When Tom tries to verify me, it claims I rejected him, and that he rejected me. Neither is true

[ara4n]

No description provided.

[bwindels]

Looking at the rageshake, it looks like there might be two VerificationRequest object monitoring the same request with the same transaction id. Doesn't look like a dupe of another bug.

[bwindels]

Rageshake on Matthews side: https://github.com/matrix-org/riot-web-rageshakes/issues/2303

[bwindels]

Tom's side: https://github.com/matrix-org/riot-web-rageshakes/issues/2304

[bwindels]

There are two verification requests in the rageshakes:

Request 1 ($15825381791905OwmLr:lant.uk)

From Matthew's side:

2020-02-24T09:56:20.531Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.request event with {"body":"@tom:lant.uk is requesting to verify your key, but your client does not support in-chat key verification.  You will need to use legacy key verification to verify keys.","msgtype":"m.key.verification.request","to":"@matthew:matrix.org","from_device":"XDOGJMJTBA","methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"]}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:false
 	phase:1=>2,
 	observeOnly:false=>false
2020-02-24T09:56:58.799Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.ready event with {"methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"],"from_device":"RQRQBRNDOP","m.relates_to":{"rel_type":"m.reference","event_id":"$15825381791905OwmLr:lant.uk"}}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:true
 	phase:2=>3,
 	observeOnly:false=>false
2020-02-24T09:56:58.855Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.ready event with {"methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"],"from_device":"RQRQBRNDOP"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:true
 	phase:3=>3,
 	observeOnly:false=>false
2020-02-24T09:57:28.024Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.start event with {"method":"m.sas.v1","from_device":"XDOGJMJTBA","key_agreement_protocols":["curve25519"],"hashes":["sha256"],"message_authentication_codes":["hkdf-hmac-sha256","hmac-sha256"],"short_authentication_string":["decimal","emoji"]}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:false
 	phase:3=>4,
 	observeOnly:false=>false
2020-02-24T09:57:37.912Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.accept event with {"key_agreement_protocol":"curve25519","hash":"sha256","message_authentication_code":"hkdf-hmac-sha256","short_authentication_string":["decimal","emoji"],"commitment":"pvN6pzJ4miU3nc05nbQyNshB504zqDLd6Zc4ZDzUTC0","m.relates_to":{"rel_type":"m.reference","event_id":"$15825381791905OwmLr:lant.uk"}}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:true
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:37.984Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.accept event with {"key_agreement_protocol":"curve25519","hash":"sha256","message_authentication_code":"hkdf-hmac-sha256","short_authentication_string":["decimal","emoji"],"commitment":"pvN6pzJ4miU3nc05nbQyNshB504zqDLd6Zc4ZDzUTC0"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:true
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:40.128Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.key event with {"key":"Sre+gjCO3mwEbH9QZuqQd+KdxEpHiJusU7xmv/AdYmg"}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:false
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:40.868Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.accept event with {"short_authentication_string":["decimal","emoji"],"hash":"sha256","commitment":"BnHFKUl7KPOUYOVYKhXaiKsz5XS1/ZVuVVfws8Tl1B8","message_authentication_code":"hkdf-hmac-sha256","key_agreement_protocol":"curve25519"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:true
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:45.463Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.cancel event with {"code":"m.unexpected_message","reason":"The device received an unexpected message"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:true
 	phase:4=>5,
 	observeOnly:false=>false

From Tom's side:

2020-02-24T09:56:19.973Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.request event with {"body":"@tom:lant.uk is requesting to verify your key, but your client does not support in-chat key verification.  You will need to use legacy key verification to verify keys.","msgtype":"m.key.verification.request","to":"@matthew:matrix.org","from_device":"XDOGJMJTBA","methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"]}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:1=>2,
 	observeOnly:false=>false
2020-02-24T09:56:20.302Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.request event with {"body":"@tom:lant.uk is requesting to verify your key, but your client does not support in-chat key verification.  You will need to use legacy key verification to verify keys.","msgtype":"m.key.verification.request","to":"@matthew:matrix.org","from_device":"XDOGJMJTBA","methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"]}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:2=>2,
 	observeOnly:false=>false
2020-02-24T09:56:59.699Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.ready event with {"methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"],"from_device":"RQRQBRNDOP"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:false
 	phase:2=>3,
 	observeOnly:false=>false
2020-02-24T09:57:23.872Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.start event with {"method":"m.sas.v1","from_device":"XDOGJMJTBA","key_agreement_protocols":["curve25519"],"hashes":["sha256"],"message_authentication_codes":["hkdf-hmac-sha256","hmac-sha256"],"short_authentication_string":["decimal","emoji"],"m.relates_to":{"rel_type":"m.reference","event_id":"$15825381791905OwmLr:lant.uk"}}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:3=>4,
 	observeOnly:false=>false
2020-02-24T09:57:24.190Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.start event with {"method":"m.sas.v1","from_device":"XDOGJMJTBA","key_agreement_protocols":["curve25519"],"hashes":["sha256"],"message_authentication_codes":["hkdf-hmac-sha256","hmac-sha256"],"short_authentication_string":["decimal","emoji"]}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:38.340Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.accept event with {"key_agreement_protocol":"curve25519","hash":"sha256","message_authentication_code":"hkdf-hmac-sha256","short_authentication_string":["decimal","emoji"],"commitment":"pvN6pzJ4miU3nc05nbQyNshB504zqDLd6Zc4ZDzUTC0"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:false
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:38.974Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.key event with {"key":"Sre+gjCO3mwEbH9QZuqQd+KdxEpHiJusU7xmv/AdYmg","m.relates_to":{"rel_type":"m.reference","event_id":"$15825381791905OwmLr:lant.uk"}}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:39.144Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.key event with {"key":"Sre+gjCO3mwEbH9QZuqQd+KdxEpHiJusU7xmv/AdYmg"}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:41.665Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.accept event with {"short_authentication_string":["decimal","emoji"],"hash":"sha256","commitment":"BnHFKUl7KPOUYOVYKhXaiKsz5XS1/ZVuVVfws8Tl1B8","message_authentication_code":"hkdf-hmac-sha256","key_agreement_protocol":"curve25519"}
 	deviceId:undefined
 	sender:@matthew:matrix.org,
 	isSentByUs:false
 	phase:4=>4,
 	observeOnly:false=>false
2020-02-24T09:57:42.104Z I Verification request $15825381791905OwmLr:lant.uk:
 	m.key.verification.cancel event with {"code":"m.unknown","reason":"Error: Unexpected message: expecting m.key.verification.key but got m.key.verification.accept","m.relates_to":{"rel_type":"m.reference","event_id":"$15825381791905OwmLr:lant.uk"}}
 	deviceId:undefined
 	sender:@tom:lant.uk,
 	isSentByUs:true
 	phase:4=>5,
 	observeOnly:false=>false

Request 2 ($15825383061909HatdB:lant.uk)

From Matthew's side:

2020-02-24T09:58:26.974Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.request event with {"body":"@tom:lant.uk is requesting to verify your key, but your client does not support in-chat key verification.  You will need to use legacy key verification to verify keys.","msgtype":"m.key.verification.request","to":"@matthew:matrix.org","from_device":"XDOGJMJTBA","methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"]}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:false
	phase:1=>2,
	observeOnly:false=>false
2020-02-24T09:58:31.088Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.ready event with {"methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"],"from_device":"RQRQBRNDOP","m.relates_to":{"rel_type":"m.reference","event_id":"$15825383061909HatdB:lant.uk"}}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:true
	phase:2=>3,
	observeOnly:false=>false
2020-02-24T09:58:31.182Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.ready event with {"methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"],"from_device":"RQRQBRNDOP"}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:true
	phase:3=>3,
	observeOnly:false=>false
2020-02-24T09:58:40.151Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.start event with {"method":"m.sas.v1","from_device":"XDOGJMJTBA","key_agreement_protocols":["curve25519"],"hashes":["sha256"],"message_authentication_codes":["hkdf-hmac-sha256","hmac-sha256"],"short_authentication_string":["decimal","emoji"]}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:false
	phase:3=>4,
	observeOnly:false=>false
2020-02-24T09:58:40.392Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.accept event with {"key_agreement_protocol":"curve25519","hash":"sha256","message_authentication_code":"hkdf-hmac-sha256","short_authentication_string":["decimal","emoji"],"commitment":"YiQhSO2qPQ2yZOfX1nGQ1Yo3RWHbSFZF6r0j5oFLbv4","m.relates_to":{"rel_type":"m.reference","event_id":"$15825383061909HatdB:lant.uk"}}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:true
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:40.443Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.accept event with {"key_agreement_protocol":"curve25519","hash":"sha256","message_authentication_code":"hkdf-hmac-sha256","short_authentication_string":["decimal","emoji"],"commitment":"YiQhSO2qPQ2yZOfX1nGQ1Yo3RWHbSFZF6r0j5oFLbv4"}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:true
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:41.317Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.accept event with {"short_authentication_string":["decimal","emoji"],"hash":"sha256","commitment":"VdLl9cqg/280026eRmAuQCKgPiL1tBCUAxOFxOmcy9E","message_authentication_code":"hkdf-hmac-sha256","key_agreement_protocol":"curve25519"}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:true
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:41.551Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.cancel event with {"code":"m.unknown","reason":"Error: Unexpected message: expecting m.key.verification.key but got m.key.verification.accept","m.relates_to":{"rel_type":"m.reference","event_id":"$15825383061909HatdB:lant.uk"}}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:true
	phase:4=>5,
	observeOnly:false=>false

From Tom's side:

2020-02-24T09:58:26.856Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.request event with {"body":"@tom:lant.uk is requesting to verify your key, but your client does not support in-chat key verification.  You will need to use legacy key verification to verify keys.","msgtype":"m.key.verification.request","to":"@matthew:matrix.org","from_device":"XDOGJMJTBA","methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"]}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:1=>2,
	observeOnly:false=>false
2020-02-24T09:58:27.126Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.request event with {"body":"@tom:lant.uk is requesting to verify your key, but your client does not support in-chat key verification.  You will need to use legacy key verification to verify keys.","msgtype":"m.key.verification.request","to":"@matthew:matrix.org","from_device":"XDOGJMJTBA","methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"]}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:2=>2,
	observeOnly:false=>false
2020-02-24T09:58:31.367Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.ready event with {"methods":["m.sas.v1","m.qr_code.show.v1","m.reciprocate.v1"],"from_device":"RQRQBRNDOP"}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:false
	phase:2=>3,
	observeOnly:false=>false
2020-02-24T09:58:39.908Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.start event with {"method":"m.sas.v1","from_device":"XDOGJMJTBA","key_agreement_protocols":["curve25519"],"hashes":["sha256"],"message_authentication_codes":["hkdf-hmac-sha256","hmac-sha256"],"short_authentication_string":["decimal","emoji"],"m.relates_to":{"rel_type":"m.reference","event_id":"$15825383061909HatdB:lant.uk"}}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:3=>4,
	observeOnly:false=>false
2020-02-24T09:58:40.098Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.start event with {"method":"m.sas.v1","from_device":"XDOGJMJTBA","key_agreement_protocols":["curve25519"],"hashes":["sha256"],"message_authentication_codes":["hkdf-hmac-sha256","hmac-sha256"],"short_authentication_string":["decimal","emoji"]}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:40.911Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.accept event with {"key_agreement_protocol":"curve25519","hash":"sha256","message_authentication_code":"hkdf-hmac-sha256","short_authentication_string":["decimal","emoji"],"commitment":"YiQhSO2qPQ2yZOfX1nGQ1Yo3RWHbSFZF6r0j5oFLbv4"}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:false
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:41.568Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.key event with {"key":"CXmMUWCbYdOd26DvUErezQjllTXbGh/oj3TQV8xlbnc","m.relates_to":{"rel_type":"m.reference","event_id":"$15825383061909HatdB:lant.uk"}}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:41.980Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.accept event with {"short_authentication_string":["decimal","emoji"],"hash":"sha256","commitment":"VdLl9cqg/280026eRmAuQCKgPiL1tBCUAxOFxOmcy9E","message_authentication_code":"hkdf-hmac-sha256","key_agreement_protocol":"curve25519"}
	deviceId:undefined
	sender:@matthew:matrix.org,
	isSentByUs:false
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:42.485Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.key event with {"key":"CXmMUWCbYdOd26DvUErezQjllTXbGh/oj3TQV8xlbnc"}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:4=>4,
	observeOnly:false=>false
2020-02-24T09:58:42.592Z I Verification request $15825383061909HatdB:lant.uk:
	m.key.verification.cancel event with {"code":"m.unknown","reason":"Error: Unexpected message: expecting m.key.verification.key but got m.key.verification.accept","m.relates_to":{"rel_type":"m.reference","event_id":"$15825383061909HatdB:lant.uk"}}
	deviceId:undefined
	sender:@tom:lant.uk,
	isSentByUs:true
	phase:4=>5,
	observeOnly:false=>false

[bwindels]

In both requests, Matthew's client sent a second (and even third for request 2) .accept event which confused the hell out of both of Tom's and Matthew's client, upon which they both cancelled for the same reason.

[bwindels]

Looking into what's happening on Matthew's side before the second .accept gets send, there seems to be quite a bit megolm activity before.

[bwindels]

Have been investigating and still not sure why Matthew's client is sending 2 .accept events. He has reported several verification successes with other people since and will try to repro with Tom again.

Apart from waiting for more repros and having added more logging, not sure what else to do for now so parking this.

[bwindels]

This turned out to be Matthew's iOS client sending the second .accept, closing.

[ara4n]

Bruno & I just spent a while digging further into this, and spotted that the duplicate .accept()s are coming one from Chrome and the other from iOS.

In other words, Riot/iOS (on 0.110 - 20200221165108) was sitting in the background(?) sending rogue .accept()s. I thought we fixed this shortly after FOSDEM? :-/

@manuroe, @SBiOSoftWhare: is this a known issue? It's a really nasty failure mode :(

[bwindels]

Created an issue for Riot iOS, so this one can be closed.