overloaded server: Duplicate message index, possible replay attack

[foresto]

Description

The matrix.org server is overloaded today, and some messages (which often take 10-30 seconds to send) trigger error text like this:

** Unable to decrypt: Error: Duplicate message index, possible replay attack:
[CRYPTOTEXTCRYPTOTEXTCRYPTOTEXTCRYPTOTEXTCRYPTOTEXTCRYPTOTEXTCRYPTOTEXTCRYPTOTEXT] **
Re-request encryption keys from your other sessions. 

Steps to reproduce

• Use an overloaded server
• Chat for an hour or three
• Watch for the spurious error messages

It looks to me like something that might happen if a messaging client retried its outgoing messages when an overloaded server didn't respond quickly, those retries were eventually accepted, and mistakenly identified as a replay attack.

If that (or similar) is indeed what is happening, it would be helpful if the system would recognize harmless retry messages, and ignore them, rather than spamming the room with noisy warning messages that are cryptic, misleading, and worrisome to average users.

Version information

This was experienced in a room that had Windows and Linux users of riot desktop, versions 1.5.12 and 1.5.13.

[turt2live]

This is matrix-org/synapse#3365