Hello everyone,
as you know we are working on PFS. The main idea is that we will exchange an x3dh bundle and encrypt message using the double ratchet algorithm.
https://signal.org/docs/specifications/x3dh/
https://signal.org/docs/specifications/doubleratchet/
A problem that we need to solve is wallet recovery and how to handle this.
When a user recover their wallet they will lose all the contacts and messages.
Currently if a contact sends a message to a user who has just recovered their account everything works as expected and the user is able to decrypt the message.
Because X3DH/DR is a stateful process it means that when a user that has just recovered their wallet receive a message from a previous contact, he will not be able to decrypt it (which is the desired behavior otherwise it would break pfs), but he will know that a message has been received.
We need a UX solution on how to explain this to the user.
The most basic thing I can think of is:
When such messages are received, we display a popup/message/chat/whatever to the user, saying:
“{Name generated from public key} has sent you a message, but it looks like the information they have are outdated, would you like to (re)establish a secure channel with them?”
OK/Ignore ,
ignore will not prompt you anymore upon receiving messages from the same user, OK, will establish a secure channel with the user and (possibly) add it back to your contact list.
I would like to introduce the concept of “secure channels” to the user as it is something that we will need in some other scenario, as sometimes we might not be able to ensure PFS and a similar message could be displayed.
What do you think?