From 041f1b4a06fcee6cf66a586a43a4ffd456ec6f36 Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 1 Oct 2024 09:31:56 +0200 Subject: [PATCH 1/2] crypto: Use OnlySigned isolation flag to setup decryption trust req. --- .../libraries/matrix/impl/RustMatrixClientFactory.kt | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/libraries/matrix/impl/src/main/kotlin/io/element/android/libraries/matrix/impl/RustMatrixClientFactory.kt b/libraries/matrix/impl/src/main/kotlin/io/element/android/libraries/matrix/impl/RustMatrixClientFactory.kt index 27d33d5bbf..c33ccdb543 100644 --- a/libraries/matrix/impl/src/main/kotlin/io/element/android/libraries/matrix/impl/RustMatrixClientFactory.kt +++ b/libraries/matrix/impl/src/main/kotlin/io/element/android/libraries/matrix/impl/RustMatrixClientFactory.kt @@ -32,6 +32,7 @@ import org.matrix.rustcomponents.sdk.SlidingSyncVersionBuilder import org.matrix.rustcomponents.sdk.use import timber.log.Timber import uniffi.matrix_sdk_crypto.CollectStrategy +import uniffi.matrix_sdk_crypto.TrustRequirement import java.io.File import javax.inject.Inject @@ -108,6 +109,13 @@ class RustMatrixClientFactory @Inject constructor( CollectStrategy.DeviceBasedStrategy(onlyAllowTrustedDevices = false, errorOnVerifiedUserProblem = true) } ) + .roomDecryptionTrustRequirement( + trustRequirement = if (featureFlagService.isFeatureEnabled(FeatureFlags.OnlySignedDeviceIsolationMode)) { + TrustRequirement.CROSS_SIGNED_OR_LEGACY + } else { + TrustRequirement.UNTRUSTED + } + ) .run { // Apply sliding sync version settings when (slidingSyncType) { From 3259539cc376615d095597c971f0c5d0cce8a5c0 Mon Sep 17 00:00:00 2001 From: Valere Date: Tue, 1 Oct 2024 14:31:57 +0200 Subject: [PATCH 2/2] quick fix: Isolation mode feature flag name udpate --- .../element/android/libraries/featureflag/api/FeatureFlags.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/featureflag/api/src/main/kotlin/io/element/android/libraries/featureflag/api/FeatureFlags.kt b/libraries/featureflag/api/src/main/kotlin/io/element/android/libraries/featureflag/api/FeatureFlags.kt index e1507044ae..3f2e1b389b 100644 --- a/libraries/featureflag/api/src/main/kotlin/io/element/android/libraries/featureflag/api/FeatureFlags.kt +++ b/libraries/featureflag/api/src/main/kotlin/io/element/android/libraries/featureflag/api/FeatureFlags.kt @@ -125,7 +125,7 @@ enum class FeatureFlags( ), OnlySignedDeviceIsolationMode( key = "feature.onlySignedDeviceIsolationMode", - title = "Exclude not secure devices when sending/receiving messages", + title = "Exclude insecure devices when sending/receiving messages", description = "This setting controls how end-to-end encryption (E2E) keys are shared." + " Enabling it will prevent the inclusion of devices that have not been explicitly verified by their owners." + " You'll have to stop and re-open the app manually for that setting to take effect.",