Revise and improve Key sharing and forwarding

[BillCarsonFr]

Taking advantage of Key Sharing, Withheld code and Keybackup

The mechanism to recover from unable to decrypt errors or to access e2E history have greatly evolved since the begining of matrix.

• The initial Key Sharing mechanism
• Introduction of megolm server backup
• Introduction of withheld codes
• Verification and Cross-Signing also open new fields for sharing strategies

It's now time to re-define the reference algorithms for key sharing and key forwarding using all these new functionnalities together.

Development Tasks

Documentation (WIP DOC)

• Reference Flowchart for initial key sharing Dot Graph
• Key forwarding
• Reference Flowchart for outgoing key requests figma
• Reference Flowchart for incoming key requests
• Convert all charts to DOT graph description language

Spec Work

• New MSC to add from_device and request_id to withheld messages 3735

Revise existing SDK implementation and ensure they implement the defined reference algorithm, add tests.

• Update SDKs to implement reference flowchart for key forwarding
  • Web
    • probable changes
      • Do not send key request on initial sync
      • When requesting keys from other sessions to attempt to resolve decryption errors, also double-check key backups in 4S element-web#21026
      • Keep track and store outcome of outgoing room key request MSC3735
      • Ensure that keys that was initialy shared with own unverified device are re-shared
      • We don't retry E2EE to-device messages at all. element-web#12851
  • IOS
    • MSC2399: Reporting that decryption keys are withheld matrix-org/matrix-ios-sdk#1354
    • Align to ref chart
  • Android Update/Revise SDK to implement reference flowchart for key sharing/forwarding + use backup element-android#5494
    • Align to ref chart
    • Query key backup before sending to_device
    • Keep track and store outcome of outgoing key

[richvdh]

no longer relevant, apparently.