matrix-rust-sdk icon indicating copy to clipboard operation
matrix-rust-sdk copied to clipboard
verified publisher icon matrix-org

Olm sessions are vulnerable to wedging on OS crash or power failure, leading to UTDs

Open richvdh opened this issue 2 years ago • 6 comments

Consider:

  • Alice and Bob have an active Olm session.
  • Alice is using a client which uses the indexeddb backend of matrix-crypto-sdk. She wants to send a new Olm message, so she generates a new Olm ratchet key and updates the session. She can then encrypt the new message, and stores the updated session in the database
  • Alice sends the message.
  • Alice's computer crashes.
  • Alice reboots
  • If the updated session was not correctly persisted before the crash, this Olm session is now wedged: Alice cannot decrypt any replies from Bob, and, because Alice will use the wrong ratchet key in the next sender chain, Bob will be unable to decrypt any further messages from Alice.

Currently, we use the "default" durability mode of IndexedDB, which can lead to data loss. We should instead use "strict", at least for transactions which update Olm sessions.

richvdh avatar Apr 25 '24 09:04 richvdh

Amazingly.. Firefox still doesn't support the durability property. https://developer.mozilla.org/en-US/docs/Web/API/IDBTransaction/durability though pre-release versions do.

EDIT: Ah that's reading the durability from an existing transaction, the option to enable it has been supported much longer https://developer.mozilla.org/en-US/docs/Web/API/IDBDatabase/transaction#options

kegsay avatar May 13 '24 16:05 kegsay

Filed https://github.com/rustwasm/wasm-bindgen/issues/3959 which needs to land first before we can specify the durability mode.

kegsay avatar May 13 '24 16:05 kegsay

Ugh, I believe this just happened to me (Alice is a bot running on my server, and Bob is myself)... Any idea on how to "reinitialise" the Olm session?

Pamplemousse avatar Jul 11 '24 15:07 Pamplemousse

Do you happen to run the bot using the IndexedDB based store? Do you have logs for this? I suspect that the cause might be a different one.

The Olm session will attempt to reinitialize itself, though you might need to drop the currently active room key for the new session to be used: https://matrix-org.github.io/matrix-rust-sdk/matrix_sdk/room/struct.Room.html#method.discard_room_key. That's at least required if you don't use a SDK version which includes: https://github.com/matrix-org/matrix-rust-sdk/pull/3604.

poljar avatar Jul 11 '24 16:07 poljar

@poljar Probably not indeed. I would have loved to try your fix by bumping the version of the SDK I use, but I can't because of #3689 .

Pamplemousse avatar Jul 11 '24 19:07 Pamplemousse

wasm-bindgen 0.2.93 has updated the IndexedDB API so it should now be possible to set a durability.

kegsay avatar Sep 02 '24 11:09 kegsay