fix: potenitally fix e2ee from keybackups
This commit is contained in:
20
TODO.md
20
TODO.md
@@ -40,7 +40,7 @@ Tested against real Dendrite DB dump (bocken.org):
|
||||
|---|---|---|
|
||||
| userapi_accounts | users | password_hash, created_ts (ms->s), account_type->is_guest/admin |
|
||||
| userapi_profiles | profiles | user_id=localpart, full_user_id=@user:server |
|
||||
| userapi_devices | devices | direct map |
|
||||
| userapi_devices | devices + access_tokens | direct map; access_token preserved so clients don't re-login |
|
||||
| roomserver_rooms | rooms | room_id, room_version; creator from m.room.create events |
|
||||
| roomserver_events + event_json | events + event_json | denormalize NIDs, topological_ordering=depth |
|
||||
| syncapi_current_room_state | current_state_events | direct map |
|
||||
@@ -134,6 +134,24 @@ Tested against real Dendrite DB dump (bocken.org):
|
||||
- 2262 rejected events in Dendrite skipped during migration
|
||||
- 5548 orphan event edges (referencing federated events we don't have) - normal
|
||||
- Synapse background updates recalculate some stats after startup - normal
|
||||
- E2EE: three things must be migrated together for encrypted history to survive —
|
||||
(1) `userapi_devices.access_token` -> `access_tokens` so clients don't re-login
|
||||
(re-login usually wipes the local Megolm store and always changes device_id,
|
||||
breaking Olm continuity),
|
||||
(2) `syncapi_send_to_device` -> `device_inbox` so undelivered m.room.encrypted
|
||||
Olm messages (Megolm key shares to offline devices) reach the recipient,
|
||||
(3) `device_lists_stream` seeded from local devices so clients re-verify
|
||||
e2e_device_keys_json on first sync (otherwise: stale cache mismatches).
|
||||
v1 of the migration only moved the Synapse-native E2EE tables; that left
|
||||
1480 pending to-device messages stranded and all clients forced to re-login,
|
||||
which is the root cause of "partial key loss" reported against v1.
|
||||
- E2EE: `keyserver_fallback_keys` -> `e2e_fallback_keys_json` added so new Olm
|
||||
sessions still succeed after OTKs are exhausted.
|
||||
- E2EE: `e2e_cross_signing_keys.stream_id` now drawn from the matching
|
||||
sequence (`e2e_cross_signing_keys_sequence`) to avoid UNIQUE(stream_id)
|
||||
collisions on subsequent Synapse writes.
|
||||
- Re-running Phase 8 duplicates `e2e_cross_signing_signatures` rows (no unique
|
||||
constraint on the Synapse side). TRUNCATE before re-running, or run once.
|
||||
|
||||
## Usage
|
||||
|
||||
|
||||
Reference in New Issue
Block a user