Reject 4S key sharing requests after timeout #12664
Labels
A-E2EE-Cross-Signing
O-Uncommon
Most users are unlikely to come across this or unexpected workflow
Security
T-Enhancement
When verifying a new device, we use 4S key sharing requests behind the scenes to share various account-level private keys, such as your cross-signing private key and others, so that the new device can perform all the same security functions as the existing device used to verify it.
At the moment, these key sharing requests from a verified device are always accepted, even if the verification process happened a long time ago.
As an additional security measure, after N seconds have passed since a device was verified, we should silently reject 4S key sharing requests from it.
(The value of N is still up for discussion.)
The text was updated successfully, but these errors were encountered: