room member reload after inviting a user

This is needed to prevent the race condition where the invite request finished, the `/sync` one didn't fetch the new membership event yet and we send a message in the room. This message won't be encrypted for the newly invited user and will result in an UTD.

* Use `room.mark_members_missing()` instead, add integration test

* Abort syncing before the test ends

* Resolve nit: else after a return

* Fix race condition where bob may try to join the room before the invite is received

* Remove double sync
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working encryption
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(sdk): force room member reload after inviting a user matrix-org/matrix-rust-sdk
1 participant
@kegsay