Declaring End-to-end Encryption stable and turning it on by default for private rooms. #6779
Description
Somehow we seem to be missing a high-level tracking bug for the endgame of E2E. (The starting point was matrix-org/matrix-spec-proposals#501, but that's a spec bug and feels a bit weird to hijack it for this).
In order to declare E2E stable (and by extension Matrix), we need to:
- Cross-sign devices at login to eliminate verification warnings (We could cross-sign devices to aid trust when new ones join a room #2714)
- Optionally incrementally backup encrypted E2E keys to your HS so if you lose all your devices you can restore your history via a recovery key that you own. (Improving megolm key storage (meta) #5675)
- Improve verification UX (comparing per-verification mnemonic passphrases rather than public keys) (Implement E2E key verification process #2142)
- Hook up key sharing to let history be visible from before you joined a room (but after you were invited to it), history visibility allowing. (Let megolm session keys be available to devices added by invited users since the point they are invited #2713) - mainly fixed, other than for edge case where users add devices after being invited to a E2E room
- Have less than 0.0x% unresolved unable-to-decrypt errors reported through telemetry ("Unable to decrypt: The sender's device has not sent us the keys for this message." (The UISI bug) #2996, Telemetry to report incidence of UISIs #6390)
- Fix device lists getting out of sync over federation (E2E device lists can get out of sync over federation when users delete their devices. #6974)
- Support full-text search within E2E rooms (Client-side search for E2E #2548, solved by github.com/matrix-org/seshat)
- Support push and in-app notifications in E2E rooms at least by locally calculating them. We could also support setting metadata on the messages to bing users, especially if we had pseudonymous MXIDs.
- Support NotifPanel in E2E rooms (Notif panel needs to know how to deal with encrypted room #6874)
- Turn it on by default for private rooms. All rooms created with the intent of use as a 1:1 or a private group chat must be E2E (and homeservers would enforce that, as best they can, c.f. Support only E2E or public rooms on my homeserver matrix-org/synapse#3269), although obviously a broken client could still try emitting unencrypted events into such a room). The code exists for this already over at https://github.com/matrix-org/synapse/pull/3426/files.
Ideally:
- Provide some kind of E2E daemon/proxy to stop non-E2E clients/bots/bridges/curl-users being unceremoniously dumped out in the cold. (#6778)
- Improve the UX for managing the trust of the devices which are in a given room (E2E device/key management dashboard to replace UnknownDeviceDialog #4522). In practice if verification is working nicely this might not be so important.
- Optionally hook up key sharing to let history be visible from before you were invited to a room (history visibility allowing) (#2286)
- Get an end-to-end audit of crypto spanning a set of reference implementations - e.g. matrix-{web,ios,android}-sdk + synapse.