Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

element-desktop needs to move away from Keytar now it is deprecated #1947

Open
jejb opened this issue Oct 23, 2024 · 11 comments
Open

element-desktop needs to move away from Keytar now it is deprecated #1947

jejb opened this issue Oct 23, 2024 · 11 comments

Comments

@jejb
Copy link

jejb commented Oct 23, 2024

Your use case

keytar is used to securely store keys on the desktop. However, atom is sunsetting the project:

atom/node-keytar#482

Several of the keytar users are migrating to electron SafeStorage

filecoin-station/desktop#1656
mountainash/taskana#142

Which seems like it would be the best solution for element-desktop as well

Have you considered any alternatives?

There is no alternative to replacing a deprecated project. It already seems to be causing problems with later electron versions (#1931 (comment)) so it's going to become a big issue soon. SafeStorage looks like the easiest path forwards, but there may be others I haven't found

Additional context

No response

@dosubot dosubot bot added A-Config T-Deprecation A pull request that makes something deprecated labels Oct 23, 2024
@t3chguy
Copy link
Member

t3chguy commented Oct 23, 2024

Migrating to SafeStorage doesn't really solve the issue, if we need to avoid data loss we would need to ship them side-by-side for a long period of time to allow a migration to occur

@jejb
Copy link
Author

jejb commented Oct 23, 2024

Well, there are two known ways to do that. One is to save the room keys in a protected file and restore from that. The other is to get the keys from another instance (say your phone). I'm not saying either is foolproof or painless, but it is possible.

I'm not saying shipping both and trying to migrate isn't a better solution, just that, given the compile issues, it won't be viable for very long. Probably the best way to do it would be to have one version that does the migration and have later versions insist that you must first upgrade to that one version to preserve your keys.

@t3chguy
Copy link
Member

t3chguy commented Oct 23, 2024

One is to save the room keys in a protected file and restore from that.

This has the same downsides to requiring both at once, as if a user skips a version which dumps to this protected file then they will simply suffer data loss

@jejb
Copy link
Author

jejb commented Oct 23, 2024 via email

@t3chguy
Copy link
Member

t3chguy commented Oct 23, 2024

I proposed a solution in the previous comment: have a version which
users must upgrade through to preserve their keys.

Sure but this isn't something we can achieve with the update mechanisms available to us. The update platform runs via an R2 (S3-alike) bucket and thus cannot vary update version based on your current version.

@jejb
Copy link
Author

jejb commented Oct 23, 2024 via email

@t3chguy
Copy link
Member

t3chguy commented Oct 23, 2024

@jejb on Linux, sure, on Windows & macOS with the in-Electron auto-updater though that would not be the case. The Squirrel.Mac & Squirrel.Windows updaters just hit a URL on packages.element.io which receives a static file from an R2 bucket and fetches the new update from there.

@jejb
Copy link
Author

jejb commented Oct 23, 2024 via email

@t3chguy
Copy link
Member

t3chguy commented Oct 23, 2024

Right, but if a user updates from version A -> C (missing B)

where A is only Keytar (old version from today)
B is Keytar + Migration code + SafeStorage
C is Migration code + SafeStorage

then how does the user on C not end up with data corruption however you trigger it. Without Keytar you can't access the data it was storing on your behalf, so you have to start your SafeStorage in a clean slate i.e. data loss.

@jejb
Copy link
Author

jejb commented Oct 23, 2024 via email

@t3chguy
Copy link
Member

t3chguy commented Oct 23, 2024

Trying to support "manually install version B" where different customer builds have different version schemes and different support policies would be nigh impossible. The better alternative I can think of is making a standalone static build of keytar + safeStorage which we build once and include for a long time as a migration layer which we depend on and run before loading the app if necessary

@florianduros florianduros removed A-Config T-Deprecation A pull request that makes something deprecated labels Nov 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants