RustCrypto breaks Sign in with QR feature

[hughns]

The RustCrypto.setDeviceVerification() function does not have an implementation which breaks the Sign in with QR feature.

Can we get this implemented or is there an alternative function to use?

[BillCarsonFr]

I don't think you need to set local trust at all?
The other device is cross signed, and if you trust the master key now, you 'll trust it because it's signed by the now trusted SSK

[hughns]

I don't think you need to set local trust at all? The other device is cross signed, and if you trust the master key now, you 'll trust it because it's signed by the now trusted SSK

As per offline conversation: it is intended that the Sign in with QR function works with a deployment that isn't using cross-signing. As such, this is the point in setting the existing device as locally trusted after the new device has signed in.

[BillCarsonFr]

It's not the only API not available in rust https://github.com/vector-im/element-android/blob/1b3be240b3c67907672217a45225aec014a2a05c/matrix-sdk-android/src/rustCrypto/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt#L28

[BillCarsonFr]

deployment that isn't using cross-signing

A lot of things expect cross signing nowadays. How can you disable it? there is a setting?

[hughns]

A lot of things expect cross signing nowadays. How can you disable it? there is a setting?

Yes, you can make it so that the Element clients don't prompt to set up cross-signing (nor automatically set it up).