Skip to content

Avoid using accessSecretStorage to create 4S #30244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
uhoreg merged 8 commits into from
Jul 3, 2025
Merged

Avoid using accessSecretStorage to create 4S #30244

uhoreg merged 8 commits into from
Jul 3, 2025

Conversation

@uhoreg
Copy link
Member

@uhoreg uhoreg commented Jul 2, 2025
edited
Loading

Historically, accessSecretStorage either allowed the app to fetch/store secrets in 4S, or bootstrapped 4S/Cross-Signing/key backup, etc. Recent designs separate out key backup (Key Storage) and 4S (Recovery). This PR removes some calls to accessSecretStorage that were using it to create key backup or 4S, and instead takes the user to the Encryption settings tab, which is where these are handled in the new designs.

Fixes #30137

Review commit-by-commit

uhoreg added 5 commits June 30, 2025 13:25
@uhoreg
remove resetCrossSigning flag, which is no longer in use
d76692d
@uhoreg
drop unnecessary check for cross-signing
57a32a2 
The only place where verifyUser is called already checks that cross-signing is
set up.  (The function name is also incorrect, since it checks for the
cross-signing key, and not for 4S.)
@uhoreg
avoid calling accessSecretStorage to set up cross-signing or 4S
5394098 
Send the user to the Encryption settings tab instead
@uhoreg
only create secret storage when specifically asked to
3f4db54
@uhoreg
deprecate using accessSecretStorage to create new 4S
e284c9a
@uhoreg uhoreg added the T-Task Tasks for the team like planning label Jul 2, 2025
@uhoreg uhoreg changed the title Access secret storage no create Avoid using accessSecretStorage to create 4S Jul 2, 2025
@uhoreg uhoreg marked this pull request as ready for review July 3, 2025 01:23
@uhoreg uhoreg requested review from a team as code owners July 3, 2025 01:23
@uhoreg uhoreg requested review from dbkr, florianduros and richvdh July 3, 2025 01:23
richvdh
richvdh approved these changes Jul 3, 2025
View reviewed changes
Copy link
Member

@richvdh richvdh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@uhoreg @richvdh
Tweak comment
b6382fb 
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
@uhoreg uhoreg enabled auto-merge July 3, 2025 13:21
@uhoreg uhoreg added this pull request to the merge queue Jul 3, 2025
Merged via the queue into element-hq:develop with commit 9095ebd Jul 3, 2025
30 checks passed
@uhoreg uhoreg deleted the access_secret_storage_no_create branch July 3, 2025 13:49
Dileep9999 pushed a commit to hemanth-nag/element-web that referenced this pull request Oct 8, 2025
@uhoreg @richvdh
Avoid using accessSecretStorage to create 4S (element-hq#30244)
f6653fc 
* remove resetCrossSigning flag, which is no longer in use

* drop unnecessary check for cross-signing

The only place where verifyUser is called already checks that cross-signing is
set up.  (The function name is also incorrect, since it checks for the
cross-signing key, and not for 4S.)

* avoid calling accessSecretStorage to set up cross-signing or 4S

Send the user to the Encryption settings tab instead

* only create secret storage when specifically asked to

* deprecate using accessSecretStorage to create new 4S

* also remove the obsolete snapshot

* add tests

* Tweak comment

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dbkr dbkr dbkr approved these changes

@richvdh richvdh richvdh approved these changes

@florianduros florianduros Awaiting requested review from florianduros florianduros is a code owner automatically assigned from element-hq/element-web-reviewers

Assignees

No one assigned

Labels

T-Task Tasks for the team like planning

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

EW still prompts you to "Set up Secure Backup" and "Enter a security phrase"

3 participants

@uhoreg @dbkr @richvdh