Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invisible Crypto: A clearer message to the user when sending fails due to their own unverified devices #2534

Closed
2 tasks done
mxandreas opened this issue Sep 17, 2024 · 4 comments
Closed
2 tasks done

Invisible Crypto: A clearer message to the user when sending fails due to their own unverified devices #2534

mxandreas opened this issue Sep 17, 2024 · 4 comments
Labels
App: ElementX Android App: ElementX iOS T-Epic Issue is at Epic level T-User Story Team: Element X Platform

Comments

@mxandreas
Copy link

mxandreas commented Sep 17, 2024
edited
Loading

Description

On our way to invisible crypto (in which all users devices are either fully verified or fully ignored) we have implemented a stop-gap solution for security purposes:

Given Alice has explicitly verified Bob's identity
And Bob has unverified devices
When Alice is trying to send a message to Bob
Then The message fails to send
And Bob needs to take an action to decide what will happen next.

The visuals look as follows:

image
image

It was not realized that the same will happen when Alice == Bob, meaning that user's own devices aren't verified. For security reasons this needs to remain, as otherwise one could inject a device on behalf of the user and start listening to their messages without the user noticing that. However, to make this more user friendly, the text of the message to the user should be changed so that it is clearer for them what is happening.

Proposed copy of the message when its the user's own device that is unverified.

Title: Your message was not sent because you have not verified one or more of your devices
Description: One or more of your devices are unverified. You can send the message anyway, or you can cancel for now and try again later after you have verified all of your devices.

Links to the design in Figma for convenience.

Acceptance criteria

  • User can see the tailored error message when one or more of their own devices are unverified.

Leads

  • Tech:
  • Design:

Size estimate

None

Dependencies

  • None

Out of scope

  • Nothing

Open questions

Questions
Beta Give feedback
No tasks being tracked yet.

Subtasks

Android
Beta Give feedback
  1. [Task] A clearer message to the user when sending fails due to their own unverified devices element-x-android#3484
    T-Task
    ganfra

iOS
Beta Give feedback
  1. [Task] A clearer message to the user when sending fails due to their own unverified devices element-x-ios#3350
    T-Task

Rust
Beta Give feedback
No tasks being tracked yet.

Other
Beta Give feedback
No tasks being tracked yet.

Sign-off

Android

  • Design sign-off on completion
  • QA sign-off on completion
  • Product sign-off on completion

iOS

  • Design sign-off on completion
  • QA sign-off on completion
  • Product sign-off on completion
@mxandreas
Copy link
Author

@americanrefugee Could you please review the copy I suggested and then add the corresponding variant also into Figma. If you need further clarifications, let me know.

@mxandreas mxandreas mentioned this issue Sep 17, 2024
Closed
@americanrefugee
Copy link

Here is the design for iOS and Android

@richvdh richvdh changed the title Invisible Crypto: A clearer message to the user due to their own unverified devices Invisible Crypto: A clearer message to the user when sending fails due to their own unverified devices Sep 17, 2024
@manuroe
Copy link
Member

manuroe commented Sep 30, 2024

The update has been done both on Android and iOS. It was part for the releases we made for the Matrix Conf. Can we close this issue?

@mxandreas
Copy link
Author

Done

@BillCarsonFr BillCarsonFr mentioned this issue Oct 3, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
App: ElementX Android App: ElementX iOS T-Epic Issue is at Epic level T-User Story Team: Element X Platform
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@manuroe @americanrefugee @mxandreas