Got „Unable to decrypt: decryption key withheld“ for some messages

[weeman1337]

Steps to reproduce

1. Existing encrypted room
2. Other user sends some messages

Outcome

What did you expect?

Could read all messages

What happened instead?

• Got „Unable to decrypt: decryption key withheld“
• After new login they appear as „Unable to decrypt: Error: OLM.UNKNOWN_MESSAGE_INDEX “
• Sender can read all messages

Operating system

Ubuntu 22.04.1 LTS

Browser information

Firefox 107.0

URL for webapp

https://develop.element.io/

Application version

Element version: 65b8bc1-react-3f3005a3ca4d-js-bd4589fcc45b Olm version: 3.2.12

Homeserver

ccc-ffm.de / Synapse 1.70.1

Will you send logs?

Yes

[grisu48]

Same issue, here, docker.io/matrixdotorg/synapse:latest with Firefox 106.0.2 on openSUSE Tumbleweed.

[DavidB137]

I can also confirm the issue. This strange behaviour makes overall user experience a lot worse, because to "normal" people who just want to text, Element doesn't look like a reliable solution.

• server: selfhosted latest Synapse
• client 1 and 2 are on some combination of Element web, Android and desktop app

[weeman1337]

Looks like frequency increased cross platform in the last days element-hq/element-android#7403 (comment)

[moritzdietz]

Yes, me too! I have noticed this this morning with iPhone, Android as well es Element Desktop on macOS.
Thought it was a spontaneous error on our end, but seems more broad after seeing this issue here.

I can sent them messages and read them on their phone, but when they send me messages or any events I get decryption errors

[quicquid]

The receiver of one of my messages encountered the issue for the android app (on both sides) as well. When I started up the desktop app (on a different device) the message could be decrypted by the receiver messages from the desktop app worked but the pnes from the phones were still unable to be decrypted.

[robertmx]

Possible workaround in the related (identical?) issue 7403.
element-hq/element-android#7403 (comment)

[moritzdietz]

Just rageshaked from within develop.element.io and added linked it to this issue. Maybe there's something in there which helps.

[quicquid]

I tried /discardsession as mentioned in element-android issue vector-im/element-meta#1841 on the device sending the message and it did the trick (new messages are rveived properly now).

[richvdh]

@weeman1337 I have looked at your rageshake, and it looks like the events were sent before you joined the room, which I think explains why you can't decrypt them?

On the other rageshakes that you have linked to this issue: do you have any particular reason to believe they have the same cause?

[weeman1337]

@richvdh I did post all messages in an existing room.

[richvdh]

@richvdh I did post all messages in an existing room.

I'm afraid I'm not following you at all.

In your initial rageshake (https://github.com/matrix-org/element-web-rageshakes/issues/16971) the problem, afaict, is with messages sent by @l:lesosoftware.com, before you joined the room.

If there are particular events that you are having trouble with, please can you tell me which they are, and exactly what you are seeing?

[weeman1337]

Both sides joined the room before. We already sent messages to each other before. This happens sometimes right in the middle of some chat.

Event Id from the screenshot: $4Nr8sFKwGwoMpXa4E2sWS0cp4AP0Bc7C48_Dzca213U

Entire event source

{
  "content": {
    "algorithm": "m.megolm.v1.aes-sha2",
    "ciphertext": "AwgBEsADytPm0lOW1twro+M98gyux4zmu+w0VVxegHEyD26KSIqMMQr3jkqpS5vhDq8wdVb7M+BQ+ZjH4EaWgmlauCQ1qFAevGu37PbOy7ClmPFA0jd3glJyNv5agKi+bIAlQt9l1kNhMTpFbv97k5qpuvTXPCy1sfXDYSA8zIfqUjTZjzeq27b/AarxvxJu6nHDnOMYS2QxB0AGut3Dv5z93mfr6hScc7tpncnj/9XtEW0KtYcB07yHhIdijkpLCCnhbzwGeXPJjT+FoPbipZ/DtYy1j5kxc1GziMNULq+qMyFaJT2bJ1wQOobFG8T0VaMaFArxDDnpK+HFPRJIJJoH9HzDh4atCmifUGguCXwqkeEFdrANDtGtSe3CT8KwZJ9+PZKy61FDzwde3I/34cMaLLYToFwpw+dZTJXGuboG1mxvaUbjPOUirec3lqcYGk6xiD6Rmhld0sG+jmBnzE9lr8MSsRHU60h+Oyz04IGxj75lAhtgnSiuyqQGkbtvHl89yxE0MhF8dLsUIUjGiJl4rYZbQeC4JegKadpnPn8w4tVQZ+ZFBPXdXrZ2yBms7Tn85B9e8rGPEisUo8jUk/POYjB+qb1hlUZoGDyD0yJtQHTOc5iHAT93tfhB1l6i8OCdi6MXhF1H+dJPECWK9B3FQEYyjflUfGNnDA6MPs4OhrQgnABdP0SXKKHqAQ",
    "device_id": "6CvrrWO1",
    "sender_key": "hPRiDRyXZUQlMBo6Weax8Ic2xd6rrmr6osS+wU+DS1A",
    "session_id": "2TaAEQ4r5RR7R0VqGjDvbrC0/WbHz40lo7ZcKRNlCc8"
  },
  "origin_server_ts": 1668074862832,
  "room_id": "!tWKBPbwWoJZIGQhtBV:ccc-ffm.de",
  "sender": "@l:lesosoftware.com",
  "type": "m.room.encrypted",
  "unsigned": {},
  "event_id": "$4Nr8sFKwGwoMpXa4E2sWS0cp4AP0Bc7C48_Dzca213U",
  "user_id": "@l:lesosoftware.com"
}

[richvdh]

This happens sometimes right in the middle of some chat.

Please don't assume that every time you can't decrypt a message, it's the same problem!

I can look at $4Nr8sFKwGwoMpXa4E2sWS0cp4AP0Bc7C48_Dzca213U more closely. Thanks for the extra information.

[richvdh]

@weeman1337 well, $4Nr8sFKwGwoMpXa4E2sWS0cp4AP0Bc7C48_Dzca213U really looks to have been sent before @l:lesosoftware.com's client got the memo about you having joined the room. Without access to their server's database, it's hard to be exactly certain, but I think this is an inevitable artifact of a distributed system: even if your server thinks you have joined the room at a given time, it's not the case that everyone in the room will see the same thing.

Thanks for the report though!

[richvdh]

I guess we should ask why it says "decryption key withheld": that doesn't seem like a fair characterisation of the issue

[richvdh]

Wait, I'm confused (again).

Got „Unable to decrypt: decryption key withheld“
After new login they appear as „Unable to decrypt: Error: OLM.UNKNOWN_MESSAGE_INDEX “

Is the rageshake I'm looking at (https://github.com/matrix-org/element-web-rageshakes/issues/16971) from the old login or the new one? Presumably the old one? What about the screenshot above? When was the screenshot taken? Do we have a rageshake from about the right time?

The reason I ask is that I just spent half an hour looking for "decryption key withheld" errors in https://github.com/matrix-org/element-web-rageshakes/issues/16971 and failing to find any :(

[weeman1337]

@weeman1337 well, $4Nr8sFKwGwoMpXa4E2sWS0cp4AP0Bc7C48_Dzca213U really looks to have been sent before @l:lesosoftware.com's client got the memo about you having joined the room. Without access to their server's database, it's hard to be exactly certain, but I think this is an inevitable artifact of a distributed system: even if your server thinks you have joined the room at a given time, it's not the case that everyone in the room will see the same thing.

But as you can see in the screenshot above it happened in an ongoing chat. One message can be read and the next one not. 🤷‍♂️

---

Is the rageshake I'm looking at (https://github.com/matrix-org/element-web-rageshakes/issues/16971) from the old login or the new one?

Should be from the old login.

---

but I think this is an inevitable artifact of a distributed system: even if your server thinks you have joined the room at a given time, it's not the case that everyone in the room will see the same thing.

The other user of the most recent rageshake is on the same server. And again it happened in an ongoing chat.

[weeman1337]

@richvdh in general: Should I open separate issues when an „Unable to decrypt: decryption key withheld“ appears? I just learned from you that they can have many different causes.

[richvdh]

But as you can see in the screenshot above it happened in an ongoing chat. One message can be read and the next one not. man_shrugging

I really can't see that from the screenshot, sorry. A bunch of information is pixellated: I have no idea what the other messages are, when they arrived, who sent them, how they got there, etc. But most importantly, I have no idea how it correlates to your original report or the rageshake you sent.

Is the rageshake I'm looking at (matrix-org/element-web-rageshakes#16971) from the old login or the new one?

Should be from the old login.

Well, that's very odd. I see no mention of a "decryption key witheld" error in them.

@richvdh in general: Should I open separate issues when an „Unable to decrypt: decryption key withheld“ appears? I just learned from you that they can have many different causes.

In general yes - or just send the rageshake and ping the crypto team internally about it.

[richvdh]

This seems to be due to #23803. Closing in favour of that.

[Martin0100110101001000]

Exactly the same issue here, using Windows desktop and android phones. And Starlink internet. The first message I got had a link to request encryption keys, then changed to this.

[jonnyrobbie]

This seems to be due to #23803. Closing in favour of that.

I'm not sure I understand. #23803 makes it seem like it's only a nomenclature/wording issue? When a chat (that one relies on for real world people communication) fundamentally breaks, a user doesn't really cares if "keys witheld" is not the most appropriate message. A user cares that he completely lost a method of communication. I'm completely behind @DavidB137 frustration that this makes element/matrix like a unrealiable and undependable tool.

I really can't see that from the screenshot, sorry. A bunch of information is pixellated: I have no idea what the other messages are, when they arrived, who sent them, how they got there, etc. But most importantly, I have no idea how it correlates to your original report or the rageshake you sent.

He was just counterpointing you that the messages stopped being recieved in the middle of the session, which is visible from the screenshot.

---

Here's my entry if it helps you more with diagnosing the issue:

Decrypted event source:

{
  "type": "m.room.message",
  "content": {
    "msgtype": "m.bad.encrypted",
    "body": "** Unable to decrypt: decryption key withheld **"
  }
}

Original event source:

{
  "content": {
    "algorithm": "m.megolm.v1.aes-sha2",
   ...
  },
  "event_id": "$1672913572466835HxZbP:matrix.org",
  "origin_server_ts": 1672913572551,
  "room_id": "!UJVHFqSAHanxWQMbhW:matrix.org",
  "sender": "@xstem116:matrix.org",
  "type": "m.room.encrypted",
  "unsigned": {
    "age": 365175193
  },
  "user_id": "@xstem116:matrix.org",
  "age": 365175193
}

[shinji257]

It seems to be related but not the same issue. The one thing I'll note is channels and chats by this seem to have the messages but are hidden from view. If you export the affected chat the result has messages that could be decrypted even if they were not visible in Element.