- make sure we have all members (as we're using lazy loading members), and store these somehow
- do we need to update /members on every limited sync response or did we find a way around this?
- implement creating/loading an olm account
- add libolm as dependency
- store pickled account
- load pickled account
- update pickled account
- add initial one-time keys
- publish keys with /keys/upload
- implement creating/loading an olm session for (userid, deviceid)
- get olm session for [(userid, deviceid), ...] (array so they can all go out in one /keys/claim call?)
- create if not exists
- claim one-time key with /keys/claim
- verify signature on key
- ??? what about inbound/outbound sessions? do they require multiple OlmSession objects?
- doesn't look like it, more like a way to start the session but once started (type=1), they are equivalent?
- for outbound, see file:///home/bwindels/Downloads/matrix-docs/End-to-End%20Encryption%20implementation%20guide%20%7C%20Matrix.org.html#starting-an-olm-session
- for inbound, see: file:///home/bwindels/Downloads/matrix-docs/End-to-End%20Encryption%20implementation%20guide%20|%20Matrix.org.html#handling-an-mroomencrypted-event
- so in this case, it would the session would be created as an outbound session.
- store pickled, index by curve25519 identity key?
- get from storage if exists and unpickle
- implement device tracking
- store users?
- needs_update (riot has status with 4 states: not tracked, pending download, downloading, up to date)
- set during sync for users that appear in device_lists.changed
- store devices
- id
- userid
- signing KP
- identity KP
- algorithms
- device name
- verified
- known? riot has this ... what does it mean exactly?
- handle device_lists.changed in /sync response
- call /keys/changed to get updated devices and store them
- handle device_lists.left in /sync response
- we can keep verified devices we don't share a room with anymore around perhaps, but
shouldn't update them ... which we won't do anyway as they won't appear in changed anymore
- when e2e is enabled, start tracking:
- call /keys/query for all members in MemberList
- verify signature on device keys
- store devices
- implement maintaining one-time keys on server
- update account with new new keys when /sync responded with device_one_time_keys_count <MAX/2
we'll need to pass an implementation of EventSender or something to SendQueue that does the actual requests to send a message, one implementation for non-e2ee rooms (upload attachment, send event OR redact, ...) and one for e2ee rooms that send the olm keys, etc ... encrypts the message before sending, reusing as much logic as possible. this will entail multiple sendScheduler.request slots, as we should only do one request per slot, making sure if we'd restart that steps completed in sending are stored so we don't run them again (advancing olm key, ...) or they are safe to rerun. The `E2eeEventSender` or so would then also be the thing that has a dependency on the memberlist for device tracking, which keeps the dependency tree clean (e.g. no setMembers on a class that does both e2ee and non-e2ee)