My current session is not verified anymore after App update

[giomfo]

Steps to reproduce

I updated my Element-iOs this morning with v1.10.6 (via TF). Now my iOS session requests to be verified by another session (whereas it was already verified for a while)
The other sessions consider that this iOS session is verified
Locally, in the Security settings of my iOS session, the cross signing is not trusted by this session

Outcome

What did you expect?

no change about the SSSS state

What happened instead?

the current session is not verified anymore

Your phone model

No response

Operating system version

No response

Application version

v1.10.6

Homeserver

No response

Will you send logs?

Yes

[nyaxix]

I'm seeing this as well. To attempt fixing it I logged out and logged in again, performing verification after login. However, the same issue occurred after I restarted the app.

[valynor]

Same here. Updated app on iPhone, session not verified anymore after update.
That's a pretty catastrophic failure in my eyes, please consider retracting this update at once.

[daletman]

Same for me

[jabrms]

Same problem for me

[ChanceNCounter]

To be clear about the bug:

Every time Element backgrounds or is quit, upon relaunch, it will ask to verify the session. This is indeed catastrophic and suggests that updates are not being tested by the developers.

[Anderas]

A hotfix addressing this issue will be released asap. In the meanwhile enabling Rust end-to-end encryption from Labs does solve the issue for some users. This is an encryption module that will be eventually rolled out to all users by default.

[thedanbob]

In the meanwhile enabling Rust end-to-end encryption from Labs does solve the issue for some users.

Interesting; when I’ve tried enabling that lab before I got the same behavior as this bug. In fact when I first encountered this issue I thought maybe the Rust encryption got enabled by default prematurely.

[nyaxix]

I am no longer seeing this issue with the 1.10.7 update.

[4nd3r]

Fixed for me and family member too, but now I see "Cross-signing is ready for use. ❗ The MSK is missing. Verifiy..." message in cross-signing section (Settings -> Security). Family member does not have "MSK missing" message.

[thedanbob]

@4nd3r That's a long standing issue, I've had that on my devices for as long as I can remember.

[Anderas]

In the meanwhile enabling Rust end-to-end encryption from Labs does solve the issue for some users.

Interesting; when I’ve tried enabling that lab before I got the same behavior as this bug. In fact when I first encountered this issue I thought maybe the Rust encryption got enabled by default prematurely.

@thedanbob You are right that similar behaviour can occur when upgrading to Rust end-to-end encryption, though for different reasons than the original regression, and possibly for different users. Rust E2E imposes stricter rules as to when a session is considered verified, so it may be necessary for some upgrading devices to re-verify. There is a new build 1.10.8 available on the App Store that detects this situation and prompts users with adequate explanation.

Given that the root cause of this issue has now been resolved, and it is possible to re-verify devices, I am going to close this ticket as resolved.