From 9177cb11d5901e0f565b10b910067e34c022a42e Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Mon, 14 Mar 2022 14:39:04 +0100
Subject: [PATCH 01/27] Refactor key and secret request managers

use megolm backup before sending key request
---
 .../android/sdk/common/CryptoTestHelper.kt    |  63 +++
 .../sdk/internal/crypto/E2eeSanityTests.kt    | 286 ++++++++---
 .../sdk/internal/crypto/PreShareKeysTest.kt   |  31 +-
 .../crypto/gossiping/KeyShareTests.kt         |   7 +-
 .../sdk/api/session/crypto/CryptoService.kt   |  14 +-
 .../model/OutgoingGossipingRequestState.kt    |  17 +-
 .../crypto/model/OutgoingRoomKeyRequest.kt    |  55 --
 .../model/content/RoomKeyWithHeldContent.kt   |   8 +-
 .../SharedSecretStorageService.kt             |   2 +-
 .../crypto/CancelGossipRequestWorker.kt       | 121 -----
 .../internal/crypto/DefaultCryptoService.kt   | 192 +++----
 .../internal/crypto/GossipingWorkManager.kt   |  57 ---
 .../crypto/IncomingGossipingRequestManager.kt | 472 ------------------
 .../crypto/IncomingKeyRequestManager.kt       | 364 ++++++++++++++
 .../sdk/internal/crypto/MXOlmDevice.kt        |  17 +-
 .../crypto/OutgoingGossipingRequest.kt        |  10 +-
 .../crypto/OutgoingGossipingRequestManager.kt | 392 +++++++++++----
 .../sdk/internal/crypto/OutgoingKeyRequest.kt |  58 +++
 .../internal/crypto/OutgoingSecretRequest.kt  |   4 +-
 .../PerSessionBackupQueryRateLimiter.kt       | 131 +++++
 .../internal/crypto/RoomEncryptorsStore.kt    |  23 +-
 .../sdk/internal/crypto/SecretShareManager.kt | 274 ++++++++++
 .../crypto/SendGossipRequestWorker.kt         | 151 ------
 .../sdk/internal/crypto/SendGossipWorker.kt   | 168 -------
 .../actions/MegolmSessionDataImporter.kt      |  23 +-
 .../crypto/algorithms/IMXWithHeldExtension.kt |  23 -
 .../algorithms/megolm/MXMegolmDecryption.kt   |  43 +-
 .../algorithms/megolm/MXMegolmEncryption.kt   |  16 +-
 .../keysbackup/DefaultKeysBackupService.kt    |   8 +-
 .../sdk/internal/crypto/model/AuditTrail.kt   |  75 +++
 .../DefaultSharedSecretStorageService.kt      |  11 +-
 .../internal/crypto/store/IMXCryptoStore.kt   |  62 ++-
 .../crypto/store/db/RealmCryptoStore.kt       | 352 ++++++++++---
 .../store/db/RealmCryptoStoreMigration.kt     |   4 +-
 .../crypto/store/db/RealmCryptoStoreModule.kt |  10 +-
 .../store/db/migration/MigrateCryptoTo016.kt  |  61 +++
 .../store/db/model/AuditTrailEntity.kt}       |  22 +-
 .../crypto/store/db/model/AuditTrailMapper.kt |  85 ++++
 .../store/db/model/GossipingEventEntity.kt    |   2 +
 .../model/IncomingGossipingRequestEntity.kt   |   1 +
 .../store/db/model/KeyRequestReplyEntity.kt   |  35 ++
 .../model/OutgoingGossipingRequestEntity.kt   | 106 +---
 .../db/model/OutgoingKeyRequestEntity.kt      | 136 +++++
 .../internal/crypto/tasks/SendEventTask.kt    |   5 +-
 ...comingSASDefaultVerificationTransaction.kt |   6 +-
 ...tgoingSASDefaultVerificationTransaction.kt |   6 +-
 .../DefaultVerificationService.kt             |  30 +-
 .../DefaultVerificationTransaction.kt         |   6 +-
 .../SASDefaultVerificationTransaction.kt      |   6 +-
 .../DefaultQrCodeVerificationTransaction.kt   |   6 +-
 .../sdk/internal/session/SessionComponent.kt  |   9 -
 .../internal/worker/MatrixWorkerFactory.kt    |   9 -
 .../recover/BackupToQuadSMigrationTask.kt     |  12 +-
 .../VerificationBottomSheetViewModel.kt       |  23 +-
 .../GossipingEventsPaperTrailFragment.kt      |  28 +-
 .../GossipingEventsPaperTrailViewModel.kt     |   4 +-
 .../devtools/GossipingEventsSerializer.kt     |  67 +--
 .../GossipingTrailPagedEpoxyController.kt     | 130 ++---
 .../devtools/KeyRequestListViewModel.kt       |   4 +-
 .../OutgoingKeyRequestPagedController.kt      |   6 +-
 .../fakes/FakeSharedSecretStorageService.kt   |   2 +-
 61 files changed, 2499 insertions(+), 1852 deletions(-)
 delete mode 100755 matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingRoomKeyRequest.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/CancelGossipRequestWorker.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/GossipingWorkManager.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingGossipingRequestManager.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipRequestWorker.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipWorker.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXWithHeldExtension.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
 rename matrix-sdk-android/src/main/java/org/matrix/android/sdk/{api/session/crypto/model/GossipingRequestState.kt => internal/crypto/store/db/model/AuditTrailEntity.kt} (63%)
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/KeyRequestReplyEntity.kt
 create mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
index ecb279cdc2..5916bf2fab 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
@@ -31,8 +31,14 @@ import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM_BACKUP
 import org.matrix.android.sdk.api.extensions.orFalse
 import org.matrix.android.sdk.api.session.Session
+import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupAuthData
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
+import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationMethod
@@ -46,7 +52,11 @@ import org.matrix.android.sdk.api.session.room.model.Membership
 import org.matrix.android.sdk.api.session.room.model.RoomSummary
 import org.matrix.android.sdk.api.session.room.model.create.CreateRoomParams
 import org.matrix.android.sdk.api.session.room.roomSummaryQueryParams
+import org.matrix.android.sdk.api.session.securestorage.EmptyKeySigner
+import org.matrix.android.sdk.api.session.securestorage.SharedSecretStorageService
 import org.matrix.android.sdk.api.util.Optional
+import org.matrix.android.sdk.api.util.awaitCallback
+import org.matrix.android.sdk.api.util.toBase64NoPadding
 import java.util.UUID
 import kotlin.coroutines.Continuation
 import kotlin.coroutines.resume
@@ -293,6 +303,59 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
         }
     }
 
+    /**
+     * Initialize cross-signing, set up megolm backup and save all in 4S
+     */
+    fun bootstrapSecurity(session: Session) {
+        initializeCrossSigning(session)
+        val ssssService = session.sharedSecretStorageService
+        testHelper.runBlockingTest {
+            val keyInfo = ssssService.generateKey(
+                    UUID.randomUUID().toString(),
+                    null,
+                    "ssss_key",
+                    EmptyKeySigner()
+            )
+            ssssService.setDefaultKey(keyInfo.keyId)
+
+            ssssService.storeSecret(
+                    MASTER_KEY_SSSS_NAME,
+                    session.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.master!!,
+                    listOf(SharedSecretStorageService.KeyRef(keyInfo.keyId, keyInfo.keySpec))
+            )
+
+            ssssService.storeSecret(
+                    SELF_SIGNING_KEY_SSSS_NAME,
+                    session.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.selfSigned!!,
+                    listOf(SharedSecretStorageService.KeyRef(keyInfo.keyId, keyInfo.keySpec))
+            )
+
+            ssssService.storeSecret(
+                    USER_SIGNING_KEY_SSSS_NAME,
+                    session.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.user!!,
+                    listOf(SharedSecretStorageService.KeyRef(keyInfo.keyId, keyInfo.keySpec))
+            )
+
+            // set up megolm backup
+            val creationInfo = awaitCallback<MegolmBackupCreationInfo> {
+                session.cryptoService().keysBackupService().prepareKeysBackupVersion(null, null, it)
+            }
+            val version = awaitCallback<KeysVersion> {
+                session.cryptoService().keysBackupService().createKeysBackupVersion(creationInfo, it)
+            }
+            // Save it for gossiping
+            session.cryptoService().keysBackupService().saveBackupRecoveryKey(creationInfo.recoveryKey, version = version.version)
+
+            extractCurveKeyFromRecoveryKey(creationInfo.recoveryKey)?.toBase64NoPadding()?.let { secret ->
+                ssssService.storeSecret(
+                        KEYBACKUP_SECRET_SSSS_NAME,
+                        secret,
+                        listOf(SharedSecretStorageService.KeyRef(keyInfo.keyId, keyInfo.keySpec))
+                )
+            }
+        }
+    }
+
     fun verifySASCrossSign(alice: Session, bob: Session, roomId: String) {
         assertTrue(alice.cryptoService().crossSigningService().canCrossSign())
         assertTrue(bob.cryptoService().crossSigningService().canCrossSign())
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index fbd0905261..fbbb82843b 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -35,6 +35,12 @@ import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersionResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
 import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
+import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
+import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
+import org.matrix.android.sdk.api.session.crypto.verification.PendingVerificationRequest
+import org.matrix.android.sdk.api.session.crypto.verification.VerificationMethod
+import org.matrix.android.sdk.api.session.crypto.verification.VerificationService
+import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.toModel
@@ -49,8 +55,10 @@ import org.matrix.android.sdk.api.session.room.timeline.TimelineSettings
 import org.matrix.android.sdk.common.CommonTestHelper
 import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.SessionTestParams
-import org.matrix.android.sdk.common.TestConstants
 import org.matrix.android.sdk.common.TestMatrixCallback
+import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
+import java.util.concurrent.CountDownLatch
 
 @RunWith(JUnit4::class)
 @FixMethodOrder(MethodSorters.JVM)
@@ -113,10 +121,10 @@ class E2eeSanityTests : InstrumentedTest {
         otherAccounts.forEach { otherSession ->
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val timelineEvent = otherSession.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId!!)
-                    timelineEvent != null &&
-                            timelineEvent.isEncrypted() &&
-                            timelineEvent.root.getClearType() == EventType.MESSAGE
+                    val timeLineEvent = otherSession.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId!!)
+                    timeLineEvent != null &&
+                            timeLineEvent.isEncrypted() &&
+                            timeLineEvent.root.getClearType() == EventType.MESSAGE
                 }
             }
         }
@@ -232,10 +240,10 @@ class E2eeSanityTests : InstrumentedTest {
 
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val timelineEvent = bobSession.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId)
-                    timelineEvent != null &&
-                            timelineEvent.isEncrypted() &&
-                            timelineEvent.root.getClearType() == EventType.MESSAGE
+                    val timeLineEvent = bobSession.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId)
+                    timeLineEvent != null &&
+                            timeLineEvent.isEncrypted() &&
+                            timeLineEvent.root.getClearType() == EventType.MESSAGE
                 }
             }
             // we want more so let's discard the session
@@ -292,13 +300,13 @@ class E2eeSanityTests : InstrumentedTest {
 
         // Let's now import keys from backup
 
-        newBobSession.cryptoService().keysBackupService().let { keysBackupService ->
+        newBobSession.cryptoService().keysBackupService().let { kbs ->
             val keyVersionResult = testHelper.doSync<KeysVersionResult?> {
-                keysBackupService.getVersion(version.version, it)
+                kbs.getVersion(version.version, it)
             }
 
             val importedResult = testHelper.doSync<ImportRoomKeysResult> {
-                keysBackupService.restoreKeyBackupWithPassword(keyVersionResult!!,
+                kbs.restoreKeyBackupWithPassword(keyVersionResult!!,
                         keyBackupPassword,
                         null,
                         null,
@@ -341,10 +349,10 @@ class E2eeSanityTests : InstrumentedTest {
 
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val timelineEvent = bobSession.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId)
-                    timelineEvent != null &&
-                            timelineEvent.isEncrypted() &&
-                            timelineEvent.root.getClearType() == EventType.MESSAGE
+                    val timeLineEvent = bobSession.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId)
+                    timeLineEvent != null &&
+                            timeLineEvent.isEncrypted() &&
+                            timeLineEvent.root.getClearType() == EventType.MESSAGE
                 }
             }
         }
@@ -360,7 +368,11 @@ class E2eeSanityTests : InstrumentedTest {
         // check that new bob can't currently decrypt
         Log.v("#E2E TEST", "check that new bob can't currently decrypt")
 
-        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID)
+        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, null)
+//        newBobSession.cryptoService().getOutgoingRoomKeyRequests()
+//                .firstOrNull {
+//                    it.sessionId ==
+//                }
 
         // Try to request
         sentEventIds.forEach { sentEventId ->
@@ -369,12 +381,34 @@ class E2eeSanityTests : InstrumentedTest {
         }
 
         // wait a bit
-        testHelper.runBlockingTest {
-            delay(10_000)
-        }
+        // we need to wait a couple of syncs to let sharing occurs
+//        testHelper.waitFewSyncs(newBobSession, 6)
 
         // Ensure that new bob still can't decrypt (keys must have been withheld)
-        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, MXCryptoError.ErrorType.KEYS_WITHHELD)
+        sentEventIds.forEach { sentEventId ->
+            val megolmSessionId = newBobSession.getRoom(e2eRoomID)!!
+                    .getTimelineEvent(sentEventId)!!
+                    .root.content.toModel<EncryptedEventContent>()!!.sessionId
+            testHelper.waitWithLatch { latch ->
+                testHelper.retryPeriodicallyWithLatch(latch) {
+                    val aliceReply = newBobSession.cryptoService().getOutgoingRoomKeyRequests()
+                            .first {
+                                it.sessionId == megolmSessionId &&
+                                        it.roomId == e2eRoomID
+                            }
+                            .results.also {
+                                Log.w("##TEST", "result list is $it")
+                            }
+                            .firstOrNull { it.userId == aliceSession.myUserId }
+                            ?.result
+                    aliceReply != null &&
+                            aliceReply is RequestResult.Failure &&
+                            WithHeldCode.UNAUTHORISED == aliceReply.code
+                }
+            }
+        }
+
+        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, null)
 
         // Now mark new bob session as verified
 
@@ -387,11 +421,6 @@ class E2eeSanityTests : InstrumentedTest {
             newBobSession.cryptoService().reRequestRoomKeyForEvent(event)
         }
 
-        // wait a bit
-        testHelper.runBlockingTest {
-            delay(10_000)
-        }
-
         ensureCanDecrypt(sentEventIds, newBobSession, e2eRoomID, messagesText)
 
         cryptoTestData.cleanUp(testHelper)
@@ -422,10 +451,10 @@ class E2eeSanityTests : InstrumentedTest {
 
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val timelineEvent = bobSessionWithBetterKey.getRoom(e2eRoomID)?.getTimelineEvent(firstEventId)
-                    timelineEvent != null &&
-                            timelineEvent.isEncrypted() &&
-                            timelineEvent.root.getClearType() == EventType.MESSAGE
+                    val timeLineEvent = bobSessionWithBetterKey.getRoom(e2eRoomID)?.getTimelineEvent(firstEventId)
+                    timeLineEvent != null &&
+                            timeLineEvent.isEncrypted() &&
+                            timeLineEvent.root.getClearType() == EventType.MESSAGE
                 }
             }
         }
@@ -450,10 +479,10 @@ class E2eeSanityTests : InstrumentedTest {
 
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val timelineEvent = newBobSession.getRoom(e2eRoomID)?.getTimelineEvent(secondEventId)
-                    timelineEvent != null &&
-                            timelineEvent.isEncrypted() &&
-                            timelineEvent.root.getClearType() == EventType.MESSAGE
+                    val timeLineEvent = newBobSession.getRoom(e2eRoomID)?.getTimelineEvent(secondEventId)
+                    timeLineEvent != null &&
+                            timeLineEvent.isEncrypted() &&
+                            timeLineEvent.root.getClearType() == EventType.MESSAGE
                 }
             }
         }
@@ -498,25 +527,29 @@ class E2eeSanityTests : InstrumentedTest {
         // now let new session request
         newBobSession.cryptoService().requestRoomKeyForEvent(firstEventNewBobPov.root)
 
-        // wait a bit
-        testHelper.runBlockingTest {
-            delay(10_000)
-        }
+        // We need to wait for the key request to be sent out and then a reply to be received
 
         // old session should have shared the key at earliest known index now
         // we should be able to decrypt both
-        testHelper.runBlockingTest {
-            try {
-                newBobSession.cryptoService().decryptEvent(firstEventNewBobPov.root, "")
-            } catch (error: MXCryptoError) {
-                fail("Should be able to decrypt first event now $error")
-            }
-        }
-        testHelper.runBlockingTest {
-            try {
-                newBobSession.cryptoService().decryptEvent(secondEventNewBobPov.root, "")
-            } catch (error: MXCryptoError) {
-                fail("Should be able to decrypt event $error")
+        testHelper.waitWithLatch {
+            testHelper.retryPeriodicallyWithLatch(it) {
+                val canDecryptFirst = try {
+                    testHelper.runBlockingTest {
+                        newBobSession.cryptoService().decryptEvent(firstEventNewBobPov.root, "")
+                    }
+                    true
+                } catch (error: MXCryptoError) {
+                    false
+                }
+                val canDecryptSecond = try {
+                    testHelper.runBlockingTest {
+                        newBobSession.cryptoService().decryptEvent(secondEventNewBobPov.root, "")
+                    }
+                    true
+                } catch (error: MXCryptoError) {
+                    false
+                }
+                canDecryptFirst && canDecryptSecond
             }
         }
 
@@ -527,7 +560,7 @@ class E2eeSanityTests : InstrumentedTest {
     private fun sendMessageInRoom(aliceRoomPOV: Room, text: String): String? {
         aliceRoomPOV.sendTextMessage(text)
         var sentEventId: String? = null
-        testHelper.waitWithLatch(4 * TestConstants.timeOutMillis) { latch ->
+        testHelper.waitWithLatch(4 * 60_000L) { latch ->
             val timeline = aliceRoomPOV.createTimeline(null, TimelineSettings(60))
             timeline.start()
 
@@ -549,6 +582,147 @@ class E2eeSanityTests : InstrumentedTest {
         return sentEventId
     }
 
+    /**
+     * Test that if a better key is forwared (lower index, it is then used)
+     */
+    @Test
+    fun testSelfInteractiveVerificationAndGossip() {
+        val aliceSession = testHelper.createAccount("alice", SessionTestParams(true))
+        cryptoTestHelper.bootstrapSecurity(aliceSession)
+
+        // now let's create a new login from alice
+
+        val aliceNewSession = testHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
+
+        val oldCompleteLatch = CountDownLatch(1)
+        lateinit var oldCode: String
+        aliceSession.cryptoService().verificationService().addListener(object : VerificationService.Listener {
+
+            override fun verificationRequestUpdated(pr: PendingVerificationRequest) {
+                val readyInfo = pr.readyInfo
+                if (readyInfo != null) {
+                    aliceSession.cryptoService().verificationService().beginKeyVerification(
+                            VerificationMethod.SAS,
+                            aliceSession.myUserId,
+                            readyInfo.fromDevice,
+                            readyInfo.transactionId
+
+                    )
+                }
+            }
+
+            override fun transactionUpdated(tx: VerificationTransaction) {
+                Log.d("##TEST", "exitsingPov: $tx")
+                val sasTx = tx as OutgoingSasVerificationTransaction
+                when (sasTx.uxState) {
+                    OutgoingSasVerificationTransaction.UxState.SHOW_SAS               -> {
+                        // for the test we just accept?
+                        oldCode = sasTx.getDecimalCodeRepresentation()
+                        sasTx.userHasVerifiedShortCode()
+                    }
+                    OutgoingSasVerificationTransaction.UxState.VERIFIED               -> {
+                        // we can release this latch?
+                        oldCompleteLatch.countDown()
+                    }
+                    else     -> Unit
+                }
+            }
+        })
+
+        val newCompleteLatch = CountDownLatch(1)
+        lateinit var newCode: String
+        aliceNewSession.cryptoService().verificationService().addListener(object : VerificationService.Listener {
+
+            override fun verificationRequestCreated(pr: PendingVerificationRequest) {
+                // let's ready
+                aliceNewSession.cryptoService().verificationService().readyPendingVerification(
+                        listOf(VerificationMethod.SAS, VerificationMethod.QR_CODE_SCAN, VerificationMethod.QR_CODE_SHOW),
+                        aliceSession.myUserId,
+                        pr.transactionId!!
+                )
+            }
+
+            var matchOnce = true
+            override fun transactionUpdated(tx: VerificationTransaction) {
+                Log.d("##TEST", "newPov: $tx")
+
+                val sasTx = tx as IncomingSasVerificationTransaction
+                when (sasTx.uxState) {
+                    IncomingSasVerificationTransaction.UxState.SHOW_ACCEPT            -> {
+                        // no need to accept as there was a request first it will auto accept
+                    }
+                    IncomingSasVerificationTransaction.UxState.SHOW_SAS               -> {
+                        if (matchOnce) {
+                            sasTx.userHasVerifiedShortCode()
+                            newCode = sasTx.getDecimalCodeRepresentation()
+                            matchOnce = false
+                        }
+                    }
+                    IncomingSasVerificationTransaction.UxState.VERIFIED               -> {
+                        newCompleteLatch.countDown()
+                    }
+                    else     ->  Unit
+                }
+            }
+        })
+
+        // initiate self verification
+        aliceSession.cryptoService().verificationService().requestKeyVerification(
+                listOf(VerificationMethod.SAS, VerificationMethod.QR_CODE_SCAN, VerificationMethod.QR_CODE_SHOW),
+                aliceNewSession.myUserId,
+                listOf(aliceNewSession.sessionParams.deviceId!!)
+        )
+        testHelper.await(oldCompleteLatch)
+        testHelper.await(newCompleteLatch)
+        assertEquals("Decimal code should have matched", oldCode, newCode)
+
+        // Assert that devices are verified
+        val newDeviceFromOldPov: CryptoDeviceInfo? = aliceSession.cryptoService().getDeviceInfo(aliceSession.myUserId, aliceNewSession.sessionParams.deviceId)
+        val oldDeviceFromNewPov: CryptoDeviceInfo? = aliceSession.cryptoService().getDeviceInfo(aliceSession.myUserId, aliceSession.sessionParams.deviceId)
+
+        Assert.assertTrue("new device should be verified from old point of view", newDeviceFromOldPov!!.isVerified)
+        Assert.assertTrue("old device should be verified from new point of view", oldDeviceFromNewPov!!.isVerified)
+
+        // wait for secret gossiping to happen
+        testHelper.waitWithLatch { latch ->
+            testHelper.retryPeriodicallyWithLatch(latch) {
+                aliceNewSession.cryptoService().crossSigningService().allPrivateKeysKnown() &&
+                        aliceNewSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo() != null
+            }
+        }
+
+        assertEquals(
+                "MSK Private parts should be the same",
+                aliceSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.master,
+                aliceNewSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.master
+        )
+        assertEquals(
+                "USK Private parts should be the same",
+                aliceSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.user,
+                aliceNewSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.user)
+
+        assertEquals(
+                "SSK Private parts should be the same",
+                aliceSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.selfSigned,
+                aliceNewSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.selfSigned
+        )
+
+        // Let's check that we have the megolm backup key
+        assertEquals(
+                "Megolm key should be the same",
+                aliceSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo()!!.recoveryKey,
+                aliceNewSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo()!!.recoveryKey
+        )
+        assertEquals(
+                "Megolm version should be the same",
+                aliceSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo()!!.version,
+                aliceNewSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo()!!.version
+        )
+
+        testHelper.signOutAndClose(aliceSession)
+        testHelper.signOutAndClose(aliceNewSession)
+    }
+
     private fun ensureMembersHaveJoined(aliceSession: Session, otherAccounts: List<Session>, e2eRoomID: String) {
         testHelper.waitWithLatch { latch ->
             testHelper.retryPeriodicallyWithLatch(latch) {
@@ -621,10 +795,10 @@ class E2eeSanityTests : InstrumentedTest {
         testHelper.waitWithLatch { latch ->
             sentEventIds.forEach { sentEventId ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val timelineEvent = session.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId)
-                    timelineEvent != null &&
-                            timelineEvent.isEncrypted() &&
-                            timelineEvent.root.getClearType() == EventType.MESSAGE
+                    val timeLineEvent = session.getRoom(e2eRoomID)?.getTimelineEvent(sentEventId)
+                    timeLineEvent != null &&
+                            timeLineEvent.isEncrypted() &&
+                            timeLineEvent.root.getClearType() == EventType.MESSAGE
                 }
             }
         }
@@ -642,7 +816,7 @@ class E2eeSanityTests : InstrumentedTest {
                     if (expectedError == null) {
                         Assert.assertNotNull(errorType)
                     } else {
-                        assertEquals(expectedError, errorType, "Message expected to be UISI")
+                        assertEquals(expectedError, errorType, "Unexpected reason")
                     }
                 }
             }
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt
index f8ce7ae357..d4f9d01c4a 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt
@@ -50,10 +50,7 @@ class PreShareKeysTest : InstrumentedTest {
         // clear any outbound session
         aliceSession.cryptoService().discardOutboundSession(e2eRoomID)
 
-        val preShareCount = bobSession.cryptoService().getGossipingEvents().count {
-            it.senderId == aliceSession.myUserId &&
-                    it.getClearType() == EventType.ROOM_KEY
-        }
+        val preShareCount = bobSession.cryptoService().keysBackupService().getTotalNumbersOfKeys()
 
         assertEquals("Bob should not have receive any key from alice at this point", 0, preShareCount)
         Log.d("#Test", "Room Key Received from alice $preShareCount")
@@ -65,23 +62,23 @@ class PreShareKeysTest : InstrumentedTest {
 
         testHelper.waitWithLatch { latch ->
             testHelper.retryPeriodicallyWithLatch(latch) {
-                val newGossipCount = bobSession.cryptoService().getGossipingEvents().count {
-                    it.senderId == aliceSession.myUserId &&
-                            it.getClearType() == EventType.ROOM_KEY
-                }
-                newGossipCount > preShareCount
+                val newKeysCount = bobSession.cryptoService().keysBackupService().getTotalNumbersOfKeys()
+                newKeysCount > preShareCount
             }
         }
 
-        val latest = bobSession.cryptoService().getGossipingEvents().lastOrNull {
-            it.senderId == aliceSession.myUserId &&
-                    it.getClearType() == EventType.ROOM_KEY
-        }
+        val aliceCryptoStore = (aliceSession.cryptoService() as DefaultCryptoService).cryptoStoreForTesting
+        val aliceOutboundSessionInRoom = aliceCryptoStore.getCurrentOutboundGroupSessionForRoom(e2eRoomID)!!.outboundGroupSession.sessionIdentifier()
 
-        val content = latest?.getClearContent().toModel<RoomKeyContent>()
-        assertNotNull("Bob should have received and decrypted a room key event from alice", content)
-        assertEquals("Wrong room", e2eRoomID, content!!.roomId)
-        val megolmSessionId = content.sessionId!!
+        val bobCryptoStore = (bobSession.cryptoService() as DefaultCryptoService).cryptoStoreForTesting
+        val aliceDeviceBobPov = bobCryptoStore.getUserDevice(aliceSession.myUserId, aliceSession.sessionParams.deviceId!!)!!
+        val bobInboundForAlice = bobCryptoStore.getInboundGroupSession(aliceOutboundSessionInRoom, aliceDeviceBobPov.identityKey()!!)
+        assertNotNull("Bob should have received and decrypted a room key event from alice", bobInboundForAlice)
+        assertEquals("Wrong room", e2eRoomID, bobInboundForAlice!!.roomId)
+
+        val megolmSessionId = bobInboundForAlice.olmInboundGroupSession!!.sessionIdentifier()
+
+        assertEquals("Wrong session", aliceOutboundSessionInRoom, megolmSessionId)
 
         val sharedIndex = aliceSession.cryptoService().getSharedWithInfo(e2eRoomID, megolmSessionId)
                 .getObject(bobSession.myUserId, bobSession.sessionParams.deviceId)
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
index ed30691175..a05dd721a0 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
@@ -41,7 +41,6 @@ import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreation
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.SasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationMethod
@@ -187,9 +186,9 @@ class KeyShareTests : InstrumentedTest {
         Thread.sleep(6_000)
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
-                aliceSession2.cryptoService().getOutgoingRoomKeyRequests().let {
-                    it.any { it.requestBody?.sessionId == eventMegolmSessionId && it.state == OutgoingGossipingRequestState.CANCELLED }
-                }
+                // It should have been deleted from store
+                val outgoingRoomKeyRequests = aliceSession2.cryptoService().getOutgoingRoomKeyRequests()
+                outgoingRoomKeyRequests.isEmpty()
             }
         }
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
index d6d1248de7..015b0c75be 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
@@ -35,12 +35,12 @@ import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationService
 import org.matrix.android.sdk.api.session.events.model.Content
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 
 interface CryptoService {
 
@@ -94,8 +94,6 @@ interface CryptoService {
 
     fun reRequestRoomKeyForEvent(event: Event)
 
-    fun cancelRoomKeyRequest(requestBody: RoomKeyRequestBody)
-
     fun addRoomKeysRequestListener(listener: GossipingRequestListener)
 
     fun removeRoomKeysRequestListener(listener: GossipingRequestListener)
@@ -142,14 +140,14 @@ interface CryptoService {
     fun addNewSessionListener(newSessionListener: NewSessionListener)
     fun removeSessionListener(listener: NewSessionListener)
 
-    fun getOutgoingRoomKeyRequests(): List<OutgoingRoomKeyRequest>
-    fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingRoomKeyRequest>>
+    fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest>
+    fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>>
 
     fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest>
     fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>>
 
-    fun getGossipingEventsTrail(): LiveData<PagedList<Event>>
-    fun getGossipingEvents(): List<Event>
+    fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>>
+    fun getGossipingEvents(): List<AuditTrail>
 
     // For testing shared session
     fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int>
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt
index 8c1bdf6768..99c3c37773 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt
@@ -16,12 +16,17 @@
 
 package org.matrix.android.sdk.api.session.crypto.model
 
-enum class OutgoingGossipingRequestState {
+enum class OutgoingRoomKeyRequestState {
     UNSENT,
-    SENDING,
     SENT,
-    CANCELLING,
-    CANCELLED,
-    FAILED_TO_SEND,
-    FAILED_TO_CANCEL
+    CANCELLATION_PENDING,
+    CANCELLATION_PENDING_AND_WILL_RESEND;
+
+    companion object {
+        fun pendingStates() = setOf(
+                UNSENT,
+                CANCELLATION_PENDING_AND_WILL_RESEND,
+                CANCELLATION_PENDING
+        )
+    }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingRoomKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingRoomKeyRequest.kt
deleted file mode 100755
index 5f35cc908f..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingRoomKeyRequest.kt
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.api.session.crypto.model
-
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequest
-
-/**
- * Represents an outgoing room key request
- */
-@JsonClass(generateAdapter = true)
-data class OutgoingRoomKeyRequest(
-        // RequestBody
-        val requestBody: RoomKeyRequestBody?,
-        // list of recipients for the request
-        override val recipients: Map<String, List<String>>,
-        // Unique id for this request. Used for both
-        // an id within the request for later pairing with a cancellation, and for
-        // the transaction id when sending the to_device messages to our local
-        override val requestId: String, // current state of this request
-        override val state: OutgoingGossipingRequestState
-        // transaction id for the cancellation, if any
-        // override var cancellationTxnId: String? = null
-) : OutgoingGossipingRequest {
-
-    /**
-     * Used only for log.
-     *
-     * @return the room id.
-     */
-    val roomId: String?
-        get() = requestBody?.roomId
-
-    /**
-     * Used only for log.
-     *
-     * @return the session id
-     */
-    val sessionId: String?
-        get() = requestBody?.sessionId
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/events/model/content/RoomKeyWithHeldContent.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/events/model/content/RoomKeyWithHeldContent.kt
index a577daf9e4..1eac1d6b2d 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/events/model/content/RoomKeyWithHeldContent.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/events/model/content/RoomKeyWithHeldContent.kt
@@ -52,7 +52,13 @@ data class RoomKeyWithHeldContent(
         /**
          *  A human-readable reason for why the key was not sent. The receiving client should only use this string if it does not understand the code.
          */
-        @Json(name = "reason") val reason: String? = null
+        @Json(name = "reason") val reason: String? = null,
+
+        /**
+         * the device ID of the device sending the m.room_key.withheld message
+         * MSC3735
+         */
+        @Json(name = "from_device") val fromDevice: String? = null
 
 ) {
     val code: WithHeldCode?
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/securestorage/SharedSecretStorageService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/securestorage/SharedSecretStorageService.kt
index 721a2bc8af..3bb8fad810 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/securestorage/SharedSecretStorageService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/securestorage/SharedSecretStorageService.kt
@@ -131,7 +131,7 @@ interface SharedSecretStorageService {
 
     fun checkShouldBeAbleToAccessSecrets(secretNames: List<String>, keyId: String?): IntegrityResult
 
-    fun requestSecret(name: String, myOtherDeviceId: String)
+    suspend fun requestSecret(name: String, myOtherDeviceId: String)
 
     data class KeyRef(
             val keyId: String?,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/CancelGossipRequestWorker.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/CancelGossipRequestWorker.kt
deleted file mode 100644
index 4380e31bff..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/CancelGossipRequestWorker.kt
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import android.content.Context
-import androidx.work.WorkerParameters
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.auth.data.Credentials
-import org.matrix.android.sdk.api.failure.shouldBeRetried
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.toContent
-import org.matrix.android.sdk.internal.SessionManager
-import org.matrix.android.sdk.internal.crypto.model.rest.ShareRequestCancellation
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.session.SessionComponent
-import org.matrix.android.sdk.internal.worker.SessionSafeCoroutineWorker
-import org.matrix.android.sdk.internal.worker.SessionWorkerParams
-import javax.inject.Inject
-
-internal class CancelGossipRequestWorker(context: Context, params: WorkerParameters, sessionManager: SessionManager) :
-        SessionSafeCoroutineWorker<CancelGossipRequestWorker.Params>(context, params, sessionManager, Params::class.java) {
-
-    @JsonClass(generateAdapter = true)
-    internal data class Params(
-            override val sessionId: String,
-            val requestId: String,
-            val recipients: Map<String, List<String>>,
-            // The txnId for the sendToDevice request. Nullable for compatibility reasons, but MUST always be provided
-            // to use the same value if this worker is retried.
-            val txnId: String? = null,
-            override val lastFailureMessage: String? = null
-    ) : SessionWorkerParams {
-        companion object {
-            fun fromRequest(sessionId: String, request: OutgoingGossipingRequest): Params {
-                return Params(
-                        sessionId = sessionId,
-                        requestId = request.requestId,
-                        recipients = request.recipients,
-                        txnId = createUniqueTxnId(),
-                        lastFailureMessage = null
-                )
-            }
-        }
-    }
-
-    @Inject lateinit var sendToDeviceTask: SendToDeviceTask
-    @Inject lateinit var cryptoStore: IMXCryptoStore
-    @Inject lateinit var credentials: Credentials
-
-    override fun injectWith(injector: SessionComponent) {
-        injector.inject(this)
-    }
-
-    override suspend fun doSafeWork(params: Params): Result {
-        // params.txnId should be provided in all cases now. But Params can be deserialized by
-        // the WorkManager from data serialized in a previous version of the application, so without the txnId field.
-        // So if not present, we create a txnId
-        val txnId = params.txnId ?: createUniqueTxnId()
-        val contentMap = MXUsersDevicesMap<Any>()
-        val toDeviceContent = ShareRequestCancellation(
-                requestingDeviceId = credentials.deviceId,
-                requestId = params.requestId
-        )
-        cryptoStore.saveGossipingEvent(Event(
-                type = EventType.ROOM_KEY_REQUEST,
-                content = toDeviceContent.toContent(),
-                senderId = credentials.userId
-        ).also {
-            it.ageLocalTs = System.currentTimeMillis()
-        })
-
-        params.recipients.forEach { userToDeviceMap ->
-            userToDeviceMap.value.forEach { deviceId ->
-                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-            }
-        }
-
-        try {
-            cryptoStore.updateOutgoingGossipingRequestState(params.requestId, OutgoingGossipingRequestState.CANCELLING)
-            sendToDeviceTask.execute(
-                    SendToDeviceTask.Params(
-                            eventType = EventType.ROOM_KEY_REQUEST,
-                            contentMap = contentMap,
-                            transactionId = txnId
-                    )
-            )
-            cryptoStore.updateOutgoingGossipingRequestState(params.requestId, OutgoingGossipingRequestState.CANCELLED)
-            return Result.success()
-        } catch (throwable: Throwable) {
-            return if (throwable.shouldBeRetried()) {
-                Result.retry()
-            } else {
-                cryptoStore.updateOutgoingGossipingRequestState(params.requestId, OutgoingGossipingRequestState.FAILED_TO_CANCEL)
-                buildErrorResult(params, throwable.localizedMessage ?: "error")
-            }
-        }
-    }
-
-    override fun buildErrorParams(params: Params, message: String): Params {
-        return params.copy(lastFailureMessage = params.lastFailureMessage ?: message)
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 6a57d94677..ee0b208cbb 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -57,15 +57,14 @@ import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
 import org.matrix.android.sdk.api.session.events.model.Content
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.session.room.model.Membership
 import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibility
@@ -76,11 +75,11 @@ import org.matrix.android.sdk.internal.crypto.actions.MegolmSessionDataImporter
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXGroupEncryption
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXWithHeldExtension
 import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
 import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
 import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningService
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
 import org.matrix.android.sdk.internal.crypto.model.toRest
 import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
@@ -154,7 +153,8 @@ internal class DefaultCryptoService @Inject constructor(
 
         private val crossSigningService: DefaultCrossSigningService,
         //
-        private val incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        private val incomingKeyRequestManager: IncomingKeyRequestManager,
+        private val secretShareManager: SecretShareManager,
         //
         private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
         // Actions
@@ -201,7 +201,7 @@ internal class DefaultCryptoService @Inject constructor(
         }
     }
 
-    val gossipingBuffer = mutableListOf<Event>()
+//    val gossipingBuffer = mutableListOf<Event>()
 
     override fun setDeviceName(deviceId: String, deviceName: String, callback: MatrixCallback<Unit>) {
         setDeviceNameTask
@@ -377,27 +377,8 @@ internal class DefaultCryptoService @Inject constructor(
         // Open the store
         cryptoStore.open()
 
-        runCatching {
-//            if (isInitialSync) {
-//                // refresh the devices list for each known room members
-//                deviceListManager.invalidateAllDeviceLists()
-//                deviceListManager.refreshOutdatedDeviceLists()
-//            } else {
-
-            // Why would we do that? it will be called at end of syn
-            incomingGossipingRequestManager.processReceivedGossipingRequests()
-//            }
-        }.fold(
-                {
-                    isStarting.set(false)
-                    isStarted.set(true)
-                },
-                {
-                    isStarting.set(false)
-                    isStarted.set(false)
-                    Timber.tag(loggerTag.value).e(it, "Start failed")
-                }
-        )
+        isStarting.set(false)
+        isStarted.set(true)
     }
 
     /**
@@ -405,7 +386,8 @@ internal class DefaultCryptoService @Inject constructor(
      */
     fun close() = runBlocking(coroutineDispatchers.crypto) {
         cryptoCoroutineScope.coroutineContext.cancelChildren(CancellationException("Closing crypto module"))
-        incomingGossipingRequestManager.close()
+        incomingKeyRequestManager.close()
+        outgoingGossipingRequestManager.close()
         olmDevice.release()
         cryptoStore.close()
     }
@@ -470,15 +452,28 @@ internal class DefaultCryptoService @Inject constructor(
                     }
 
                     oneTimeKeysUploader.maybeUploadOneTimeKeys()
-                    incomingGossipingRequestManager.processReceivedGossipingRequests()
                 }
-            }
 
-            tryOrNull {
-                gossipingBuffer.toList().let {
-                    cryptoStore.saveGossipingEvents(it)
+                // Process pending key requests
+                try {
+                    if (toDevices.isEmpty()) {
+                        // this is not blocking
+                        outgoingGossipingRequestManager.requireProcessAllPendingKeyRequests()
+                    } else {
+                        Timber.tag(loggerTag.value)
+                                .w("Don't process key requests yet as their might be more to_device to catchup")
+                    }
+                } catch (failure: Throwable) {
+                    // just for safety but should not throw
+                    Timber.tag(loggerTag.value).w("failed to process pending request")
+                }
+
+                try {
+                    incomingKeyRequestManager.processIncomingRequests()
+                } catch (failure: Throwable) {
+                    // just for safety but should not throw
+                    Timber.tag(loggerTag.value).w("failed to process incoming room key requests")
                 }
-                gossipingBuffer.clear()
             }
         }
     }
@@ -592,7 +587,7 @@ internal class DefaultCryptoService @Inject constructor(
         // (for now at least. Maybe we should alert the user somehow?)
         val existingAlgorithm = cryptoStore.getRoomAlgorithm(roomId)
 
-        if (existingAlgorithm == algorithm && roomEncryptorsStore.get(roomId) != null) {
+        if (existingAlgorithm == algorithm) {
             // ignore
             Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Ignoring m.room.encryption for same alg ($algorithm) in  $roomId")
             return false
@@ -783,19 +778,26 @@ internal class DefaultCryptoService @Inject constructor(
         cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
             when (event.getClearType()) {
                 EventType.ROOM_KEY, EventType.FORWARDED_ROOM_KEY -> {
-                    gossipingBuffer.add(event)
+//                    gossipingBuffer.add(event)
                     // Keys are imported directly, not waiting for end of sync
                     onRoomKeyEvent(event)
                 }
-                EventType.REQUEST_SECRET,
+                EventType.REQUEST_SECRET                         -> {
+                    secretShareManager.handleSecretRequest(event)
+//                    incomingGossipingRequestManager.onGossipingRequestEvent(event)
+                }
                 EventType.ROOM_KEY_REQUEST                       -> {
+                    Timber.w("VALR: key request ${event.getClearContent()}")
                     // save audit trail
-                    gossipingBuffer.add(event)
+//                    gossipingBuffer.add(event)
                     // Requests are stacked, and will be handled one by one at the end of the sync (onSyncComplete)
-                    incomingGossipingRequestManager.onGossipingRequestEvent(event)
+                    Timber.w("VALR: sender Id is ${event.senderId} full ev $event")
+                    event.getClearContent().toModel<RoomKeyShareRequest>()?.let { req ->
+                        event.senderId?.let { incomingKeyRequestManager.addNewIncomingRequest(it, req) }
+                    }
                 }
                 EventType.SEND_SECRET                            -> {
-                    gossipingBuffer.add(event)
+//                    gossipingBuffer.add(event)
                     onSecretSendReceived(event)
                 }
                 EventType.ROOM_KEY_WITHHELD                      -> {
@@ -833,50 +835,46 @@ internal class DefaultCryptoService @Inject constructor(
         val withHeldContent = event.getClearContent().toModel<RoomKeyWithHeldContent>() ?: return Unit.also {
             Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
         }
-        Timber.tag(loggerTag.value).i("onKeyWithHeldReceived() received from:${event.senderId}, content <$withHeldContent>")
-        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(withHeldContent.roomId, withHeldContent.algorithm)
-        if (alg is IMXWithHeldExtension) {
-            alg.onRoomKeyWithHeldEvent(withHeldContent)
-        } else {
-            Timber.tag(loggerTag.value).e("onKeyWithHeldReceived() from:${event.senderId}: Unable to handle WithHeldContent for ${withHeldContent.algorithm}")
-            return
+        val senderId = event.senderId ?: return Unit.also {
+            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
         }
+        withHeldContent.sessionId ?: return
+        withHeldContent.algorithm ?: return
+        withHeldContent.roomId ?: return
+        withHeldContent.senderKey ?: return
+        outgoingGossipingRequestManager.onRoomKeyWithHeld(
+                sessionId = withHeldContent.sessionId,
+                algorithm = withHeldContent.algorithm,
+                roomId = withHeldContent.roomId,
+                senderKey = withHeldContent.senderKey,
+                fromDevice = withHeldContent.fromDevice,
+                event = Event(
+                        type = EventType.ROOM_KEY_WITHHELD,
+                        senderId = senderId,
+                        content = event.getClearContent()
+                )
+        )
+//        Timber.tag(loggerTag.value).i("onKeyWithHeldReceived() received from:${event.senderId}, content <$withHeldContent>")
+//        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(withHeldContent.roomId, withHeldContent.algorithm)
+//        if (alg is IMXWithHeldExtension) {
+//            alg.onRoomKeyWithHeldEvent(senderId, withHeldContent)
+//        } else {
+//            Timber.tag(loggerTag.value).e("onKeyWithHeldReceived() from:${event.senderId}: Unable to handle WithHeldContent for ${withHeldContent.algorithm}")
+//            return
+//        }
     }
 
-    private fun onSecretSendReceived(event: Event) {
-        Timber.tag(loggerTag.value).i("GOSSIP onSecretSend() from ${event.senderId} : onSecretSendReceived ${event.content?.get("sender_key")}")
-        if (!event.isEncrypted()) {
-            // secret send messages must be encrypted
-            Timber.tag(loggerTag.value).e("GOSSIP onSecretSend() :Received unencrypted secret send event")
-            return
-        }
-
-        // Was that sent by us?
-        if (event.senderId != userId) {
-            Timber.tag(loggerTag.value).e("GOSSIP onSecretSend() : Ignore secret from other user ${event.senderId}")
-            return
-        }
-
-        val secretContent = event.getClearContent().toModel<SecretSendEventContent>() ?: return
-
-        val existingRequest = cryptoStore
-                .getOutgoingSecretKeyRequests().firstOrNull { it.requestId == secretContent.requestId }
-
-        if (existingRequest == null) {
-            Timber.tag(loggerTag.value).i("GOSSIP onSecretSend() : Ignore secret that was not requested: ${secretContent.requestId}")
-            return
-        }
-
-        if (!handleSDKLevelGossip(existingRequest.secretName, secretContent.secretValue)) {
-            // TODO Ask to application layer?
-            Timber.tag(loggerTag.value).v("onSecretSend() : secret not handled by SDK")
+    private suspend fun onSecretSendReceived(event: Event) {
+        secretShareManager.onSecretSendReceived(event) { secretName, secretValue ->
+            handleSDKLevelGossip(secretName, secretValue)
         }
     }
 
     /**
      * Returns true if handled by SDK, otherwise should be sent to application layer
      */
-    private fun handleSDKLevelGossip(secretName: String?, secretValue: String): Boolean {
+    private fun handleSDKLevelGossip(secretName: String?,
+                                     secretValue: String): Boolean {
         return when (secretName) {
             MASTER_KEY_SSSS_NAME       -> {
                 crossSigningService.onSecretMSKGossip(secretValue)
@@ -1154,26 +1152,32 @@ internal class DefaultCryptoService @Inject constructor(
         setRoomBlacklistUnverifiedDevices(roomId, false)
     }
 
-// TODO Check if this method is still necessary
-    /**
-     * Cancel any earlier room key request
-     *
-     * @param requestBody requestBody
-     */
-    override fun cancelRoomKeyRequest(requestBody: RoomKeyRequestBody) {
-        outgoingGossipingRequestManager.cancelRoomKeyRequest(requestBody)
-    }
-
     /**
      * Re request the encryption keys required to decrypt an event.
      *
      * @param event the event to decrypt again.
      */
     override fun reRequestRoomKeyForEvent(event: Event) {
+        val sender = event.senderId ?: return
         val wireContent = event.content.toModel<EncryptedEventContent>() ?: return Unit.also {
             Timber.tag(loggerTag.value).e("reRequestRoomKeyForEvent Failed to re-request key, null content")
         }
 
+        val recipients = if (event.senderId == userId) {
+            mapOf(
+                    userId to listOf("*")
+            )
+        } else {
+            // for the case where you share the key with a device that has a broken olm session
+            // The other user might Re-shares a megolm session key with devices if the key has already been
+            // sent to them.
+            mapOf(
+                    userId to listOf("*"),
+                    // TODO we might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
+                    // so in this case query to all
+                    sender to listOf(wireContent.deviceId ?: "*")
+            )
+        }
         val requestBody = RoomKeyRequestBody(
                 algorithm = wireContent.algorithm,
                 roomId = event.roomId,
@@ -1181,7 +1185,7 @@ internal class DefaultCryptoService @Inject constructor(
                 sessionId = wireContent.sessionId
         )
 
-        outgoingGossipingRequestManager.resendRoomKeyRequest(requestBody)
+        outgoingGossipingRequestManager.postRoomKeyRequest(requestBody, recipients, true)
     }
 
     override fun requestRoomKeyForEvent(event: Event) {
@@ -1208,7 +1212,8 @@ internal class DefaultCryptoService @Inject constructor(
      * @param listener listener
      */
     override fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
-        incomingGossipingRequestManager.addRoomKeysRequestListener(listener)
+        incomingKeyRequestManager.addRoomKeysRequestListener(listener)
+        // TODO same for secret manager
     }
 
     /**
@@ -1217,7 +1222,8 @@ internal class DefaultCryptoService @Inject constructor(
      * @param listener listener
      */
     override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
-        incomingGossipingRequestManager.removeRoomKeysRequestListener(listener)
+        incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
+        // TODO same for secret manager
     }
 
 //    private fun markOlmSessionForUnwedging(senderId: String, deviceInfo: CryptoDeviceInfo) {
@@ -1298,11 +1304,11 @@ internal class DefaultCryptoService @Inject constructor(
         return "DefaultCryptoService of $userId ($deviceId)"
     }
 
-    override fun getOutgoingRoomKeyRequests(): List<OutgoingRoomKeyRequest> {
+    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
         return cryptoStore.getOutgoingRoomKeyRequests()
     }
 
-    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingRoomKeyRequest>> {
+    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
         return cryptoStore.getOutgoingRoomKeyRequestsPaged()
     }
 
@@ -1314,11 +1320,11 @@ internal class DefaultCryptoService @Inject constructor(
         return cryptoStore.getIncomingRoomKeyRequests()
     }
 
-    override fun getGossipingEventsTrail(): LiveData<PagedList<Event>> {
+    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
         return cryptoStore.getGossipingEventsTrail()
     }
 
-    override fun getGossipingEvents(): List<Event> {
+    override fun getGossipingEvents(): List<AuditTrail> {
         return cryptoStore.getGossipingEvents()
     }
 
@@ -1342,8 +1348,8 @@ internal class DefaultCryptoService @Inject constructor(
                 loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
             } catch (failure: Throwable) {
                 Timber.tag(loggerTag.value).e("prepareToEncrypt() : Failed to load room members")
-                callback.onFailure(failure)
-                return@launch
+//                callback.onFailure(failure)
+//                return@launch
             }
 
             val userIds = getRoomUserIds(roomId)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/GossipingWorkManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/GossipingWorkManager.kt
deleted file mode 100644
index 0013c31eea..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/GossipingWorkManager.kt
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import androidx.work.BackoffPolicy
-import androidx.work.Data
-import androidx.work.ExistingWorkPolicy
-import androidx.work.ListenableWorker
-import androidx.work.OneTimeWorkRequest
-import org.matrix.android.sdk.api.util.Cancelable
-import org.matrix.android.sdk.internal.di.WorkManagerProvider
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.util.CancelableWork
-import org.matrix.android.sdk.internal.worker.startChain
-import java.util.concurrent.TimeUnit
-import javax.inject.Inject
-
-@SessionScope
-internal class GossipingWorkManager @Inject constructor(
-        private val workManagerProvider: WorkManagerProvider
-) {
-
-    inline fun <reified W : ListenableWorker> createWork(data: Data, startChain: Boolean): OneTimeWorkRequest {
-        return workManagerProvider.matrixOneTimeWorkRequestBuilder<W>()
-                .setConstraints(WorkManagerProvider.workConstraints)
-                .startChain(startChain)
-                .setInputData(data)
-                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
-                .build()
-    }
-
-    // Prevent sending queue to stay broken after app restart
-    // The unique queue id will stay the same as long as this object is instanciated
-    val queueSuffixApp = System.currentTimeMillis()
-
-    fun postWork(workRequest: OneTimeWorkRequest, policy: ExistingWorkPolicy = ExistingWorkPolicy.APPEND): Cancelable {
-        workManagerProvider.workManager
-                .beginUniqueWork(this::class.java.name + "_$queueSuffixApp", policy, workRequest)
-                .enqueue()
-
-        return CancelableWork(workManagerProvider.workManager, workRequest.id)
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingGossipingRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingGossipingRequestManager.kt
deleted file mode 100644
index b907b57f82..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingGossipingRequestManager.kt
+++ /dev/null
@@ -1,472 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.launch
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.auth.data.Credentials
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
-import org.matrix.android.sdk.api.crypto.MXCryptoConfig
-import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
-import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
-import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRequestCancellation
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.util.toBase64NoPadding
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXGroupEncryption
-import org.matrix.android.sdk.internal.crypto.model.rest.GossipingDefaultContent
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.di.SessionId
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.worker.WorkerParamsFactory
-import timber.log.Timber
-import java.util.concurrent.Executors
-import javax.inject.Inject
-
-@SessionScope
-internal class IncomingGossipingRequestManager @Inject constructor(
-        @SessionId private val sessionId: String,
-        private val credentials: Credentials,
-        private val cryptoStore: IMXCryptoStore,
-        private val cryptoConfig: MXCryptoConfig,
-        private val gossipingWorkManager: GossipingWorkManager,
-        private val roomEncryptorsStore: RoomEncryptorsStore,
-        private val roomDecryptorProvider: RoomDecryptorProvider,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val cryptoCoroutineScope: CoroutineScope) {
-
-    private val executor = Executors.newSingleThreadExecutor()
-
-    // list of IncomingRoomKeyRequests/IncomingRoomKeyRequestCancellations
-    // we received in the current sync.
-    private val receivedGossipingRequests = ArrayList<IncomingShareRequestCommon>()
-    private val receivedRequestCancellations = ArrayList<IncomingRequestCancellation>()
-
-    // the listeners
-    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
-
-    init {
-        receivedGossipingRequests.addAll(cryptoStore.getPendingIncomingGossipingRequests())
-    }
-
-    fun close() {
-        executor.shutdownNow()
-    }
-
-    // Recently verified devices (map of deviceId and timestamp)
-    private val recentlyVerifiedDevices = HashMap<String, Long>()
-
-    /**
-     * Called when a session has been verified.
-     * This information can be used by the manager to decide whether or not to fullfil gossiping requests
-     */
-    fun onVerificationCompleteForDevice(deviceId: String) {
-        // For now we just keep an in memory cache
-        synchronized(recentlyVerifiedDevices) {
-            recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
-        }
-    }
-
-    private fun hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId: String): Boolean {
-        val verifTimestamp: Long?
-        synchronized(recentlyVerifiedDevices) {
-            verifTimestamp = recentlyVerifiedDevices[deviceId]
-        }
-        if (verifTimestamp == null) return false
-
-        val age = System.currentTimeMillis() - verifTimestamp
-
-        return age < FIVE_MINUTES_IN_MILLIS
-    }
-
-    /**
-     * Called when we get an m.room_key_request event
-     * It must be called on CryptoThread
-     *
-     * @param event the announcement event.
-     */
-    fun onGossipingRequestEvent(event: Event) {
-        val roomKeyShare = event.getClearContent().toModel<GossipingDefaultContent>()
-        Timber.i("## CRYPTO | GOSSIP onGossipingRequestEvent received type ${event.type} from user:${event.senderId}, content:$roomKeyShare")
-        // val ageLocalTs = event.unsignedData?.age?.let { System.currentTimeMillis() - it }
-        when (roomKeyShare?.action) {
-            GossipingToDeviceObject.ACTION_SHARE_REQUEST      -> {
-                if (event.getClearType() == EventType.REQUEST_SECRET) {
-                    IncomingSecretShareRequest.fromEvent(event)?.let {
-                        if (event.senderId == credentials.userId && it.deviceId == credentials.deviceId) {
-                            // ignore, it was sent by me as *
-                            Timber.v("## GOSSIP onGossipingRequestEvent type ${event.type} ignore remote echo")
-                        } else {
-//                            // save in DB
-//                            cryptoStore.storeIncomingGossipingRequest(it, ageLocalTs)
-                            receivedGossipingRequests.add(it)
-                        }
-                    }
-                } else if (event.getClearType() == EventType.ROOM_KEY_REQUEST) {
-                    IncomingRoomKeyRequest.fromEvent(event)?.let {
-                        if (event.senderId == credentials.userId && it.deviceId == credentials.deviceId) {
-                            // ignore, it was sent by me as *
-                            Timber.v("## GOSSIP onGossipingRequestEvent type ${event.type} ignore remote echo")
-                        } else {
-//                            cryptoStore.storeIncomingGossipingRequest(it, ageLocalTs)
-                            receivedGossipingRequests.add(it)
-                        }
-                    }
-                }
-            }
-            GossipingToDeviceObject.ACTION_SHARE_CANCELLATION -> {
-                IncomingRequestCancellation.fromEvent(event)?.let {
-                    receivedRequestCancellations.add(it)
-                }
-            }
-            else                                              -> {
-                Timber.e("## GOSSIP onGossipingRequestEvent() : unsupported action ${roomKeyShare?.action}")
-            }
-        }
-    }
-
-    /**
-     * Process any m.room_key_request or m.secret.request events which were queued up during the
-     * current sync.
-     * It must be called on CryptoThread
-     */
-    fun processReceivedGossipingRequests() {
-        val roomKeyRequestsToProcess = receivedGossipingRequests.toList()
-        receivedGossipingRequests.clear()
-
-        Timber.v("## CRYPTO | GOSSIP processReceivedGossipingRequests() : ${roomKeyRequestsToProcess.size} request to process")
-
-        var receivedRequestCancellations: List<IncomingRequestCancellation>? = null
-
-        synchronized(this.receivedRequestCancellations) {
-            if (this.receivedRequestCancellations.isNotEmpty()) {
-                receivedRequestCancellations = this.receivedRequestCancellations.toList()
-                this.receivedRequestCancellations.clear()
-            }
-        }
-
-        executor.execute {
-            cryptoStore.storeIncomingGossipingRequests(roomKeyRequestsToProcess)
-            for (request in roomKeyRequestsToProcess) {
-                if (request is IncomingRoomKeyRequest) {
-                    processIncomingRoomKeyRequest(request)
-                } else if (request is IncomingSecretShareRequest) {
-                    processIncomingSecretShareRequest(request)
-                }
-            }
-
-            receivedRequestCancellations?.forEach { request ->
-                Timber.v("## CRYPTO | GOSSIP processReceivedGossipingRequests() : m.room_key_request cancellation $request")
-                // we should probably only notify the app of cancellations we told it
-                // about, but we don't currently have a record of that, so we just pass
-                // everything through.
-                if (request.userId == credentials.userId && request.deviceId == credentials.deviceId) {
-                    // ignore remote echo
-                    return@forEach
-                }
-                val matchingIncoming = cryptoStore.getIncomingRoomKeyRequest(request.userId ?: "", request.deviceId ?: "", request.requestId ?: "")
-                if (matchingIncoming == null) {
-                    // ignore that?
-                    return@forEach
-                } else {
-                    // If it was accepted from this device, keep the information, do not mark as cancelled
-                    if (matchingIncoming.state != GossipingRequestState.ACCEPTED) {
-                        onRoomKeyRequestCancellation(request)
-                        cryptoStore.updateGossipingRequestState(request, GossipingRequestState.CANCELLED_BY_REQUESTER)
-                    }
-                }
-            }
-        }
-    }
-
-    private fun processIncomingRoomKeyRequest(request: IncomingRoomKeyRequest) {
-        val userId = request.userId ?: return
-        val deviceId = request.deviceId ?: return
-        val body = request.requestBody ?: return
-        val roomId = body.roomId ?: return
-        val alg = body.algorithm ?: return
-
-        Timber.v("## CRYPTO | GOSSIP processIncomingRoomKeyRequest from $userId:$deviceId for $roomId / ${body.sessionId} id ${request.requestId}")
-        if (credentials.userId != userId) {
-            handleKeyRequestFromOtherUser(body, request, alg, roomId, userId, deviceId)
-            return
-        }
-        // TODO: should we queue up requests we don't yet have keys for, in case they turn up later?
-        // if we don't have a decryptor for this room/alg, we don't have
-        // the keys for the requested events, and can drop the requests.
-        val decryptor = roomDecryptorProvider.getRoomDecryptor(roomId, alg)
-        if (null == decryptor) {
-            Timber.w("## CRYPTO | GOSSIP processReceivedGossipingRequests() : room key request for unknown $alg in room $roomId")
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            return
-        }
-        if (!decryptor.hasKeysForKeyRequest(request)) {
-            Timber.w("## CRYPTO | GOSSIP processReceivedGossipingRequests() : room key request for unknown session ${body.sessionId!!}")
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            return
-        }
-
-        if (credentials.deviceId == deviceId && credentials.userId == userId) {
-            Timber.v("## CRYPTO | GOSSIP processReceivedGossipingRequests() : oneself device - ignored")
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            return
-        }
-        request.share = Runnable {
-            decryptor.shareKeysWithDevice(request)
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.ACCEPTED)
-        }
-        request.ignore = Runnable {
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-        }
-        // if the device is verified already, share the keys
-        val device = cryptoStore.getUserDevice(userId, deviceId)
-        if (device != null) {
-            if (device.isVerified) {
-                Timber.v("## CRYPTO | GOSSIP processReceivedGossipingRequests() : device is already verified: sharing keys")
-                request.share?.run()
-                return
-            }
-
-            if (device.isBlocked) {
-                Timber.v("## CRYPTO | GOSSIP processReceivedGossipingRequests() : device is blocked -> ignored")
-                cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-                return
-            }
-        }
-
-        // As per config we automatically discard untrusted devices request
-        if (cryptoConfig.discardRoomKeyRequestsFromUntrustedDevices) {
-            Timber.v("## CRYPTO | processReceivedGossipingRequests() : discardRoomKeyRequestsFromUntrustedDevices")
-            // At this point the device is unknown, we don't want to bother user with that
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            return
-        }
-
-        // Pass to application layer to decide what to do
-        onRoomKeyRequest(request)
-    }
-
-    private fun handleKeyRequestFromOtherUser(body: RoomKeyRequestBody,
-                                              request: IncomingRoomKeyRequest,
-                                              alg: String,
-                                              roomId: String,
-                                              userId: String,
-                                              deviceId: String) {
-        Timber.w("## CRYPTO | GOSSIP processReceivedGossipingRequests() : room key request from other user")
-        val senderKey = body.senderKey ?: return Unit
-                .also { Timber.w("missing senderKey") }
-                .also { cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED) }
-        val sessionId = body.sessionId ?: return Unit
-                .also { Timber.w("missing sessionId") }
-                .also { cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED) }
-
-        if (alg != MXCRYPTO_ALGORITHM_MEGOLM) {
-            return Unit
-                    .also { Timber.w("Only megolm is accepted here") }
-                    .also { cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED) }
-        }
-
-        val roomEncryptor = roomEncryptorsStore.get(roomId) ?: return Unit
-                .also { Timber.w("no room Encryptor") }
-                .also { cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED) }
-
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            if (roomEncryptor is IMXGroupEncryption) {
-                val isSuccess = roomEncryptor.reshareKey(sessionId, userId, deviceId, senderKey)
-
-                if (isSuccess) {
-                    cryptoStore.updateGossipingRequestState(request, GossipingRequestState.ACCEPTED)
-                } else {
-                    cryptoStore.updateGossipingRequestState(request, GossipingRequestState.UNABLE_TO_PROCESS)
-                }
-            } else {
-                Timber.e("## CRYPTO | handleKeyRequestFromOtherUser() from:$userId: Unable to handle IMXGroupEncryption.reshareKey for $alg")
-            }
-        }
-        cryptoStore.updateGossipingRequestState(request, GossipingRequestState.RE_REQUESTED)
-    }
-
-    private fun processIncomingSecretShareRequest(request: IncomingSecretShareRequest) {
-        val secretName = request.secretName ?: return Unit.also {
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            Timber.v("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Missing secret name")
-        }
-
-        val userId = request.userId
-        if (userId == null || credentials.userId != userId) {
-            Timber.e("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Ignoring secret share request from other users")
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            return
-        }
-
-        val deviceId = request.deviceId
-                ?: return Unit.also {
-                    Timber.e("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Malformed request, no ")
-                    cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-                }
-
-        val device = cryptoStore.getUserDevice(userId, deviceId)
-                ?: return Unit.also {
-                    Timber.e("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Received secret share request from unknown device ${request.deviceId}")
-                    cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-                }
-
-        if (!device.isVerified || device.isBlocked) {
-            Timber.v("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Ignoring secret share request from untrusted/blocked session $device")
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            return
-        }
-
-        val isDeviceLocallyVerified = cryptoStore.getUserDevice(userId, deviceId)?.trustLevel?.isLocallyVerified()
-
-        when (secretName) {
-            MASTER_KEY_SSSS_NAME       -> cryptoStore.getCrossSigningPrivateKeys()?.master
-            SELF_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.selfSigned
-            USER_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.user
-            KEYBACKUP_SECRET_SSSS_NAME -> cryptoStore.getKeyBackupRecoveryKeyInfo()?.recoveryKey
-                    ?.let {
-                        extractCurveKeyFromRecoveryKey(it)?.toBase64NoPadding()
-                    }
-            else                       -> null
-        }?.let { secretValue ->
-            Timber.i("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Sharing secret $secretName with $device locally trusted")
-            if (isDeviceLocallyVerified == true && hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId)) {
-                val params = SendGossipWorker.Params(
-                        sessionId = sessionId,
-                        secretValue = secretValue,
-                        requestUserId = request.userId,
-                        requestDeviceId = request.deviceId,
-                        requestId = request.requestId,
-                        txnId = createUniqueTxnId()
-                )
-
-                cryptoStore.updateGossipingRequestState(request, GossipingRequestState.ACCEPTING)
-                val workRequest = gossipingWorkManager.createWork<SendGossipWorker>(WorkerParamsFactory.toData(params), true)
-                gossipingWorkManager.postWork(workRequest)
-            } else {
-                Timber.v("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : Can't share secret $secretName with $device, verification too old")
-                cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-            }
-            return
-        }
-
-        Timber.v("## CRYPTO | GOSSIP processIncomingSecretShareRequest() : $secretName unknown at SDK level, asking to app layer")
-
-        request.ignore = Runnable {
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.REJECTED)
-        }
-
-        request.share = { secretValue ->
-            val params = SendGossipWorker.Params(
-                    sessionId = userId,
-                    secretValue = secretValue,
-                    requestUserId = request.userId,
-                    requestDeviceId = request.deviceId,
-                    requestId = request.requestId,
-                    txnId = createUniqueTxnId()
-            )
-
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.ACCEPTING)
-            val workRequest = gossipingWorkManager.createWork<SendGossipWorker>(WorkerParamsFactory.toData(params), true)
-            gossipingWorkManager.postWork(workRequest)
-            cryptoStore.updateGossipingRequestState(request, GossipingRequestState.ACCEPTED)
-        }
-
-        onShareRequest(request)
-    }
-
-    /**
-     * Dispatch onRoomKeyRequest
-     *
-     * @param request the request
-     */
-    private fun onRoomKeyRequest(request: IncomingRoomKeyRequest) {
-        synchronized(gossipingRequestListeners) {
-            for (listener in gossipingRequestListeners) {
-                try {
-                    listener.onRoomKeyRequest(request)
-                } catch (e: Exception) {
-                    Timber.e(e, "## CRYPTO | onRoomKeyRequest() failed")
-                }
-            }
-        }
-    }
-
-    /**
-     * Ask for a value to the listeners, and take the first one
-     */
-    private fun onShareRequest(request: IncomingSecretShareRequest) {
-        synchronized(gossipingRequestListeners) {
-            for (listener in gossipingRequestListeners) {
-                try {
-                    if (listener.onSecretShareRequest(request)) {
-                        return
-                    }
-                } catch (e: Exception) {
-                    Timber.e(e, "## CRYPTO | GOSSIP onRoomKeyRequest() failed")
-                }
-            }
-        }
-        // Not handled, ignore
-        request.ignore?.run()
-    }
-
-    /**
-     * A room key request cancellation has been received.
-     *
-     * @param request the cancellation request
-     */
-    private fun onRoomKeyRequestCancellation(request: IncomingRequestCancellation) {
-        synchronized(gossipingRequestListeners) {
-            for (listener in gossipingRequestListeners) {
-                try {
-                    listener.onRoomKeyRequestCancellation(request)
-                } catch (e: Exception) {
-                    Timber.e(e, "## CRYPTO | GOSSIP onRoomKeyRequestCancellation() failed")
-                }
-            }
-        }
-    }
-
-    fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
-        synchronized(gossipingRequestListeners) {
-            gossipingRequestListeners.add(listener)
-        }
-    }
-
-    fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
-        synchronized(gossipingRequestListeners) {
-            gossipingRequestListeners.remove(listener)
-        }
-    }
-
-    companion object {
-        private const val FIVE_MINUTES_IN_MILLIS = 5 * 60 * 1000
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
new file mode 100644
index 0000000000..7585becfa3
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
@@ -0,0 +1,364 @@
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.asCoroutineDispatcher
+import kotlinx.coroutines.cancel
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.sync.withLock
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.auth.data.Credentials
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
+import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
+import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
+import timber.log.Timber
+import java.util.concurrent.Executors
+import javax.inject.Inject
+import kotlin.system.measureTimeMillis
+
+private val loggerTag = LoggerTag("IncomingKeyRequestManager", LoggerTag.CRYPTO)
+
+@SessionScope
+internal class IncomingKeyRequestManager @Inject constructor(
+        private val credentials: Credentials,
+        private val cryptoStore: IMXCryptoStore,
+        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
+        private val olmDevice: MXOlmDevice,
+        private val messageEncrypter: MessageEncrypter,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val sendToDeviceTask: SendToDeviceTask) {
+
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
+    val sequencer = SemaphoreCoroutineSequencer()
+
+    private val incomingRequestBuffer = mutableListOf<ValidMegolmRequestBody>()
+
+    // the listeners
+    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
+
+    enum class MegolmRequestAction {
+        Request, Cancel
+    }
+
+    data class ValidMegolmRequestBody(
+            val requestingUserId: String,
+            val requestingDeviceId: String,
+            val roomId: String,
+            val senderKey: String,
+            val sessionId: String,
+            val action: MegolmRequestAction
+    ) {
+        fun shortDbgString() = "Request from $requestingUserId|$requestingDeviceId for session $sessionId in room $roomId"
+    }
+
+    private fun RoomKeyShareRequest.toValidMegolmRequest(senderId: String): ValidMegolmRequestBody? {
+        val deviceId = requestingDeviceId ?: return null
+        val body = body ?: return null
+        val roomId = body.roomId ?: return null
+        val sessionId = body.sessionId ?: return null
+        val senderKey = body.senderKey ?: return null
+        if (body.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+        val action = when (this.action) {
+            "request"              -> MegolmRequestAction.Request
+            "request_cancellation" -> MegolmRequestAction.Cancel
+            else                   -> null
+        } ?: return null
+        return ValidMegolmRequestBody(
+                requestingUserId = senderId,
+                requestingDeviceId = deviceId,
+                roomId = roomId,
+                senderKey = senderKey,
+                sessionId = sessionId,
+                action = action
+        )
+    }
+
+    fun addNewIncomingRequest(senderId: String, request: RoomKeyShareRequest) {
+        outgoingRequestScope.launch {
+            // It is important to handle requests in order
+            sequencer.post {
+                val validMegolmRequest = request.toValidMegolmRequest(senderId) ?: return@post Unit.also {
+                    Timber.tag(loggerTag.value).w("Received key request for unknown algorithm ${request.body?.algorithm}")
+                }
+
+                // is there already one like that?
+                val existing = incomingRequestBuffer.firstOrNull { it == validMegolmRequest }
+                if (existing == null) {
+                    when (validMegolmRequest.action) {
+                        MegolmRequestAction.Request -> {
+                            // just add to the buffer
+                            incomingRequestBuffer.add(validMegolmRequest)
+                        }
+                        MegolmRequestAction.Cancel  -> {
+                            // ignore, we can't cancel as it's not known (probably already processed)
+                        }
+                    }
+                } else {
+                    when (validMegolmRequest.action) {
+                        MegolmRequestAction.Request -> {
+                            // it's already in buffer, nop keep existing
+                        }
+                        MegolmRequestAction.Cancel  -> {
+                            // discard the request in buffer
+                            incomingRequestBuffer.remove(existing)
+                        }
+                    }
+                }
+            }
+        }
+    }
+
+    fun processIncomingRequests() {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                measureTimeMillis {
+                    Timber.tag(loggerTag.value).v("processIncomingKeyRequests : ${incomingRequestBuffer.size} request to process")
+                    incomingRequestBuffer.forEach {
+                        // should not happen, we only store requests
+                        if (it.action != MegolmRequestAction.Request) return@forEach
+                        try {
+                            handleIncomingRequest(it)
+                        } catch (failure: Throwable) {
+                            // ignore and continue, should not happen
+                            Timber.tag(loggerTag.value).w(failure, "processIncomingKeyRequests : failed to process request $it")
+                        }
+                    }
+                    incomingRequestBuffer.clear()
+                }.let { duration ->
+                    Timber.tag(loggerTag.value).v("Finish processing incoming key request in $duration ms")
+                }
+            }
+        }
+    }
+
+    private suspend fun handleIncomingRequest(request: ValidMegolmRequestBody) {
+        // We don't want to download keys, if we don't know the device yet we won't share any how?
+        val requestingDevice =
+                cryptoStore.getUserDevice(request.requestingUserId, request.requestingDeviceId)
+                        ?: return Unit.also {
+                            Timber.tag(loggerTag.value).d("Ignoring key request: ${request.shortDbgString()}")
+                        }
+
+        cryptoStore.saveIncomingKeyRequestAuditTrail(
+                request.roomId,
+                request.sessionId,
+                request.senderKey,
+                MXCRYPTO_ALGORITHM_MEGOLM,
+                request.requestingUserId,
+                request.requestingDeviceId
+        )
+
+        val roomAlgorithm = // withContext(coroutineDispatchers.crypto) {
+                cryptoStore.getRoomAlgorithm(request.roomId)
+//        }
+        if (roomAlgorithm != MXCRYPTO_ALGORITHM_MEGOLM) {
+            // strange we received a request for a room that is not encrypted
+            // maybe a broken state?
+            Timber.tag(loggerTag.value).w("Received a key request in a room with unsupported alg:$roomAlgorithm , req:${request.shortDbgString()}")
+            return
+        }
+
+        // Is it for one of our sessions?
+        if (request.requestingUserId == credentials.userId) {
+            Timber.tag(loggerTag.value).v("handling request from own user: megolm session ${request.sessionId}")
+
+            if (request.requestingDeviceId == credentials.deviceId) {
+                // ignore it's a remote echo
+                return
+            }
+            // If it's verified we share from the early index we know
+            // if not we check if it was originaly shared or not
+            if (requestingDevice.isVerified) {
+                // we share from the earliest known chain index
+                shareMegolmKey(request, requestingDevice, null)
+            } else {
+                shareIfItWasPreviouslyShared(request, requestingDevice)
+            }
+        } else {
+            Timber.tag(loggerTag.value).v("handling request from other user: megolm session ${request.sessionId}")
+            if (requestingDevice.isBlocked) {
+                // it's blocked, so send a withheld code
+                sendWithheldForRequest(request, WithHeldCode.BLACKLISTED)
+            } else {
+                shareIfItWasPreviouslyShared(request, requestingDevice)
+            }
+        }
+    }
+
+    private suspend fun shareIfItWasPreviouslyShared(request: ValidMegolmRequestBody, requestingDevice: CryptoDeviceInfo) {
+        // we don't reshare unless it was previously shared with
+        val wasSessionSharedWithUser = withContext(coroutineDispatchers.crypto) {
+            cryptoStore.getSharedSessionInfo(request.roomId, request.sessionId, requestingDevice)
+        }
+        if (wasSessionSharedWithUser.found && wasSessionSharedWithUser.chainIndex != null) {
+            // we share from the index it was previously shared with
+            shareMegolmKey(request, requestingDevice, wasSessionSharedWithUser.chainIndex.toLong())
+        } else {
+            sendWithheldForRequest(request, WithHeldCode.UNAUTHORISED)
+            // TODO if it's our device we could delegate to the app layer to decide?
+        }
+    }
+
+    private suspend fun sendWithheldForRequest(request: ValidMegolmRequestBody, code: WithHeldCode) {
+        val withHeldContent = RoomKeyWithHeldContent(
+                roomId = request.roomId,
+                senderKey = request.senderKey,
+                algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
+                sessionId = request.sessionId,
+                codeString = code.value,
+                fromDevice = credentials.deviceId
+        )
+
+        val params = SendToDeviceTask.Params(
+                EventType.ROOM_KEY_WITHHELD,
+                MXUsersDevicesMap<Any>().apply {
+                    setObject(request.requestingUserId, request.requestingDeviceId, withHeldContent)
+                }
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.execute(params)
+                Timber.tag(loggerTag.value)
+                        .d("Send withheld $code req: ${request.shortDbgString()}")
+            }
+
+            cryptoStore.saveWithheldAuditTrail(
+                    request.roomId,
+                    request.sessionId,
+                    request.senderKey,
+                    MXCRYPTO_ALGORITHM_MEGOLM,
+                    code,
+                    request.requestingUserId,
+                    request.requestingDeviceId
+            )
+        } catch (failure: Throwable) {
+            // Ignore it's not that important?
+            // do we want to fallback to a worker?
+            Timber.tag(loggerTag.value)
+                    .w("Failed to send withheld $code req: ${request.shortDbgString()} reason:${failure.localizedMessage}")
+        }
+    }
+
+    private suspend fun shareMegolmKey(validRequest: ValidMegolmRequestBody,
+                                       requestingDevice: CryptoDeviceInfo,
+                                       chainIndex: Long?): Boolean {
+        Timber.tag(loggerTag.value)
+                .d("try to re-share Megolm Key at index $chainIndex for ${validRequest.shortDbgString()}")
+
+        val devicesByUser = mapOf(validRequest.requestingUserId to listOf(requestingDevice))
+        val usersDeviceMap = try {
+            ensureOlmSessionsForDevicesAction.handle(devicesByUser)
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value)
+                    .w("Failed to establish olm session")
+            sendWithheldForRequest(validRequest, WithHeldCode.NO_OLM)
+            return false
+        }
+
+        val olmSessionResult = usersDeviceMap.getObject(requestingDevice.userId, requestingDevice.deviceId)
+        if (olmSessionResult?.sessionId == null) {
+            Timber.tag(loggerTag.value)
+                    .w("reshareKey: no session with this device, probably because there were no one-time keys")
+            sendWithheldForRequest(validRequest, WithHeldCode.NO_OLM)
+            return false
+        }
+        val sessionHolder = try {
+            olmDevice.getInboundGroupSession(validRequest.sessionId, validRequest.senderKey, validRequest.roomId)
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value)
+                    .e(failure, "shareKeysWithDevice: failed to get session ${validRequest.requestingUserId}")
+            // It's unavailable
+            sendWithheldForRequest(validRequest, WithHeldCode.UNAVAILABLE)
+            return false
+        }
+
+        val export = sessionHolder.mutex.withLock {
+            sessionHolder.wrapper.exportKeys(chainIndex)
+        } ?: return false.also {
+            Timber.tag(loggerTag.value)
+                    .e("shareKeysWithDevice: failed to export group session ${validRequest.sessionId}")
+        }
+
+        val payloadJson = mapOf(
+                "type" to EventType.FORWARDED_ROOM_KEY,
+                "content" to export
+        )
+
+        val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(requestingDevice))
+        val sendToDeviceMap = MXUsersDevicesMap<Any>()
+        sendToDeviceMap.setObject(requestingDevice.userId, requestingDevice.deviceId, encodedPayload)
+        Timber.tag(loggerTag.value).d("reshareKey() : try sending session ${validRequest.sessionId} to ${requestingDevice.shortDebugString()}")
+        val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
+        return try {
+            sendToDeviceTask.execute(sendToDeviceParams)
+            Timber.tag(loggerTag.value)
+                    .i("successfully re-shared session ${validRequest.sessionId} to ${requestingDevice.shortDebugString()}")
+            cryptoStore.saveForwardKeyAuditTrail(
+                    validRequest.roomId,
+                    validRequest.sessionId,
+                    validRequest.senderKey,
+                    MXCRYPTO_ALGORITHM_MEGOLM,
+                    requestingDevice.userId,
+                    requestingDevice.deviceId,
+                    chainIndex)
+            true
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value)
+                    .e(failure, "fail to re-share session ${validRequest.sessionId} to ${requestingDevice.shortDebugString()}")
+            false
+        }
+    }
+
+    fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            // TODO
+            gossipingRequestListeners.add(listener)
+        }
+    }
+
+    fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            // TODO
+            gossipingRequestListeners.remove(listener)
+        }
+    }
+
+    fun close() {
+        try {
+            outgoingRequestScope.cancel("User Terminate")
+            incomingRequestBuffer.clear()
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).w("Failed to shutDown request manager")
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
index 4947761f05..f12cefeb9a 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
@@ -42,7 +42,6 @@ import org.matrix.olm.OlmOutboundGroupSession
 import org.matrix.olm.OlmSession
 import org.matrix.olm.OlmUtility
 import timber.log.Timber
-import java.net.URLEncoder
 import javax.inject.Inject
 
 private val loggerTag = LoggerTag("MXOlmDevice", LoggerTag.CRYPTO)
@@ -329,13 +328,13 @@ internal class MXOlmDevice @Inject constructor(
                 Timber.tag(loggerTag.value).e(e, "## createInboundSession() : removeOneTimeKeys failed")
             }
 
-            Timber.tag(loggerTag.value).v("## createInboundSession() : ciphertext: $ciphertext")
-            try {
-                val sha256 = olmUtility!!.sha256(URLEncoder.encode(ciphertext, "utf-8"))
-                Timber.tag(loggerTag.value).v("## createInboundSession() :ciphertext: SHA256: $sha256")
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() :ciphertext: cannot encode ciphertext")
-            }
+//            Timber.tag(loggerTag.value).v("## createInboundSession() : ciphertext: $ciphertext.")
+//            try {
+//                val sha256 = olmUtility!!.sha256(URLEncoder.encode(ciphertext, "utf-8"))
+//                Timber.tag(loggerTag.value).v("## createInboundSession() :ciphertext: SHA256: $sha256")
+//            } catch (e: Exception) {
+//                Timber.tag(loggerTag.value).e(e, "## createInboundSession() :ciphertext: cannot encode ciphertext")
+//            }
 
             val olmMessage = OlmMessage()
             olmMessage.mCipherText = ciphertext
@@ -787,7 +786,7 @@ internal class MXOlmDevice @Inject constructor(
 
                 if (timelineSet.contains(messageIndexKey)) {
                     val reason = String.format(MXCryptoError.DUPLICATE_MESSAGE_INDEX_REASON, decryptResult.mIndex)
-                    Timber.tag(loggerTag.value).e("## decryptGroupMessage() : $reason")
+                    Timber.tag(loggerTag.value).e("## decryptGroupMessage() timelineId=$timeline: $reason")
                     throw MXCryptoError.Base(MXCryptoError.ErrorType.DUPLICATED_MESSAGE_INDEX, reason)
                 }
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
index 2438e01102..7f41b50e38 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
@@ -16,12 +16,10 @@
 
 package org.matrix.android.sdk.internal.crypto
 
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-
-internal interface OutgoingGossipingRequest {
-    val recipients: Map<String, List<String>>
-    val requestId: String
-    val state: OutgoingGossipingRequestState
+interface OutgoingGossipingRequest {
+    var recipients: Map<String, List<String>>
+    var requestId: String
+    var state: OutgoingRoomKeyRequestState
     // transaction id for the cancellation, if any
     // var cancellationTxnId: String?
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt
index e6f6ac5053..0662be1e59 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt
@@ -17,151 +17,327 @@
 package org.matrix.android.sdk.internal.crypto
 
 import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.delay
+import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.asCoroutineDispatcher
+import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
+import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.crypto.util.RequestIdHelper
+import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendToDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
 import org.matrix.android.sdk.internal.di.SessionId
 import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.worker.WorkerParamsFactory
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
 import timber.log.Timber
+import java.util.Stack
+import java.util.concurrent.Executors
 import javax.inject.Inject
+import kotlin.system.measureTimeMillis
 
+private val loggerTag = LoggerTag("OutgoingGossipingRequestManager", LoggerTag.CRYPTO)
+
+/**
+ * This class is responsible for sending key requests to other devices when a message failed to decrypt.
+ * It's lifecycle is based on the sync pulse:
+ *    - You can post queries for session, or report when you got a session
+ *    - At the end of the sync (onSyncComplete) it will then process all the posted request and send to devices
+ * If a request failed it will be retried at the end of the next sync
+ */
 @SessionScope
 internal class OutgoingGossipingRequestManager @Inject constructor(
         @SessionId private val sessionId: String,
         private val cryptoStore: IMXCryptoStore,
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val cryptoCoroutineScope: CoroutineScope,
-        private val gossipingWorkManager: GossipingWorkManager) {
+        private val sendToDeviceTask: DefaultSendToDeviceTask,
+        private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
 
-    /**
-     * Send off a room key request, if we haven't already done so.
-     *
-     *
-     * The `requestBody` is compared (with a deep-equality check) against
-     * previous queued or sent requests and if it matches, no change is made.
-     * Otherwise, a request is added to the pending list, and a job is started
-     * in the background to send it.
-     *
-     * @param requestBody requestBody
-     * @param recipients  recipients
-     */
-    fun sendRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients)?.let {
-                // Don't resend if it's already done, you need to cancel first (reRequest)
-                if (it.state == OutgoingGossipingRequestState.SENDING || it.state == OutgoingGossipingRequestState.SENT) {
-                    Timber.v("## CRYPTO - GOSSIP sendOutgoingRoomKeyRequest() : we already request for that session: $it")
-                    return@launch
-                }
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
+    private val sequencer = SemaphoreCoroutineSequencer()
 
-                sendOutgoingGossipingRequest(it)
-            }
-        }
-    }
+    // We only have one active key request per session, so we don't request if it's already requested
+    // But it could make sense to check more the backup, as it's evolving.
+    // We keep a stack as we consider that the key requested last is more likely to be on screen?
+    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<String>()
 
-    fun sendSecretShareRequest(secretName: String, recipients: Map<String, List<String>>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            // A bit dirty, but for better stability give other party some time to mark
-            // devices trusted :/
-            delay(1500)
-            cryptoStore.getOrAddOutgoingSecretShareRequest(secretName, recipients)?.let {
-                // TODO check if there is already one that is being sent?
-                if (it.state == OutgoingGossipingRequestState.SENDING
-                /**|| it.state == OutgoingGossipingRequestState.SENT*/
-                ) {
-                    Timber.v("## CRYPTO - GOSSIP sendSecretShareRequest() : we are already sending for that session: $it")
-                    return@launch
-                }
-
-                sendOutgoingGossipingRequest(it)
+    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, force: Boolean = false) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalQueueRequest(requestBody, recipients, force)
             }
         }
     }
 
     /**
-     * Cancel room key requests, if any match the given details
-     *
-     * @param requestBody requestBody
+     * Typically called when we the session as been imported or received meanwhile
      */
-    fun cancelRoomKeyRequest(requestBody: RoomKeyRequestBody) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.computation) {
-            cancelRoomKeyRequest(requestBody, false)
+    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalQueueCancelRequest(sessionId, roomId, senderKey)
+            }
+        }
+    }
+
+    fun onRoomKeyForwarded(sessionId: String,
+                           algorithm: String,
+                           roomId: String,
+                           senderKey: String,
+                           fromDevice: String?,
+                           event: Event) {
+        Timber.tag(loggerTag.value).v("Key forwarded for $sessionId from ${event.senderId}|$fromDevice")
+        outgoingRequestScope.launch {
+            sequencer.post {
+                cryptoStore.updateOutgoingRoomKeyReply(
+                        roomId,
+                        sessionId,
+                        algorithm,
+                        senderKey,
+                        fromDevice,
+                        event
+                )
+            }
+        }
+    }
+
+    fun onRoomKeyWithHeld(sessionId: String,
+                          algorithm: String,
+                          roomId: String,
+                          senderKey: String,
+                          fromDevice: String?,
+                          event: Event) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
+                cryptoStore.updateOutgoingRoomKeyReply(
+                        roomId,
+                        sessionId,
+                        algorithm,
+                        senderKey,
+                        fromDevice,
+                        event
+                )
+            }
         }
     }
 
     /**
-     * Cancel room key requests, if any match the given details, and resend
-     *
-     * @param requestBody requestBody
+     * Should be called after a sync, ideally if no catchup sync needed (as keys might arrive in those)
      */
-    fun resendRoomKeyRequest(requestBody: RoomKeyRequestBody) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.computation) {
-            cancelRoomKeyRequest(requestBody, true)
+    fun requireProcessAllPendingKeyRequests() {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalProcessPendingKeyRequests()
+            }
         }
     }
 
-    /**
-     * Cancel room key requests, if any match the given details, and resend
-     *
-     * @param requestBody requestBody
-     * @param andResend   true to resend the key request
-     */
-    private fun cancelRoomKeyRequest(requestBody: RoomKeyRequestBody, andResend: Boolean) {
-        val req = cryptoStore.getOutgoingRoomKeyRequest(requestBody) // no request was made for this key
-                ?: return Unit.also {
-                    Timber.v("## CRYPTO - GOSSIP cancelRoomKeyRequest() Unknown request $requestBody")
-                }
-
-        sendOutgoingRoomKeyRequestCancellation(req, andResend)
-    }
-
-    /**
-     * Send the outgoing key request.
-     *
-     * @param request the request
-     */
-    private fun sendOutgoingGossipingRequest(request: OutgoingGossipingRequest) {
-        Timber.v("## CRYPTO - GOSSIP sendOutgoingGossipingRequest() : Requesting keys $request")
-
-        val params = SendGossipRequestWorker.Params(
+    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String) {
+        // do we have known requests for that session??
+        Timber.tag(loggerTag.value).v("Cancel Key Request if needed for $sessionId")
+        val knownRequest = cryptoStore.getOutgoingRoomKeyRequest(
+                algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
+                roomId = roomId,
                 sessionId = sessionId,
-                keyShareRequest = request as? OutgoingRoomKeyRequest,
-                secretShareRequest = request as? OutgoingSecretRequest,
-                txnId = createUniqueTxnId()
+                senderKey = senderKey
         )
-        cryptoStore.updateOutgoingGossipingRequestState(request.requestId, OutgoingGossipingRequestState.SENDING)
-        val workRequest = gossipingWorkManager.createWork<SendGossipRequestWorker>(WorkerParamsFactory.toData(params), true)
-        gossipingWorkManager.postWork(workRequest)
+        if (knownRequest.isEmpty()) return Unit.also {
+            Timber.tag(loggerTag.value).v("Handle Cancel Key Request for $sessionId -- Was not currently requested")
+        }
+        if (knownRequest.size > 1) {
+            // It's worth logging, there should be only one
+            Timber.tag(loggerTag.value).w("Found multiple requests for same sessionId $sessionId")
+        }
+        knownRequest.forEach { request ->
+            when (request.state) {
+                OutgoingRoomKeyRequestState.UNSENT                               -> {
+                    cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                }
+                OutgoingRoomKeyRequestState.SENT                                 -> {
+                    // It was already sent, so cancel
+                    cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                }
+                OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
+                    // It is already marked to be cancelled
+                }
+                OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
+                    // we just want to cancel now
+                    cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                }
+            }
+        }
     }
 
-    /**
-     * Given a OutgoingRoomKeyRequest, cancel it and delete the request record
-     *
-     * @param request the request
-     */
-    private fun sendOutgoingRoomKeyRequestCancellation(request: OutgoingRoomKeyRequest, resend: Boolean = false) {
-        Timber.v("## CRYPTO - sendOutgoingRoomKeyRequestCancellation $request")
-        val params = CancelGossipRequestWorker.Params.fromRequest(sessionId, request)
-        cryptoStore.updateOutgoingGossipingRequestState(request.requestId, OutgoingGossipingRequestState.CANCELLING)
+    fun close() {
+        try {
+            outgoingRequestScope.cancel("User Terminate")
+            requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.clear()
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).w("Failed to shutDown request manager")
+        }
+    }
 
-        val workRequest = gossipingWorkManager.createWork<CancelGossipRequestWorker>(WorkerParamsFactory.toData(params), true)
-        gossipingWorkManager.postWork(workRequest)
+    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, force: Boolean) {
+        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId}")
+        val existing = cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients)
+        when (existing.state) {
+            OutgoingRoomKeyRequestState.UNSENT                               -> {
+                // nothing it's new or not yet handled
+            }
+            OutgoingRoomKeyRequestState.SENT                                 -> {
+                // it was already requested
+                Timber.tag(loggerTag.value).w("The session ${requestBody.sessionId} is already requested")
+                if (force) {
+                    // update to UNSENT
+                    Timber.tag(loggerTag.value).w(".. force to request  ${requestBody.sessionId}")
+                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
+                } else {
+                    requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.requestId)
+                }
+            }
+            OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
+                // request is canceled only if I got the keys so what to do here...
+                if (force) {
+                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
+                }
+            }
+            OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
+                // It's already going to resend
+            }
+        }
+    }
 
-        if (resend) {
-            val reSendParams = SendGossipRequestWorker.Params(
-                    sessionId = sessionId,
-                    keyShareRequest = request.copy(requestId = RequestIdHelper.createUniqueRequestId()),
-                    txnId = createUniqueTxnId()
-            )
-            val reSendWorkRequest = gossipingWorkManager.createWork<SendGossipRequestWorker>(WorkerParamsFactory.toData(reSendParams), true)
-            gossipingWorkManager.postWork(reSendWorkRequest)
+    private suspend fun internalProcessPendingKeyRequests() {
+        val toProcess = cryptoStore.getOutgoingRoomKeyRequests(OutgoingRoomKeyRequestState.pendingStates())
+        Timber.tag(loggerTag.value).v("Processing all pending key requests (found ${toProcess.size} pending)")
+
+        measureTimeMillis {
+            toProcess.forEach {
+                when (it.state) {
+                    OutgoingRoomKeyRequestState.UNSENT                               -> handleUnsentRequest(it)
+                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> handleRequestToCancel(it)
+                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> handleRequestToCancelWillResend(it)
+                    OutgoingRoomKeyRequestState.SENT                                 -> {
+                        // these are filtered out
+                    }
+                }
+            }
+        }.let {
+            Timber.tag(loggerTag.value).v("Finish processing pending key request in $it ms")
+        }
+
+        val maxBackupCallsBySync = 60
+        var currentCalls = 0
+        measureTimeMillis {
+            while (requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.isNotEmpty() && currentCalls < maxBackupCallsBySync) {
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let {
+                    val req = cryptoStore.getOutgoingRoomKeyRequest(it)
+                    val sessionId = req?.sessionId ?: return@let
+                    val roomId = req.roomId ?: return@let
+                    // we want to rate limit that somehow :/
+                    perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)
+                }
+                currentCalls++
+            }
+        }.let {
+            Timber.tag(loggerTag.value).v("Finish querying backup in $it ms")
+        }
+    }
+
+    private suspend fun handleUnsentRequest(request: OutgoingKeyRequest) {
+        // In order to avoid generating to_device traffic, we can first check if the key is backed up
+        Timber.tag(loggerTag.value).v("Handling unsent request for megolm session ${request.sessionId} in ${request.roomId}")
+        val sessionId = request.sessionId ?: return
+        val roomId = request.roomId ?: return
+        if (perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)) {
+            // we found the key in backup, so we can just mark as cancelled, no need to send request
+            Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
+            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+            return
+        }
+
+        // we need to send the request
+        val toDeviceContent = RoomKeyShareRequest(
+                requestingDeviceId = cryptoStore.getDeviceId(),
+                requestId = request.requestId,
+                action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
+                body = request.requestBody
+        )
+        val contentMap = MXUsersDevicesMap<Any>()
+        request.recipients.forEach { userToDeviceMap ->
+            userToDeviceMap.value.forEach { deviceId ->
+                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
+            }
+        }
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.ROOM_KEY_REQUEST,
+                contentMap = contentMap,
+                transactionId = request.requestId
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            Timber.tag(loggerTag.value).d("Key request sent for $sessionId in room $roomId to ${request.recipients}")
+            // The request was sent, so update state
+            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT)
+            // TODO update the audit trail
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).v("Failed to request $sessionId targets:${request.recipients}")
+        }
+    }
+
+    private suspend fun handleRequestToCancel(request: OutgoingKeyRequest): Boolean {
+        Timber.tag(loggerTag.value).v("handleRequestToCancel for megolm session ${request.sessionId}")
+        // we have to cancel this
+        val toDeviceContent = RoomKeyShareRequest(
+                requestingDeviceId = cryptoStore.getDeviceId(),
+                requestId = request.requestId,
+                action = GossipingToDeviceObject.ACTION_SHARE_CANCELLATION
+        )
+        val contentMap = MXUsersDevicesMap<Any>()
+        request.recipients.forEach { userToDeviceMap ->
+            userToDeviceMap.value.forEach { deviceId ->
+                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
+            }
+        }
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.ROOM_KEY_REQUEST,
+                contentMap = contentMap,
+                transactionId = request.requestId
+        )
+        return try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            // The request cancellation was sent, we can forget about it
+            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+            // TODO update the audit trail
+            true
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).v("Failed to cancel request ${request.requestId} for session $sessionId targets:${request.recipients}")
+            false
+        }
+    }
+
+    private suspend fun handleRequestToCancelWillResend(request: OutgoingKeyRequest) {
+        if (handleRequestToCancel(request)) {
+            // we have to create a new unsent one
+            val body = request.requestBody ?: return
+            // this will create a new unsent request that will be process in the following call
+            cryptoStore.getOrAddOutgoingRoomKeyRequest(body, request.recipients)
         }
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
new file mode 100644
index 0000000000..57cabc29a0
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2022 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
+
+data class RequestReply(
+        val userId: String,
+        val fromDevice: String?,
+        val result: RequestResult
+)
+
+sealed class RequestResult {
+    object Success : RequestResult()
+    data class Failure(val code: WithHeldCode) : RequestResult()
+}
+
+data class OutgoingKeyRequest(
+        var requestBody: RoomKeyRequestBody?,
+        // recipients for the request map of users to list of deviceId
+        val recipients: Map<String, List<String>>,
+        // Unique id for this request. Used for both
+        // an id within the request for later pairing with a cancellation, and for
+        // the transaction id when sending the to_device messages to our local
+        val requestId: String, // current state of this request
+        val state: OutgoingRoomKeyRequestState,
+        val results: List<RequestReply>
+) {
+    /**
+     * Used only for log.
+     *
+     * @return the room id.
+     */
+    val roomId = requestBody?.roomId
+
+    /**
+     * Used only for log.
+     *
+     * @return the session id
+     */
+    val sessionId = requestBody?.sessionId
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
index 2ba2f5c817..27ab1ca542 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
@@ -17,7 +17,7 @@
 package org.matrix.android.sdk.internal.crypto
 
 import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 
 /**
  * Represents an outgoing room key request
@@ -33,7 +33,7 @@ internal class OutgoingSecretRequest(
         // the transaction id when sending the to_device messages to our local
         override var requestId: String,
         // current state of this request
-        override var state: OutgoingGossipingRequestState) : OutgoingGossipingRequest {
+        override var state: OutgoingRoomKeyRequestState) : OutgoingGossipingRequest {
 
     // transaction id for the cancellation, if any
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
new file mode 100644
index 0000000000..65fcfd4f8d
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
@@ -0,0 +1,131 @@
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import dagger.Lazy
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
+import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeysVersionResult
+import org.matrix.android.sdk.internal.crypto.model.ImportRoomKeysResult
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.store.SavedKeyBackupKeyInfo
+import org.matrix.android.sdk.internal.util.awaitCallback
+import timber.log.Timber
+import javax.inject.Inject
+
+// I keep the same name as OutgoingGossipingRequestManager to ease filtering of logs
+private val loggerTag = LoggerTag("OutgoingGossipingRequestManager", LoggerTag.CRYPTO)
+
+/**
+ * Used to try to get the key for UISI messages before sending room key request.
+ * We are adding some rate limiting to avoid querying too much for a key not in backup.
+ * Nonetheless the backup can be updated so we might want to retry from time to time.
+ */
+internal class PerSessionBackupQueryRateLimiter @Inject constructor(
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val keysBackupService: Lazy<DefaultKeysBackupService>,
+        private val cryptoStore: IMXCryptoStore
+) {
+
+    companion object {
+        val MIN_TRY_BACKUP_PERIOD_MILLIS = 60 * 60_000 // 1 hour
+    }
+
+    data class Info(
+            val megolmSessionId: String,
+            val roomId: String
+    )
+
+    data class LastTry(
+            val backupVersion: String,
+            val timestamp: Long = System.currentTimeMillis()
+    )
+
+    /**
+     * Remember what we already tried (a key not in backup or some server issue)
+     * We might want to retry from time to time as the backup could have been updated
+     */
+    private val lastFailureMap = mutableMapOf<Info, LastTry>()
+
+    private var backupVersion: KeysVersionResult? = null
+    private var savedKeyBackupKeyInfo: SavedKeyBackupKeyInfo? = null
+    var backupWasCheckedFromServer: Boolean = false
+    var now = System.currentTimeMillis()
+
+    private fun refreshBackupInfoIfNeeded(force: Boolean = false) {
+        if (backupWasCheckedFromServer && !force) return
+        Timber.tag(loggerTag.value).v("Checking if can access a backup")
+        backupWasCheckedFromServer = true
+        val knownBackupSecret = cryptoStore.getKeyBackupRecoveryKeyInfo()
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value).v("We don't have the backup secret!")
+                }
+        this.backupVersion = keysBackupService.get().keysBackupVersion
+        this.savedKeyBackupKeyInfo = knownBackupSecret
+    }
+
+    suspend fun tryFromBackupIfPossible(sessionId: String, roomId: String): Boolean {
+        Timber.tag(loggerTag.value).v("tryFromBackupIfPossible for session:$sessionId in $roomId")
+        refreshBackupInfoIfNeeded()
+        val currentVersion = backupVersion
+        if (savedKeyBackupKeyInfo?.version == null ||
+                currentVersion == null ||
+                currentVersion.version != savedKeyBackupKeyInfo?.version) {
+            // We can't access the backup
+            Timber.tag(loggerTag.value).v("Can't get backup version info")
+            return false
+        }
+        val cacheKey = Info(sessionId, roomId)
+        val lastTry = lastFailureMap[cacheKey]
+        val shouldQuery =
+                lastTry == null ||
+                        lastTry.backupVersion != currentVersion.version ||
+                        (now - lastTry.timestamp) > MIN_TRY_BACKUP_PERIOD_MILLIS
+
+        if (!shouldQuery) return false
+
+        val successfullyImported = withContext(coroutineDispatchers.io) {
+            try {
+                awaitCallback<ImportRoomKeysResult> {
+                    keysBackupService.get().restoreKeysWithRecoveryKey(
+                            currentVersion,
+                            savedKeyBackupKeyInfo?.recoveryKey ?: "",
+                            roomId,
+                            sessionId,
+                            null,
+                            it
+                    )
+                }.successfullyNumberOfImportedKeys
+            } catch (failure: Throwable) {
+                // Fail silently
+                Timber.tag(loggerTag.value).v("getFromBackup failed ${failure.localizedMessage}")
+                0
+            }
+        }
+        if (successfullyImported == 1) {
+            Timber.tag(loggerTag.value).v("Found key in backup session:$sessionId in $roomId")
+            lastFailureMap.remove(cacheKey)
+            return true
+        } else {
+            Timber.tag(loggerTag.value).v("Failed to find key in backup session:$sessionId in $roomId")
+            lastFailureMap[cacheKey] = LastTry(currentVersion.version)
+            return false
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
index ba97d96133..169bfca4e1 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
@@ -17,11 +17,19 @@
 package org.matrix.android.sdk.internal.crypto
 
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
+import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.session.SessionScope
 import javax.inject.Inject
 
 @SessionScope
-internal class RoomEncryptorsStore @Inject constructor() {
+internal class RoomEncryptorsStore @Inject constructor(
+        private val cryptoStore: IMXCryptoStore,
+        // Repository
+        private val megolmEncryptionFactory: MXMegolmEncryptionFactory,
+        private val olmEncryptionFactory: MXOlmEncryptionFactory,
+) {
 
     // MXEncrypting instance for each room.
     private val roomEncryptors = mutableMapOf<String, IMXEncrypting>()
@@ -34,7 +42,18 @@ internal class RoomEncryptorsStore @Inject constructor() {
 
     fun get(roomId: String): IMXEncrypting? {
         return synchronized(roomEncryptors) {
-            roomEncryptors[roomId]
+            val cache = roomEncryptors[roomId]
+            if (cache != null) {
+                return@synchronized cache
+            } else {
+                val alg: IMXEncrypting? = when (cryptoStore.getRoomAlgorithm(roomId)) {
+                    MXCRYPTO_ALGORITHM_MEGOLM -> megolmEncryptionFactory.create(roomId)
+                    MXCRYPTO_ALGORITHM_OLM    -> olmEncryptionFactory.create(roomId)
+                    else                      -> null
+                }
+                alg?.let { roomEncryptors.put(roomId, it) }
+                return@synchronized alg
+            }
         }
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
new file mode 100644
index 0000000000..9adef9df9f
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
@@ -0,0 +1,274 @@
+/*
+ * Copyright (c) 2022 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.sync.Mutex
+import kotlinx.coroutines.sync.withLock
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.auth.data.Credentials
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
+import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
+import org.matrix.android.sdk.internal.crypto.crosssigning.toBase64NoPadding
+import org.matrix.android.sdk.internal.crypto.keysbackup.util.extractCurveKeyFromRecoveryKey
+import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.internal.crypto.model.event.SecretSendEventContent
+import org.matrix.android.sdk.internal.crypto.model.rest.SecretShareRequest
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
+import org.matrix.android.sdk.internal.session.SessionScope
+import timber.log.Timber
+import javax.inject.Inject
+
+private val loggerTag = LoggerTag("SecretShareManager", LoggerTag.CRYPTO)
+
+@SessionScope
+internal class SecretShareManager @Inject constructor(
+        private val credentials: Credentials,
+        private val cryptoStore: IMXCryptoStore,
+        private val cryptoCoroutineScope: CoroutineScope,
+        private val messageEncrypter: MessageEncrypter,
+        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
+        private val sendToDeviceTask: SendToDeviceTask,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers
+) {
+
+    companion object {
+        private const val SECRET_SHARE_WINDOW_DURATION = 5 * 60 * 1000 // 5 minutes
+    }
+
+    /**
+     * Secret gossiping only occurs during a limited window period after interactive verification.
+     * We keep track of recent verification in memory for that purpose (no need to persist)
+     */
+    private val recentlyVerifiedDevices = mutableMapOf<String, Long>()
+    private val verifMutex = Mutex()
+
+    /**
+     * Secrets are exchanged as part of interactive verification,
+     * so we can just store in memory.
+     */
+    private val outgoingSecretRequests = mutableListOf<SecretShareRequest>()
+
+    /**
+     * Called when a session has been verified.
+     * This information can be used by the manager to decide whether or not to fullfill gossiping requests.
+     * This should be called as fast as possible after a successful self interactive verification
+     */
+    fun onVerificationCompleteForDevice(deviceId: String) {
+        // For now we just keep an in memory cache
+        cryptoCoroutineScope.launch {
+            verifMutex.withLock {
+                recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
+            }
+        }
+    }
+
+    suspend fun handleSecretRequest(toDevice: Event) {
+        val request = toDevice.getClearContent().toModel<SecretShareRequest>()
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .w("handleSecretRequest() : malformed request")
+                }
+
+//            val (action, requestingDeviceId, requestId, secretName) = it
+        val secretName = request.secretName ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .v("handleSecretRequest() : Missing secret name")
+        }
+
+        val userId = toDevice.senderId ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .v("handleSecretRequest() : Missing secret name")
+        }
+
+        if (userId != credentials.userId) {
+            // secrets are only shared between our own devices
+            Timber.e("Ignoring secret share request from other users $userId")
+            return
+        }
+
+        val deviceId = request.requestingDeviceId
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .w("handleSecretRequest() : malformed request norequestingDeviceId ")
+                }
+
+        val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
+                ?: return Unit.also {
+                    Timber.e("Received secret share request from unknown device $deviceId")
+                }
+
+        val isRequestingDeviceTrusted = device.isVerified
+        val isRecentInteractiveVerification = hasBeenVerifiedLessThanFiveMinutesFromNow(device.deviceId)
+        if (isRequestingDeviceTrusted && isRecentInteractiveVerification) {
+            // we can share the secret
+
+            val secretValue = when (secretName) {
+                MASTER_KEY_SSSS_NAME       -> cryptoStore.getCrossSigningPrivateKeys()?.master
+                SELF_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.selfSigned
+                USER_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.user
+                KEYBACKUP_SECRET_SSSS_NAME -> cryptoStore.getKeyBackupRecoveryKeyInfo()?.recoveryKey
+                        ?.let {
+                            extractCurveKeyFromRecoveryKey(it)?.toBase64NoPadding()
+                        }
+                else                       -> null
+            }
+            if (secretValue == null) {
+                Timber.e("The secret is unknown $secretName")
+                return
+            }
+
+            val payloadJson = mapOf(
+                    "type" to EventType.SEND_SECRET,
+                    "content" to mapOf(
+                            "request_id" to request.requestId,
+                            "secret" to secretValue
+                    )
+            )
+
+            // Is it possible that we don't have an olm session?
+            val devicesByUser = mapOf(device.userId to listOf(device))
+            val usersDeviceMap = try {
+                ensureOlmSessionsForDevicesAction.handle(devicesByUser)
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value)
+                        .w("Can't share secret ${request.secretName}: Failed to establish olm session")
+                return
+            }
+
+            val olmSessionResult = usersDeviceMap.getObject(device.userId, device.deviceId)
+            if (olmSessionResult?.sessionId == null) {
+                Timber.tag(loggerTag.value)
+                        .w("secret share: no session with this device $deviceId, probably because there were no one-time keys")
+                return
+            }
+
+            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(device))
+            val sendToDeviceMap = MXUsersDevicesMap<Any>()
+            sendToDeviceMap.setObject(device.userId, device.deviceId, encodedPayload)
+            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
+            try {
+                // raise the retries for secret
+                sendToDeviceTask.executeRetry(sendToDeviceParams, 6)
+                Timber.tag(loggerTag.value)
+                        .i("successfully shared secret $secretName to ${device.shortDebugString()}")
+                // TODO add a trail for that in audit logs
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value)
+                        .e(failure, "failed to send shared secret $secretName to ${device.shortDebugString()}")
+            }
+        } else {
+            Timber.d(" Received secret share request from un-authorised device ${device.deviceId}")
+        }
+    }
+
+    private suspend fun hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId: String): Boolean {
+        val verifTimestamp = verifMutex.withLock {
+            recentlyVerifiedDevices[deviceId]
+        } ?: return false
+
+        val age = System.currentTimeMillis() - verifTimestamp
+
+        return age < SECRET_SHARE_WINDOW_DURATION
+    }
+
+    suspend fun requestSecretTo(deviceId: String, secretName: String) {
+        val cryptoDeviceInfo = cryptoStore.getUserDevice(credentials.userId, deviceId) ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .d("Can't request secret for $secretName unknown device $deviceId")
+        }
+        val toDeviceContent = SecretShareRequest(
+                requestingDeviceId = credentials.deviceId,
+                secretName = secretName,
+                requestId = createUniqueTxnId()
+        )
+
+        verifMutex.withLock {
+            outgoingSecretRequests.add(toDeviceContent)
+        }
+
+        val contentMap = MXUsersDevicesMap<Any>()
+        contentMap.setObject(cryptoDeviceInfo.userId, cryptoDeviceInfo.deviceId, toDeviceContent)
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.REQUEST_SECRET,
+                contentMap = contentMap
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            Timber.tag(loggerTag.value)
+                    .d("Secret request sent for $secretName to ${cryptoDeviceInfo.shortDebugString()}")
+            // TODO update the audit trail
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value)
+                    .w("Failed to request secret $secretName to ${cryptoDeviceInfo.shortDebugString()}")
+        }
+    }
+
+    suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
+        Timber.tag(loggerTag.value)
+                .i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
+        if (!toDevice.isEncrypted()) {
+            // secret send messages must be encrypted
+            Timber.tag(loggerTag.value).e("onSecretSend() :Received unencrypted secret send event")
+            return
+        }
+
+        // Was that sent by us?
+        if (toDevice.senderId != credentials.userId) {
+            Timber.tag(loggerTag.value).e("onSecretSend() : Ignore secret from other user ${toDevice.senderId}")
+            return
+        }
+
+        val secretContent = toDevice.getClearContent().toModel<SecretSendEventContent>() ?: return
+
+        val existingRequest = verifMutex.withLock {
+            outgoingSecretRequests.firstOrNull { it.requestId == secretContent.requestId }
+        }
+
+        // As per spec:
+        // Clients should ignore m.secret.send events received from devices that it did not send an m.secret.request event to.
+        if (existingRequest?.secretName == null) {
+            Timber.tag(loggerTag.value).i("onSecretSend() : Ignore secret that was not requested: ${secretContent.requestId}")
+            return
+        }
+        // we don't need to cancel the request as we only request to one device
+        // just forget about the request now
+        verifMutex.withLock {
+            outgoingSecretRequests.remove(existingRequest)
+        }
+
+        if (!handleGossip(existingRequest.secretName, secretContent.secretValue)) {
+            // TODO Ask to application layer?
+            Timber.tag(loggerTag.value).v("onSecretSend() : secret not handled by SDK")
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipRequestWorker.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipRequestWorker.kt
deleted file mode 100644
index 69b405aedc..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipRequestWorker.kt
+++ /dev/null
@@ -1,151 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import android.content.Context
-import androidx.work.WorkerParameters
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.auth.data.Credentials
-import org.matrix.android.sdk.api.failure.shouldBeRetried
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.toContent
-import org.matrix.android.sdk.internal.SessionManager
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.session.SessionComponent
-import org.matrix.android.sdk.internal.worker.SessionSafeCoroutineWorker
-import org.matrix.android.sdk.internal.worker.SessionWorkerParams
-import timber.log.Timber
-import javax.inject.Inject
-
-internal class SendGossipRequestWorker(context: Context, params: WorkerParameters, sessionManager: SessionManager) :
-        SessionSafeCoroutineWorker<SendGossipRequestWorker.Params>(context, params, sessionManager, Params::class.java) {
-
-    @JsonClass(generateAdapter = true)
-    internal data class Params(
-            override val sessionId: String,
-            val keyShareRequest: OutgoingRoomKeyRequest? = null,
-            val secretShareRequest: OutgoingSecretRequest? = null,
-            // The txnId for the sendToDevice request. Nullable for compatibility reasons, but MUST always be provided
-            // to use the same value if this worker is retried.
-            val txnId: String? = null,
-            override val lastFailureMessage: String? = null
-    ) : SessionWorkerParams
-
-    @Inject lateinit var sendToDeviceTask: SendToDeviceTask
-    @Inject lateinit var cryptoStore: IMXCryptoStore
-    @Inject lateinit var credentials: Credentials
-
-    override fun injectWith(injector: SessionComponent) {
-        injector.inject(this)
-    }
-
-    override suspend fun doSafeWork(params: Params): Result {
-        // params.txnId should be provided in all cases now. But Params can be deserialized by
-        // the WorkManager from data serialized in a previous version of the application, so without the txnId field.
-        // So if not present, we create a txnId
-        val txnId = params.txnId ?: createUniqueTxnId()
-        val contentMap = MXUsersDevicesMap<Any>()
-        val eventType: String
-        val requestId: String
-        when {
-            params.keyShareRequest != null    -> {
-                eventType = EventType.ROOM_KEY_REQUEST
-                requestId = params.keyShareRequest.requestId
-                val toDeviceContent = RoomKeyShareRequest(
-                        requestingDeviceId = credentials.deviceId,
-                        requestId = params.keyShareRequest.requestId,
-                        action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
-                        body = params.keyShareRequest.requestBody
-                )
-                cryptoStore.saveGossipingEvent(Event(
-                        type = eventType,
-                        content = toDeviceContent.toContent(),
-                        senderId = credentials.userId
-                ).also {
-                    it.ageLocalTs = System.currentTimeMillis()
-                })
-
-                params.keyShareRequest.recipients.forEach { userToDeviceMap ->
-                    userToDeviceMap.value.forEach { deviceId ->
-                        contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-                    }
-                }
-            }
-            params.secretShareRequest != null -> {
-                eventType = EventType.REQUEST_SECRET
-                requestId = params.secretShareRequest.requestId
-                val toDeviceContent = SecretShareRequest(
-                        requestingDeviceId = credentials.deviceId,
-                        requestId = params.secretShareRequest.requestId,
-                        action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
-                        secretName = params.secretShareRequest.secretName
-                )
-
-                cryptoStore.saveGossipingEvent(Event(
-                        type = eventType,
-                        content = toDeviceContent.toContent(),
-                        senderId = credentials.userId
-                ).also {
-                    it.ageLocalTs = System.currentTimeMillis()
-                })
-
-                params.secretShareRequest.recipients.forEach { userToDeviceMap ->
-                    userToDeviceMap.value.forEach { deviceId ->
-                        contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-                    }
-                }
-            }
-            else                              -> {
-                return buildErrorResult(params, "Unknown empty gossiping request").also {
-                    Timber.e("Unknown empty gossiping request: $params")
-                }
-            }
-        }
-        try {
-            cryptoStore.updateOutgoingGossipingRequestState(requestId, OutgoingGossipingRequestState.SENDING)
-            sendToDeviceTask.execute(
-                    SendToDeviceTask.Params(
-                            eventType = eventType,
-                            contentMap = contentMap,
-                            transactionId = txnId
-                    )
-            )
-            cryptoStore.updateOutgoingGossipingRequestState(requestId, OutgoingGossipingRequestState.SENT)
-            return Result.success()
-        } catch (throwable: Throwable) {
-            return if (throwable.shouldBeRetried()) {
-                Result.retry()
-            } else {
-                cryptoStore.updateOutgoingGossipingRequestState(requestId, OutgoingGossipingRequestState.FAILED_TO_SEND)
-                buildErrorResult(params, throwable.localizedMessage ?: "error")
-            }
-        }
-    }
-
-    override fun buildErrorParams(params: Params, message: String): Params {
-        return params.copy(lastFailureMessage = params.lastFailureMessage ?: message)
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipWorker.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipWorker.kt
deleted file mode 100644
index fd472fe73b..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SendGossipWorker.kt
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import android.content.Context
-import androidx.work.WorkerParameters
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.auth.data.Credentials
-import org.matrix.android.sdk.api.failure.shouldBeRetried
-import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
-import org.matrix.android.sdk.api.session.events.model.toContent
-import org.matrix.android.sdk.internal.SessionManager
-import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
-import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.session.SessionComponent
-import org.matrix.android.sdk.internal.worker.SessionSafeCoroutineWorker
-import org.matrix.android.sdk.internal.worker.SessionWorkerParams
-import timber.log.Timber
-import javax.inject.Inject
-
-internal class SendGossipWorker(
-        context: Context,
-        params: WorkerParameters,
-        sessionManager: SessionManager
-) : SessionSafeCoroutineWorker<SendGossipWorker.Params>(context, params, sessionManager, Params::class.java) {
-
-    @JsonClass(generateAdapter = true)
-    internal data class Params(
-            override val sessionId: String,
-            val secretValue: String,
-            val requestUserId: String?,
-            val requestDeviceId: String?,
-            val requestId: String?,
-            // The txnId for the sendToDevice request. Nullable for compatibility reasons, but MUST always be provided
-            // to use the same value if this worker is retried.
-            val txnId: String? = null,
-            override val lastFailureMessage: String? = null
-    ) : SessionWorkerParams
-
-    @Inject lateinit var sendToDeviceTask: SendToDeviceTask
-    @Inject lateinit var cryptoStore: IMXCryptoStore
-    @Inject lateinit var credentials: Credentials
-    @Inject lateinit var messageEncrypter: MessageEncrypter
-    @Inject lateinit var ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction
-
-    override fun injectWith(injector: SessionComponent) {
-        injector.inject(this)
-    }
-
-    override suspend fun doSafeWork(params: Params): Result {
-        // params.txnId should be provided in all cases now. But Params can be deserialized by
-        // the WorkManager from data serialized in a previous version of the application, so without the txnId field.
-        // So if not present, we create a txnId
-        val txnId = params.txnId ?: createUniqueTxnId()
-        val eventType: String = EventType.SEND_SECRET
-
-        val toDeviceContent = SecretSendEventContent(
-                requestId = params.requestId ?: "",
-                secretValue = params.secretValue
-        )
-
-        val requestingUserId = params.requestUserId ?: ""
-        val requestingDeviceId = params.requestDeviceId ?: ""
-        val deviceInfo = cryptoStore.getUserDevice(requestingUserId, requestingDeviceId)
-                ?: return buildErrorResult(params, "Unknown deviceInfo, cannot send message").also {
-                    cryptoStore.updateGossipingRequestState(
-                            requestUserId = params.requestUserId,
-                            requestDeviceId = params.requestDeviceId,
-                            requestId = params.requestId,
-                            state = GossipingRequestState.FAILED_TO_ACCEPTED
-                    )
-                    Timber.e("Unknown deviceInfo, cannot send message, sessionId: ${params.requestDeviceId}")
-                }
-
-        val sendToDeviceMap = MXUsersDevicesMap<Any>()
-
-        val devicesByUser = mapOf(requestingUserId to listOf(deviceInfo))
-        val usersDeviceMap = ensureOlmSessionsForDevicesAction.handle(devicesByUser)
-        val olmSessionResult = usersDeviceMap.getObject(requestingUserId, requestingDeviceId)
-        if (olmSessionResult?.sessionId == null) {
-            // no session with this device, probably because there
-            // were no one-time keys.
-            return buildErrorResult(params, "no session with this device").also {
-                cryptoStore.updateGossipingRequestState(
-                        requestUserId = params.requestUserId,
-                        requestDeviceId = params.requestDeviceId,
-                        requestId = params.requestId,
-                        state = GossipingRequestState.FAILED_TO_ACCEPTED
-                )
-                Timber.e("no session with this device $requestingDeviceId, probably because there were no one-time keys.")
-            }
-        }
-
-        val payloadJson = mapOf(
-                "type" to EventType.SEND_SECRET,
-                "content" to toDeviceContent.toContent()
-        )
-
-        try {
-            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(deviceInfo))
-            sendToDeviceMap.setObject(requestingUserId, requestingDeviceId, encodedPayload)
-        } catch (failure: Throwable) {
-            Timber.e("## Fail to encrypt gossip + ${failure.localizedMessage}")
-        }
-
-        cryptoStore.saveGossipingEvent(Event(
-                type = eventType,
-                content = toDeviceContent.toContent(),
-                senderId = credentials.userId
-        ).also {
-            it.ageLocalTs = System.currentTimeMillis()
-        })
-
-        try {
-            sendToDeviceTask.execute(
-                    SendToDeviceTask.Params(
-                            eventType = EventType.ENCRYPTED,
-                            contentMap = sendToDeviceMap,
-                            transactionId = txnId
-                    )
-            )
-            cryptoStore.updateGossipingRequestState(
-                    requestUserId = params.requestUserId,
-                    requestDeviceId = params.requestDeviceId,
-                    requestId = params.requestId,
-                    state = GossipingRequestState.ACCEPTED
-            )
-            return Result.success()
-        } catch (throwable: Throwable) {
-            return if (throwable.shouldBeRetried()) {
-                Result.retry()
-            } else {
-                cryptoStore.updateGossipingRequestState(
-                        requestUserId = params.requestUserId,
-                        requestDeviceId = params.requestDeviceId,
-                        requestId = params.requestId,
-                        state = GossipingRequestState.FAILED_TO_ACCEPTED
-                )
-                buildErrorResult(params, throwable.localizedMessage ?: "error")
-            }
-        }
-    }
-
-    override fun buildErrorParams(params: Params, message: String): Params {
-        return params.copy(lastFailureMessage = params.lastFailureMessage ?: message)
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
index f9bcdf2c68..af30072765 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
@@ -19,7 +19,7 @@ package org.matrix.android.sdk.internal.crypto.actions
 import androidx.annotation.WorkerThread
 import org.matrix.android.sdk.api.listeners.ProgressListener
 import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
 import org.matrix.android.sdk.internal.crypto.MegolmSessionData
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
@@ -29,6 +29,8 @@ import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import timber.log.Timber
 import javax.inject.Inject
 
+private val loggerTag = LoggerTag("MegolmSessionDataImporter", LoggerTag.CRYPTO)
+
 internal class MegolmSessionDataImporter @Inject constructor(private val olmDevice: MXOlmDevice,
                                                              private val roomDecryptorProvider: RoomDecryptorProvider,
                                                              private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
@@ -62,19 +64,18 @@ internal class MegolmSessionDataImporter @Inject constructor(private val olmDevi
             if (null != decrypting) {
                 try {
                     val sessionId = megolmSessionData.sessionId
-                    Timber.v("## importRoomKeys retrieve senderKey " + megolmSessionData.senderKey + " sessionId " + sessionId)
+                    Timber.tag(loggerTag.value).v("## importRoomKeys retrieve senderKey ${megolmSessionData.senderKey} sessionId $sessionId")
 
                     totalNumbersOfImportedKeys++
 
                     // cancel any outstanding room key requests for this session
-                    val roomKeyRequestBody = RoomKeyRequestBody(
-                            algorithm = megolmSessionData.algorithm,
-                            roomId = megolmSessionData.roomId,
-                            senderKey = megolmSessionData.senderKey,
-                            sessionId = megolmSessionData.sessionId
-                    )
 
-                    outgoingGossipingRequestManager.cancelRoomKeyRequest(roomKeyRequestBody)
+                    Timber.tag(loggerTag.value).d("Imported megolm session $sessionId from backup=$fromBackup in ${megolmSessionData.roomId}")
+                    outgoingGossipingRequestManager.postCancelRequestForSessionIfNeeded(
+                            megolmSessionData.sessionId ?: "",
+                            megolmSessionData.roomId ?: "",
+                            megolmSessionData.senderKey ?: ""
+                    )
 
                     // Have another go at decrypting events sent with this session
                     when (decrypting) {
@@ -83,7 +84,7 @@ internal class MegolmSessionDataImporter @Inject constructor(private val olmDevi
                         }
                     }
                 } catch (e: Exception) {
-                    Timber.e(e, "## importRoomKeys() : onNewSession failed")
+                    Timber.tag(loggerTag.value).e(e, "## importRoomKeys() : onNewSession failed")
                 }
             }
 
@@ -105,7 +106,7 @@ internal class MegolmSessionDataImporter @Inject constructor(private val olmDevi
 
         val t1 = System.currentTimeMillis()
 
-        Timber.v("## importMegolmSessionsData : sessions import " + (t1 - t0) + " ms (" + megolmSessionsData.size + " sessions)")
+        Timber.tag(loggerTag.value).v("## importMegolmSessionsData : sessions import " + (t1 - t0) + " ms (" + megolmSessionsData.size + " sessions)")
 
         return ImportRoomKeysResult(totalNumbersOfKeys, totalNumbersOfImportedKeys)
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXWithHeldExtension.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXWithHeldExtension.kt
deleted file mode 100644
index 585bcdbbde..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXWithHeldExtension.kt
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto.algorithms
-
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-
-internal interface IMXWithHeldExtension {
-    fun onRoomKeyWithHeldEvent(withHeldInfo: RoomKeyWithHeldContent)
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 4c407c9eb9..191930b4c8 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -33,7 +33,6 @@ import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.internal.crypto.DeviceListManager
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
@@ -41,7 +40,6 @@ import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
 import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXDecrypting
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXWithHeldExtension
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
@@ -61,7 +59,7 @@ internal class MXMegolmDecryption(private val userId: String,
                                   private val coroutineDispatchers: MatrixCoroutineDispatchers,
                                   private val cryptoCoroutineScope: CoroutineScope,
                                   private val liveEventManager: Lazy<StreamEventsManager>
-) : IMXDecrypting, IMXWithHeldExtension {
+) : IMXDecrypting {
 
     var newSessionListener: NewSessionListener? = null
 
@@ -192,8 +190,10 @@ internal class MXMegolmDecryption(private val userId: String,
      */
     override fun requestKeysForEvent(event: Event, withHeld: Boolean) {
         val sender = event.senderId ?: return
-        val encryptedEventContent = event.content.toModel<EncryptedEventContent>()
-        val senderDevice = encryptedEventContent?.deviceId ?: return
+        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return Unit.also {
+            Timber.tag(loggerTag.value).e("requestRoomKeyForEvent Failed to re-request key, null content")
+        }
+        val senderDevice = encryptedEventContent.deviceId
 
         val recipients = if (event.senderId == userId || withHeld) {
             mapOf(
@@ -205,7 +205,10 @@ internal class MXMegolmDecryption(private val userId: String,
             // sent to them.
             mapOf(
                     userId to listOf("*"),
-                    sender to listOf(senderDevice)
+
+                    // TODO we might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
+                    // so in this case query to all
+                    sender to listOf(senderDevice ?: "*")
             )
         }
 
@@ -216,7 +219,7 @@ internal class MXMegolmDecryption(private val userId: String,
                 sessionId = encryptedEventContent.sessionId
         )
 
-        outgoingGossipingRequestManager.sendRoomKeyRequest(requestBody, recipients)
+        outgoingGossipingRequestManager.postRoomKeyRequest(requestBody, recipients, force = withHeld)
     }
 
 //    /**
@@ -286,6 +289,16 @@ internal class MXMegolmDecryption(private val userId: String,
             }
 
             keysClaimed["ed25519"] = forwardedRoomKeyContent.senderClaimedEd25519Key
+
+            val fromDevice = event.getSenderKey()?.let { cryptoStore.deviceWithIdentityKey(it) }?.deviceId
+
+            outgoingGossipingRequestManager.onRoomKeyForwarded(
+                    sessionId = roomKeyContent.sessionId,
+                    algorithm = roomKeyContent.algorithm ?: "",
+                    roomId = roomKeyContent.roomId,
+                    senderKey = forwardedRoomKeyContent.senderKey ?: "",
+                    fromDevice = fromDevice,
+                    event = event)
         } else {
             Timber.tag(loggerTag.value).i("onRoomKeyEvent(), Adding key : ${roomKeyContent.roomId}|${roomKeyContent.sessionId}")
             if (null == senderKey) {
@@ -307,16 +320,11 @@ internal class MXMegolmDecryption(private val userId: String,
                 exportFormat)
 
         if (added) {
+            Timber.tag(loggerTag.value)
+                    .d("onRoomKeyEvent(${event.getClearType()}) : Added megolm session ${roomKeyContent.sessionId} in ${roomKeyContent.roomId}")
             defaultKeysBackupService.maybeBackupKeys()
 
-            val content = RoomKeyRequestBody(
-                    algorithm = roomKeyContent.algorithm,
-                    roomId = roomKeyContent.roomId,
-                    sessionId = roomKeyContent.sessionId,
-                    senderKey = senderKey
-            )
-
-            outgoingGossipingRequestManager.cancelRoomKeyRequest(content)
+            outgoingGossipingRequestManager.postCancelRequestForSessionIfNeeded(roomKeyContent.sessionId, roomKeyContent.roomId, senderKey)
 
             onNewSession(roomKeyContent.roomId, senderKey, roomKeyContent.sessionId)
         }
@@ -401,9 +409,4 @@ internal class MXMegolmDecryption(private val userId: String,
         }
     }
 
-    override fun onRoomKeyWithHeldEvent(withHeldInfo: RoomKeyWithHeldContent) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            cryptoStore.addWithHeldMegolmSession(withHeldInfo)
-        }
-    }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
index f052194230..4717697288 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
@@ -28,7 +28,6 @@ import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.api.session.crypto.model.forEach
 import org.matrix.android.sdk.api.session.events.model.Content
-import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
@@ -281,25 +280,14 @@ internal class MXMegolmEncryption(
         // attempted to share with) rather than the contentMap (those we did
         // share with), because we don't want to try to claim a one-time-key
         // for dead devices on every message.
-        val gossipingEventBuffer = arrayListOf<Event>()
         for ((userId, devicesToShareWith) in devicesByUser) {
             for (deviceInfo in devicesToShareWith) {
                 session.sharedWithHelper.markedSessionAsShared(deviceInfo, chainIndex)
-                gossipingEventBuffer.add(
-                        Event(
-                                type = EventType.ROOM_KEY,
-                                senderId = myUserId,
-                                content = submap.apply {
-                                    this["session_key"] = ""
-                                    // we add a fake key for trail
-                                    this["_dest"] = "$userId|${deviceInfo.deviceId}"
-                                }
-                        ))
+                // XXX is it needed to add it to the audit trail?
+                // For now decided that no, we are more interested by forward trail
             }
         }
 
-        cryptoStore.saveGossipingEvents(gossipingEventBuffer)
-
         if (haveTargets) {
             t0 = System.currentTimeMillis()
             Timber.tag(loggerTag.value).i("shareUserDevicesKey() ${session.sessionId} : has target")
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
index e63a6dc791..f8db708268 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
@@ -808,12 +808,16 @@ internal class DefaultKeysBackupService @Inject constructor(
             ))
         } else if (roomId != null) {
             // Get all keys for the room
-            val data = getRoomSessionsDataTask.execute(GetRoomSessionsDataTask.Params(roomId, version))
+            val data = withContext(coroutineDispatchers.io) {
+                getRoomSessionsDataTask.execute(GetRoomSessionsDataTask.Params(roomId, version))
+            }
             // Convert to KeysBackupData
             KeysBackupData(mutableMapOf(roomId to data))
         } else {
             // Get all keys
-            getSessionsDataTask.execute(GetSessionsDataTask.Params(version))
+            withContext(coroutineDispatchers.io) {
+                getSessionsDataTask.execute(GetSessionsDataTask.Params(version))
+            }
         }
     }
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
new file mode 100644
index 0000000000..325d930dc6
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto.model
+
+import com.squareup.moshi.JsonClass
+import org.matrix.android.sdk.internal.crypto.model.event.WithHeldCode
+
+enum class TrailType {
+    OutgoingKeyForward,
+    IncomingKeyForward,
+    OutgoingKeyWithheld,
+    IncomingKeyRequest,
+    Unknown
+}
+
+interface AuditInfo {
+    val roomId: String
+    val sessionId: String
+    val senderKey: String
+    val alg: String
+    val userId: String
+    val deviceId: String
+}
+
+@JsonClass(generateAdapter = true)
+data class ForwardInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        override val userId: String,
+        override val deviceId: String,
+        val chainIndex: Long?
+) : AuditInfo
+
+@JsonClass(generateAdapter = true)
+data class WithheldInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        val code: WithHeldCode,
+        override val userId: String,
+        override val deviceId: String
+) : AuditInfo
+
+@JsonClass(generateAdapter = true)
+data class IncomingKeyRequestInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        override val userId: String,
+        override val deviceId: String
+) : AuditInfo
+
+data class AuditTrail(
+        val ageLocalTs: Long,
+        val type: TrailType,
+        val info: AuditInfo
+)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/secrets/DefaultSharedSecretStorageService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/secrets/DefaultSharedSecretStorageService.kt
index 972c03e92a..c3ac7be7de 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/secrets/DefaultSharedSecretStorageService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/secrets/DefaultSharedSecretStorageService.kt
@@ -40,7 +40,7 @@ import org.matrix.android.sdk.api.session.securestorage.SsssKeySpec
 import org.matrix.android.sdk.api.session.securestorage.SsssPassphrase
 import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.api.util.toBase64NoPadding
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.keysbackup.generatePrivateKeyWithPassword
 import org.matrix.android.sdk.internal.crypto.tools.HkdfSha256
 import org.matrix.android.sdk.internal.crypto.tools.withOlmDecryption
@@ -57,7 +57,7 @@ import kotlin.experimental.and
 internal class DefaultSharedSecretStorageService @Inject constructor(
         @UserId private val userId: String,
         private val accountDataService: SessionAccountDataService,
-        private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        private val secretShareManager: SecretShareManager,
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
         private val cryptoCoroutineScope: CoroutineScope
 ) : SharedSecretStorageService {
@@ -378,10 +378,7 @@ internal class DefaultSharedSecretStorageService @Inject constructor(
         return IntegrityResult.Success(keyInfo.content.passphrase != null)
     }
 
-    override fun requestSecret(name: String, myOtherDeviceId: String) {
-        outgoingGossipingRequestManager.sendSecretShareRequest(
-                name,
-                mapOf(userId to listOf(myOtherDeviceId))
-        )
+    override suspend fun requestSecret(name: String, myOtherDeviceId: String) {
+        secretShareManager.requestSecretTo(myOtherDeviceId, name)
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
index 8bedb78808..b6820e591f 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
@@ -28,14 +28,16 @@ import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
 import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 import org.matrix.android.sdk.internal.crypto.OutgoingSecretRequest
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
 import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
 import org.matrix.android.sdk.internal.crypto.model.OutboundGroupSessionWrapper
@@ -377,7 +379,9 @@ internal interface IMXCryptoStore {
      * @param requestBody the request body
      * @return an OutgoingRoomKeyRequest instance or null
      */
-    fun getOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody): OutgoingRoomKeyRequest?
+    fun getOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody): OutgoingKeyRequest?
+    fun getOutgoingRoomKeyRequest(requestId: String): OutgoingKeyRequest?
+    fun getOutgoingRoomKeyRequest(roomId: String, sessionId: String, algorithm: String, senderKey: String): List<OutgoingKeyRequest>
 
     /**
      * Look for an existing outgoing room key request, and if none is found, add a new one.
@@ -385,14 +389,53 @@ internal interface IMXCryptoStore {
      * @param request the request
      * @return either the same instance as passed in, or the existing one.
      */
-    fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>): OutgoingRoomKeyRequest?
+    fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>): OutgoingKeyRequest
+    fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState)
+    fun updateOutgoingRoomKeyReply(
+            roomId: String,
+            sessionId: String,
+            algorithm: String,
+            senderKey: String, fromDevice: String?, event: Event)
+
+    fun deleteOutgoingRoomKeyRequest(requestId: String)
 
     fun getOrAddOutgoingSecretShareRequest(secretName: String, recipients: Map<String, List<String>>): OutgoingSecretRequest?
 
+    @Deprecated("TODO")
     fun saveGossipingEvent(event: Event) = saveGossipingEvents(listOf(event))
 
+    @Deprecated("TODO")
     fun saveGossipingEvents(events: List<Event>)
 
+    fun saveIncomingKeyRequestAuditTrail(
+            roomId: String,
+            sessionId: String,
+            senderKey: String,
+            algorithm: String,
+            fromUser: String,
+            fromDevice: String
+    )
+
+    fun saveWithheldAuditTrail(
+            roomId: String,
+            sessionId: String,
+            senderKey: String,
+            algorithm: String,
+            code: WithHeldCode,
+            userId: String,
+            deviceId: String
+    )
+
+    fun saveForwardKeyAuditTrail(
+            roomId: String,
+            sessionId: String,
+            senderKey: String,
+            algorithm: String,
+            userId: String,
+            deviceId: String,
+            chainIndex: Long?
+    )
+
     fun updateGossipingRequestState(request: IncomingShareRequestCommon, state: GossipingRequestState) {
         updateGossipingRequestState(
                 requestUserId = request.userId,
@@ -417,7 +460,7 @@ internal interface IMXCryptoStore {
      */
     fun getIncomingRoomKeyRequest(userId: String, deviceId: String, requestId: String): IncomingRoomKeyRequest?
 
-    fun updateOutgoingGossipingRequestState(requestId: String, state: OutgoingGossipingRequestState)
+    fun updateOutgoingGossipingRequestState(requestId: String, state: OutgoingRoomKeyRequestState)
 
     fun addNewSessionListener(listener: NewSessionListener)
 
@@ -477,17 +520,18 @@ internal interface IMXCryptoStore {
     fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int>
     // Dev tools
 
-    fun getOutgoingRoomKeyRequests(): List<OutgoingRoomKeyRequest>
-    fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingRoomKeyRequest>>
+    fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest>
+    fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>>
     fun getOutgoingSecretKeyRequests(): List<OutgoingSecretRequest>
     fun getOutgoingSecretRequest(secretName: String): OutgoingSecretRequest?
     fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest>
     fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>>
-    fun getGossipingEventsTrail(): LiveData<PagedList<Event>>
-    fun getGossipingEvents(): List<Event>
+    fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>>
+    fun getGossipingEvents(): List<AuditTrail>
 
     fun setDeviceKeysUploaded(uploaded: Boolean)
     fun areDeviceKeysUploaded(): Boolean
     fun tidyUpDataBase()
     fun logDbUsageInfo()
+    fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest>
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index 99adbbfbae..f3bd5c413c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -24,9 +24,11 @@ import com.zhuinden.monarchy.Monarchy
 import io.realm.Realm
 import io.realm.RealmConfiguration
 import io.realm.Sort
+import io.realm.kotlin.createObject
 import io.realm.kotlin.where
 import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.api.session.crypto.NewSessionListener
 import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
@@ -39,22 +41,31 @@ import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.session.room.send.SendState
 import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.api.util.toOptional
 import org.matrix.android.sdk.internal.crypto.GossipRequestType
 import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 import org.matrix.android.sdk.internal.crypto.OutgoingSecretRequest
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
+import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
 import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
 import org.matrix.android.sdk.internal.crypto.model.OutboundGroupSessionWrapper
+import org.matrix.android.sdk.internal.crypto.model.TrailType
+import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.store.db.mapper.CrossSigningKeysMapper
+import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntity
+import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntityFields
+import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailMapper
 import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMapper
@@ -74,8 +85,8 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.OlmInboundGroupSess
 import org.matrix.android.sdk.internal.crypto.store.db.model.OlmSessionEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.OlmSessionEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.OutboundGroupSessionInfoEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingGossipingRequestEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingGossipingRequestEntityFields
+import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntity
+import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.SharedSessionEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.TrustLevelEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.UserEntity
@@ -105,6 +116,8 @@ import java.util.concurrent.Executors
 import java.util.concurrent.TimeUnit
 import javax.inject.Inject
 
+private val loggerTag = LoggerTag("RealmCryptoStore", LoggerTag.CRYPTO)
+
 @SessionScope
 internal class RealmCryptoStore @Inject constructor(
         @CryptoDatabase private val realmConfiguration: RealmConfiguration,
@@ -1006,12 +1019,11 @@ internal class RealmCryptoStore @Inject constructor(
                 ?: defaultValue
     }
 
-    override fun getOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody): OutgoingRoomKeyRequest? {
+    override fun getOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody): OutgoingKeyRequest? {
         return monarchy.fetchAllCopiedSync { realm ->
-            realm.where<OutgoingGossipingRequestEntity>()
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
-        }.mapNotNull {
-            it.toOutgoingGossipingRequest() as? OutgoingRoomKeyRequest
+            realm.where<OutgoingKeyRequestEntity>()
+        }.map {
+            it.toOutgoingGossipingRequest()
         }.firstOrNull {
             it.requestBody?.algorithm == requestBody.algorithm &&
                     it.requestBody?.roomId == requestBody.roomId &&
@@ -1020,16 +1032,40 @@ internal class RealmCryptoStore @Inject constructor(
         }
     }
 
-    override fun getOutgoingSecretRequest(secretName: String): OutgoingSecretRequest? {
+    override fun getOutgoingRoomKeyRequest(requestId: String): OutgoingKeyRequest? {
         return monarchy.fetchAllCopiedSync { realm ->
-            realm.where<OutgoingGossipingRequestEntity>()
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
-                    .equalTo(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, secretName)
-        }.mapNotNull {
-            it.toOutgoingGossipingRequest() as? OutgoingSecretRequest
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+        }.map {
+            it.toOutgoingGossipingRequest()
         }.firstOrNull()
     }
 
+    override fun getOutgoingRoomKeyRequest(roomId: String, sessionId: String, algorithm: String, senderKey: String): List<OutgoingKeyRequest> {
+        // TODO this annoying we have to load all
+        return monarchy.fetchAllCopiedSync { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
+                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
+        }.map {
+            it.toOutgoingGossipingRequest()
+        }.filter {
+            it.requestBody?.algorithm == algorithm &&
+                    it.requestBody?.senderKey == senderKey
+        }
+    }
+
+    override fun getOutgoingSecretRequest(secretName: String): OutgoingSecretRequest? {
+//        return monarchy.fetchAllCopiedSync { realm ->
+//            realm.where<OutgoingGossipingRequestEntity>()
+//                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
+//                    .equalTo(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, secretName)
+//        }.mapNotNull {
+//            it.toOutgoingGossipingRequest() as? OutgoingSecretRequest
+//        }.firstOrNull()
+        return null
+    }
+
     override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
         return monarchy.fetchAllCopiedSync { realm ->
             realm.where<IncomingGossipingRequestEntity>()
@@ -1066,11 +1102,26 @@ internal class RealmCryptoStore @Inject constructor(
         )
     }
 
-    override fun getGossipingEventsTrail(): LiveData<PagedList<Event>> {
+    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
         val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
-            realm.where<GossipingEventEntity>().sort(GossipingEventEntityFields.AGE_LOCAL_TS, Sort.DESCENDING)
+            realm.where<AuditTrailEntity>().sort(AuditTrailEntityFields.AGE_LOCAL_TS, Sort.DESCENDING)
+        }
+        val dataSourceFactory = realmDataSourceFactory.map {
+            AuditTrailMapper.map(it)
+            // mm we can't map not null...
+                    ?: AuditTrail(
+                            System.currentTimeMillis(),
+                            TrailType.IncomingKeyRequest,
+                            IncomingKeyRequestInfo(
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                            )
+                    )
         }
-        val dataSourceFactory = realmDataSourceFactory.map { it.toModel() }
         val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
                 LivePagedListBuilder(dataSourceFactory,
                         PagedList.Config.Builder()
@@ -1082,25 +1133,32 @@ internal class RealmCryptoStore @Inject constructor(
         return trail
     }
 
-    override fun getGossipingEvents(): List<Event> {
+    override fun getGossipingEvents(): List<AuditTrail> {
         return monarchy.fetchAllCopiedSync { realm ->
-            realm.where<GossipingEventEntity>()
-        }.map {
-            it.toModel()
+            realm.where<AuditTrailEntity>()
+        }.mapNotNull {
+            AuditTrailMapper.map(it)
         }
     }
 
-    override fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>): OutgoingRoomKeyRequest? {
+    override fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>): OutgoingKeyRequest {
         // Insert the request and return the one passed in parameter
-        var request: OutgoingRoomKeyRequest? = null
+        lateinit var request: OutgoingKeyRequest
         doRealmTransaction(realmConfiguration) { realm ->
 
-            val existing = realm.where<OutgoingGossipingRequestEntity>()
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
+            val existing = realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
+                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
                     .findAll()
-                    .mapNotNull {
-                        it.toOutgoingGossipingRequest() as? OutgoingRoomKeyRequest
-                    }.firstOrNull {
+                    .map {
+                        it.toOutgoingGossipingRequest()
+                    }.also {
+                        if (it.size > 1) {
+                            // there should be one or zero but not more, worth warning
+                            Timber.tag(loggerTag.value).w("There should not be more than one active key request per session")
+                        }
+                    }
+                    .firstOrNull {
                         it.requestBody?.algorithm == requestBody.algorithm &&
                                 it.requestBody?.sessionId == requestBody.sessionId &&
                                 it.requestBody?.senderKey == requestBody.senderKey &&
@@ -1108,13 +1166,13 @@ internal class RealmCryptoStore @Inject constructor(
                     }
 
             if (existing == null) {
-                request = realm.createObject(OutgoingGossipingRequestEntity::class.java).apply {
+                request = realm.createObject(OutgoingKeyRequestEntity::class.java).apply {
                     this.requestId = RequestIdHelper.createUniqueRequestId()
                     this.setRecipients(recipients)
-                    this.requestState = OutgoingGossipingRequestState.UNSENT
-                    this.type = GossipRequestType.KEY
-                    this.requestedInfoStr = requestBody.toJson()
-                }.toOutgoingGossipingRequest() as? OutgoingRoomKeyRequest
+                    this.requestState = OutgoingRoomKeyRequestState.UNSENT
+                    this.setRequestBody(requestBody)
+                    this.creationTimeStamp = System.currentTimeMillis()
+                }.toOutgoingGossipingRequest()
             } else {
                 request = existing
             }
@@ -1122,32 +1180,72 @@ internal class RealmCryptoStore @Inject constructor(
         return request
     }
 
-    override fun getOrAddOutgoingSecretShareRequest(secretName: String, recipients: Map<String, List<String>>): OutgoingSecretRequest? {
-        var request: OutgoingSecretRequest? = null
-
-        // Insert the request and return the one passed in parameter
+    override fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState) {
         doRealmTransaction(realmConfiguration) { realm ->
-            val existing = realm.where<OutgoingGossipingRequestEntity>()
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
-                    .equalTo(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, secretName)
-                    .findAll()
-                    .mapNotNull {
-                        it.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-                    }.firstOrNull()
-            if (existing == null) {
-                request = realm.createObject(OutgoingGossipingRequestEntity::class.java).apply {
-                    this.type = GossipRequestType.SECRET
-                    setRecipients(recipients)
-                    this.requestState = OutgoingGossipingRequestState.UNSENT
-                    this.requestId = RequestIdHelper.createUniqueRequestId()
-                    this.requestedInfoStr = secretName
-                }.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-            } else {
-                request = existing
-            }
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                    .findFirst()?.apply {
+                        this.requestState = newState
+                    }
         }
+    }
 
-        return request
+    override fun updateOutgoingRoomKeyReply(roomId: String,
+                                            sessionId: String,
+                                            algorithm: String,
+                                            senderKey: String,
+                                            fromDevice: String?,
+                                            event: Event) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
+                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
+                    .findAll().firstOrNull { entity ->
+                        entity.toOutgoingGossipingRequest().let {
+                            it.requestBody?.senderKey == senderKey &&
+                                    it.requestBody?.algorithm == algorithm
+                        }
+                    }?.apply {
+                        event.senderId?.let { addReply(it, fromDevice, event) }
+                    }
+        }
+    }
+
+    override fun deleteOutgoingRoomKeyRequest(requestId: String) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                    .findFirst()?.deleteOnCascade()
+        }
+    }
+
+    override fun getOrAddOutgoingSecretShareRequest(secretName: String, recipients: Map<String, List<String>>): OutgoingSecretRequest? {
+        return null
+//        var request: OutgoingSecretRequest? = null
+//
+//        // Insert the request and return the one passed in parameter
+//        doRealmTransaction(realmConfiguration) { realm ->
+//            val existing = realm.where<OutgoingGossipingRequestEntity>()
+//                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
+//                    .equalTo(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, secretName)
+//                    .findAll()
+//                    .mapNotNull {
+//                        it.toOutgoingGossipingRequest() as? OutgoingSecretRequest
+//                    }.firstOrNull()
+//            if (existing == null) {
+//                request = realm.createObject(OutgoingGossipingRequestEntity::class.java).apply {
+//                    this.type = GossipRequestType.SECRET
+//                    setRecipients(recipients)
+//                    this.requestState = OutgoingRoomKeyRequestEntity.UNSENT
+//                    this.requestId = RequestIdHelper.createUniqueRequestId()
+//                    this.requestedInfoStr = secretName
+//                }.toOutgoingGossipingRequest() as? OutgoingSecretRequest
+//            } else {
+//                request = existing
+//            }
+//        }
+//
+//        return request
     }
 
     override fun saveGossipingEvents(events: List<Event>) {
@@ -1170,6 +1268,88 @@ internal class RealmCryptoStore @Inject constructor(
         }
     }
 
+    override fun saveIncomingKeyRequestAuditTrail(
+            roomId: String,
+            sessionId: String,
+            senderKey: String,
+            algorithm: String,
+            fromUser: String,
+            fromDevice: String) {
+        monarchy.writeAsync { realm ->
+            val now = System.currentTimeMillis()
+            realm.createObject<AuditTrailEntity>().apply {
+                this.ageLocalTs = now
+                this.type = TrailType.IncomingKeyRequest.name
+                val info = IncomingKeyRequestInfo(
+                        roomId,
+                        sessionId,
+                        senderKey,
+                        algorithm,
+                        fromUser,
+                        fromDevice
+                )
+                MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).toJson(info)?.let {
+                    this.contentJson = it
+                }
+            }
+        }
+    }
+
+    override fun saveWithheldAuditTrail(roomId: String,
+                                        sessionId: String,
+                                        senderKey: String,
+                                        algorithm: String,
+                                        code: WithHeldCode,
+                                        userId: String,
+                                        deviceId: String) {
+        monarchy.writeAsync { realm ->
+            val now = System.currentTimeMillis()
+            realm.createObject<AuditTrailEntity>().apply {
+                this.ageLocalTs = now
+                this.type = TrailType.OutgoingKeyWithheld.name
+                val info = WithheldInfo(
+                        roomId,
+                        sessionId,
+                        senderKey,
+                        algorithm,
+                        code,
+                        userId,
+                        deviceId
+                )
+                MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).toJson(info)?.let {
+                    this.contentJson = it
+                }
+            }
+        }
+    }
+
+    override fun saveForwardKeyAuditTrail(roomId: String,
+                                          sessionId: String,
+                                          senderKey: String,
+                                          algorithm: String,
+                                          userId: String,
+                                          deviceId: String,
+                                          chainIndex: Long?) {
+        monarchy.writeAsync { realm ->
+            val now = System.currentTimeMillis()
+            realm.createObject<AuditTrailEntity>().apply {
+                this.ageLocalTs = now
+                this.type = TrailType.OutgoingKeyForward.name
+                val info = ForwardInfo(
+                        roomId,
+                        sessionId,
+                        senderKey,
+                        algorithm,
+                        userId,
+                        deviceId,
+                        chainIndex
+                )
+                MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).toJson(info)?.let {
+                    this.contentJson = it
+                }
+            }
+        }
+    }
 //    override fun getOutgoingRoomKeyRequestByState(states: Set<ShareRequestState>): OutgoingRoomKeyRequest? {
 //        val statesIndex = states.map { it.ordinal }.toTypedArray()
 //        return doRealmQueryAndCopy(realmConfiguration) { realm ->
@@ -1276,10 +1456,10 @@ internal class RealmCryptoStore @Inject constructor(
         }
     }
 
-    override fun updateOutgoingGossipingRequestState(requestId: String, state: OutgoingGossipingRequestState) {
+    override fun updateOutgoingGossipingRequestState(requestId: String, state: OutgoingRoomKeyRequestState) {
         doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<OutgoingGossipingRequestEntity>()
-                    .equalTo(OutgoingGossipingRequestEntityFields.REQUEST_ID, requestId)
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
                     .findAll().forEach {
                         it.requestState = state
                     }
@@ -1503,37 +1683,46 @@ internal class RealmCryptoStore @Inject constructor(
         }
     }
 
-    override fun getOutgoingRoomKeyRequests(): List<OutgoingRoomKeyRequest> {
+    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
         return monarchy.fetchAllMappedSync({ realm ->
             realm
-                    .where(OutgoingGossipingRequestEntity::class.java)
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
+                    .where(OutgoingKeyRequestEntity::class.java)
         }, { entity ->
-            entity.toOutgoingGossipingRequest() as? OutgoingRoomKeyRequest
+            entity.toOutgoingGossipingRequest()
+        })
+                .filterNotNull()
+    }
+
+    override fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest> {
+        return monarchy.fetchAllMappedSync({ realm ->
+            realm
+                    .where(OutgoingKeyRequestEntity::class.java)
+                    .`in`(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, inStates.map { it.name }.toTypedArray())
+        }, { entity ->
+            entity.toOutgoingGossipingRequest()
         })
                 .filterNotNull()
     }
 
     override fun getOutgoingSecretKeyRequests(): List<OutgoingSecretRequest> {
-        return monarchy.fetchAllMappedSync({ realm ->
-            realm
-                    .where(OutgoingGossipingRequestEntity::class.java)
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
-        }, { entity ->
-            entity.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-        })
-                .filterNotNull()
+//        return monarchy.fetchAllMappedSync({ realm ->
+//            realm
+//                    .where(OutgoingGossipingRequestEntity::class.java)
+//                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
+//        }, { entity ->
+//            entity.toOutgoingGossipingRequest() as? OutgoingSecretRequest
+//        })
+//                .filterNotNull()
+        return emptyList()
     }
 
-    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingRoomKeyRequest>> {
+    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
         val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
             realm
-                    .where(OutgoingGossipingRequestEntity::class.java)
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
+                    .where(OutgoingKeyRequestEntity::class.java)
         }
         val dataSourceFactory = realmDataSourceFactory.map {
-            it.toOutgoingGossipingRequest() as? OutgoingRoomKeyRequest
-                    ?: OutgoingRoomKeyRequest(requestBody = null, requestId = "?", recipients = emptyMap(), state = OutgoingGossipingRequestState.CANCELLED)
+            it.toOutgoingGossipingRequest()
         }
         val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
                 LivePagedListBuilder(dataSourceFactory,
@@ -1716,12 +1905,11 @@ internal class RealmCryptoStore @Inject constructor(
                     .also { Timber.i("## Crypto Clean up ${it.size} IncomingGossipingRequestEntity") }
                     .deleteAllFromRealm()
 
-            // Clean the cancelled ones?
-            realm.where<OutgoingGossipingRequestEntity>()
-                    .equalTo(OutgoingGossipingRequestEntityFields.REQUEST_STATE_STR, OutgoingGossipingRequestState.CANCELLED.name)
-                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
+            // Clean the old ones?
+            realm.where<OutgoingKeyRequestEntity>()
+                    .lessThan(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, prevWeekTs)
                     .findAll()
-                    .also { Timber.i("## Crypto Clean up ${it.size} OutgoingGossipingRequestEntity") }
+                    .also { Timber.i("## Crypto Clean up ${it.size} OutgoingKeyRequestEntity") }
                     .deleteAllFromRealm()
 
             // Only keep one week history
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt
index cac6499486..3bb44572ac 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreMigration.kt
@@ -33,6 +33,7 @@ import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo
 import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo013
 import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo014
 import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo015
+import org.matrix.android.sdk.internal.crypto.store.db.migration.MigrateCryptoTo016
 import timber.log.Timber
 import javax.inject.Inject
 
@@ -47,7 +48,7 @@ internal class RealmCryptoStoreMigration @Inject constructor() : RealmMigration
     // 0, 1, 2: legacy Riot-Android
     // 3: migrate to RiotX schema
     // 4, 5, 6, 7, 8, 9: migrations from RiotX (which was previously 1, 2, 3, 4, 5, 6)
-    val schemaVersion = 15L
+    val schemaVersion = 16L
 
     override fun migrate(realm: DynamicRealm, oldVersion: Long, newVersion: Long) {
         Timber.d("Migrating Realm Crypto from $oldVersion to $newVersion")
@@ -67,5 +68,6 @@ internal class RealmCryptoStoreMigration @Inject constructor() : RealmMigration
         if (oldVersion < 13) MigrateCryptoTo013(realm).perform()
         if (oldVersion < 14) MigrateCryptoTo014(realm).perform()
         if (oldVersion < 15) MigrateCryptoTo015(realm).perform()
+        if (oldVersion < 16) MigrateCryptoTo016(realm).perform()
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt
index a2f2f8e97a..e3e195ff8c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt
@@ -17,6 +17,7 @@
 package org.matrix.android.sdk.internal.crypto.store.db
 
 import io.realm.annotations.RealmModule
+import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMetadataEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoRoomEntity
@@ -24,12 +25,13 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.DeviceInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.GossipingEventEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.IncomingGossipingRequestEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeyInfoEntity
+import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeysBackupDataEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.MyDeviceLastSeenInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.OlmInboundGroupSessionEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.OlmSessionEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.OutboundGroupSessionInfoEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingGossipingRequestEntity
+import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.SharedSessionEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.TrustLevelEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.UserEntity
@@ -50,9 +52,9 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.WithHeldSessionEnti
             KeyInfoEntity::class,
             CrossSigningInfoEntity::class,
             TrustLevelEntity::class,
-            GossipingEventEntity::class,
-            IncomingGossipingRequestEntity::class,
-            OutgoingGossipingRequestEntity::class,
+            AuditTrailEntity::class,
+            OutgoingKeyRequestEntity::class,
+            KeyRequestReplyEntity::class,
             MyDeviceLastSeenInfoEntity::class,
             WithHeldSessionEntity::class,
             SharedSessionEntity::class,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
new file mode 100644
index 0000000000..832272f574
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2022 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto.store.db.migration
+
+import io.realm.DynamicRealm
+import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntityFields
+import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntity
+import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntityFields
+import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
+import org.matrix.android.sdk.internal.util.database.RealmMigrator
+
+class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
+
+    override fun doMigrate(realm: DynamicRealm) {
+        realm.schema.remove("OutgoingGossipingRequestEntity")
+        realm.schema.remove("IncomingGossipingRequestEntity")
+        realm.schema.remove("GossipingEventEntity")
+
+        // No need to migrate existing request, just start fresh
+
+        realm.schema.create("OutgoingKeyRequestEntity")
+                .addField(OutgoingKeyRequestEntityFields.REQUEST_ID, String::class.java)
+                .addIndex(OutgoingKeyRequestEntityFields.REQUEST_ID)
+                .addField(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, String::class.java)
+                .addIndex(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID)
+                .addRealmListField(OutgoingKeyRequestEntityFields.REPLIES.`$`, KeyRequestReplyEntity::class.java)
+                .addField(OutgoingKeyRequestEntityFields.RECIPIENTS_DATA, String::class.java)
+                .addField(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, String::class.java)
+                .addIndex(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR)
+                .addField(OutgoingKeyRequestEntityFields.REQUESTED_INFO_STR, String::class.java)
+                .addField(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, Long::class.java)
+                .setNullable(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, true)
+
+
+        realm.schema.create("AuditTrailEntity")
+                .addField(AuditTrailEntityFields.AGE_LOCAL_TS, Long::class.java)
+                .setNullable(AuditTrailEntityFields.AGE_LOCAL_TS, true)
+                .addField(AuditTrailEntityFields.CONTENT_JSON, String::class.java)
+                .addField(AuditTrailEntityFields.TYPE, String::class.java)
+
+        realm.schema.create("KeyRequestReplyEntity")
+                .addField(KeyRequestReplyEntityFields.SENDER_ID, String::class.java)
+                .addField(KeyRequestReplyEntityFields.FROM_DEVICE, String::class.java)
+                .addField(KeyRequestReplyEntityFields.EVENT_JSON, String::class.java)
+
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/GossipingRequestState.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt
similarity index 63%
rename from matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/GossipingRequestState.kt
rename to matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt
index d9a6f4fcba..a3963e9485 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/GossipingRequestState.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,18 +14,14 @@
  * limitations under the License.
  */
 
-package org.matrix.android.sdk.api.session.crypto.model
+package org.matrix.android.sdk.internal.crypto.store.db.model
 
-enum class GossipingRequestState {
-    NONE,
-    PENDING,
-    REJECTED,
-    ACCEPTING,
-    ACCEPTED,
-    FAILED_TO_ACCEPTED,
+import io.realm.RealmObject
 
-    // USER_REJECTED,
-    UNABLE_TO_PROCESS,
-    CANCELLED_BY_REQUESTER,
-    RE_REQUESTED
+internal open class AuditTrailEntity(
+        var ageLocalTs: Long? = null,
+        var type: String? = null,
+        var contentJson: String? = null
+) : RealmObject() {
+    companion object
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
new file mode 100644
index 0000000000..a89c5599ef
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto.store.db.model
+
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.internal.crypto.model.AuditInfo
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
+import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
+import org.matrix.android.sdk.internal.crypto.model.TrailType
+import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
+import org.matrix.android.sdk.internal.di.MoshiProvider
+
+internal object AuditTrailMapper {
+
+    fun map(entity: AuditTrailEntity): AuditTrail? {
+        val contentJson = entity.contentJson ?: return null
+        return when (entity.type) {
+            TrailType.OutgoingKeyForward.name         -> {
+                val info = tryOrNull {
+                    MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).fromJson(contentJson)
+                } ?: return null
+                AuditTrail(
+                        ageLocalTs = entity.ageLocalTs ?: 0,
+                        type = TrailType.OutgoingKeyForward,
+                        info = info
+                )
+            }
+            TrailType.OutgoingKeyWithheld.name        -> {
+                val info = tryOrNull {
+                    MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).fromJson(contentJson)
+                } ?: return null
+                AuditTrail(
+                        ageLocalTs = entity.ageLocalTs ?: 0,
+                        type = TrailType.OutgoingKeyWithheld,
+                        info = info
+                )
+            }
+            TrailType.IncomingKeyRequest.name -> {
+                val info = tryOrNull {
+                    MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).fromJson(contentJson)
+                } ?: return null
+                AuditTrail(
+                        ageLocalTs = entity.ageLocalTs ?: 0,
+                        type = TrailType.IncomingKeyRequest,
+                        info = info
+                )
+            }
+            else                              ->  {
+                AuditTrail(
+                        ageLocalTs = entity.ageLocalTs ?: 0,
+                        type = TrailType.Unknown,
+                        info = object : AuditInfo {
+                            override val roomId: String
+                                get() = ""
+                            override val sessionId: String
+                                get() = ""
+                            override val senderKey: String
+                                get() = ""
+                            override val alg: String
+                                get() = ""
+                            override val userId: String
+                                get() = ""
+                            override val deviceId: String
+                                get() = ""
+                        }
+                )
+            }
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
index a024e092b7..31b141014b 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
@@ -33,6 +33,8 @@ import timber.log.Timber
  * (room key request, or sss secret sharing, as well as cancellations)
  *
  */
+
+// not used anymore, just here for db migration
 internal open class GossipingEventEntity(@Index var type: String? = "",
                                          var content: String? = null,
                                          @Index var sender: String? = null,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
index f05c8853c8..c58b3a684d 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
@@ -26,6 +26,7 @@ import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.internal.crypto.GossipRequestType
 import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
 
+// not used anymore, just here for db migration
 internal open class IncomingGossipingRequestEntity(@Index var requestId: String? = "",
                                                    @Index var typeStr: String? = null,
                                                    var otherUserId: String? = null,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/KeyRequestReplyEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/KeyRequestReplyEntity.kt
new file mode 100644
index 0000000000..0c7cf79e78
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/KeyRequestReplyEntity.kt
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto.store.db.model
+
+import io.realm.RealmObject
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.internal.di.MoshiProvider
+
+internal open class KeyRequestReplyEntity(
+        var senderId: String? = null,
+        var fromDevice: String? = null,
+        var eventJson: String? = null
+) : RealmObject() {
+    companion object
+
+    fun getEvent(): Event? {
+        return eventJson?.let {
+            MoshiProvider.providesMoshi().adapter(Event::class.java).fromJson(it)
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
index 0e1278967e..ccb4590fb9 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
@@ -1,34 +1,26 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
+// /*
+// * Copyright 2020 The Matrix.org Foundation C.I.C.
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// *     http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+// */
 
 package org.matrix.android.sdk.internal.crypto.store.db.model
 
-import com.squareup.moshi.JsonAdapter
-import com.squareup.moshi.Types
 import io.realm.RealmObject
 import io.realm.annotations.Index
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingGossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
-import org.matrix.android.sdk.internal.crypto.GossipRequestType
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingSecretRequest
-import org.matrix.android.sdk.internal.di.MoshiProvider
+import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestState
 
+// not used anymore, just here for db migration
 internal open class OutgoingGossipingRequestEntity(
         @Index var requestId: String? = null,
         var recipientsData: String? = null,
@@ -36,69 +28,5 @@ internal open class OutgoingGossipingRequestEntity(
         @Index var typeStr: String? = null
 ) : RealmObject() {
 
-    fun getRequestedSecretName(): String? = if (type == GossipRequestType.SECRET) {
-        requestedInfoStr
-    } else null
-
-    fun getRequestedKeyInfo(): RoomKeyRequestBody? = if (type == GossipRequestType.KEY) {
-        RoomKeyRequestBody.fromJson(requestedInfoStr)
-    } else null
-
-    var type: GossipRequestType
-        get() {
-            return tryOrNull { typeStr?.let { GossipRequestType.valueOf(it) } } ?: GossipRequestType.KEY
-        }
-        set(value) {
-            typeStr = value.name
-        }
-
     private var requestStateStr: String = OutgoingGossipingRequestState.UNSENT.name
-
-    var requestState: OutgoingGossipingRequestState
-        get() {
-            return tryOrNull { OutgoingGossipingRequestState.valueOf(requestStateStr) }
-                    ?: OutgoingGossipingRequestState.UNSENT
-        }
-        set(value) {
-            requestStateStr = value.name
-        }
-
-    companion object {
-
-        private val recipientsDataMapper: JsonAdapter<Map<String, List<String>>> =
-                MoshiProvider
-                        .providesMoshi()
-                        .adapter<Map<String, List<String>>>(
-                                Types.newParameterizedType(Map::class.java, String::class.java, List::class.java)
-                        )
-    }
-
-    fun toOutgoingGossipingRequest(): OutgoingGossipingRequest {
-        return when (type) {
-            GossipRequestType.KEY    -> {
-                OutgoingRoomKeyRequest(
-                        requestBody = getRequestedKeyInfo(),
-                        recipients = getRecipients().orEmpty(),
-                        requestId = requestId ?: "",
-                        state = requestState
-                )
-            }
-            GossipRequestType.SECRET -> {
-                OutgoingSecretRequest(
-                        secretName = getRequestedSecretName(),
-                        recipients = getRecipients().orEmpty(),
-                        requestId = requestId ?: "",
-                        state = requestState
-                )
-            }
-        }
-    }
-
-    private fun getRecipients(): Map<String, List<String>>? {
-        return this.recipientsData?.let { recipientsDataMapper.fromJson(it) }
-    }
-
-    fun setRecipients(recipients: Map<String, List<String>>) {
-        this.recipientsData = recipientsDataMapper.toJson(recipients)
-    }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
new file mode 100644
index 0000000000..3e00ce7cce
--- /dev/null
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
@@ -0,0 +1,136 @@
+/*
+ * Copyright (c) 2022 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto.store.db.model
+
+import com.squareup.moshi.JsonAdapter
+import com.squareup.moshi.Types
+import io.realm.RealmList
+import io.realm.RealmObject
+import io.realm.annotations.Index
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.internal.crypto.RequestReply
+import org.matrix.android.sdk.internal.crypto.RequestResult
+import org.matrix.android.sdk.internal.di.MoshiProvider
+import timber.log.Timber
+
+internal open class OutgoingKeyRequestEntity(
+        @Index var requestId: String? = null,
+        var recipientsData: String? = null,
+        var requestedInfoStr: String? = null,
+        var creationTimeStamp: Long? = null,
+        // de-normalization for better query (if not have to query all and parse json)
+        @Index var roomId: String? = null,
+        @Index var megolmSessionId: String? = null,
+
+        var replies: RealmList<KeyRequestReplyEntity> = RealmList()
+) : RealmObject() {
+
+    @Index private var requestStateStr: String = OutgoingRoomKeyRequestState.UNSENT.name
+
+    companion object {
+
+        private val recipientsDataMapper: JsonAdapter<Map<String, List<String>>> =
+                MoshiProvider
+                        .providesMoshi()
+                        .adapter(
+                                Types.newParameterizedType(Map::class.java, String::class.java, List::class.java)
+                        )
+    }
+
+    fun getRequestedKeyInfo(): RoomKeyRequestBody? = RoomKeyRequestBody.fromJson(requestedInfoStr)
+
+    fun setRequestBody(body: RoomKeyRequestBody) {
+        requestedInfoStr = body.toJson()
+        roomId = body.roomId
+        megolmSessionId = body.sessionId
+    }
+
+    var requestState: OutgoingRoomKeyRequestState
+        get() {
+            return tryOrNull { OutgoingRoomKeyRequestState.valueOf(requestStateStr) }
+                    ?: OutgoingRoomKeyRequestState.UNSENT
+        }
+        set(value) {
+            requestStateStr = value.name
+        }
+
+    private fun getRecipients(): Map<String, List<String>>? {
+        return this.recipientsData?.let { recipientsDataMapper.fromJson(it) }
+    }
+
+    fun setRecipients(recipients: Map<String, List<String>>) {
+        this.recipientsData = recipientsDataMapper.toJson(recipients)
+    }
+
+    fun addReply(userId: String, fromDevice: String?, event: Event) {
+        Timber.w("##VALR: add reply $userId / $fromDevice  / $event")
+        val newReply = KeyRequestReplyEntity(
+                senderId = userId,
+                fromDevice = fromDevice,
+                eventJson = MoshiProvider.providesMoshi().adapter(Event::class.java).toJson(event)
+        )
+        replies.add(newReply)
+    }
+
+    fun toOutgoingGossipingRequest(): OutgoingKeyRequest {
+        return OutgoingKeyRequest(
+                requestBody = getRequestedKeyInfo(),
+                recipients = getRecipients().orEmpty(),
+                requestId = requestId ?: "",
+                state = requestState,
+                results = replies.mapNotNull { entity ->
+                    val userId = entity.senderId ?: return@mapNotNull null
+                    val result = entity.eventJson?.let {
+                        MoshiProvider.providesMoshi().adapter(Event::class.java).fromJson(it)
+                    }?.let { event ->
+                        eventToResult(event)
+                    } ?: return@mapNotNull null
+                    RequestReply(
+                            userId,
+                            entity.fromDevice,
+                            result
+                    )
+                }
+        )
+    }
+
+    private fun eventToResult(event: Event): RequestResult? {
+        return when (event.getClearType()) {
+            EventType.ROOM_KEY_WITHHELD  -> {
+                event.content.toModel<RoomKeyWithHeldContent>()?.code?.let {
+                    RequestResult.Failure(it)
+                }
+            }
+            EventType.FORWARDED_ROOM_KEY -> {
+                RequestResult.Success
+            }
+            else                         -> null
+        }
+    }
+}
+
+internal fun OutgoingKeyRequestEntity.deleteOnCascade() {
+    replies.deleteAllFromRealm()
+    deleteFromRealm()
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendEventTask.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendEventTask.kt
index bdfe818c62..4d0871f145 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendEventTask.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendEventTask.kt
@@ -15,6 +15,7 @@
  */
 package org.matrix.android.sdk.internal.crypto.tasks
 
+import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.room.send.SendState
 import org.matrix.android.sdk.internal.network.GlobalErrorReceiver
@@ -46,7 +47,9 @@ internal class DefaultSendEventTask @Inject constructor(
             params.event.roomId
                     ?.takeIf { params.encrypt }
                     ?.let { roomId ->
-                        loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
+                        tryOrNull {
+                            loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
+                        }
                     }
 
             val event = handleEncryption(params)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt
index 68f1cf62d5..7b850628f6 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt
@@ -23,8 +23,8 @@ import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerific
 import org.matrix.android.sdk.api.session.crypto.verification.SasMode
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.internal.crypto.IncomingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import timber.log.Timber
@@ -36,7 +36,7 @@ internal class DefaultIncomingSASDefaultVerificationTransaction(
         private val cryptoStore: IMXCryptoStore,
         crossSigningService: CrossSigningService,
         outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        secretShareManager: SecretShareManager,
         deviceFingerprint: String,
         transactionId: String,
         otherUserID: String,
@@ -48,7 +48,7 @@ internal class DefaultIncomingSASDefaultVerificationTransaction(
         cryptoStore,
         crossSigningService,
         outgoingGossipingRequestManager,
-        incomingGossipingRequestManager,
+        secretShareManager,
         deviceFingerprint,
         transactionId,
         otherUserID,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt
index e203f03b06..5c5f8dd668 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt
@@ -20,8 +20,8 @@ import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
 import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.internal.crypto.IncomingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import timber.log.Timber
@@ -33,7 +33,7 @@ internal class DefaultOutgoingSASDefaultVerificationTransaction(
         cryptoStore: IMXCryptoStore,
         crossSigningService: CrossSigningService,
         outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        secretShareManager: SecretShareManager,
         deviceFingerprint: String,
         transactionId: String,
         otherUserId: String,
@@ -45,7 +45,7 @@ internal class DefaultOutgoingSASDefaultVerificationTransaction(
         cryptoStore,
         crossSigningService,
         outgoingGossipingRequestManager,
-        incomingGossipingRequestManager,
+        secretShareManager,
         deviceFingerprint,
         transactionId,
         otherUserId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
index 28bf1d70f7..00d01f02ed 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
@@ -59,9 +59,9 @@ import org.matrix.android.sdk.api.session.room.model.message.MessageVerification
 import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationStartContent
 import org.matrix.android.sdk.api.session.room.model.message.ValidVerificationDone
 import org.matrix.android.sdk.internal.crypto.DeviceListManager
-import org.matrix.android.sdk.internal.crypto.IncomingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.MyDeviceInfoHolder
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.model.rest.KeyVerificationAccept
 import org.matrix.android.sdk.internal.crypto.model.rest.KeyVerificationCancel
@@ -95,7 +95,7 @@ internal class DefaultVerificationService @Inject constructor(
         @DeviceId private val deviceId: String?,
         private val cryptoStore: IMXCryptoStore,
         private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        private val incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        private val secretShareManager: SecretShareManager,
         private val myDeviceInfoHolder: Lazy<MyDeviceInfoHolder>,
         private val deviceListManager: DeviceListManager,
         private val setDeviceVerificationAction: SetDeviceVerificationAction,
@@ -548,7 +548,7 @@ internal class DefaultVerificationService @Inject constructor(
                             cryptoStore,
                             crossSigningService,
                             outgoingGossipingRequestManager,
-                            incomingGossipingRequestManager,
+                            secretShareManager,
                             myDeviceInfoHolder.get().myDevice.fingerprint()!!,
                             startReq.transactionId,
                             otherUserId,
@@ -807,17 +807,15 @@ internal class DefaultVerificationService @Inject constructor(
             getExistingTransaction(userId, doneReq.transactionId)
                     ?: getOldTransaction(userId, doneReq.transactionId)
                             ?.let { vt ->
-                                val otherDeviceId = vt.otherDeviceId
+                                val otherDeviceId = vt.otherDeviceId ?: return@let
                                 if (!crossSigningService.canCrossSign()) {
-                                    outgoingGossipingRequestManager.sendSecretShareRequest(MASTER_KEY_SSSS_NAME, mapOf(userId to listOf(otherDeviceId
-                                            ?: "*")))
-                                    outgoingGossipingRequestManager.sendSecretShareRequest(SELF_SIGNING_KEY_SSSS_NAME, mapOf(userId to listOf(otherDeviceId
-                                            ?: "*")))
-                                    outgoingGossipingRequestManager.sendSecretShareRequest(USER_SIGNING_KEY_SSSS_NAME, mapOf(userId to listOf(otherDeviceId
-                                            ?: "*")))
+                                    cryptoCoroutineScope.launch {
+                                        secretShareManager.requestSecretTo(otherDeviceId, MASTER_KEY_SSSS_NAME)
+                                        secretShareManager.requestSecretTo(otherDeviceId, SELF_SIGNING_KEY_SSSS_NAME)
+                                        secretShareManager.requestSecretTo(otherDeviceId, USER_SIGNING_KEY_SSSS_NAME)
+                                        secretShareManager.requestSecretTo(otherDeviceId, KEYBACKUP_SECRET_SSSS_NAME)
+                                    }
                                 }
-                                outgoingGossipingRequestManager.sendSecretShareRequest(KEYBACKUP_SECRET_SSSS_NAME, mapOf(userId to listOf(otherDeviceId
-                                        ?: "*")))
                             }
         }
     }
@@ -912,7 +910,7 @@ internal class DefaultVerificationService @Inject constructor(
                     otherDeviceId = readyReq.fromDevice,
                     crossSigningService = crossSigningService,
                     outgoingGossipingRequestManager = outgoingGossipingRequestManager,
-                    incomingGossipingRequestManager = incomingGossipingRequestManager,
+                    secretShareManager = secretShareManager,
                     cryptoStore = cryptoStore,
                     qrCodeData = qrCodeData,
                     userId = userId,
@@ -1111,7 +1109,7 @@ internal class DefaultVerificationService @Inject constructor(
                     cryptoStore,
                     crossSigningService,
                     outgoingGossipingRequestManager,
-                    incomingGossipingRequestManager,
+                    secretShareManager,
                     myDeviceInfoHolder.get().myDevice.fingerprint()!!,
                     txID,
                     otherUserId,
@@ -1303,7 +1301,7 @@ internal class DefaultVerificationService @Inject constructor(
                     cryptoStore,
                     crossSigningService,
                     outgoingGossipingRequestManager,
-                    incomingGossipingRequestManager,
+                    secretShareManager,
                     myDeviceInfoHolder.get().myDevice.fingerprint()!!,
                     transactionId,
                     otherUserId,
@@ -1441,7 +1439,7 @@ internal class DefaultVerificationService @Inject constructor(
                         otherDeviceId = otherDeviceId,
                         crossSigningService = crossSigningService,
                         outgoingGossipingRequestManager = outgoingGossipingRequestManager,
-                        incomingGossipingRequestManager = incomingGossipingRequestManager,
+                        secretShareManager = secretShareManager,
                         cryptoStore = cryptoStore,
                         qrCodeData = qrCodeData,
                         userId = userId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt
index 69d9388c5f..770a6ba54c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt
@@ -20,8 +20,8 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.CrossSigningServic
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
-import org.matrix.android.sdk.internal.crypto.IncomingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import timber.log.Timber
 
@@ -32,7 +32,7 @@ internal abstract class DefaultVerificationTransaction(
         private val setDeviceVerificationAction: SetDeviceVerificationAction,
         private val crossSigningService: CrossSigningService,
         private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        private val incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        private val secretShareManager: SecretShareManager,
         private val userId: String,
         override val transactionId: String,
         override val otherUserId: String,
@@ -86,7 +86,7 @@ internal abstract class DefaultVerificationTransaction(
         }
 
         if (otherUserId == userId) {
-            incomingGossipingRequestManager.onVerificationCompleteForDevice(otherDeviceId!!)
+            secretShareManager.onVerificationCompleteForDevice(otherDeviceId!!)
 
             // If me it's reasonable to sign and upload the device signature
             // Notice that i might not have the private keys, so may not be able to do it
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt
index 4bf01a2809..43e25ab2bf 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt
@@ -23,8 +23,8 @@ import org.matrix.android.sdk.api.session.crypto.verification.SasMode
 import org.matrix.android.sdk.api.session.crypto.verification.SasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.internal.crypto.IncomingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.extensions.toUnsignedInt
@@ -43,7 +43,7 @@ internal abstract class SASDefaultVerificationTransaction(
         private val cryptoStore: IMXCryptoStore,
         crossSigningService: CrossSigningService,
         outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        secretShareManager: SecretShareManager,
         private val deviceFingerprint: String,
         transactionId: String,
         otherUserId: String,
@@ -53,7 +53,7 @@ internal abstract class SASDefaultVerificationTransaction(
         setDeviceVerificationAction,
         crossSigningService,
         outgoingGossipingRequestManager,
-        incomingGossipingRequestManager,
+        secretShareManager,
         userId,
         transactionId,
         otherUserId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
index 06f0b36798..9cc31d9542 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
@@ -22,8 +22,8 @@ import org.matrix.android.sdk.api.session.crypto.verification.QrCodeVerification
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.util.fromBase64
-import org.matrix.android.sdk.internal.crypto.IncomingGossipingRequestManager
 import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.crosssigning.fromBase64Safe
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -38,7 +38,7 @@ internal class DefaultQrCodeVerificationTransaction(
         override var otherDeviceId: String?,
         private val crossSigningService: CrossSigningService,
         outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        incomingGossipingRequestManager: IncomingGossipingRequestManager,
+        secretShareManager: SecretShareManager,
         private val cryptoStore: IMXCryptoStore,
         // Not null only if other user is able to scan QR code
         private val qrCodeData: QrCodeData?,
@@ -49,7 +49,7 @@ internal class DefaultQrCodeVerificationTransaction(
         setDeviceVerificationAction,
         crossSigningService,
         outgoingGossipingRequestManager,
-        incomingGossipingRequestManager,
+        secretShareManager,
         userId,
         transactionId,
         otherUserId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt
index 76e5d84e56..4c1a06f1c7 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt
@@ -21,10 +21,7 @@ import dagger.Component
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
 import org.matrix.android.sdk.api.auth.data.SessionParams
 import org.matrix.android.sdk.api.session.Session
-import org.matrix.android.sdk.internal.crypto.CancelGossipRequestWorker
 import org.matrix.android.sdk.internal.crypto.CryptoModule
-import org.matrix.android.sdk.internal.crypto.SendGossipRequestWorker
-import org.matrix.android.sdk.internal.crypto.SendGossipWorker
 import org.matrix.android.sdk.internal.crypto.crosssigning.UpdateTrustWorker
 import org.matrix.android.sdk.internal.crypto.verification.SendVerificationMessageWorker
 import org.matrix.android.sdk.internal.di.MatrixComponent
@@ -134,12 +131,6 @@ internal interface SessionComponent {
 
     fun inject(worker: SendVerificationMessageWorker)
 
-    fun inject(worker: SendGossipRequestWorker)
-
-    fun inject(worker: CancelGossipRequestWorker)
-
-    fun inject(worker: SendGossipWorker)
-
     fun inject(worker: UpdateTrustWorker)
 
     @Component.Factory
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt
index e56b359f7a..94dd36114b 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt
@@ -22,9 +22,6 @@ import androidx.work.ListenableWorker
 import androidx.work.WorkerFactory
 import androidx.work.WorkerParameters
 import org.matrix.android.sdk.internal.SessionManager
-import org.matrix.android.sdk.internal.crypto.CancelGossipRequestWorker
-import org.matrix.android.sdk.internal.crypto.SendGossipRequestWorker
-import org.matrix.android.sdk.internal.crypto.SendGossipWorker
 import org.matrix.android.sdk.internal.crypto.crosssigning.UpdateTrustWorker
 import org.matrix.android.sdk.internal.crypto.verification.SendVerificationMessageWorker
 import org.matrix.android.sdk.internal.di.MatrixScope
@@ -56,8 +53,6 @@ internal class MatrixWorkerFactory @Inject constructor(private val sessionManage
                 CheckFactoryWorker(appContext, workerParameters, true)
             AddPusherWorker::class.java.name                      ->
                 AddPusherWorker(appContext, workerParameters, sessionManager)
-            CancelGossipRequestWorker::class.java.name            ->
-                CancelGossipRequestWorker(appContext, workerParameters, sessionManager)
             GetGroupDataWorker::class.java.name                   ->
                 GetGroupDataWorker(appContext, workerParameters, sessionManager)
             MultipleEventSendingDispatcherWorker::class.java.name ->
@@ -66,10 +61,6 @@ internal class MatrixWorkerFactory @Inject constructor(private val sessionManage
                 RedactEventWorker(appContext, workerParameters, sessionManager)
             SendEventWorker::class.java.name                      ->
                 SendEventWorker(appContext, workerParameters, sessionManager)
-            SendGossipRequestWorker::class.java.name              ->
-                SendGossipRequestWorker(appContext, workerParameters, sessionManager)
-            SendGossipWorker::class.java.name                     ->
-                SendGossipWorker(appContext, workerParameters, sessionManager)
             SendVerificationMessageWorker::class.java.name        ->
                 SendVerificationMessageWorker(appContext, workerParameters, sessionManager)
             SyncWorker::class.java.name                           ->
diff --git a/vector/src/main/java/im/vector/app/features/crypto/recover/BackupToQuadSMigrationTask.kt b/vector/src/main/java/im/vector/app/features/crypto/recover/BackupToQuadSMigrationTask.kt
index 2092fe0f00..6cbeb3b29c 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/recover/BackupToQuadSMigrationTask.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/recover/BackupToQuadSMigrationTask.kt
@@ -20,7 +20,6 @@ import im.vector.app.R
 import im.vector.app.core.platform.ViewModelTask
 import im.vector.app.core.platform.WaitingViewData
 import im.vector.app.core.resources.StringProvider
-import org.matrix.android.sdk.api.NoOpMatrixCallback
 import org.matrix.android.sdk.api.listeners.ProgressListener
 import org.matrix.android.sdk.api.session.Session
 import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
@@ -143,15 +142,8 @@ class BackupToQuadSMigrationTask @Inject constructor(
             // save for gossiping
             keysBackupService.saveBackupRecoveryKey(recoveryKey, version.version)
 
-            // while we are there let's restore, but do not block
-            session.cryptoService().keysBackupService().restoreKeysWithRecoveryKey(
-                    version,
-                    recoveryKey,
-                    null,
-                    null,
-                    null,
-                    NoOpMatrixCallback()
-            )
+            // It's not a good idea to download the full backup, it might take very long
+            // and use a lot of resources
 
             return Result.Success
         } catch (failure: Throwable) {
diff --git a/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt b/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
index a7998dc474..db94bb61ea 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
@@ -42,7 +42,6 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.isVerified
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysBackupLastVersionResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.computeRecoveryKey
 import org.matrix.android.sdk.api.session.crypto.keysbackup.toKeysVersionResult
-import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.PendingVerificationRequest
@@ -58,6 +57,7 @@ import org.matrix.android.sdk.api.util.MatrixItem
 import org.matrix.android.sdk.api.util.awaitCallback
 import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.api.util.toMatrixItem
+
 import timber.log.Timber
 
 data class VerificationBottomSheetViewState(
@@ -422,6 +422,11 @@ class VerificationBottomSheetViewModel @AssistedInject constructor(
     }
 
     private fun tentativeRestoreBackup(res: Map<String, String>?) {
+        // It's not a good idea to download the full backup, it might take very long
+        // and use a lot of resources
+        // Just check that the ey is valid and store it, the backup will be used megolm session per
+        // megolm session when an UISI is encountered
+
         viewModelScope.launch(Dispatchers.IO) {
             try {
                 val secret = res?.get(KEYBACKUP_SECRET_SSSS_NAME) ?: return@launch Unit.also {
@@ -432,17 +437,13 @@ class VerificationBottomSheetViewModel @AssistedInject constructor(
                     session.cryptoService().keysBackupService().getCurrentVersion(it)
                 }.toKeysVersionResult() ?: return@launch
 
-                awaitCallback<ImportRoomKeysResult> {
-                    session.cryptoService().keysBackupService().restoreKeysWithRecoveryKey(
-                            version,
-                            computeRecoveryKey(secret.fromBase64()),
-                            null,
-                            null,
-                            null,
-                            it
-                    )
+                val recoveryKey = computeRecoveryKey(secret.fromBase64())
+                val isValid = awaitCallback<Boolean> {
+                    session.cryptoService().keysBackupService().isValidRecoveryKeyForCurrentVersion(recoveryKey, it)
+                }
+                if (isValid) {
+                    session.cryptoService().keysBackupService().saveBackupRecoveryKey(recoveryKey, version.version)
                 }
-
                 awaitCallback<Unit> {
                     session.cryptoService().keysBackupService().trustKeysBackupVersion(version, true, it)
                 }
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
index 83740c5018..f99b450cdd 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
@@ -27,10 +27,8 @@ import im.vector.app.core.extensions.cleanup
 import im.vector.app.core.extensions.configureWith
 import im.vector.app.core.platform.VectorBaseFragment
 import im.vector.app.core.resources.ColorProvider
-import im.vector.app.core.utils.createJSonViewerStyleProvider
 import im.vector.app.databinding.FragmentGenericRecyclerBinding
-import org.billcarsonfr.jsonviewer.JSonViewerDialog
-import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import javax.inject.Inject
 
 class GossipingEventsPaperTrailFragment @Inject constructor(
@@ -64,17 +62,17 @@ class GossipingEventsPaperTrailFragment @Inject constructor(
         super.onDestroyView()
     }
 
-    override fun didTap(event: Event) {
-        if (event.isEncrypted()) {
-            event.toClearContentStringWithIndent()
-        } else {
-            event.toContentStringWithIndent()
-        }?.let {
-            JSonViewerDialog.newInstance(
-                    it,
-                    -1,
-                    createJSonViewerStyleProvider(colorProvider)
-            ).show(childFragmentManager, "JSON_VIEWER")
-        }
+    override fun didTap(event: AuditTrail) {
+//        if (event.isEncrypted()) {
+//            event.toClearContentStringWithIndent()
+//        } else {
+//            event.toContentStringWithIndent()
+//        }?.let {
+//            JSonViewerDialog.newInstance(
+//                    it,
+//                    -1,
+//                    createJSonViewerStyleProvider(colorProvider)
+//            ).show(childFragmentManager, "JSON_VIEWER")
+//        }
     }
 }
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt
index 30c2757eff..feec469f80 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt
@@ -32,10 +32,10 @@ import im.vector.app.core.platform.EmptyAction
 import im.vector.app.core.platform.EmptyViewEvents
 import im.vector.app.core.platform.VectorViewModel
 import org.matrix.android.sdk.api.session.Session
-import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 
 data class GossipingEventsPaperTrailState(
-        val events: Async<PagedList<Event>> = Uninitialized
+        val events: Async<PagedList<AuditTrail>> = Uninitialized
 ) : MavericksState
 
 class GossipingEventsPaperTrailViewModel @AssistedInject constructor(@Assisted initialState: GossipingEventsPaperTrailState,
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
index 30c2efc3ce..20a14df6b2 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
@@ -17,62 +17,37 @@
 package im.vector.app.features.settings.devtools
 
 import im.vector.app.core.resources.DateProvider
-import me.gujun.android.span.span
-import org.matrix.android.sdk.api.session.crypto.model.ForwardedRoomKeyContent
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.OlmEventContent
-import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
-import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
+import org.matrix.android.sdk.internal.crypto.model.TrailType
+import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
 import org.threeten.bp.format.DateTimeFormatter
 
 class GossipingEventsSerializer {
     private val full24DateFormatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss.SSS")
 
-    fun serialize(eventList: List<Event>): String {
+    fun serialize(eventList: List<AuditTrail>): String {
         return buildString {
-            eventList.forEach {
-                val clearType = it.getClearType()
-                append("[${getFormattedDate(it.ageLocalTs)}] $clearType from:${it.senderId} - ")
-                when (clearType) {
-                    EventType.ROOM_KEY_REQUEST   -> {
-                        val content = it.getClearContent().toModel<RoomKeyShareRequest>()
-                        append("reqId:${content?.requestId} action:${content?.action} ")
-                        if (content?.action == GossipingToDeviceObject.ACTION_SHARE_REQUEST) {
-                            append("sessionId: ${content.body?.sessionId} ")
-                        }
-                        append("requestedBy: ${content?.requestingDeviceId}")
+            eventList.forEach { trail ->
+                val type = trail.type
+                val info = trail.info
+                append("[${getFormattedDate(trail.ageLocalTs)}] ${type.name} ")
+                append("sessionId: ${info.sessionId} ")
+                when (type) {
+                    TrailType.IncomingKeyRequest -> {
+                        append("from:${info.userId}|${info.deviceId} - ")
                     }
-                    EventType.FORWARDED_ROOM_KEY -> {
-                        val encryptedContent = it.content.toModel<OlmEventContent>()
-                        val content = it.getClearContent().toModel<ForwardedRoomKeyContent>()
-
-                        append("sessionId:${content?.sessionId} From Device (sender key):${encryptedContent?.senderKey}")
-                        span("\nFrom Device (sender key):") {
-                            textStyle = "bold"
+                    TrailType.OutgoingKeyForward -> {
+                        append("to:${info.userId}|${info.deviceId} - ")
+                        (trail.info as? ForwardInfo)?.let {
+                            append("chainIndex: ${it.chainIndex} ")
                         }
                     }
-                    EventType.ROOM_KEY           -> {
-                        val content = it.getClearContent()
-                        append("sessionId:${content?.get("session_id")} roomId:${content?.get("room_id")} dest:${content?.get("_dest") ?: "me"}")
-                    }
-                    EventType.SEND_SECRET        -> {
-                        val content = it.getClearContent().toModel<SecretSendEventContent>()
-                        append("requestId:${content?.requestId} From Device:${it.mxDecryptionResult?.payload?.get("sender_device")}")
-                    }
-                    EventType.REQUEST_SECRET     -> {
-                        val content = it.getClearContent().toModel<SecretShareRequest>()
-                        append("reqId:${content?.requestId} action:${content?.action} ")
-                        if (content?.action == GossipingToDeviceObject.ACTION_SHARE_REQUEST) {
-                            append("secretName:${content.secretName} ")
+                    TrailType.OutgoingKeyWithheld -> {
+                        append("to:${info.userId}|${info.deviceId} - ")
+                        (trail.info as? WithheldInfo)?.let {
+                            append("code: ${it.code} ")
                         }
-                        append("requestedBy:${content?.requestingDeviceId}")
-                    }
-                    EventType.ENCRYPTED          -> {
-                        append("Failed to Decrypt")
                     }
                     else                         -> {
                         append("??")
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
index dd016c2bf5..79b4564e7a 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
@@ -18,7 +18,6 @@ package im.vector.app.features.settings.devtools
 
 import com.airbnb.epoxy.EpoxyModel
 import com.airbnb.epoxy.paging.PagedListEpoxyController
-import im.vector.app.R
 import im.vector.app.core.date.DateFormatKind
 import im.vector.app.core.date.VectorDateFormatter
 import im.vector.app.core.resources.ColorProvider
@@ -26,137 +25,68 @@ import im.vector.app.core.ui.list.GenericItem_
 import im.vector.app.core.utils.createUIHandler
 import im.vector.lib.core.utils.epoxy.charsequence.toEpoxyCharSequence
 import me.gujun.android.span.span
-import org.matrix.android.sdk.api.session.crypto.model.ForwardedRoomKeyContent
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.OlmEventContent
-import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
-import org.matrix.android.sdk.api.session.events.model.toModel
+
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
+import org.matrix.android.sdk.internal.crypto.model.TrailType
+import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
+
 import javax.inject.Inject
 
 class GossipingTrailPagedEpoxyController @Inject constructor(
         private val vectorDateFormatter: VectorDateFormatter,
         private val colorProvider: ColorProvider
-) : PagedListEpoxyController<Event>(
+) : PagedListEpoxyController<AuditTrail>(
         // Important it must match the PageList builder notify Looper
         modelBuildingHandler = createUIHandler()
 ) {
 
     interface InteractionListener {
-        fun didTap(event: Event)
+        fun didTap(event: AuditTrail)
     }
 
     var interactionListener: InteractionListener? = null
 
-    override fun buildItemModel(currentPosition: Int, item: Event?): EpoxyModel<*> {
+    override fun buildItemModel(currentPosition: Int, item: AuditTrail?): EpoxyModel<*> {
         val host = this
         val event = item ?: return GenericItem_().apply { id(currentPosition) }
         return GenericItem_().apply {
             id(event.hashCode())
             itemClickAction { host.interactionListener?.didTap(event) }
-            title(
-                    if (event.isEncrypted()) {
-                        "${event.getClearType()} [encrypted]"
-                    } else {
-                        event.type
-                    }?.toEpoxyCharSequence()
-            )
+            title(event.type.name.toEpoxyCharSequence())
             description(
                     span {
                         +host.vectorDateFormatter.format(event.ageLocalTs, DateFormatKind.DEFAULT_DATE_AND_TIME)
                         span("\nfrom: ") {
                             textStyle = "bold"
                         }
-                        +"${event.senderId}"
+                        +"${event.info.userId}|${event.info.deviceId}"
+                        span("\nroomId: ") {
+                            textStyle = "bold"
+                        }
+                        +event.info.roomId
+                        span("\nsessionId: ") {
+                            textStyle = "bold"
+                        }
+                        +event.info.sessionId
                         apply {
-                            if (event.getClearType() == EventType.ROOM_KEY_REQUEST) {
-                                val content = event.getClearContent().toModel<RoomKeyShareRequest>()
-                                span("\nreqId:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.requestId}"
-                                span("\naction:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.action}"
-                                if (content?.action == GossipingToDeviceObject.ACTION_SHARE_REQUEST) {
-                                    span("\nsessionId:") {
+                            when (event.type) {
+                                TrailType.OutgoingKeyForward  -> {
+                                    val fInfo = event.info as ForwardInfo
+                                    span("\nchainIndex: ") {
                                         textStyle = "bold"
                                     }
-                                    +" ${content.body?.sessionId}"
+                                    +"${fInfo.chainIndex}"
                                 }
-                                span("\nrequestedBy: ") {
-                                    textStyle = "bold"
-                                }
-                                +"${content?.requestingDeviceId}"
-                            } else if (event.getClearType() == EventType.FORWARDED_ROOM_KEY) {
-                                val encryptedContent = event.content.toModel<OlmEventContent>()
-                                val content = event.getClearContent().toModel<ForwardedRoomKeyContent>()
-                                if (event.mxDecryptionResult == null) {
-                                    span("**Failed to Decrypt** ${event.mCryptoError}") {
-                                        textColor = host.colorProvider.getColorFromAttribute(R.attr.colorError)
-                                    }
-                                }
-                                span("\nsessionId:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.sessionId}"
-                                span("\nFrom Device (sender key):") {
-                                    textStyle = "bold"
-                                }
-                                +" ${encryptedContent?.senderKey}"
-                            } else if (event.getClearType() == EventType.ROOM_KEY) {
-                                // it's a bit of a fake event for trail reasons
-                                val content = event.getClearContent()
-                                span("\nsessionId:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.get("session_id")}"
-                                span("\nroomId:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.get("room_id")}"
-                                span("\nTo :") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.get("_dest") ?: "me"}"
-                            } else if (event.getClearType() == EventType.SEND_SECRET) {
-                                val content = event.getClearContent().toModel<SecretSendEventContent>()
-
-                                span("\nrequestId:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.requestId}"
-                                span("\nFrom Device:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${event.mxDecryptionResult?.payload?.get("sender_device")}"
-                            } else if (event.getClearType() == EventType.REQUEST_SECRET) {
-                                val content = event.getClearContent().toModel<SecretShareRequest>()
-                                span("\nreqId:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.requestId}"
-                                span("\naction:") {
-                                    textStyle = "bold"
-                                }
-                                +" ${content?.action}"
-                                if (content?.action == GossipingToDeviceObject.ACTION_SHARE_REQUEST) {
-                                    span("\nsecretName:") {
+                                TrailType.OutgoingKeyWithheld -> {
+                                    val fInfo = event.info as WithheldInfo
+                                    span("\ncode: ") {
                                         textStyle = "bold"
                                     }
-                                    +" ${content.secretName}"
+                                    +"${fInfo.code}"
                                 }
-                                span("\nrequestedBy: ") {
-                                    textStyle = "bold"
-                                }
-                                +"${content?.requestingDeviceId}"
-                            } else if (event.getClearType() == EventType.ENCRYPTED) {
-                                span("**Failed to Decrypt** ${event.mCryptoError}") {
-                                    textColor = host.colorProvider.getColorFromAttribute(R.attr.colorError)
+                                TrailType.IncomingKeyRequest  -> {
+                                    // no additional info
                                 }
                             }
                         }
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt
index a8045c07e3..ef2aabd7fe 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt
@@ -33,11 +33,11 @@ import im.vector.app.core.platform.VectorViewModel
 import kotlinx.coroutines.launch
 import org.matrix.android.sdk.api.session.Session
 import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 
 data class KeyRequestListViewState(
         val incomingRequests: Async<PagedList<IncomingRoomKeyRequest>> = Uninitialized,
-        val outgoingRoomKeyRequests: Async<PagedList<OutgoingRoomKeyRequest>> = Uninitialized
+        val outgoingRoomKeyRequests: Async<PagedList<OutgoingKeyRequest>> = Uninitialized
 ) : MavericksState
 
 class KeyRequestListViewModel @AssistedInject constructor(@Assisted initialState: KeyRequestListViewState,
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt
index b23bd77277..e3b31227b6 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt
@@ -22,10 +22,10 @@ import im.vector.app.core.ui.list.GenericItem_
 import im.vector.app.core.utils.createUIHandler
 import im.vector.lib.core.utils.epoxy.charsequence.toEpoxyCharSequence
 import me.gujun.android.span.span
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequest
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 import javax.inject.Inject
 
-class OutgoingKeyRequestPagedController @Inject constructor() : PagedListEpoxyController<OutgoingRoomKeyRequest>(
+class OutgoingKeyRequestPagedController @Inject constructor() : PagedListEpoxyController<OutgoingKeyRequest>(
         // Important it must match the PageList builder notify Looper
         modelBuildingHandler = createUIHandler()
 ) {
@@ -36,7 +36,7 @@ class OutgoingKeyRequestPagedController @Inject constructor() : PagedListEpoxyCo
 
     var interactionListener: InteractionListener? = null
 
-    override fun buildItemModel(currentPosition: Int, item: OutgoingRoomKeyRequest?): EpoxyModel<*> {
+    override fun buildItemModel(currentPosition: Int, item: OutgoingKeyRequest?): EpoxyModel<*> {
         val roomKeyRequest = item ?: return GenericItem_().apply { id(currentPosition) }
 
         return GenericItem_().apply {
diff --git a/vector/src/test/java/im/vector/app/test/fakes/FakeSharedSecretStorageService.kt b/vector/src/test/java/im/vector/app/test/fakes/FakeSharedSecretStorageService.kt
index 4f349f8506..d7d18b925d 100644
--- a/vector/src/test/java/im/vector/app/test/fakes/FakeSharedSecretStorageService.kt
+++ b/vector/src/test/java/im/vector/app/test/fakes/FakeSharedSecretStorageService.kt
@@ -66,7 +66,7 @@ class FakeSharedSecretStorageService : SharedSecretStorageService {
 
     override fun checkShouldBeAbleToAccessSecrets(secretNames: List<String>, keyId: String?) = integrityResult
 
-    override fun requestSecret(name: String, myOtherDeviceId: String) {
+    override suspend fun requestSecret(name: String, myOtherDeviceId: String) {
         TODO("Not yet implemented")
     }
 }

From 9747eb2432c1906a2bd2d80678e84ed608ce006c Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 16 Mar 2022 14:50:50 +0100
Subject: [PATCH 02/27] Add share test + fix

Crypto config to only request to own device. Only cancel request if ratchet index is low enough
---
 .../android/sdk/common/CryptoTestHelper.kt    |   59 +-
 .../sdk/internal/crypto/E2eeSanityTests.kt    |   67 +-
 .../crypto/gossiping/KeyShareTests.kt         |  517 ++++---
 .../android/sdk/api/crypto/MXCryptoConfig.kt  |    8 +-
 .../sdk/api/session/crypto/CryptoService.kt   |    6 +
 .../keyshare/GossipingRequestListener.kt      |    7 +-
 .../model/IncomingRequestCancellation.kt      |   63 -
 .../crypto/model/IncomingRoomKeyRequest.kt    |   61 +-
 .../model/IncomingSecretShareRequest.kt       |   82 -
 .../internal/crypto/DefaultCryptoService.kt   |  135 +-
 .../sdk/internal/crypto/DeviceListManager.kt  |   17 +-
 .../crypto/IncomingKeyRequestManager.kt       |  112 +-
 .../crypto/IncomingShareRequestCommon.kt      |   36 -
 .../sdk/internal/crypto/MXOlmDevice.kt        |   23 +-
 .../sdk/internal/crypto/OutgoingKeyRequest.kt |    5 +-
 ...anager.kt => OutgoingKeyRequestManager.kt} |  204 ++-
 .../crypto/OutgoingRoomKeyRequestState.kt}    |    3 +-
 .../sdk/internal/crypto/SecretShareManager.kt |   24 +-
 .../actions/MegolmSessionDataImporter.kt      |   14 +-
 .../crypto/algorithms/IMXDecrypting.kt        |   21 -
 .../algorithms/megolm/MXMegolmDecryption.kt   |  230 +--
 .../megolm/MXMegolmDecryptionFactory.kt       |   27 +-
 .../crypto/algorithms/olm/MXOlmDecryption.kt  |    4 -
 .../sdk/internal/crypto/model/AuditTrail.kt   |    3 +-
 .../internal/crypto/store/IMXCryptoStore.kt   |   66 +-
 .../crypto/store/db/RealmCryptoStore.kt       | 1333 +++++++----------
 .../crypto/store/db/RealmCryptoStoreModule.kt |    2 -
 .../store/db/migration/MigrateCryptoTo016.kt  |    4 +-
 .../model/IncomingGossipingRequestEntity.kt   |   58 +-
 .../model/OutgoingGossipingRequestEntity.kt   |    3 +-
 .../db/model/OutgoingKeyRequestEntity.kt      |   14 +-
 ...comingSASDefaultVerificationTransaction.kt |    6 +-
 ...tgoingSASDefaultVerificationTransaction.kt |    6 +-
 .../DefaultVerificationService.kt             |   14 +-
 .../DefaultVerificationTransaction.kt         |    4 +-
 .../SASDefaultVerificationTransaction.kt      |    6 +-
 .../DefaultQrCodeVerificationTransaction.kt   |    7 +-
 .../crypto/keysrequest/KeyRequestHandler.kt   |   20 +-
 .../IncomingKeyRequestPagedController.kt      |    4 -
 39 files changed, 1364 insertions(+), 1911 deletions(-)
 delete mode 100755 matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRequestCancellation.kt
 delete mode 100755 matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingSecretShareRequest.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingShareRequestCommon.kt
 rename matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/{OutgoingGossipingRequestManager.kt => OutgoingKeyRequestManager.kt} (61%)
 rename matrix-sdk-android/src/main/java/org/matrix/android/sdk/{api/session/crypto/model/OutgoingGossipingRequestState.kt => internal/crypto/OutgoingRoomKeyRequestState.kt} (92%)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
index 5916bf2fab..ffcae5ad01 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
@@ -19,6 +19,7 @@ package org.matrix.android.sdk.common
 import android.os.SystemClock
 import android.util.Log
 import androidx.lifecycle.Observer
+import org.amshove.kluent.fail
 import org.junit.Assert.assertEquals
 import org.junit.Assert.assertNotNull
 import org.junit.Assert.assertNull
@@ -31,6 +32,7 @@ import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM_BACKUP
 import org.matrix.android.sdk.api.extensions.orFalse
 import org.matrix.android.sdk.api.session.Session
+import org.matrix.android.sdk.api.session.crypto.MXCryptoError
 import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
@@ -39,6 +41,7 @@ import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupAuthData
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
 import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
+import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationMethod
@@ -46,11 +49,13 @@ import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxStat
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.toContent
+import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.session.getRoom
 import org.matrix.android.sdk.api.session.room.Room
 import org.matrix.android.sdk.api.session.room.model.Membership
 import org.matrix.android.sdk.api.session.room.model.RoomSummary
 import org.matrix.android.sdk.api.session.room.model.create.CreateRoomParams
+import org.matrix.android.sdk.api.session.room.model.message.MessageContent
 import org.matrix.android.sdk.api.session.room.roomSummaryQueryParams
 import org.matrix.android.sdk.api.session.securestorage.EmptyKeySigner
 import org.matrix.android.sdk.api.session.securestorage.SharedSecretStorageService
@@ -299,7 +304,8 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
                                             )
                                     )
                                 }
-                            }, it)
+                            }, it
+                    )
         }
     }
 
@@ -308,7 +314,7 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
      */
     fun bootstrapSecurity(session: Session) {
         initializeCrossSigning(session)
-        val ssssService = session.sharedSecretStorageService
+        val ssssService = session.sharedSecretStorageService()
         testHelper.runBlockingTest {
             val keyInfo = ssssService.generateKey(
                     UUID.randomUUID().toString(),
@@ -369,7 +375,8 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
                 requestID,
                 roomId,
                 bob.myUserId,
-                bob.sessionParams.credentials.deviceId!!)
+                bob.sessionParams.credentials.deviceId!!
+        )
 
         // we should reach SHOW SAS on both
         var alicePovTx: OutgoingSasVerificationTransaction? = null
@@ -451,4 +458,50 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
 
         return CryptoTestData(roomId, sessions)
     }
+
+    fun ensureCanDecrypt(sentEventIds: List<String>, session: Session, e2eRoomID: String, messagesText: List<String>) {
+        sentEventIds.forEachIndexed { index, sentEventId ->
+            testHelper.waitWithLatch { latch ->
+                testHelper.retryPeriodicallyWithLatch(latch) {
+                    val event = session.getRoom(e2eRoomID)!!.getTimelineEvent(sentEventId)!!.root
+                    testHelper.runBlockingTest {
+                        try {
+                            session.cryptoService().decryptEvent(event, "").let { result ->
+                                event.mxDecryptionResult = OlmDecryptionResult(
+                                        payload = result.clearEvent,
+                                        senderKey = result.senderCurve25519Key,
+                                        keysClaimed = result.claimedEd25519Key?.let { mapOf("ed25519" to it) },
+                                        forwardingCurve25519KeyChain = result.forwardingCurve25519KeyChain
+                                )
+                            }
+                        } catch (error: MXCryptoError) {
+                            // nop
+                        }
+                    }
+                    Log.v("TEST", "ensureCanDecrypt ${event.getClearType()} is ${event.getClearContent()}")
+                    event.getClearType() == EventType.MESSAGE &&
+                            messagesText[index] == event.getClearContent()?.toModel<MessageContent>()?.body
+                }
+            }
+        }
+    }
+
+    fun ensureCannotDecrypt(sentEventIds: List<String>, session: Session, e2eRoomID: String, expectedError: MXCryptoError.ErrorType? = null) {
+        sentEventIds.forEach { sentEventId ->
+            val event = session.getRoom(e2eRoomID)!!.getTimelineEvent(sentEventId)!!.root
+            testHelper.runBlockingTest {
+                try {
+                    session.cryptoService().decryptEvent(event, "")
+                    fail("Should not be able to decrypt event")
+                } catch (error: MXCryptoError) {
+                    val errorType = (error as? MXCryptoError.Base)?.errorType
+                    if (expectedError == null) {
+                        assertNotNull(errorType)
+                    } else {
+                        assertEquals("Unexpected reason", expectedError, errorType)
+                    }
+                }
+            }
+        }
+    }
 }
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index fbbb82843b..d5ae06a0e3 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -34,7 +34,6 @@ import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersionResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
 import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
-import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.PendingVerificationRequest
@@ -296,7 +295,7 @@ class E2eeSanityTests : InstrumentedTest {
             }
         }
         // after initial sync events are not decrypted, so we have to try manually
-        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID)
+        cryptoTestHelper.ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID)
 
         // Let's now import keys from backup
 
@@ -317,7 +316,7 @@ class E2eeSanityTests : InstrumentedTest {
         }
 
         // ensure bob can now decrypt
-        ensureCanDecrypt(sentEventIds, newBobSession, e2eRoomID, messagesText)
+        cryptoTestHelper.ensureCanDecrypt(sentEventIds, newBobSession, e2eRoomID, messagesText)
 
         testHelper.signOutAndClose(newBobSession)
     }
@@ -368,7 +367,7 @@ class E2eeSanityTests : InstrumentedTest {
         // check that new bob can't currently decrypt
         Log.v("#E2E TEST", "check that new bob can't currently decrypt")
 
-        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, null)
+        cryptoTestHelper.ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, null)
 //        newBobSession.cryptoService().getOutgoingRoomKeyRequests()
 //                .firstOrNull {
 //                    it.sessionId ==
@@ -408,7 +407,7 @@ class E2eeSanityTests : InstrumentedTest {
             }
         }
 
-        ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, null)
+        cryptoTestHelper.ensureCannotDecrypt(sentEventIds, newBobSession, e2eRoomID, null)
 
         // Now mark new bob session as verified
 
@@ -421,7 +420,7 @@ class E2eeSanityTests : InstrumentedTest {
             newBobSession.cryptoService().reRequestRoomKeyForEvent(event)
         }
 
-        ensureCanDecrypt(sentEventIds, newBobSession, e2eRoomID, messagesText)
+        cryptoTestHelper.ensureCanDecrypt(sentEventIds, newBobSession, e2eRoomID, messagesText)
 
         cryptoTestData.cleanUp(testHelper)
         testHelper.signOutAndClose(newBobSession)
@@ -467,7 +466,7 @@ class E2eeSanityTests : InstrumentedTest {
 
         // check that new bob can't currently decrypt
         Log.v("#E2E TEST", "check that new bob can't currently decrypt")
-        ensureCannotDecrypt(listOf(firstEventId), newBobSession, e2eRoomID, MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID)
+        cryptoTestHelper.ensureCannotDecrypt(listOf(firstEventId), newBobSession, e2eRoomID, MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID)
 
         // Now let alice send a new message. this time the new bob session will be able to decrypt
         var secondEventId: String
@@ -686,8 +685,13 @@ class E2eeSanityTests : InstrumentedTest {
         // wait for secret gossiping to happen
         testHelper.waitWithLatch { latch ->
             testHelper.retryPeriodicallyWithLatch(latch) {
-                aliceNewSession.cryptoService().crossSigningService().allPrivateKeysKnown() &&
-                        aliceNewSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo() != null
+                aliceNewSession.cryptoService().crossSigningService().allPrivateKeysKnown()
+            }
+        }
+
+        testHelper.waitWithLatch { latch ->
+            testHelper.retryPeriodicallyWithLatch(latch) {
+                aliceNewSession.cryptoService().keysBackupService().getKeyBackupRecoveryKeyInfo() != null
             }
         }
 
@@ -765,32 +769,6 @@ class E2eeSanityTests : InstrumentedTest {
         }
     }
 
-    private fun ensureCanDecrypt(sentEventIds: MutableList<String>, session: Session, e2eRoomID: String, messagesText: List<String>) {
-        sentEventIds.forEachIndexed { index, sentEventId ->
-            testHelper.waitWithLatch { latch ->
-                testHelper.retryPeriodicallyWithLatch(latch) {
-                    val event = session.getRoom(e2eRoomID)!!.getTimelineEvent(sentEventId)!!.root
-                    testHelper.runBlockingTest {
-                        try {
-                            session.cryptoService().decryptEvent(event, "").let { result ->
-                                event.mxDecryptionResult = OlmDecryptionResult(
-                                        payload = result.clearEvent,
-                                        senderKey = result.senderCurve25519Key,
-                                        keysClaimed = result.claimedEd25519Key?.let { mapOf("ed25519" to it) },
-                                        forwardingCurve25519KeyChain = result.forwardingCurve25519KeyChain
-                                )
-                            }
-                        } catch (error: MXCryptoError) {
-                            // nop
-                        }
-                    }
-                    event.getClearType() == EventType.MESSAGE &&
-                            messagesText[index] == event.getClearContent()?.toModel<MessageContent>()?.body
-                }
-            }
-        }
-    }
-
     private fun ensureIsDecrypted(sentEventIds: List<String>, session: Session, e2eRoomID: String) {
         testHelper.waitWithLatch { latch ->
             sentEventIds.forEach { sentEventId ->
@@ -803,23 +781,4 @@ class E2eeSanityTests : InstrumentedTest {
             }
         }
     }
-
-    private fun ensureCannotDecrypt(sentEventIds: List<String>, newBobSession: Session, e2eRoomID: String, expectedError: MXCryptoError.ErrorType?) {
-        sentEventIds.forEach { sentEventId ->
-            val event = newBobSession.getRoom(e2eRoomID)!!.getTimelineEvent(sentEventId)!!.root
-            testHelper.runBlockingTest {
-                try {
-                    newBobSession.cryptoService().decryptEvent(event, "")
-                    fail("Should not be able to decrypt event")
-                } catch (error: MXCryptoError) {
-                    val errorType = (error as? MXCryptoError.Base)?.errorType
-                    if (expectedError == null) {
-                        Assert.assertNotNull(errorType)
-                    } else {
-                        assertEquals(expectedError, errorType, "Unexpected reason")
-                    }
-                }
-            }
-        }
-    }
 }
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
index a05dd721a0..3e8ca8daff 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
@@ -19,45 +19,31 @@ package org.matrix.android.sdk.internal.crypto.gossiping
 import android.util.Log
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import androidx.test.filters.LargeTest
-import junit.framework.TestCase.assertEquals
 import junit.framework.TestCase.assertNotNull
 import junit.framework.TestCase.assertTrue
 import junit.framework.TestCase.fail
+import org.amshove.kluent.internal.assertEquals
 import org.junit.Assert
+import org.junit.Assert.assertNull
 import org.junit.FixMethodOrder
-import org.junit.Ignore
 import org.junit.Test
 import org.junit.runner.RunWith
 import org.junit.runners.MethodSorters
 import org.matrix.android.sdk.InstrumentedTest
-import org.matrix.android.sdk.api.auth.UIABaseAuth
-import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
-import org.matrix.android.sdk.api.auth.UserPasswordAuth
-import org.matrix.android.sdk.api.auth.registration.RegistrationFlowResponse
-import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
-import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
-import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
-import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
-import org.matrix.android.sdk.api.session.crypto.verification.SasVerificationTransaction
-import org.matrix.android.sdk.api.session.crypto.verification.VerificationMethod
-import org.matrix.android.sdk.api.session.crypto.verification.VerificationService
-import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
-import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.session.getRoom
 import org.matrix.android.sdk.api.session.room.model.RoomDirectoryVisibility
 import org.matrix.android.sdk.api.session.room.model.create.CreateRoomParams
-import org.matrix.android.sdk.api.session.room.model.message.MessageContent
+import org.matrix.android.sdk.api.session.room.timeline.getLastMessageContent
 import org.matrix.android.sdk.common.CommonTestHelper
+import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.SessionTestParams
 import org.matrix.android.sdk.common.TestConstants
-import kotlin.coroutines.Continuation
-import kotlin.coroutines.resume
+import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.internal.crypto.RequestResult
 
 @RunWith(AndroidJUnit4::class)
 @FixMethodOrder(MethodSorters.JVM)
@@ -65,11 +51,12 @@ import kotlin.coroutines.resume
 class KeyShareTests : InstrumentedTest {
 
     private val commonTestHelper = CommonTestHelper(context())
+    private val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
 
     @Test
-    @Ignore("This test will be ignored until it is fixed")
     fun test_DoNotSelfShareIfNotTrusted() {
         val aliceSession = commonTestHelper.createAccount(TestConstants.USER_ALICE, SessionTestParams(true))
+        Log.v("TEST", "=======> AliceSession 1 is ${aliceSession.sessionParams.deviceId}")
 
         // Create an encrypted room and add a message
         val roomId = commonTestHelper.runBlockingTest {
@@ -84,11 +71,14 @@ class KeyShareTests : InstrumentedTest {
         assertNotNull(room)
         Thread.sleep(4_000)
         assertTrue(room?.isEncrypted() == true)
-        val sentEventId = commonTestHelper.sendTextMessage(room!!, "My Message", 1).first().eventId
+        val sentEvent = commonTestHelper.sendTextMessage(room!!, "My Message", 1).first()
+        val sentEventId = sentEvent.eventId
+        val sentEventText = sentEvent.getLastMessageContent()?.body
 
         // Open a new sessionx
 
         val aliceSession2 = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
+        Log.v("TEST", "=======> AliceSession 2 is ${aliceSession2.sessionParams.deviceId}")
 
         val roomSecondSessionPOV = aliceSession2.getRoom(roomId)
 
@@ -139,17 +129,34 @@ class KeyShareTests : InstrumentedTest {
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
                 // DEBUG LOGS
-                aliceSession.cryptoService().getIncomingRoomKeyRequests().let {
-                    Log.v("TEST", "Incoming request Session 1 (looking for $outGoingRequestId)")
+//                aliceSession.cryptoService().getIncomingRoomKeyRequests().let {
+//                    Log.v("TEST", "Incoming request Session 1 (looking for $outGoingRequestId)")
+//                    Log.v("TEST", "=========================")
+//                    it.forEach { keyRequest ->
+//                        Log.v("TEST", "[ts${keyRequest.localCreationTimestamp}] requestId ${keyRequest.requestId}, for sessionId ${keyRequest.requestBody?.sessionId}")
+//                    }
+//                    Log.v("TEST", "=========================")
+//                }
+
+                val incoming = aliceSession.cryptoService().getIncomingRoomKeyRequests().firstOrNull { it.requestId == outGoingRequestId }
+                incoming != null
+            }
+        }
+
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                // DEBUG LOGS
+                aliceSession2.cryptoService().getOutgoingRoomKeyRequests().forEach { keyRequest ->
                     Log.v("TEST", "=========================")
-                    it.forEach { keyRequest ->
-                        Log.v("TEST", "[ts${keyRequest.localCreationTimestamp}] requestId ${keyRequest.requestId}, for sessionId ${keyRequest.requestBody?.sessionId} is ${keyRequest.state}")
-                    }
+                    Log.v("TEST", "requestId ${keyRequest.requestId}, for sessionId ${keyRequest.requestBody?.sessionId}")
+                    Log.v("TEST", "replies -> ${keyRequest.results.joinToString { it.toString() }}")
                     Log.v("TEST", "=========================")
                 }
 
-                val incoming = aliceSession.cryptoService().getIncomingRoomKeyRequests().firstOrNull { it.requestId == outGoingRequestId }
-                incoming?.state == GossipingRequestState.REJECTED
+                val outgoing = aliceSession2.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.requestId == outGoingRequestId }
+                val reply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val resultCode = (reply?.result as? RequestResult.Failure)?.code
+                resultCode == WithHeldCode.UNAUTHORISED
             }
         }
 
@@ -168,249 +175,279 @@ class KeyShareTests : InstrumentedTest {
         // Re request
         aliceSession2.cryptoService().reRequestRoomKeyForEvent(receivedEvent.root)
 
-        commonTestHelper.waitWithLatch { latch ->
-            commonTestHelper.retryPeriodicallyWithLatch(latch) {
-                aliceSession.cryptoService().getIncomingRoomKeyRequests().let {
-                    Log.v("TEST", "Incoming request Session 1")
-                    Log.v("TEST", "=========================")
-                    it.forEach {
-                        Log.v("TEST", "requestId ${it.requestId}, for sessionId ${it.requestBody?.sessionId} is ${it.state}")
-                    }
-                    Log.v("TEST", "=========================")
-
-                    it.any { it.requestBody?.sessionId == eventMegolmSessionId && it.state == GossipingRequestState.ACCEPTED }
-                }
-            }
-        }
-
-        Thread.sleep(6_000)
-        commonTestHelper.waitWithLatch { latch ->
-            commonTestHelper.retryPeriodicallyWithLatch(latch) {
-                // It should have been deleted from store
-                val outgoingRoomKeyRequests = aliceSession2.cryptoService().getOutgoingRoomKeyRequests()
-                outgoingRoomKeyRequests.isEmpty()
-            }
-        }
-
-        try {
-            commonTestHelper.runBlockingTest {
-                aliceSession2.cryptoService().decryptEvent(receivedEvent.root, "foo")
-            }
-        } catch (failure: Throwable) {
-            fail("should have been able to decrypt")
-        }
+        cryptoTestHelper.ensureCanDecrypt(listOf(receivedEvent.eventId), aliceSession2, roomId, listOf(sentEventText ?: ""))
 
         commonTestHelper.signOutAndClose(aliceSession)
         commonTestHelper.signOutAndClose(aliceSession2)
     }
 
+    // See E2ESanityTest for a test regarding secret sharing
+
+    /**
+     * Test that the sender of a message accepts to re-share to another user
+     * if the key was originally shared with him
+     */
     @Test
-    @Ignore("This test will be ignored until it is fixed")
-    fun test_ShareSSSSSecret() {
-        val aliceSession1 = commonTestHelper.createAccount(TestConstants.USER_ALICE, SessionTestParams(true))
+    fun test_reShareIfWasIntendedToBeShared() {
+        val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
+        val aliceSession = testData.firstSession
+        val roomFromAlice = aliceSession.getRoom(testData.roomId)!!
+        val bobSession = testData.secondSession!!
 
-        commonTestHelper.doSync<Unit> {
-            aliceSession1.cryptoService().crossSigningService()
-                    .initializeCrossSigning(
-                            object : UserInteractiveAuthInterceptor {
-                                override fun performStage(flowResponse: RegistrationFlowResponse, errCode: String?, promise: Continuation<UIABaseAuth>) {
-                                    promise.resume(
-                                            UserPasswordAuth(
-                                                    user = aliceSession1.myUserId,
-                                                    password = TestConstants.PASSWORD
-                                            )
-                                    )
-                                }
-                            }, it)
-        }
+        val sentEvent = commonTestHelper.sendTextMessage(roomFromAlice, "Hello", 1).first()
+        val sentEventMegolmSession = sentEvent.root.content.toModel<EncryptedEventContent>()!!.sessionId!!
 
-        // Also bootstrap keybackup on first session
-        val creationInfo = commonTestHelper.doSync<MegolmBackupCreationInfo> {
-            aliceSession1.cryptoService().keysBackupService().prepareKeysBackupVersion(null, null, it)
-        }
-        val version = commonTestHelper.doSync<KeysVersion> {
-            aliceSession1.cryptoService().keysBackupService().createKeysBackupVersion(creationInfo, it)
-        }
-        // Save it for gossiping
-        aliceSession1.cryptoService().keysBackupService().saveBackupRecoveryKey(creationInfo.recoveryKey, version = version.version)
+        // bob should be able to decrypt
+        cryptoTestHelper.ensureCanDecrypt(listOf(sentEvent.eventId), bobSession, testData.roomId, listOf(sentEvent.getLastMessageContent()?.body ?: ""))
 
-        val aliceSession2 = commonTestHelper.logIntoAccount(aliceSession1.myUserId, SessionTestParams(true))
-
-        val aliceVerificationService1 = aliceSession1.cryptoService().verificationService()
-        val aliceVerificationService2 = aliceSession2.cryptoService().verificationService()
-
-        // force keys download
-        commonTestHelper.doSync<MXUsersDevicesMap<CryptoDeviceInfo>> {
-            aliceSession1.cryptoService().downloadKeys(listOf(aliceSession1.myUserId), true, it)
-        }
-        commonTestHelper.doSync<MXUsersDevicesMap<CryptoDeviceInfo>> {
-            aliceSession2.cryptoService().downloadKeys(listOf(aliceSession2.myUserId), true, it)
-        }
-
-        var session1ShortCode: String? = null
-        var session2ShortCode: String? = null
-
-        aliceVerificationService1.addListener(object : VerificationService.Listener {
-            override fun transactionUpdated(tx: VerificationTransaction) {
-                Log.d("#TEST", "AA: tx incoming?:${tx.isIncoming} state ${tx.state}")
-                if (tx is SasVerificationTransaction) {
-                    if (tx.state == VerificationTxState.OnStarted) {
-                        (tx as IncomingSasVerificationTransaction).performAccept()
-                    }
-                    if (tx.state == VerificationTxState.ShortCodeReady) {
-                        session1ShortCode = tx.getDecimalCodeRepresentation()
-                        Thread.sleep(500)
-                        tx.userHasVerifiedShortCode()
-                    }
-                }
-            }
-        })
-
-        aliceVerificationService2.addListener(object : VerificationService.Listener {
-            override fun transactionUpdated(tx: VerificationTransaction) {
-                Log.d("#TEST", "BB: tx incoming?:${tx.isIncoming} state ${tx.state}")
-                if (tx is SasVerificationTransaction) {
-                    if (tx.state == VerificationTxState.ShortCodeReady) {
-                        session2ShortCode = tx.getDecimalCodeRepresentation()
-                        Thread.sleep(500)
-                        tx.userHasVerifiedShortCode()
-                    }
-                }
-            }
-        })
-
-        val txId = "m.testVerif12"
-        aliceVerificationService2.beginKeyVerification(VerificationMethod.SAS, aliceSession1.myUserId, aliceSession1.sessionParams.deviceId
-                ?: "", txId)
+        // Let's try to request any how.
+        // As it was share previously alice should accept to reshare
+        bobSession.cryptoService().reRequestRoomKeyForEvent(sentEvent.root)
 
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
-                aliceSession1.cryptoService().getDeviceInfo(aliceSession1.myUserId, aliceSession2.sessionParams.deviceId ?: "")?.isVerified == true
+                val outgoing = bobSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val aliceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                aliceReply != null && aliceReply.result is RequestResult.Success
             }
         }
-
-        assertNotNull(session1ShortCode)
-        Log.d("#TEST", "session1ShortCode: $session1ShortCode")
-        assertNotNull(session2ShortCode)
-        Log.d("#TEST", "session2ShortCode: $session2ShortCode")
-        assertEquals(session1ShortCode, session2ShortCode)
-
-        // SSK and USK private keys should have been shared
-
-        commonTestHelper.waitWithLatch(60_000) { latch ->
-            commonTestHelper.retryPeriodicallyWithLatch(latch) {
-                Log.d("#TEST", "CAN XS :${aliceSession2.cryptoService().crossSigningService().getMyCrossSigningKeys()}")
-                aliceSession2.cryptoService().crossSigningService().canCrossSign()
-            }
-        }
-
-        // Test that key backup key has been shared to
-        commonTestHelper.waitWithLatch(60_000) { latch ->
-            val keysBackupService = aliceSession2.cryptoService().keysBackupService()
-            commonTestHelper.retryPeriodicallyWithLatch(latch) {
-                Log.d("#TEST", "Recovery :${keysBackupService.getKeyBackupRecoveryKeyInfo()?.recoveryKey}")
-                keysBackupService.getKeyBackupRecoveryKeyInfo()?.recoveryKey == creationInfo.recoveryKey
-            }
-        }
-
-        commonTestHelper.signOutAndClose(aliceSession1)
-        commonTestHelper.signOutAndClose(aliceSession2)
     }
 
+    /**
+     * Test that our own devices accept to reshare to unverified device if it was shared initialy
+     * if the key was originally shared with him
+     */
     @Test
-    @Ignore("This test will be ignored until it is fixed")
-    fun test_ImproperKeyShareBug() {
-        val aliceSession = commonTestHelper.createAccount(TestConstants.USER_ALICE, SessionTestParams(true))
+    fun test_reShareToUnverifiedIfWasIntendedToBeShared() {
+        val testData = cryptoTestHelper.doE2ETestWithAliceInARoom(true)
+        val aliceSession = testData.firstSession
+        val roomFromAlice = aliceSession.getRoom(testData.roomId)!!
 
-        commonTestHelper.doSync<Unit> {
-            aliceSession.cryptoService().crossSigningService()
-                    .initializeCrossSigning(
-                            object : UserInteractiveAuthInterceptor {
-                                override fun performStage(flowResponse: RegistrationFlowResponse, errCode: String?, promise: Continuation<UIABaseAuth>) {
-                                    promise.resume(
-                                            UserPasswordAuth(
-                                                    user = aliceSession.myUserId,
-                                                    password = TestConstants.PASSWORD,
-                                                    session = flowResponse.session
-                                            )
-                                    )
-                                }
-                            }, it)
+        val aliceNewSession = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
+
+        // we wait for alice first session to be aware of that session?
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val newSession = aliceSession.cryptoService().getUserDevices(aliceSession.myUserId)
+                        .firstOrNull { it.deviceId == aliceNewSession.sessionParams.deviceId }
+                newSession != null
+            }
         }
+        val sentEvent = commonTestHelper.sendTextMessage(roomFromAlice, "Hello", 1).first()
+        val sentEventMegolmSession = sentEvent.root.content.toModel<EncryptedEventContent>()!!.sessionId!!
 
-        // Create an encrypted room and send a couple of messages
-        val roomId = commonTestHelper.runBlockingTest {
-            aliceSession.roomService().createRoom(
-                    CreateRoomParams().apply {
-                        visibility = RoomDirectoryVisibility.PRIVATE
-                        enableEncryption()
-                    }
-            )
+        // Let's try to request any how.
+        // As it was share previously alice should accept to reshare
+        aliceNewSession.cryptoService().reRequestRoomKeyForEvent(sentEvent.root)
+
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val ownDeviceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                ownDeviceReply != null && ownDeviceReply.result is RequestResult.Success
+            }
         }
-        val roomAlicePov = aliceSession.getRoom(roomId)
-        assertNotNull(roomAlicePov)
-        Thread.sleep(1_000)
-        assertTrue(roomAlicePov?.isEncrypted() == true)
-        val secondEventId = commonTestHelper.sendTextMessage(roomAlicePov!!, "Message", 3)[1].eventId
+    }
 
-        // Create bob session
+    /**
+     * Tests that keys reshared with own verified session are done from the earliest known index
+     */
+    @Test
+    fun test_reShareFromTheEarliestKnownIndexWithOwnVerifiedSession() {
+        val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
+        val aliceSession = testData.firstSession
+        val bobSession = testData.secondSession!!
+        val roomFromBob = bobSession.getRoom(testData.roomId)!!
 
-        val bobSession = commonTestHelper.createAccount(TestConstants.USER_BOB, SessionTestParams(true))
-        commonTestHelper.doSync<Unit> {
-            bobSession.cryptoService().crossSigningService()
-                    .initializeCrossSigning(
-                            object : UserInteractiveAuthInterceptor {
-                                override fun performStage(flowResponse: RegistrationFlowResponse, errCode: String?, promise: Continuation<UIABaseAuth>) {
-                                    promise.resume(
-                                            UserPasswordAuth(
-                                                    user = bobSession.myUserId,
-                                                    password = TestConstants.PASSWORD,
-                                                    session = flowResponse.session
-                                            )
-                                    )
-                                }
-                            }, it)
-        }
+        val sentEvents = commonTestHelper.sendTextMessage(roomFromBob, "Hello", 3)
+        val sentEventMegolmSession = sentEvents.first().root.content.toModel<EncryptedEventContent>()!!.sessionId!!
 
-        // Let alice invite bob
-        commonTestHelper.runBlockingTest {
-            roomAlicePov.invite(bobSession.myUserId, null)
-        }
+        // Let alice now add a new session
+        val aliceNewSession = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
 
-        commonTestHelper.runBlockingTest {
-            bobSession.roomService().joinRoom(roomAlicePov.roomId, null, emptyList())
-        }
-
-        // we want to discard alice outbound session
-        aliceSession.cryptoService().discardOutboundSession(roomAlicePov.roomId)
-
-        // and now resend a new message to reset index to 0
-        commonTestHelper.sendTextMessage(roomAlicePov, "After", 1)
-
-        val roomRoomBobPov = aliceSession.getRoom(roomId)
-        val beforeJoin = roomRoomBobPov!!.getTimelineEvent(secondEventId)
-
-        var dRes = tryOrNull {
-            commonTestHelper.runBlockingTest {
-                bobSession.cryptoService().decryptEvent(beforeJoin!!.root, "")
+        // we wait bob first session to be aware of that session?
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val newSession = bobSession.cryptoService().getUserDevices(aliceSession.myUserId)
+                        .firstOrNull { it.deviceId == aliceNewSession.sessionParams.deviceId }
+                newSession != null
             }
         }
 
-        assert(dRes == null)
+        val newEvent = commonTestHelper.sendTextMessage(roomFromBob, "The New", 1).first()
+        val newEventId = newEvent.eventId
+        val newEventText = newEvent.getLastMessageContent()!!.body
 
-        // Try to re-ask the keys
+        // alice should be able to decrypt the new one
+        cryptoTestHelper.ensureCanDecrypt(listOf(newEventId), aliceNewSession, testData.roomId, listOf(newEventText))
+        // but not the first one!
+        cryptoTestHelper.ensureCannotDecrypt(sentEvents.map { it.eventId }, aliceNewSession, testData.roomId)
 
-        bobSession.cryptoService().reRequestRoomKeyForEvent(beforeJoin!!.root)
+        // All should be using the same session id
+        sentEvents.forEach {
+            assertEquals(sentEventMegolmSession, it.root.content.toModel<EncryptedEventContent>()!!.sessionId)
+        }
+        assertEquals(sentEventMegolmSession, newEvent.root.content.toModel<EncryptedEventContent>()!!.sessionId)
 
-        Thread.sleep(3_000)
+        // Request a first time, bob and alice should reply with unauthorized
+        aliceNewSession.cryptoService().reRequestRoomKeyForEvent(newEvent.root)
 
-        // With the bug the first session would have improperly reshare that key :/
-        dRes = tryOrNull {
-            commonTestHelper.runBlockingTest {
-                bobSession.cryptoService().decryptEvent(beforeJoin.root, "")
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val ownDeviceReply = outgoing?.results
+                        ?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val result = ownDeviceReply?.result
+                Log.v("TEST", "own device result is $result")
+                result != null && result is RequestResult.Failure && result.code == WithHeldCode.UNVERIFIED
             }
         }
-        Log.d("#TEST", "KS: sgould not decrypt that ${beforeJoin.root.getClearContent().toModel<MessageContent>()?.body}")
-        assert(dRes?.clearEvent == null)
+
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val bobDeviceReply = outgoing?.results
+                        ?.firstOrNull { it.userId == bobSession.myUserId && it.fromDevice == bobSession.sessionParams.deviceId }
+                val result = bobDeviceReply?.result
+                result != null && result is RequestResult.Success && result.chainIndex > 0
+            }
+        }
+
+        // it's a success but still can't decrypt first message
+        cryptoTestHelper.ensureCannotDecrypt(sentEvents.map { it.eventId }, aliceNewSession, testData.roomId)
+
+        // Mark the new session as verified
+        aliceSession.cryptoService()
+                .verificationService()
+                .markedLocallyAsManuallyVerified(aliceNewSession.myUserId, aliceNewSession.sessionParams.deviceId!!)
+
+        // Let's now try to request
+        aliceNewSession.cryptoService().reRequestRoomKeyForEvent(newEvent.root)
+
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                // DEBUG LOGS
+                aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().forEach { keyRequest ->
+                    Log.v("TEST", "=========================")
+                    Log.v("TEST", "requestId ${keyRequest.requestId}, for sessionId ${keyRequest.requestBody?.sessionId}")
+                    Log.v("TEST", "replies -> ${keyRequest.results.joinToString { it.toString() }}")
+                    Log.v("TEST", "=========================")
+                }
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val ownDeviceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val result = ownDeviceReply?.result
+                result != null && result is RequestResult.Success && result.chainIndex == 0
+            }
+        }
+
+        // now the new session should be able to decrypt all!
+        cryptoTestHelper.ensureCanDecrypt(
+                sentEvents.map { it.eventId },
+                aliceNewSession,
+                testData.roomId,
+                sentEvents.map { it.getLastMessageContent()!!.body }
+        )
+
+        // Additional test, can we check that bob replied successfully but with a ratcheted key
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val bobReply = outgoing?.results?.firstOrNull { it.userId == bobSession.myUserId }
+                val result = bobReply?.result
+                result != null && result is RequestResult.Success && result.chainIndex == 3
+            }
+        }
+
+        commonTestHelper.signOutAndClose(aliceNewSession)
+        commonTestHelper.signOutAndClose(aliceSession)
+        commonTestHelper.signOutAndClose(bobSession)
+    }
+
+    /**
+     * Tests that we don't cancel a request to early on first forward if the index is not good enough
+     */
+    @Test
+    fun test_dontCancelToEarly() {
+        val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
+        val aliceSession = testData.firstSession
+        val bobSession = testData.secondSession!!
+        val roomFromBob = bobSession.getRoom(testData.roomId)!!
+
+        val sentEvents = commonTestHelper.sendTextMessage(roomFromBob, "Hello", 3)
+        val sentEventMegolmSession = sentEvents.first().root.content.toModel<EncryptedEventContent>()!!.sessionId!!
+
+        // Let alice now add a new session
+        val aliceNewSession = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
+
+        // we wait bob first session to be aware of that session?
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val newSession = bobSession.cryptoService().getUserDevices(aliceSession.myUserId)
+                        .firstOrNull { it.deviceId == aliceNewSession.sessionParams.deviceId }
+                newSession != null
+            }
+        }
+
+        val newEvent = commonTestHelper.sendTextMessage(roomFromBob, "The New", 1).first()
+        val newEventId = newEvent.eventId
+        val newEventText = newEvent.getLastMessageContent()!!.body
+
+        // alice should be able to decrypt the new one
+        cryptoTestHelper.ensureCanDecrypt(listOf(newEventId), aliceNewSession, testData.roomId, listOf(newEventText))
+        // but not the first one!
+        cryptoTestHelper.ensureCannotDecrypt(sentEvents.map { it.eventId }, aliceNewSession, testData.roomId)
+
+        // All should be using the same session id
+        sentEvents.forEach {
+            assertEquals(sentEventMegolmSession, it.root.content.toModel<EncryptedEventContent>()!!.sessionId)
+        }
+        assertEquals(sentEventMegolmSession, newEvent.root.content.toModel<EncryptedEventContent>()!!.sessionId)
+
+        // Mark the new session as verified
+        aliceSession.cryptoService()
+                .verificationService()
+                .markedLocallyAsManuallyVerified(aliceNewSession.myUserId, aliceNewSession.sessionParams.deviceId!!)
+
+        // /!\ Stop initial alice session syncing so that it can't reply
+        aliceSession.stopSync()
+
+        // Let's now try to request
+        aliceNewSession.cryptoService().reRequestRoomKeyForEvent(sentEvents.first().root)
+
+        // Should get a reply from bob and not from alice
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val bobReply = outgoing?.results?.firstOrNull { it.userId == bobSession.myUserId }
+                val result = bobReply?.result
+                result != null && result is RequestResult.Success && result.chainIndex == 3
+            }
+        }
+
+        val outgoingReq = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+
+        assertNull("We should not have a reply from first session", outgoingReq!!.results.firstOrNull { it.fromDevice == aliceSession.sessionParams.deviceId })
+        assertEquals("The request should not be canceled", OutgoingRoomKeyRequestState.SENT, outgoingReq.state)
+
+        // let's wake up alice
+        aliceSession.startSync(true)
+
+        // We should now get a reply from first session
+        commonTestHelper.waitWithLatch { latch ->
+            commonTestHelper.retryPeriodicallyWithLatch(latch) {
+                val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+                val ownDeviceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val result = ownDeviceReply?.result
+                result != null && result is RequestResult.Success && result.chainIndex == 0
+            }
+        }
+
+        // It should be in sent then cancel
+        val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
+        assertEquals("The request should be canceled", OutgoingRoomKeyRequestState.SENT_THEN_CANCELED, outgoing!!.state)
+
+        commonTestHelper.signOutAndClose(aliceNewSession)
+        commonTestHelper.signOutAndClose(aliceSession)
+        commonTestHelper.signOutAndClose(bobSession)
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
index 9a686de2e1..a0e1011aba 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
@@ -31,5 +31,11 @@ data class MXCryptoConfig constructor(
          * If set to false, the request will be forwarded to the application layer; in this
          * case the application can decide to prompt the user.
          */
-        val discardRoomKeyRequestsFromUntrustedDevices: Boolean = true
+        val discardRoomKeyRequestsFromUntrustedDevices: Boolean = true,
+
+        /**
+         * Currently megolm keys are requested to the sender device and to all of our devices.
+         * You can limit request only to your sessions by turning this setting to `true`
+         */
+        val limitRoomKeyRequestsToMyDevices: Boolean = false
 )
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
index 015b0c75be..b62908ade0 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
@@ -146,6 +146,12 @@ interface CryptoService {
     fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest>
     fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>>
 
+    /**
+     * Can be called by the app layer to accept a request manually
+     * Use carefully as it is prone to social attacks
+     */
+    suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest)
+
     fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>>
     fun getGossipingEvents(): List<AuditTrail>
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt
index 3cd36c2ce8..6fdbaf3301 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt
@@ -16,9 +16,8 @@
 
 package org.matrix.android.sdk.api.session.crypto.keyshare
 
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRequestCancellation
 import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
+import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
 
 /**
  * Room keys events listener
@@ -35,12 +34,12 @@ interface GossipingRequestListener {
      * Returns the secret value to be shared
      * @return true if is handled
      */
-    fun onSecretShareRequest(request: IncomingSecretShareRequest): Boolean
+    fun onSecretShareRequest(request: SecretShareRequest): Boolean
 
     /**
      * A room key request cancellation has been received.
      *
      * @param request the cancellation request
      */
-    fun onRoomKeyRequestCancellation(request: IncomingRequestCancellation)
+    fun onRequestCancelled(requestId: IncomingRoomKeyRequest)
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRequestCancellation.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRequestCancellation.kt
deleted file mode 100755
index 74ca7304f7..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRequestCancellation.kt
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.api.session.crypto.model
-
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
-import org.matrix.android.sdk.internal.crypto.model.rest.ShareRequestCancellation
-
-/**
- * IncomingRequestCancellation describes the incoming room key cancellation.
- */
-data class IncomingRequestCancellation(
-        /**
-         * The user id
-         */
-        override val userId: String? = null,
-
-        /**
-         * The device id
-         */
-        override val deviceId: String? = null,
-
-        /**
-         * The request id
-         */
-        override val requestId: String? = null,
-        override val localCreationTimestamp: Long?
-) : IncomingShareRequestCommon {
-    companion object {
-        /**
-         * Factory
-         *
-         * @param event the event
-         */
-        fun fromEvent(event: Event): IncomingRequestCancellation? {
-            return event.getClearContent()
-                    .toModel<ShareRequestCancellation>()
-                    ?.let {
-                        IncomingRequestCancellation(
-                                userId = event.senderId,
-                                deviceId = it.requestingDeviceId,
-                                requestId = it.requestId,
-                                localCreationTimestamp = event.ageLocalTs ?: System.currentTimeMillis()
-                        )
-                    }
-        }
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
index 45b0926d89..c5d8f5f285 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
@@ -16,9 +16,9 @@
 
 package org.matrix.android.sdk.api.session.crypto.model
 
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
+import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
+import org.matrix.android.sdk.internal.crypto.model.TrailType
 
 /**
  * IncomingRoomKeyRequest class defines the incoming room keys request.
@@ -27,56 +27,61 @@ data class IncomingRoomKeyRequest(
         /**
          * The user id
          */
-        override val userId: String? = null,
+        val userId: String? = null,
 
         /**
          * The device id
          */
-        override val deviceId: String? = null,
+        val deviceId: String? = null,
 
         /**
          * The request id
          */
-        override val requestId: String? = null,
+        val requestId: String? = null,
 
         /**
          * The request body
          */
         val requestBody: RoomKeyRequestBody? = null,
 
-        val state: GossipingRequestState = GossipingRequestState.NONE,
-
-        /**
-         * The runnable to call to accept to share the keys
-         */
-        @Transient
-        var share: Runnable? = null,
-
-        /**
-         * The runnable to call to ignore the key share request.
-         */
-        @Transient
-        var ignore: Runnable? = null,
-        override val localCreationTimestamp: Long?
-) : IncomingShareRequestCommon {
+        val localCreationTimestamp: Long?
+) {
     companion object {
         /**
          * Factory
          *
          * @param event the event
          */
-        fun fromEvent(event: Event): IncomingRoomKeyRequest? {
-            return event.getClearContent()
-                    .toModel<RoomKeyShareRequest>()
+        fun fromEvent(trail: AuditTrail): IncomingRoomKeyRequest? {
+            return trail
+                    .takeIf { it.type == TrailType.IncomingKeyRequest }
+                    ?.let {
+                        it.info as? IncomingKeyRequestInfo
+                    }
                     ?.let {
                         IncomingRoomKeyRequest(
-                                userId = event.senderId,
-                                deviceId = it.requestingDeviceId,
+                                userId = it.userId,
+                                deviceId = it.deviceId,
                                 requestId = it.requestId,
-                                requestBody = it.body ?: RoomKeyRequestBody(),
-                                localCreationTimestamp = event.ageLocalTs ?: System.currentTimeMillis()
+                                requestBody = RoomKeyRequestBody(
+                                        algorithm = it.alg,
+                                        roomId = it.roomId,
+                                        senderKey = it.senderKey,
+                                        sessionId = it.sessionId
+                                ),
+                                localCreationTimestamp = trail.ageLocalTs
                         )
                     }
         }
+
+        fun fromRestRequest(senderId: String, request: RoomKeyShareRequest): IncomingRoomKeyRequest? {
+            return IncomingRoomKeyRequest(
+                    userId = senderId,
+                    deviceId = request.requestingDeviceId,
+                    requestId = request.requestId,
+                    requestBody = request.body,
+                    localCreationTimestamp = System.currentTimeMillis()
+            )
+        }
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingSecretShareRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingSecretShareRequest.kt
deleted file mode 100755
index 5afffef1ae..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingSecretShareRequest.kt
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.api.session.crypto.model
-
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
-
-/**
- * IncomingSecretShareRequest class defines the incoming secret keys request.
- */
-data class IncomingSecretShareRequest(
-        /**
-         * The user id
-         */
-        override val userId: String? = null,
-
-        /**
-         * The device id
-         */
-        override val deviceId: String? = null,
-
-        /**
-         * The request id
-         */
-        override val requestId: String? = null,
-
-        /**
-         * The request body
-         */
-        val secretName: String? = null,
-
-        /**
-         * The runnable to call to accept to share the keys
-         */
-        @Transient
-        var share: ((String) -> Unit)? = null,
-
-        /**
-         * The runnable to call to ignore the key share request.
-         */
-        @Transient
-        var ignore: Runnable? = null,
-
-        override val localCreationTimestamp: Long?
-
-) : IncomingShareRequestCommon {
-    companion object {
-        /**
-         * Factory
-         *
-         * @param event the event
-         */
-        fun fromEvent(event: Event): IncomingSecretShareRequest? {
-            return event.getClearContent()
-                    .toModel<SecretShareRequest>()
-                    ?.let {
-                        IncomingSecretShareRequest(
-                                userId = event.senderId,
-                                deviceId = it.requestingDeviceId,
-                                requestId = it.requestId,
-                                secretName = it.secretName,
-                                localCreationTimestamp = event.ageLocalTs ?: System.currentTimeMillis()
-                        )
-                    }
-        }
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index ee0b208cbb..0f040bd322 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -81,6 +81,13 @@ import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningSe
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
 import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
+import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.internal.crypto.model.TrailType
+import org.matrix.android.sdk.internal.crypto.model.event.RoomKeyContent
+import org.matrix.android.sdk.internal.crypto.model.event.RoomKeyWithHeldContent
+import org.matrix.android.sdk.internal.crypto.model.rest.DeviceInfo
+import org.matrix.android.sdk.internal.crypto.model.rest.DevicesListResponse
+import org.matrix.android.sdk.internal.crypto.model.rest.RoomKeyShareRequest
 import org.matrix.android.sdk.internal.crypto.model.toRest
 import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -156,7 +163,7 @@ internal class DefaultCryptoService @Inject constructor(
         private val incomingKeyRequestManager: IncomingKeyRequestManager,
         private val secretShareManager: SecretShareManager,
         //
-        private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
         // Actions
         private val setDeviceVerificationAction: SetDeviceVerificationAction,
         private val megolmSessionDataImporter: MegolmSessionDataImporter,
@@ -387,7 +394,7 @@ internal class DefaultCryptoService @Inject constructor(
     fun close() = runBlocking(coroutineDispatchers.crypto) {
         cryptoCoroutineScope.coroutineContext.cancelChildren(CancellationException("Closing crypto module"))
         incomingKeyRequestManager.close()
-        outgoingGossipingRequestManager.close()
+        outgoingKeyRequestManager.close()
         olmDevice.release()
         cryptoStore.close()
     }
@@ -458,7 +465,7 @@ internal class DefaultCryptoService @Inject constructor(
                 try {
                     if (toDevices.isEmpty()) {
                         // this is not blocking
-                        outgoingGossipingRequestManager.requireProcessAllPendingKeyRequests()
+                        outgoingKeyRequestManager.requireProcessAllPendingKeyRequests()
                     } else {
                         Timber.tag(loggerTag.value)
                                 .w("Don't process key requests yet as their might be more to_device to catchup")
@@ -778,26 +785,18 @@ internal class DefaultCryptoService @Inject constructor(
         cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
             when (event.getClearType()) {
                 EventType.ROOM_KEY, EventType.FORWARDED_ROOM_KEY -> {
-//                    gossipingBuffer.add(event)
                     // Keys are imported directly, not waiting for end of sync
                     onRoomKeyEvent(event)
                 }
                 EventType.REQUEST_SECRET                         -> {
                     secretShareManager.handleSecretRequest(event)
-//                    incomingGossipingRequestManager.onGossipingRequestEvent(event)
                 }
                 EventType.ROOM_KEY_REQUEST                       -> {
-                    Timber.w("VALR: key request ${event.getClearContent()}")
-                    // save audit trail
-//                    gossipingBuffer.add(event)
-                    // Requests are stacked, and will be handled one by one at the end of the sync (onSyncComplete)
-                    Timber.w("VALR: sender Id is ${event.senderId} full ev $event")
                     event.getClearContent().toModel<RoomKeyShareRequest>()?.let { req ->
                         event.senderId?.let { incomingKeyRequestManager.addNewIncomingRequest(it, req) }
                     }
                 }
                 EventType.SEND_SECRET                            -> {
-//                    gossipingBuffer.add(event)
                     onSecretSendReceived(event)
                 }
                 EventType.ROOM_KEY_WITHHELD                      -> {
@@ -842,7 +841,7 @@ internal class DefaultCryptoService @Inject constructor(
         withHeldContent.algorithm ?: return
         withHeldContent.roomId ?: return
         withHeldContent.senderKey ?: return
-        outgoingGossipingRequestManager.onRoomKeyWithHeld(
+        outgoingKeyRequestManager.onRoomKeyWithHeld(
                 sessionId = withHeldContent.sessionId,
                 algorithm = withHeldContent.algorithm,
                 roomId = withHeldContent.roomId,
@@ -854,14 +853,6 @@ internal class DefaultCryptoService @Inject constructor(
                         content = event.getClearContent()
                 )
         )
-//        Timber.tag(loggerTag.value).i("onKeyWithHeldReceived() received from:${event.senderId}, content <$withHeldContent>")
-//        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(withHeldContent.roomId, withHeldContent.algorithm)
-//        if (alg is IMXWithHeldExtension) {
-//            alg.onRoomKeyWithHeldEvent(senderId, withHeldContent)
-//        } else {
-//            Timber.tag(loggerTag.value).e("onKeyWithHeldReceived() from:${event.senderId}: Unable to handle WithHeldContent for ${withHeldContent.algorithm}")
-//            return
-//        }
     }
 
     private suspend fun onSecretSendReceived(event: Event) {
@@ -1158,52 +1149,11 @@ internal class DefaultCryptoService @Inject constructor(
      * @param event the event to decrypt again.
      */
     override fun reRequestRoomKeyForEvent(event: Event) {
-        val sender = event.senderId ?: return
-        val wireContent = event.content.toModel<EncryptedEventContent>() ?: return Unit.also {
-            Timber.tag(loggerTag.value).e("reRequestRoomKeyForEvent Failed to re-request key, null content")
-        }
-
-        val recipients = if (event.senderId == userId) {
-            mapOf(
-                    userId to listOf("*")
-            )
-        } else {
-            // for the case where you share the key with a device that has a broken olm session
-            // The other user might Re-shares a megolm session key with devices if the key has already been
-            // sent to them.
-            mapOf(
-                    userId to listOf("*"),
-                    // TODO we might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
-                    // so in this case query to all
-                    sender to listOf(wireContent.deviceId ?: "*")
-            )
-        }
-        val requestBody = RoomKeyRequestBody(
-                algorithm = wireContent.algorithm,
-                roomId = event.roomId,
-                senderKey = wireContent.senderKey,
-                sessionId = wireContent.sessionId
-        )
-
-        outgoingGossipingRequestManager.postRoomKeyRequest(requestBody, recipients, true)
+        outgoingKeyRequestManager.requestKeyForEvent(event, true)
     }
 
     override fun requestRoomKeyForEvent(event: Event) {
-        val wireContent = event.content.toModel<EncryptedEventContent>() ?: return Unit.also {
-            Timber.tag(loggerTag.value).e("requestRoomKeyForEvent Failed to request key, null content eventId: ${event.eventId}")
-        }
-
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-//            if (!isStarted()) {
-//                Timber.v("## CRYPTO | requestRoomKeyForEvent() : wait after e2e init")
-//                internalStart(false)
-//            }
-            roomDecryptorProvider
-                    .getOrCreateRoomDecryptor(event.roomId, wireContent.algorithm)
-                    ?.requestKeysForEvent(event, false) ?: run {
-                Timber.tag(loggerTag.value).v("requestRoomKeyForEvent() : No room decryptor for roomId:${event.roomId} algorithm:${wireContent.algorithm}")
-            }
-        }
+        outgoingKeyRequestManager.requestKeyForEvent(event, false)
     }
 
     /**
@@ -1213,7 +1163,7 @@ internal class DefaultCryptoService @Inject constructor(
      */
     override fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
         incomingKeyRequestManager.addRoomKeysRequestListener(listener)
-        // TODO same for secret manager
+        secretShareManager.addListener(listener)
     }
 
     /**
@@ -1223,42 +1173,9 @@ internal class DefaultCryptoService @Inject constructor(
      */
     override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
         incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
-        // TODO same for secret manager
+        secretShareManager.addListener(listener)
     }
 
-//    private fun markOlmSessionForUnwedging(senderId: String, deviceInfo: CryptoDeviceInfo) {
-//        val deviceKey = deviceInfo.identityKey()
-//
-//        val lastForcedDate = lastNewSessionForcedDates.getObject(senderId, deviceKey) ?: 0
-//        val now = System.currentTimeMillis()
-//        if (now - lastForcedDate < CRYPTO_MIN_FORCE_SESSION_PERIOD_MILLIS) {
-//            Timber.d("## CRYPTO | markOlmSessionForUnwedging: New session already forced with device at $lastForcedDate. Not forcing another")
-//            return
-//        }
-//
-//        Timber.d("## CRYPTO | markOlmSessionForUnwedging from $senderId:${deviceInfo.deviceId}")
-//        lastNewSessionForcedDates.setObject(senderId, deviceKey, now)
-//
-//        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-//            ensureOlmSessionsForDevicesAction.handle(mapOf(senderId to listOf(deviceInfo)), force = true)
-//
-//            // Now send a blank message on that session so the other side knows about it.
-//            // (The keyshare request is sent in the clear so that won't do)
-//            // We send this first such that, as long as the toDevice messages arrive in the
-//            // same order we sent them, the other end will get this first, set up the new session,
-//            // then get the keyshare request and send the key over this new session (because it
-//            // is the session it has most recently received a message on).
-//            val payloadJson = mapOf<String, Any>("type" to EventType.DUMMY)
-//
-//            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(deviceInfo))
-//            val sendToDeviceMap = MXUsersDevicesMap<Any>()
-//            sendToDeviceMap.setObject(senderId, deviceInfo.deviceId, encodedPayload)
-//            Timber.v("## CRYPTO | markOlmSessionForUnwedging() : sending to $senderId:${deviceInfo.deviceId}")
-//            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
-//            sendToDeviceTask.execute(sendToDeviceParams)
-//        }
-//    }
-
     /**
      * Provides the list of unknown devices
      *
@@ -1312,12 +1229,26 @@ internal class DefaultCryptoService @Inject constructor(
         return cryptoStore.getOutgoingRoomKeyRequestsPaged()
     }
 
-    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
-        return cryptoStore.getIncomingRoomKeyRequestsPaged()
+    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
+        return cryptoStore.getGossipingEvents()
+                .mapNotNull {
+                    IncomingRoomKeyRequest.fromEvent(it)
+                }
     }
 
-    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
-        return cryptoStore.getIncomingRoomKeyRequests()
+    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
+        return cryptoStore.getGossipingEventsTrail(TrailType.IncomingKeyRequest) {
+            IncomingRoomKeyRequest.fromEvent(it)
+                    ?: IncomingRoomKeyRequest(localCreationTimestamp = 0L)
+        }
+    }
+
+    /**
+     * If you registered a `GossipingRequestListener`, you will be notified of key request
+     * that was not accepted by the SDK. You can call back this manually to accept anyhow.
+     */
+    override suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest) {
+        incomingKeyRequestManager.manuallyAcceptRoomKeyRequest(request)
     }
 
     override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
index 6cae2d0935..d96671376d 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
@@ -311,10 +311,19 @@ internal class DeviceListManager @Inject constructor(private val cryptoStore: IM
         } else {
             Timber.v("## CRYPTO | downloadKeys() : starts")
             val t0 = System.currentTimeMillis()
-            val result = doKeyDownloadForUsers(downloadUsers)
-            Timber.v("## CRYPTO | downloadKeys() : doKeyDownloadForUsers succeeds after ${System.currentTimeMillis() - t0} ms")
-            result.also {
-                it.addEntriesFromMap(stored)
+            try {
+                val result = doKeyDownloadForUsers(downloadUsers)
+                Timber.v("## CRYPTO | downloadKeys() : doKeyDownloadForUsers succeeds after ${System.currentTimeMillis() - t0} ms")
+                result.also {
+                    it.addEntriesFromMap(stored)
+                }
+            } catch (failure: Throwable) {
+                Timber.w(failure, "## CRYPTO | downloadKeys() : doKeyDownloadForUsers failed after ${System.currentTimeMillis() - t0} ms")
+                if (forceDownload) {
+                    throw failure
+                } else {
+                    stored
+                }
             }
         }
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
index 7585becfa3..3766e5f5a3 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
@@ -26,10 +26,14 @@ import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
 import org.matrix.android.sdk.api.auth.data.Credentials
 import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCryptoConfig
+import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
@@ -53,6 +57,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
         private val cryptoStore: IMXCryptoStore,
         private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
         private val olmDevice: MXOlmDevice,
+        private val cryptoConfig: MXCryptoConfig,
         private val messageEncrypter: MessageEncrypter,
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
         private val sendToDeviceTask: SendToDeviceTask) {
@@ -71,6 +76,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
     }
 
     data class ValidMegolmRequestBody(
+            val requestId: String,
             val requestingUserId: String,
             val requestingDeviceId: String,
             val roomId: String,
@@ -87,6 +93,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
         val roomId = body.roomId ?: return null
         val sessionId = body.sessionId ?: return null
         val senderKey = body.senderKey ?: return null
+        val requestId = this.requestId ?: return null
         if (body.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
         val action = when (this.action) {
             "request"              -> MegolmRequestAction.Request
@@ -94,6 +101,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
             else                   -> null
         } ?: return null
         return ValidMegolmRequestBody(
+                requestId = requestId,
                 requestingUserId = senderId,
                 requestingDeviceId = deviceId,
                 roomId = roomId,
@@ -121,6 +129,21 @@ internal class IncomingKeyRequestManager @Inject constructor(
                         }
                         MegolmRequestAction.Cancel  -> {
                             // ignore, we can't cancel as it's not known (probably already processed)
+                            // still notify app layer if it was passed up previously
+                            IncomingRoomKeyRequest.fromRestRequest(senderId, request)?.let { iReq ->
+                                outgoingRequestScope.launch(coroutineDispatchers.computation) {
+                                    val listenersCopy = synchronized(gossipingRequestListeners) {
+                                        gossipingRequestListeners.toList()
+                                    }
+                                    listenersCopy.onEach {
+                                        tryOrNull {
+                                            withContext(coroutineDispatchers.main) {
+                                                it.onRequestCancelled(iReq)
+                                            }
+                                        }
+                                    }
+                                }
+                            }
                         }
                     }
                 } else {
@@ -131,6 +154,18 @@ internal class IncomingKeyRequestManager @Inject constructor(
                         MegolmRequestAction.Cancel  -> {
                             // discard the request in buffer
                             incomingRequestBuffer.remove(existing)
+                            outgoingRequestScope.launch(coroutineDispatchers.computation) {
+                                val listenersCopy = synchronized(gossipingRequestListeners) {
+                                    gossipingRequestListeners.toList()
+                                }
+                                listenersCopy.onEach {
+                                    IncomingRoomKeyRequest.fromRestRequest(senderId, request)?.let { iReq ->
+                                        withContext(coroutineDispatchers.main) {
+                                            tryOrNull { it.onRequestCancelled(iReq) }
+                                        }
+                                    }
+                                }
+                            }
                         }
                     }
                 }
@@ -170,6 +205,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
                         }
 
         cryptoStore.saveIncomingKeyRequestAuditTrail(
+                request.requestId,
                 request.roomId,
                 request.sessionId,
                 request.senderKey,
@@ -205,6 +241,10 @@ internal class IncomingKeyRequestManager @Inject constructor(
                 shareIfItWasPreviouslyShared(request, requestingDevice)
             }
         } else {
+            if (cryptoConfig.limitRoomKeyRequestsToMyDevices) {
+                Timber.tag(loggerTag.value).v("Ignore request from other user as per crypto config: ${request.shortDbgString()}")
+                return
+            }
             Timber.tag(loggerTag.value).v("handling request from other user: megolm session ${request.sessionId}")
             if (requestingDevice.isBlocked) {
                 // it's blocked, so send a withheld code
@@ -224,12 +264,39 @@ internal class IncomingKeyRequestManager @Inject constructor(
             // we share from the index it was previously shared with
             shareMegolmKey(request, requestingDevice, wasSessionSharedWithUser.chainIndex.toLong())
         } else {
-            sendWithheldForRequest(request, WithHeldCode.UNAUTHORISED)
-            // TODO if it's our device we could delegate to the app layer to decide?
+            val isOwnDevice = requestingDevice.userId == credentials.userId
+            sendWithheldForRequest(request, if (isOwnDevice) WithHeldCode.UNVERIFIED else WithHeldCode.UNAUTHORISED)
+            // if it's our device we could delegate to the app layer to decide
+            if (isOwnDevice) {
+                outgoingRequestScope.launch(coroutineDispatchers.computation) {
+                    val listenersCopy = synchronized(gossipingRequestListeners) {
+                        gossipingRequestListeners.toList()
+                    }
+                    val iReq = IncomingRoomKeyRequest(
+                            userId = requestingDevice.userId,
+                            deviceId = requestingDevice.deviceId,
+                            requestId = request.requestId,
+                            requestBody = RoomKeyRequestBody(
+                                    algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
+                                    senderKey = request.senderKey,
+                                    sessionId = request.sessionId,
+                                    roomId = request.roomId
+                            ),
+                            localCreationTimestamp = System.currentTimeMillis()
+                    )
+                    listenersCopy.onEach {
+                        withContext(coroutineDispatchers.main) {
+                            tryOrNull { it.onRoomKeyRequest(iReq) }
+                        }
+                    }
+                }
+            }
         }
     }
 
     private suspend fun sendWithheldForRequest(request: ValidMegolmRequestBody, code: WithHeldCode) {
+        Timber.tag(loggerTag.value)
+                .w("Send withheld $code for req: ${request.shortDbgString()}")
         val withHeldContent = RoomKeyWithHeldContent(
                 roomId = request.roomId,
                 senderKey = request.senderKey,
@@ -253,13 +320,13 @@ internal class IncomingKeyRequestManager @Inject constructor(
             }
 
             cryptoStore.saveWithheldAuditTrail(
-                    request.roomId,
-                    request.sessionId,
-                    request.senderKey,
-                    MXCRYPTO_ALGORITHM_MEGOLM,
-                    code,
-                    request.requestingUserId,
-                    request.requestingDeviceId
+                    roomId = request.roomId,
+                    sessionId = request.sessionId,
+                    senderKey = request.senderKey,
+                    algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
+                    code = code,
+                    userId = request.requestingUserId,
+                    deviceId = request.requestingDeviceId
             )
         } catch (failure: Throwable) {
             // Ignore it's not that important?
@@ -269,6 +336,31 @@ internal class IncomingKeyRequestManager @Inject constructor(
         }
     }
 
+    suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest) {
+        request.requestId ?: return
+        request.deviceId ?: return
+        request.userId ?: return
+        request.requestBody?.roomId ?: return
+        request.requestBody.senderKey ?: return
+        request.requestBody.sessionId ?: return
+        val validReq = ValidMegolmRequestBody(
+                requestId = request.requestId,
+                requestingDeviceId = request.deviceId,
+                requestingUserId = request.userId,
+                roomId = request.requestBody.roomId,
+                senderKey = request.requestBody.senderKey,
+                sessionId = request.requestBody.sessionId,
+                action = MegolmRequestAction.Request
+        )
+        val requestingDevice =
+                cryptoStore.getUserDevice(request.userId, request.deviceId)
+                        ?: return Unit.also {
+                            Timber.tag(loggerTag.value).d("Ignoring key request: ${validReq.shortDbgString()}")
+                        }
+
+        shareMegolmKey(validReq, requestingDevice, null)
+    }
+
     private suspend fun shareMegolmKey(validRequest: ValidMegolmRequestBody,
                                        requestingDevice: CryptoDeviceInfo,
                                        chainIndex: Long?): Boolean {
@@ -341,14 +433,12 @@ internal class IncomingKeyRequestManager @Inject constructor(
 
     fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
         synchronized(gossipingRequestListeners) {
-            // TODO
             gossipingRequestListeners.add(listener)
         }
     }
 
     fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
         synchronized(gossipingRequestListeners) {
-            // TODO
             gossipingRequestListeners.remove(listener)
         }
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingShareRequestCommon.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingShareRequestCommon.kt
deleted file mode 100644
index 97c369db3e..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingShareRequestCommon.kt
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-internal interface IncomingShareRequestCommon {
-    /**
-     * The user id
-     */
-    val userId: String?
-
-    /**
-     * The device id
-     */
-    val deviceId: String?
-
-    /**
-     * The request id
-     */
-    val requestId: String?
-
-    val localCreationTimestamp: Long?
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
index f12cefeb9a..67d544ca43 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
@@ -585,6 +585,13 @@ internal class MXOlmDevice @Inject constructor(
 
     //  Inbound group session
 
+    sealed class AddSessionResult {
+        data class Imported(val ratchetIndex: Int) : AddSessionResult()
+        abstract class Failure : AddSessionResult()
+        object NotImported : Failure()
+        data class NotImportedHigherIndex(val newIndex: Int) : AddSessionResult()
+    }
+
     /**
      * Add an inbound group session to the session store.
      *
@@ -603,7 +610,7 @@ internal class MXOlmDevice @Inject constructor(
                                senderKey: String,
                                forwardingCurve25519KeyChain: List<String>,
                                keysClaimed: Map<String, String>,
-                               exportFormat: Boolean): Boolean {
+                               exportFormat: Boolean): AddSessionResult {
         val candidateSession = OlmInboundGroupSessionWrapper2(sessionKey, exportFormat)
         val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
         val existingSession = existingSessionHolder?.wrapper
@@ -611,7 +618,7 @@ internal class MXOlmDevice @Inject constructor(
         if (existingSession != null) {
             Timber.tag(loggerTag.value).d("## addInboundGroupSession() check if known session is better than candidate session")
             try {
-                val existingFirstKnown = existingSession.firstKnownIndex ?: return false.also {
+                val existingFirstKnown = existingSession.firstKnownIndex ?: return AddSessionResult.NotImported.also {
                     // This is quite unexpected, could throw if native was released?
                     Timber.tag(loggerTag.value).e("## addInboundGroupSession() null firstKnownIndex on existing session")
                     candidateSession.olmInboundGroupSession?.releaseSession()
@@ -622,12 +629,12 @@ internal class MXOlmDevice @Inject constructor(
                 if (newKnownFirstIndex != null && existingFirstKnown <= newKnownFirstIndex) {
                     Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
                     candidateSession.olmInboundGroupSession?.releaseSession()
-                    return false
+                    return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
                 }
             } catch (failure: Throwable) {
                 Timber.tag(loggerTag.value).e("## addInboundGroupSession() Failed to add inbound: ${failure.localizedMessage}")
                 candidateSession.olmInboundGroupSession?.releaseSession()
-                return false
+                return AddSessionResult.NotImported
             }
         }
 
@@ -637,19 +644,19 @@ internal class MXOlmDevice @Inject constructor(
         val candidateOlmInboundSession = candidateSession.olmInboundGroupSession
         if (null == candidateOlmInboundSession) {
             Timber.tag(loggerTag.value).e("## addInboundGroupSession : invalid session <null>")
-            return false
+            return AddSessionResult.NotImported
         }
 
         try {
             if (candidateOlmInboundSession.sessionIdentifier() != sessionId) {
                 Timber.tag(loggerTag.value).e("## addInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
                 candidateOlmInboundSession.releaseSession()
-                return false
+                return AddSessionResult.NotImported
             }
         } catch (e: Throwable) {
             candidateOlmInboundSession.releaseSession()
             Timber.tag(loggerTag.value).e(e, "## addInboundGroupSession : sessionIdentifier() failed")
-            return false
+            return AddSessionResult.NotImported
         }
 
         candidateSession.senderKey = senderKey
@@ -663,7 +670,7 @@ internal class MXOlmDevice @Inject constructor(
             inboundGroupSessionStore.storeInBoundGroupSession(InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
         }
 
-        return true
+        return AddSessionResult.Imported(candidateSession.firstKnownIndex?.toInt() ?: 0)
     }
 
     /**
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
index 57cabc29a0..95148513ac 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 New Vector Ltd
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -27,7 +27,7 @@ data class RequestReply(
 )
 
 sealed class RequestResult {
-    object Success : RequestResult()
+    data class  Success(val chainIndex: Int) : RequestResult()
     data class Failure(val code: WithHeldCode) : RequestResult()
 }
 
@@ -35,6 +35,7 @@ data class OutgoingKeyRequest(
         var requestBody: RoomKeyRequestBody?,
         // recipients for the request map of users to list of deviceId
         val recipients: Map<String, List<String>>,
+        val fromIndex: Int,
         // Unique id for this request. Used for both
         // an id within the request for later pairing with a cancellation, and for
         // the transaction id when sending the to_device messages to our local
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
similarity index 61%
rename from matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt
rename to matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index 0662be1e59..d8d3296d25 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -23,19 +23,23 @@ import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCryptoConfig
+import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.internal.crypto.crosssigning.fromBase64
+import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.internal.crypto.model.event.EncryptedEventContent
+import org.matrix.android.sdk.internal.crypto.model.rest.GossipingToDeviceObject
+import org.matrix.android.sdk.internal.crypto.model.rest.RoomKeyRequestBody
+import org.matrix.android.sdk.internal.crypto.model.rest.RoomKeyShareRequest
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendToDeviceTask
 import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
 import org.matrix.android.sdk.internal.di.SessionId
+import org.matrix.android.sdk.internal.di.UserId
 import org.matrix.android.sdk.internal.session.SessionScope
 import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
 import timber.log.Timber
@@ -44,7 +48,7 @@ import java.util.concurrent.Executors
 import javax.inject.Inject
 import kotlin.system.measureTimeMillis
 
-private val loggerTag = LoggerTag("OutgoingGossipingRequestManager", LoggerTag.CRYPTO)
+private val loggerTag = LoggerTag("OutgoingKeyRequestManager", LoggerTag.CRYPTO)
 
 /**
  * This class is responsible for sending key requests to other devices when a message failed to decrypt.
@@ -54,10 +58,13 @@ private val loggerTag = LoggerTag("OutgoingGossipingRequestManager", LoggerTag.C
  * If a request failed it will be retried at the end of the next sync
  */
 @SessionScope
-internal class OutgoingGossipingRequestManager @Inject constructor(
+internal class OutgoingKeyRequestManager @Inject constructor(
         @SessionId private val sessionId: String,
+        @UserId private val myUserId: String,
         private val cryptoStore: IMXCryptoStore,
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val cryptoConfig: MXCryptoConfig,
+        private val inboundGroupSessionStore: InboundGroupSessionStore,
         private val sendToDeviceTask: DefaultSendToDeviceTask,
         private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
 
@@ -70,10 +77,71 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
     // We keep a stack as we consider that the key requested last is more likely to be on screen?
     private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<String>()
 
-    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, force: Boolean = false) {
+    fun requestKeyForEvent(event: Event, force: Boolean) {
+        val (targets, body) = getRoomKeyRequestTargetForEvent(event) ?: return
+        val index = ratchetIndexForMessage(event) ?: 0
+        postRoomKeyRequest(body, targets, index, force)
+    }
+
+    private fun getRoomKeyRequestTargetForEvent(event: Event): Pair<Map<String, List<String>>, RoomKeyRequestBody>? {
+        val sender = event.senderId ?: return null
+        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return null.also {
+            Timber.tag(loggerTag.value).e("getRoomKeyRequestTargetForEvent Failed to re-request key, null content")
+        }
+        if (encryptedEventContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+
+        val senderDevice = encryptedEventContent.deviceId
+        val recipients = if (cryptoConfig.limitRoomKeyRequestsToMyDevices) {
+            mapOf(
+                    myUserId to listOf("*")
+            )
+        } else {
+            if (event.senderId == myUserId) {
+                mapOf(
+                        myUserId to listOf("*")
+                )
+            } else {
+                // for the case where you share the key with a device that has a broken olm session
+                // The other user might Re-shares a megolm session key with devices if the key has already been
+                // sent to them.
+                mapOf(
+                        myUserId to listOf("*"),
+
+                        // TODO we might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
+                        // so in this case query to all
+                        sender to listOf(senderDevice ?: "*")
+                )
+            }
+        }
+
+        val requestBody = RoomKeyRequestBody(
+                roomId = event.roomId,
+                algorithm = encryptedEventContent.algorithm,
+                senderKey = encryptedEventContent.senderKey,
+                sessionId = encryptedEventContent.sessionId
+        )
+        return recipients to requestBody
+    }
+
+    private fun ratchetIndexForMessage(event: Event): Int? {
+        val encryptedContent = event.content.toModel<EncryptedEventContent>() ?: return null
+        if (encryptedContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+        return encryptedContent.ciphertext?.fromBase64()?.inputStream()?.reader()?.let {
+            tryOrNull {
+                val megolmVersion = it.read()
+                if (megolmVersion != 3) return@tryOrNull null
+                /** Int tag */
+                /** Int tag */
+                if (it.read() != 8) return@tryOrNull null
+                it.read()
+            }
+        }
+    }
+
+    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean = false) {
         outgoingRequestScope.launch {
             sequencer.post {
-                internalQueueRequest(requestBody, recipients, force)
+                internalQueueRequest(requestBody, recipients, fromIndex, force)
             }
         }
     }
@@ -81,10 +149,10 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
     /**
      * Typically called when we the session as been imported or received meanwhile
      */
-    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String) {
+    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String, fromIndex: Int) {
         outgoingRequestScope.launch {
             sequencer.post {
-                internalQueueCancelRequest(sessionId, roomId, senderKey)
+                internalQueueCancelRequest(sessionId, roomId, senderKey, fromIndex)
             }
         }
     }
@@ -94,17 +162,24 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
                            roomId: String,
                            senderKey: String,
                            fromDevice: String?,
+                           fromIndex: Int,
                            event: Event) {
-        Timber.tag(loggerTag.value).v("Key forwarded for $sessionId from ${event.senderId}|$fromDevice")
+        Timber.tag(loggerTag.value).d("Key forwarded for $sessionId from ${event.senderId}|$fromDevice at index $fromIndex")
         outgoingRequestScope.launch {
             sequencer.post {
                 cryptoStore.updateOutgoingRoomKeyReply(
-                        roomId,
-                        sessionId,
-                        algorithm,
-                        senderKey,
-                        fromDevice,
-                        event
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = algorithm,
+                        senderKey = senderKey,
+                        fromDevice = fromDevice,
+                        // strip out encrypted stuff as it's just a trail?
+                        event = event.copy(
+                                type = event.getClearType(),
+                                content = mapOf(
+                                        "chain_index" to fromIndex
+                                )
+                        )
                 )
             }
         }
@@ -120,12 +195,12 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
             sequencer.post {
                 Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
                 cryptoStore.updateOutgoingRoomKeyReply(
-                        roomId,
-                        sessionId,
-                        algorithm,
-                        senderKey,
-                        fromDevice,
-                        event
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = algorithm,
+                        senderKey = senderKey,
+                        fromDevice = fromDevice,
+                        event = event
                 )
             }
         }
@@ -142,7 +217,7 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
         }
     }
 
-    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String) {
+    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String, localKnownChainIndex: Int) {
         // do we have known requests for that session??
         Timber.tag(loggerTag.value).v("Cancel Key Request if needed for $sessionId")
         val knownRequest = cryptoStore.getOutgoingRoomKeyRequest(
@@ -161,18 +236,29 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
         knownRequest.forEach { request ->
             when (request.state) {
                 OutgoingRoomKeyRequestState.UNSENT                               -> {
-                    cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        // we have a good index we can cancel
+                        cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                    }
                 }
                 OutgoingRoomKeyRequestState.SENT                                 -> {
-                    // It was already sent, so cancel
-                    cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    // It was already sent, and index satisfied we can cancel
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    }
                 }
                 OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
                     // It is already marked to be cancelled
                 }
                 OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
-                    // we just want to cancel now
-                    cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        // we just want to cancel now
+                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    }
+                }
+                OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
+                    // was already canceled
+                    // if we need a better index, should we resend?
                 }
             }
         }
@@ -187,19 +273,24 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
         }
     }
 
-    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, force: Boolean) {
-        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId}")
-        val existing = cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients)
-        when (existing.state) {
+    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean) {
+        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId} force:$force")
+        val existing = cryptoStore.getOutgoingRoomKeyRequest(requestBody)
+        Timber.tag(loggerTag.value).v("Queueing key request exiting is ${existing?.state}")
+        when (existing?.state) {
+            null                                                             -> {
+                // create a new one
+                cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
+            }
             OutgoingRoomKeyRequestState.UNSENT                               -> {
                 // nothing it's new or not yet handled
             }
             OutgoingRoomKeyRequestState.SENT                                 -> {
                 // it was already requested
-                Timber.tag(loggerTag.value).w("The session ${requestBody.sessionId} is already requested")
+                Timber.tag(loggerTag.value).d("The session ${requestBody.sessionId} is already requested")
                 if (force) {
                     // update to UNSENT
-                    Timber.tag(loggerTag.value).w(".. force to request  ${requestBody.sessionId}")
+                    Timber.tag(loggerTag.value).d(".. force to request  ${requestBody.sessionId}")
                     cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
                 } else {
                     requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.requestId)
@@ -214,6 +305,17 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
             OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
                 // It's already going to resend
             }
+            OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
+                if (force) {
+                    cryptoStore.deleteOutgoingRoomKeyRequest(existing.requestId)
+                    cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
+                }
+            }
+        }
+
+        if (existing != null && existing.fromIndex >= fromIndex) {
+            // update the required index
+            cryptoStore.updateOutgoingRoomKeyRequiredIndex(existing.requestId, fromIndex)
         }
     }
 
@@ -227,6 +329,7 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
                     OutgoingRoomKeyRequestState.UNSENT                               -> handleUnsentRequest(it)
                     OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> handleRequestToCancel(it)
                     OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> handleRequestToCancelWillResend(it)
+                    OutgoingRoomKeyRequestState.SENT_THEN_CANCELED,
                     OutgoingRoomKeyRequestState.SENT                                 -> {
                         // these are filtered out
                     }
@@ -260,10 +363,16 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
         val sessionId = request.sessionId ?: return
         val roomId = request.roomId ?: return
         if (perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)) {
-            // we found the key in backup, so we can just mark as cancelled, no need to send request
-            Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
-            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-            return
+            // let's see what's the index
+            val knownIndex = tryOrNull {
+                inboundGroupSessionStore.getInboundGroupSession(sessionId, request.requestBody?.senderKey ?: "")?.wrapper?.firstKnownIndex
+            }
+            if (knownIndex != null && knownIndex <= request.fromIndex) {
+                // we found the key in backup with good enough index, so we can just mark as cancelled, no need to send request
+                Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
+                cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                return
+            }
         }
 
         // we need to send the request
@@ -322,9 +431,9 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
             withContext(coroutineDispatchers.io) {
                 sendToDeviceTask.executeRetry(params, 3)
             }
-            // The request cancellation was sent, we can forget about it
-            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-            // TODO update the audit trail
+            // The request cancellation was sent, we don't delete yet because we want
+            // to keep trace of the sent replies
+            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT_THEN_CANCELED)
             true
         } catch (failure: Throwable) {
             Timber.tag(loggerTag.value).v("Failed to cancel request ${request.requestId} for session $sessionId targets:${request.recipients}")
@@ -334,10 +443,9 @@ internal class OutgoingGossipingRequestManager @Inject constructor(
 
     private suspend fun handleRequestToCancelWillResend(request: OutgoingKeyRequest) {
         if (handleRequestToCancel(request)) {
-            // we have to create a new unsent one
-            val body = request.requestBody ?: return
-            // this will create a new unsent request that will be process in the following call
-            cryptoStore.getOrAddOutgoingRoomKeyRequest(body, request.recipients)
+            // this will create a new unsent request with no replies that will be process in the following call
+            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+            request.requestBody?.let { cryptoStore.getOrAddOutgoingRoomKeyRequest(it, request.recipients, request.fromIndex) }
         }
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingRoomKeyRequestState.kt
similarity index 92%
rename from matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt
rename to matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingRoomKeyRequestState.kt
index 99c3c37773..98019200d0 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/OutgoingGossipingRequestState.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingRoomKeyRequestState.kt
@@ -14,11 +14,12 @@
  * limitations under the License.
  */
 
-package org.matrix.android.sdk.api.session.crypto.model
+package org.matrix.android.sdk.internal.crypto
 
 enum class OutgoingRoomKeyRequestState {
     UNSENT,
     SENT,
+    SENT_THEN_CANCELED,
     CANCELLATION_PENDING,
     CANCELLATION_PENDING_AND_WILL_RESEND;
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
index 9adef9df9f..1905c540ef 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 New Vector Ltd
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -28,6 +28,7 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_S
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.toModel
@@ -75,6 +76,21 @@ internal class SecretShareManager @Inject constructor(
      */
     private val outgoingSecretRequests = mutableListOf<SecretShareRequest>()
 
+    // the listeners
+    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
+
+    fun addListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            gossipingRequestListeners.add(listener)
+        }
+    }
+
+    fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            gossipingRequestListeners.remove(listener)
+        }
+    }
+
     /**
      * Called when a session has been verified.
      * This information can be used by the manager to decide whether or not to fullfill gossiping requests.
@@ -140,7 +156,11 @@ internal class SecretShareManager @Inject constructor(
                 else                       -> null
             }
             if (secretValue == null) {
-                Timber.e("The secret is unknown $secretName")
+                Timber.i("The secret is unknown $secretName, passing to app layer")
+                val toList = synchronized(gossipingRequestListeners) { gossipingRequestListeners.toList() }
+                toList.onEach { listener ->
+                    listener.onSecretShareRequest(request)
+                }
                 return
             }
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
index af30072765..7b4df00282 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
@@ -17,12 +17,13 @@
 package org.matrix.android.sdk.internal.crypto.actions
 
 import androidx.annotation.WorkerThread
+import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.listeners.ProgressListener
 import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
 import org.matrix.android.sdk.internal.crypto.MegolmSessionData
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.RoomDecryptorProvider
 import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmDecryption
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -33,7 +34,7 @@ private val loggerTag = LoggerTag("MegolmSessionDataImporter", LoggerTag.CRYPTO)
 
 internal class MegolmSessionDataImporter @Inject constructor(private val olmDevice: MXOlmDevice,
                                                              private val roomDecryptorProvider: RoomDecryptorProvider,
-                                                             private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+                                                             private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
                                                              private val cryptoStore: IMXCryptoStore) {
 
     /**
@@ -71,10 +72,15 @@ internal class MegolmSessionDataImporter @Inject constructor(private val olmDevi
                     // cancel any outstanding room key requests for this session
 
                     Timber.tag(loggerTag.value).d("Imported megolm session $sessionId from backup=$fromBackup in ${megolmSessionData.roomId}")
-                    outgoingGossipingRequestManager.postCancelRequestForSessionIfNeeded(
+                    outgoingKeyRequestManager.postCancelRequestForSessionIfNeeded(
                             megolmSessionData.sessionId ?: "",
                             megolmSessionData.roomId ?: "",
-                            megolmSessionData.senderKey ?: ""
+                            megolmSessionData.senderKey ?: "",
+                            tryOrNull {
+                                olmInboundGroupSessionWrappers
+                                        .firstOrNull { it.olmInboundGroupSession?.sessionIdentifier() == megolmSessionData.sessionId }
+                                        ?.firstKnownIndex?.toInt()
+                            } ?: 0
                     )
 
                     // Have another go at decrypting events sent with this session
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXDecrypting.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXDecrypting.kt
index 2ea4e1dd29..d555062442 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXDecrypting.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/IMXDecrypting.kt
@@ -17,8 +17,6 @@
 package org.matrix.android.sdk.internal.crypto.algorithms
 
 import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
@@ -44,23 +42,4 @@ internal interface IMXDecrypting {
      * @param event the key event.
      */
     fun onRoomKeyEvent(event: Event, defaultKeysBackupService: DefaultKeysBackupService) {}
-
-    /**
-     * Determine if we have the keys necessary to respond to a room key request
-     *
-     * @param request keyRequest
-     * @return true if we have the keys and could (theoretically) share
-     */
-    fun hasKeysForKeyRequest(request: IncomingRoomKeyRequest): Boolean = false
-
-    /**
-     * Send the response to a room key request.
-     *
-     * @param request keyRequest
-     */
-    fun shareKeysWithDevice(request: IncomingRoomKeyRequest) {}
-
-    fun shareSecretWithDevice(request: IncomingSecretShareRequest, secretValue: String) {}
-
-    fun requestKeysForEvent(event: Event, withHeld: Boolean)
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 191930b4c8..4b90617998 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -17,48 +17,31 @@
 package org.matrix.android.sdk.internal.crypto.algorithms.megolm
 
 import dagger.Lazy
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.sync.withLock
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
 import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.api.session.crypto.MXCryptoError
 import org.matrix.android.sdk.api.session.crypto.NewSessionListener
 import org.matrix.android.sdk.api.session.crypto.model.ForwardedRoomKeyContent
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
 import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.internal.crypto.DeviceListManager
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
-import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
-import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXDecrypting
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
 import org.matrix.android.sdk.internal.session.StreamEventsManager
 import timber.log.Timber
 
 private val loggerTag = LoggerTag("MXMegolmDecryption", LoggerTag.CRYPTO)
 
-internal class MXMegolmDecryption(private val userId: String,
-                                  private val olmDevice: MXOlmDevice,
-                                  private val deviceListManager: DeviceListManager,
-                                  private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-                                  private val messageEncrypter: MessageEncrypter,
-                                  private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
-                                  private val cryptoStore: IMXCryptoStore,
-                                  private val sendToDeviceTask: SendToDeviceTask,
-                                  private val coroutineDispatchers: MatrixCoroutineDispatchers,
-                                  private val cryptoCoroutineScope: CoroutineScope,
-                                  private val liveEventManager: Lazy<StreamEventsManager>
+internal class MXMegolmDecryption(
+        private val olmDevice: MXOlmDevice,
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
+        private val cryptoStore: IMXCryptoStore,
+        private val liveEventManager: Lazy<StreamEventsManager>
 ) : IMXDecrypting {
 
     var newSessionListener: NewSessionListener? = null
@@ -122,23 +105,9 @@ internal class MXMegolmDecryption(private val userId: String,
                             if (throwable is MXCryptoError.OlmError) {
                                 // TODO Check the value of .message
                                 if (throwable.olmException.message == "UNKNOWN_MESSAGE_INDEX") {
-                                    // addEventToPendingList(event, timeline)
-                                    // The session might has been partially withheld (and only pass ratcheted)
-                                    val withHeldInfo = cryptoStore.getWithHeldMegolmSession(event.roomId, encryptedEventContent.sessionId)
-                                    if (withHeldInfo != null) {
-                                        if (requestKeysOnFail) {
-                                            requestKeysForEvent(event, true)
-                                        }
-                                        // Encapsulate as withHeld exception
-                                        throw MXCryptoError.Base(MXCryptoError.ErrorType.KEYS_WITHHELD,
-                                                withHeldInfo.code?.value ?: "",
-                                                withHeldInfo.reason)
-                                    }
-
                                     if (requestKeysOnFail) {
-                                        requestKeysForEvent(event, false)
+                                        requestKeysForEvent(event)
                                     }
-
                                     throw MXCryptoError.Base(
                                             MXCryptoError.ErrorType.UNKNOWN_MESSAGE_INDEX,
                                             "UNKNOWN_MESSAGE_INDEX",
@@ -154,25 +123,9 @@ internal class MXMegolmDecryption(private val userId: String,
                                         detailedReason)
                             }
                             if (throwable is MXCryptoError.Base) {
-                                if (
-                                /** if the session is unknown*/
-                                        throwable.errorType == MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID
-                                ) {
-                                    val withHeldInfo = cryptoStore.getWithHeldMegolmSession(event.roomId, encryptedEventContent.sessionId)
-                                    if (withHeldInfo != null) {
-                                        if (requestKeysOnFail) {
-                                            requestKeysForEvent(event, true)
-                                        }
-                                        // Encapsulate as withHeld exception
-                                        throw MXCryptoError.Base(MXCryptoError.ErrorType.KEYS_WITHHELD,
-                                                withHeldInfo.code?.value ?: "",
-                                                withHeldInfo.reason)
-                                    } else {
-                                        // This is un-used in Matrix Android SDK2, not sure if needed
-                                        // addEventToPendingList(event, timeline)
-                                        if (requestKeysOnFail) {
-                                            requestKeysForEvent(event, false)
-                                        }
+                                if (throwable.errorType == MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID) {
+                                    if (requestKeysOnFail) {
+                                        requestKeysForEvent(event)
                                     }
                                 }
                             }
@@ -188,60 +141,10 @@ internal class MXMegolmDecryption(private val userId: String,
      *
      * @param event the event
      */
-    override fun requestKeysForEvent(event: Event, withHeld: Boolean) {
-        val sender = event.senderId ?: return
-        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return Unit.also {
-            Timber.tag(loggerTag.value).e("requestRoomKeyForEvent Failed to re-request key, null content")
-        }
-        val senderDevice = encryptedEventContent.deviceId
-
-        val recipients = if (event.senderId == userId || withHeld) {
-            mapOf(
-                    userId to listOf("*")
-            )
-        } else {
-            // for the case where you share the key with a device that has a broken olm session
-            // The other user might Re-shares a megolm session key with devices if the key has already been
-            // sent to them.
-            mapOf(
-                    userId to listOf("*"),
-
-                    // TODO we might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
-                    // so in this case query to all
-                    sender to listOf(senderDevice ?: "*")
-            )
-        }
-
-        val requestBody = RoomKeyRequestBody(
-                roomId = event.roomId,
-                algorithm = encryptedEventContent.algorithm,
-                senderKey = encryptedEventContent.senderKey,
-                sessionId = encryptedEventContent.sessionId
-        )
-
-        outgoingGossipingRequestManager.postRoomKeyRequest(requestBody, recipients, force = withHeld)
+    private fun requestKeysForEvent(event: Event) {
+        outgoingKeyRequestManager.requestKeyForEvent(event, false)
     }
 
-//    /**
-//     * Add an event to the list of those we couldn't decrypt the first time we
-//     * saw them.
-//     *
-//     * @param event      the event to try to decrypt later
-//     * @param timelineId the timeline identifier
-//     */
-//    private fun addEventToPendingList(event: Event, timelineId: String) {
-//        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return
-//        val pendingEventsKey = "${encryptedEventContent.senderKey}|${encryptedEventContent.sessionId}"
-//
-//        val timeline = pendingEvents.getOrPut(pendingEventsKey) { HashMap() }
-//        val events = timeline.getOrPut(timelineId) { ArrayList() }
-//
-//        if (event !in events) {
-//            Timber.v("## CRYPTO | addEventToPendingList() : add Event ${event.eventId} in room id ${event.roomId}")
-//            events.add(event)
-//        }
-//    }
-
     /**
      * Handle a key event.
      *
@@ -289,16 +192,6 @@ internal class MXMegolmDecryption(private val userId: String,
             }
 
             keysClaimed["ed25519"] = forwardedRoomKeyContent.senderClaimedEd25519Key
-
-            val fromDevice = event.getSenderKey()?.let { cryptoStore.deviceWithIdentityKey(it) }?.deviceId
-
-            outgoingGossipingRequestManager.onRoomKeyForwarded(
-                    sessionId = roomKeyContent.sessionId,
-                    algorithm = roomKeyContent.algorithm ?: "",
-                    roomId = roomKeyContent.roomId,
-                    senderKey = forwardedRoomKeyContent.senderKey ?: "",
-                    fromDevice = fromDevice,
-                    event = event)
         } else {
             Timber.tag(loggerTag.value).i("onRoomKeyEvent(), Adding key : ${roomKeyContent.roomId}|${roomKeyContent.sessionId}")
             if (null == senderKey) {
@@ -319,13 +212,38 @@ internal class MXMegolmDecryption(private val userId: String,
                 keysClaimed,
                 exportFormat)
 
-        if (added) {
+        when (added) {
+            is MXOlmDevice.AddSessionResult.Imported               -> added.ratchetIndex
+            is MXOlmDevice.AddSessionResult.NotImportedHigherIndex -> added.newIndex
+            else                                                   -> null
+        }?.let { index ->
+            if (event.getClearType() == EventType.FORWARDED_ROOM_KEY) {
+                val fromDevice = (event.content?.get("sender_key") as? String)?.let { senderDeviceIdentityKey ->
+                    cryptoStore.getUserDeviceList(event.senderId ?: "")
+                            ?.firstOrNull {
+                                it.identityKey() == senderDeviceIdentityKey
+                            }
+                }?.deviceId
+
+                outgoingKeyRequestManager.onRoomKeyForwarded(
+                        sessionId = roomKeyContent.sessionId,
+                        algorithm = roomKeyContent.algorithm ?: "",
+                        roomId = roomKeyContent.roomId,
+                        senderKey = senderKey,
+                        fromIndex = index,
+                        fromDevice = fromDevice,
+                        event = event)
+
+                // The index is used to decide if we cancel sent request or if we wait for a better key
+                outgoingKeyRequestManager.postCancelRequestForSessionIfNeeded(roomKeyContent.sessionId, roomKeyContent.roomId, senderKey, index)
+            }
+        }
+
+        if (added is MXOlmDevice.AddSessionResult.Imported) {
             Timber.tag(loggerTag.value)
                     .d("onRoomKeyEvent(${event.getClearType()}) : Added megolm session ${roomKeyContent.sessionId} in ${roomKeyContent.roomId}")
             defaultKeysBackupService.maybeBackupKeys()
 
-            outgoingGossipingRequestManager.postCancelRequestForSessionIfNeeded(roomKeyContent.sessionId, roomKeyContent.roomId, senderKey)
-
             onNewSession(roomKeyContent.roomId, senderKey, roomKeyContent.sessionId)
         }
     }
@@ -341,72 +259,4 @@ internal class MXMegolmDecryption(private val userId: String,
         Timber.tag(loggerTag.value).v("ON NEW SESSION $sessionId - $senderKey")
         newSessionListener?.onNewSession(roomId, senderKey, sessionId)
     }
-
-    override fun hasKeysForKeyRequest(request: IncomingRoomKeyRequest): Boolean {
-        val roomId = request.requestBody?.roomId ?: return false
-        val senderKey = request.requestBody.senderKey ?: return false
-        val sessionId = request.requestBody.sessionId ?: return false
-        return olmDevice.hasInboundSessionKeys(roomId, senderKey, sessionId)
-    }
-
-    override fun shareKeysWithDevice(request: IncomingRoomKeyRequest) {
-        // sanity checks
-        if (request.requestBody == null) {
-            return
-        }
-        val userId = request.userId ?: return
-
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val body = request.requestBody
-            val sessionHolder = try {
-                olmDevice.getInboundGroupSession(body.sessionId, body.senderKey, body.roomId)
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value).e(failure, "shareKeysWithDevice: failed to get session for request $body")
-                return@launch
-            }
-
-            val export = sessionHolder.mutex.withLock {
-                sessionHolder.wrapper.exportKeys()
-            } ?: return@launch Unit.also {
-                Timber.tag(loggerTag.value).e("shareKeysWithDevice: failed to export group session ${body.sessionId}")
-            }
-
-            runCatching { deviceListManager.downloadKeys(listOf(userId), false) }
-                    .mapCatching {
-                        val deviceId = request.deviceId
-                        val deviceInfo = cryptoStore.getUserDevice(userId, deviceId ?: "")
-                        if (deviceInfo == null) {
-                            throw RuntimeException()
-                        } else {
-                            val devicesByUser = mapOf(userId to listOf(deviceInfo))
-                            val usersDeviceMap = ensureOlmSessionsForDevicesAction.handle(devicesByUser)
-                            val olmSessionResult = usersDeviceMap.getObject(userId, deviceId)
-                            if (olmSessionResult?.sessionId == null) {
-                                // no session with this device, probably because there
-                                // were no one-time keys.
-                                Timber.tag(loggerTag.value).e("no session with this device $deviceId, probably because there were no one-time keys.")
-                                return@mapCatching
-                            }
-                            Timber.tag(loggerTag.value).i("shareKeysWithDevice() : sharing session ${body.sessionId} with device $userId:$deviceId")
-
-                            val payloadJson = mapOf(
-                                    "type" to EventType.FORWARDED_ROOM_KEY,
-                                    "content" to export
-                            )
-
-                            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(deviceInfo))
-                            val sendToDeviceMap = MXUsersDevicesMap<Any>()
-                            sendToDeviceMap.setObject(userId, deviceId, encodedPayload)
-                            Timber.tag(loggerTag.value).i("shareKeysWithDevice() : sending ${body.sessionId} to $userId:$deviceId")
-                            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
-                            try {
-                                sendToDeviceTask.execute(sendToDeviceParams)
-                            } catch (failure: Throwable) {
-                                Timber.tag(loggerTag.value).e(failure, "shareKeysWithDevice() : Failed to send ${body.sessionId} to $userId:$deviceId")
-                            }
-                        }
-                    }
-        }
-    }
-
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryptionFactory.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryptionFactory.kt
index 3eba04b9f1..096773a959 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryptionFactory.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryptionFactory.kt
@@ -17,45 +17,24 @@
 package org.matrix.android.sdk.internal.crypto.algorithms.megolm
 
 import dagger.Lazy
-import kotlinx.coroutines.CoroutineScope
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.internal.crypto.DeviceListManager
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
-import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
-import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.di.UserId
 import org.matrix.android.sdk.internal.session.StreamEventsManager
 import javax.inject.Inject
 
 internal class MXMegolmDecryptionFactory @Inject constructor(
-        @UserId private val userId: String,
         private val olmDevice: MXOlmDevice,
-        private val deviceListManager: DeviceListManager,
-        private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
-        private val messageEncrypter: MessageEncrypter,
-        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
         private val cryptoStore: IMXCryptoStore,
-        private val sendToDeviceTask: SendToDeviceTask,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val cryptoCoroutineScope: CoroutineScope,
         private val eventsManager: Lazy<StreamEventsManager>
 ) {
 
     fun create(): MXMegolmDecryption {
         return MXMegolmDecryption(
-                userId,
                 olmDevice,
-                deviceListManager,
-                outgoingGossipingRequestManager,
-                messageEncrypter,
-                ensureOlmSessionsForDevicesAction,
+                outgoingKeyRequestManager,
                 cryptoStore,
-                sendToDeviceTask,
-                coroutineDispatchers,
-                cryptoCoroutineScope,
                 eventsManager)
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/olm/MXOlmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/olm/MXOlmDecryption.kt
index 0db8700852..f20085b07c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/olm/MXOlmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/olm/MXOlmDecryption.kt
@@ -241,8 +241,4 @@ internal class MXOlmDecryption(
 
         return res["payload"]
     }
-
-    override fun requestKeysForEvent(event: Event, withHeld: Boolean) {
-        // nop
-    }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
index 325d930dc6..dece891439 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
@@ -65,7 +65,8 @@ data class IncomingKeyRequestInfo(
         override val senderKey: String,
         override val alg: String,
         override val userId: String,
-        override val deviceId: String
+        override val deviceId: String,
+        val requestId: String
 ) : AuditInfo
 
 data class AuditTrail(
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
index b6820e591f..1a8be74d92 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
@@ -25,22 +25,19 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
 import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.util.Optional
-import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
 import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingSecretRequest
+import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
 import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
 import org.matrix.android.sdk.internal.crypto.model.OutboundGroupSessionWrapper
+import org.matrix.android.sdk.internal.crypto.model.TrailType
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeysBackupDataEntity
 import org.matrix.olm.OlmAccount
 import org.matrix.olm.OlmOutboundGroupSession
@@ -127,18 +124,6 @@ internal interface IMXCryptoStore {
      */
     fun getDeviceTrackingStatuses(): Map<String, Int>
 
-    /**
-     * @return the pending IncomingRoomKeyRequest requests
-     */
-    fun getPendingIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest>
-
-    fun getPendingIncomingGossipingRequests(): List<IncomingShareRequestCommon>
-
-    fun storeIncomingGossipingRequest(request: IncomingShareRequestCommon, ageLocalTS: Long?)
-
-    fun storeIncomingGossipingRequests(requests: List<IncomingShareRequestCommon>)
-//    fun getPendingIncomingSecretShareRequests(): List<IncomingSecretShareRequest>
-
     /**
      * Indicate if the store contains data for the passed account.
      *
@@ -389,25 +374,21 @@ internal interface IMXCryptoStore {
      * @param request the request
      * @return either the same instance as passed in, or the existing one.
      */
-    fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>): OutgoingKeyRequest
+    fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int): OutgoingKeyRequest
     fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState)
+    fun updateOutgoingRoomKeyRequiredIndex(requestId: String, newIndex: Int)
     fun updateOutgoingRoomKeyReply(
             roomId: String,
             sessionId: String,
             algorithm: String,
-            senderKey: String, fromDevice: String?, event: Event)
+            senderKey: String,
+            fromDevice: String?,
+            event: Event)
 
     fun deleteOutgoingRoomKeyRequest(requestId: String)
 
-    fun getOrAddOutgoingSecretShareRequest(secretName: String, recipients: Map<String, List<String>>): OutgoingSecretRequest?
-
-    @Deprecated("TODO")
-    fun saveGossipingEvent(event: Event) = saveGossipingEvents(listOf(event))
-
-    @Deprecated("TODO")
-    fun saveGossipingEvents(events: List<Event>)
-
     fun saveIncomingKeyRequestAuditTrail(
+            requestId: String,
             roomId: String,
             sessionId: String,
             senderKey: String,
@@ -436,32 +417,6 @@ internal interface IMXCryptoStore {
             chainIndex: Long?
     )
 
-    fun updateGossipingRequestState(request: IncomingShareRequestCommon, state: GossipingRequestState) {
-        updateGossipingRequestState(
-                requestUserId = request.userId,
-                requestDeviceId = request.deviceId,
-                requestId = request.requestId,
-                state = state
-        )
-    }
-
-    fun updateGossipingRequestState(requestUserId: String?,
-                                    requestDeviceId: String?,
-                                    requestId: String?,
-                                    state: GossipingRequestState)
-
-    /**
-     * Search an IncomingRoomKeyRequest
-     *
-     * @param userId    the user id
-     * @param deviceId  the device id
-     * @param requestId the request id
-     * @return an IncomingRoomKeyRequest if it exists, else null
-     */
-    fun getIncomingRoomKeyRequest(userId: String, deviceId: String, requestId: String): IncomingRoomKeyRequest?
-
-    fun updateOutgoingGossipingRequestState(requestId: String, state: OutgoingRoomKeyRequestState)
-
     fun addNewSessionListener(listener: NewSessionListener)
 
     fun removeSessionListener(listener: NewSessionListener)
@@ -522,11 +477,8 @@ internal interface IMXCryptoStore {
 
     fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest>
     fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>>
-    fun getOutgoingSecretKeyRequests(): List<OutgoingSecretRequest>
-    fun getOutgoingSecretRequest(secretName: String): OutgoingSecretRequest?
-    fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest>
-    fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>>
     fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>>
+    fun <T> getGossipingEventsTrail(type: TrailType, mapper: ((AuditTrail) -> T)): LiveData<PagedList<T>>
     fun getGossipingEvents(): List<AuditTrail>
 
     fun setDeviceKeysUploaded(uploaded: Boolean)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index f3bd5c413c..c7cbf9cdf1 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -36,23 +36,13 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
 import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
-import org.matrix.android.sdk.api.session.room.send.SendState
-import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.api.util.toOptional
-import org.matrix.android.sdk.internal.crypto.GossipRequestType
-import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingSecretRequest
 import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
 import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
@@ -74,10 +64,6 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoRoomEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoRoomEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.DeviceInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.DeviceInfoEntityFields
-import org.matrix.android.sdk.internal.crypto.store.db.model.GossipingEventEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.GossipingEventEntityFields
-import org.matrix.android.sdk.internal.crypto.store.db.model.IncomingGossipingRequestEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.IncomingGossipingRequestEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeysBackupDataEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.MyDeviceLastSeenInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.OlmInboundGroupSessionEntity
@@ -100,7 +86,6 @@ import org.matrix.android.sdk.internal.crypto.store.db.query.get
 import org.matrix.android.sdk.internal.crypto.store.db.query.getById
 import org.matrix.android.sdk.internal.crypto.store.db.query.getOrCreate
 import org.matrix.android.sdk.internal.crypto.util.RequestIdHelper
-import org.matrix.android.sdk.internal.database.mapper.ContentMapper
 import org.matrix.android.sdk.internal.database.tools.RealmDebugTools
 import org.matrix.android.sdk.internal.di.CryptoDatabase
 import org.matrix.android.sdk.internal.di.DeviceId
@@ -108,6 +93,7 @@ import org.matrix.android.sdk.internal.di.MoshiProvider
 import org.matrix.android.sdk.internal.di.UserId
 import org.matrix.android.sdk.internal.extensions.clearWith
 import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 import org.matrix.olm.OlmAccount
 import org.matrix.olm.OlmException
 import org.matrix.olm.OlmOutboundGroupSession
@@ -115,6 +101,7 @@ import timber.log.Timber
 import java.util.concurrent.Executors
 import java.util.concurrent.TimeUnit
 import javax.inject.Inject
+import org.matrix.android.sdk.api.util.Optional
 
 private val loggerTag = LoggerTag("RealmCryptoStore", LoggerTag.CRYPTO)
 
@@ -1022,6 +1009,8 @@ internal class RealmCryptoStore @Inject constructor(
     override fun getOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody): OutgoingKeyRequest? {
         return monarchy.fetchAllCopiedSync { realm ->
             realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
+                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
         }.map {
             it.toOutgoingGossipingRequest()
         }.firstOrNull {
@@ -1055,41 +1044,25 @@ internal class RealmCryptoStore @Inject constructor(
         }
     }
 
-    override fun getOutgoingSecretRequest(secretName: String): OutgoingSecretRequest? {
-//        return monarchy.fetchAllCopiedSync { realm ->
-//            realm.where<OutgoingGossipingRequestEntity>()
-//                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
-//                    .equalTo(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, secretName)
-//        }.mapNotNull {
-//            it.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-//        }.firstOrNull()
-        return null
-    }
-
-    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
-        return monarchy.fetchAllCopiedSync { realm ->
-            realm.where<IncomingGossipingRequestEntity>()
-                    .equalTo(IncomingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
-        }.mapNotNull {
-            it.toIncomingGossipingRequest() as? IncomingRoomKeyRequest
-        }
-    }
-
-    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
+    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
         val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
-            realm.where<IncomingGossipingRequestEntity>()
-                    .equalTo(IncomingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
-                    .sort(IncomingGossipingRequestEntityFields.LOCAL_CREATION_TIMESTAMP, Sort.DESCENDING)
+            realm.where<AuditTrailEntity>().sort(AuditTrailEntityFields.AGE_LOCAL_TS, Sort.DESCENDING)
         }
         val dataSourceFactory = realmDataSourceFactory.map {
-            it.toIncomingGossipingRequest() as? IncomingRoomKeyRequest
-                    ?: IncomingRoomKeyRequest(
-                            requestBody = null,
-                            deviceId = "",
-                            userId = "",
-                            requestId = "",
-                            state = GossipingRequestState.NONE,
-                            localCreationTimestamp = 0
+            AuditTrailMapper.map(it)
+            // mm we can't map not null...
+                    ?: AuditTrail(
+                            System.currentTimeMillis(),
+                            TrailType.Unknown,
+                            IncomingKeyRequestInfo(
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                            )
                     )
         }
         return monarchy.findAllPagedWithChanges(realmDataSourceFactory,
@@ -1102,831 +1075,557 @@ internal class RealmCryptoStore @Inject constructor(
         )
     }
 
-    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
+    override fun <T> getGossipingEventsTrail(type: TrailType, mapper: ((AuditTrail) -> T)): LiveData<PagedList<T>> {
         val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
-            realm.where<AuditTrailEntity>().sort(AuditTrailEntityFields.AGE_LOCAL_TS, Sort.DESCENDING)
-        }
-        val dataSourceFactory = realmDataSourceFactory.map {
-            AuditTrailMapper.map(it)
-            // mm we can't map not null...
-                    ?: AuditTrail(
-                            System.currentTimeMillis(),
-                            TrailType.IncomingKeyRequest,
-                            IncomingKeyRequestInfo(
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                            )
-                    )
-        }
-        val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                LivePagedListBuilder(dataSourceFactory,
-                        PagedList.Config.Builder()
-                                .setPageSize(20)
-                                .setEnablePlaceholders(false)
-                                .setPrefetchDistance(1)
-                                .build())
-        )
-        return trail
-    }
-
-    override fun getGossipingEvents(): List<AuditTrail> {
-        return monarchy.fetchAllCopiedSync { realm ->
             realm.where<AuditTrailEntity>()
-        }.mapNotNull {
-            AuditTrailMapper.map(it)
+                    .equalTo(AuditTrailEntityFields.TYPE, type.name)
+                    .sort(AuditTrailEntityFields.AGE_LOCAL_TS, Sort.DESCENDING)
         }
-    }
-
-    override fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>): OutgoingKeyRequest {
-        // Insert the request and return the one passed in parameter
-        lateinit var request: OutgoingKeyRequest
-        doRealmTransaction(realmConfiguration) { realm ->
-
-            val existing = realm.where<OutgoingKeyRequestEntity>()
-                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
-                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
-                    .findAll()
-                    .map {
-                        it.toOutgoingGossipingRequest()
-                    }.also {
-                        if (it.size > 1) {
-                            // there should be one or zero but not more, worth warning
-                            Timber.tag(loggerTag.value).w("There should not be more than one active key request per session")
-                        }
-                    }
-                    .firstOrNull {
-                        it.requestBody?.algorithm == requestBody.algorithm &&
-                                it.requestBody?.sessionId == requestBody.sessionId &&
-                                it.requestBody?.senderKey == requestBody.senderKey &&
-                                it.requestBody?.roomId == requestBody.roomId
-                    }
-
-            if (existing == null) {
-                request = realm.createObject(OutgoingKeyRequestEntity::class.java).apply {
-                    this.requestId = RequestIdHelper.createUniqueRequestId()
-                    this.setRecipients(recipients)
-                    this.requestState = OutgoingRoomKeyRequestState.UNSENT
-                    this.setRequestBody(requestBody)
-                    this.creationTimeStamp = System.currentTimeMillis()
-                }.toOutgoingGossipingRequest()
-            } else {
-                request = existing
-            }
-        }
-        return request
-    }
-
-    override fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<OutgoingKeyRequestEntity>()
-                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
-                    .findFirst()?.apply {
-                        this.requestState = newState
-                    }
-        }
-    }
-
-    override fun updateOutgoingRoomKeyReply(roomId: String,
-                                            sessionId: String,
-                                            algorithm: String,
-                                            senderKey: String,
-                                            fromDevice: String?,
-                                            event: Event) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<OutgoingKeyRequestEntity>()
-                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
-                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
-                    .findAll().firstOrNull { entity ->
-                        entity.toOutgoingGossipingRequest().let {
-                            it.requestBody?.senderKey == senderKey &&
-                                    it.requestBody?.algorithm == algorithm
-                        }
-                    }?.apply {
-                        event.senderId?.let { addReply(it, fromDevice, event) }
-                    }
-        }
-    }
-
-    override fun deleteOutgoingRoomKeyRequest(requestId: String) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<OutgoingKeyRequestEntity>()
-                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
-                    .findFirst()?.deleteOnCascade()
-        }
-    }
-
-    override fun getOrAddOutgoingSecretShareRequest(secretName: String, recipients: Map<String, List<String>>): OutgoingSecretRequest? {
-        return null
-//        var request: OutgoingSecretRequest? = null
-//
-//        // Insert the request and return the one passed in parameter
-//        doRealmTransaction(realmConfiguration) { realm ->
-//            val existing = realm.where<OutgoingGossipingRequestEntity>()
-//                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
-//                    .equalTo(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, secretName)
-//                    .findAll()
-//                    .mapNotNull {
-//                        it.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-//                    }.firstOrNull()
-//            if (existing == null) {
-//                request = realm.createObject(OutgoingGossipingRequestEntity::class.java).apply {
-//                    this.type = GossipRequestType.SECRET
-//                    setRecipients(recipients)
-//                    this.requestState = OutgoingRoomKeyRequestEntity.UNSENT
-//                    this.requestId = RequestIdHelper.createUniqueRequestId()
-//                    this.requestedInfoStr = secretName
-//                }.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-//            } else {
-//                request = existing
-//            }
-//        }
-//
-//        return request
-    }
-
-    override fun saveGossipingEvents(events: List<Event>) {
-        monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
-            events.forEach { event ->
-                val ageLocalTs = event.unsignedData?.age?.let { now - it } ?: now
-                val entity = GossipingEventEntity(
-                        type = event.type,
-                        sender = event.senderId,
-                        ageLocalTs = ageLocalTs,
-                        content = ContentMapper.map(event.content)
-                ).apply {
-                    sendState = SendState.SYNCED
-                    decryptionResultJson = MoshiProvider.providesMoshi().adapter(OlmDecryptionResult::class.java).toJson(event.mxDecryptionResult)
-                    decryptionErrorCode = event.mCryptoError?.name
-                }
-                realm.insertOrUpdate(entity)
-            }
-        }
-    }
-
-    override fun saveIncomingKeyRequestAuditTrail(
-            roomId: String,
-            sessionId: String,
-            senderKey: String,
-            algorithm: String,
-            fromUser: String,
-            fromDevice: String) {
-        monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
-            realm.createObject<AuditTrailEntity>().apply {
-                this.ageLocalTs = now
-                this.type = TrailType.IncomingKeyRequest.name
-                val info = IncomingKeyRequestInfo(
-                        roomId,
-                        sessionId,
-                        senderKey,
-                        algorithm,
-                        fromUser,
-                        fromDevice
-                )
-                MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).toJson(info)?.let {
-                    this.contentJson = it
-                }
-            }
-        }
-    }
-
-    override fun saveWithheldAuditTrail(roomId: String,
-                                        sessionId: String,
-                                        senderKey: String,
-                                        algorithm: String,
-                                        code: WithHeldCode,
-                                        userId: String,
-                                        deviceId: String) {
-        monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
-            realm.createObject<AuditTrailEntity>().apply {
-                this.ageLocalTs = now
-                this.type = TrailType.OutgoingKeyWithheld.name
-                val info = WithheldInfo(
-                        roomId,
-                        sessionId,
-                        senderKey,
-                        algorithm,
-                        code,
-                        userId,
-                        deviceId
-                )
-                MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).toJson(info)?.let {
-                    this.contentJson = it
-                }
-            }
-        }
-    }
-
-    override fun saveForwardKeyAuditTrail(roomId: String,
-                                          sessionId: String,
-                                          senderKey: String,
-                                          algorithm: String,
-                                          userId: String,
-                                          deviceId: String,
-                                          chainIndex: Long?) {
-        monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
-            realm.createObject<AuditTrailEntity>().apply {
-                this.ageLocalTs = now
-                this.type = TrailType.OutgoingKeyForward.name
-                val info = ForwardInfo(
-                        roomId,
-                        sessionId,
-                        senderKey,
-                        algorithm,
-                        userId,
-                        deviceId,
-                        chainIndex
-                )
-                MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).toJson(info)?.let {
-                    this.contentJson = it
-                }
-            }
-        }
-    }
-//    override fun getOutgoingRoomKeyRequestByState(states: Set<ShareRequestState>): OutgoingRoomKeyRequest? {
-//        val statesIndex = states.map { it.ordinal }.toTypedArray()
-//        return doRealmQueryAndCopy(realmConfiguration) { realm ->
-//            realm.where<GossipingEventEntity>()
-//                    .equalTo(GossipingEventEntityFields.SENDER, credentials.userId)
-//                    .findAll()
-//                    .filter {entity ->
-//                        states.any { it == entity.requestState}
-//                    }
-//        }.mapNotNull {
-//            ContentMapper.map(it.content)?.toModel<OutgoingSecretRequest>()
-//        }
-//                ?.toOutgoingRoomKeyRequest()
-//    }
-//
-//    override fun getOutgoingSecretShareRequestByState(states: Set<ShareRequestState>): OutgoingSecretRequest? {
-//        val statesIndex = states.map { it.ordinal }.toTypedArray()
-//        return doRealmQueryAndCopy(realmConfiguration) {
-//            it.where<OutgoingSecretRequestEntity>()
-//                    .`in`(OutgoingSecretRequestEntityFields.STATE, statesIndex)
-//                    .findFirst()
-//        }
-//                ?.toOutgoingSecretRequest()
-//    }
-
-//    override fun updateOutgoingRoomKeyRequest(request: OutgoingRoomKeyRequest) {
-//        doRealmTransaction(realmConfiguration) {
-//            val obj = OutgoingRoomKeyRequestEntity().apply {
-//                requestId = request.requestId
-//                cancellationTxnId = request.cancellationTxnId
-//                state = request.state.ordinal
-//                putRecipients(request.recipients)
-//                putRequestBody(request.requestBody)
-//            }
-//
-//            it.insertOrUpdate(obj)
-//        }
-//    }
-
-//    override fun deleteOutgoingRoomKeyRequest(transactionId: String) {
-//        doRealmTransaction(realmConfiguration) {
-//            it.where<OutgoingRoomKeyRequestEntity>()
-//                    .equalTo(OutgoingRoomKeyRequestEntityFields.REQUEST_ID, transactionId)
-//                    .findFirst()
-//                    ?.deleteFromRealm()
-//        }
-//    }
-
-//    override fun storeIncomingRoomKeyRequest(incomingRoomKeyRequest: IncomingRoomKeyRequest?) {
-//        if (incomingRoomKeyRequest == null) {
-//            return
-//        }
-//
-//        doRealmTransaction(realmConfiguration) {
-//            // Delete any previous store request with the same parameters
-//            it.where<IncomingRoomKeyRequestEntity>()
-//                    .equalTo(IncomingRoomKeyRequestEntityFields.USER_ID, incomingRoomKeyRequest.userId)
-//                    .equalTo(IncomingRoomKeyRequestEntityFields.DEVICE_ID, incomingRoomKeyRequest.deviceId)
-//                    .equalTo(IncomingRoomKeyRequestEntityFields.REQUEST_ID, incomingRoomKeyRequest.requestId)
-//                    .findAll()
-//                    .deleteAllFromRealm()
-//
-//            // Then store it
-//            it.createObject(IncomingRoomKeyRequestEntity::class.java).apply {
-//                userId = incomingRoomKeyRequest.userId
-//                deviceId = incomingRoomKeyRequest.deviceId
-//                requestId = incomingRoomKeyRequest.requestId
-//                putRequestBody(incomingRoomKeyRequest.requestBody)
-//            }
-//        }
-//    }
-
-//    override fun deleteIncomingRoomKeyRequest(incomingRoomKeyRequest: IncomingShareRequestCommon) {
-//        doRealmTransaction(realmConfiguration) {
-//            it.where<GossipingEventEntity>()
-//                    .equalTo(GossipingEventEntityFields.TYPE, EventType.ROOM_KEY_REQUEST)
-//                    .notEqualTo(GossipingEventEntityFields.SENDER, credentials.userId)
-//                    .findAll()
-//                    .filter {
-//                        ContentMapper.map(it.content).toModel<IncomingRoomKeyRequest>()?.let {
-//
-//                        }
-//                    }
-// //                    .equalTo(IncomingRoomKeyRequestEntityFields.USER_ID, incomingRoomKeyRequest.userId)
-// //                    .equalTo(IncomingRoomKeyRequestEntityFields.DEVICE_ID, incomingRoomKeyRequest.deviceId)
-// //                    .equalTo(IncomingRoomKeyRequestEntityFields.REQUEST_ID, incomingRoomKeyRequest.requestId)
-// //                    .findAll()
-// //                    .deleteAllFromRealm()
-//        }
-//    }
-
-    override fun updateGossipingRequestState(requestUserId: String?,
-                                             requestDeviceId: String?,
-                                             requestId: String?,
-                                             state: GossipingRequestState) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<IncomingGossipingRequestEntity>()
-                    .equalTo(IncomingGossipingRequestEntityFields.OTHER_USER_ID, requestUserId)
-                    .equalTo(IncomingGossipingRequestEntityFields.OTHER_DEVICE_ID, requestDeviceId)
-                    .equalTo(IncomingGossipingRequestEntityFields.REQUEST_ID, requestId)
-                    .findAll().forEach {
-                        it.requestState = state
-                    }
-        }
-    }
-
-    override fun updateOutgoingGossipingRequestState(requestId: String, state: OutgoingRoomKeyRequestState) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<OutgoingKeyRequestEntity>()
-                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
-                    .findAll().forEach {
-                        it.requestState = state
-                    }
-        }
-    }
-
-    override fun getIncomingRoomKeyRequest(userId: String, deviceId: String, requestId: String): IncomingRoomKeyRequest? {
-        return doWithRealm(realmConfiguration) { realm ->
-            realm.where<IncomingGossipingRequestEntity>()
-                    .equalTo(IncomingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
-                    .equalTo(IncomingGossipingRequestEntityFields.OTHER_DEVICE_ID, deviceId)
-                    .equalTo(IncomingGossipingRequestEntityFields.OTHER_USER_ID, userId)
-                    .findAll()
-                    .mapNotNull { entity ->
-                        entity.toIncomingGossipingRequest() as? IncomingRoomKeyRequest
-                    }
-                    .firstOrNull()
-        }
-    }
-
-    override fun getPendingIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
-        return doWithRealm(realmConfiguration) {
-            it.where<IncomingGossipingRequestEntity>()
-                    .equalTo(IncomingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.KEY.name)
-                    .equalTo(IncomingGossipingRequestEntityFields.REQUEST_STATE_STR, GossipingRequestState.PENDING.name)
-                    .findAll()
-                    .map { entity ->
-                        IncomingRoomKeyRequest(
-                                userId = entity.otherUserId,
-                                deviceId = entity.otherDeviceId,
-                                requestId = entity.requestId,
-                                requestBody = entity.getRequestedKeyInfo(),
-                                localCreationTimestamp = entity.localCreationTimestamp
+            val dataSourceFactory = realmDataSourceFactory.map { entity ->
+                (AuditTrailMapper.map(entity)
+                // mm we can't map not null...
+                        ?: AuditTrail(
+                                System.currentTimeMillis(),
+                                type,
+                                IncomingKeyRequestInfo(
+                                        "",
+                                        "",
+                                        "",
+                                        "",
+                                        "",
+                                        "",
+                                        "",
+                                )
                         )
-                    }
+                        ).let { mapper.invoke(it) }
+            }
+            return monarchy.findAllPagedWithChanges(realmDataSourceFactory,
+                    LivePagedListBuilder(dataSourceFactory,
+                            PagedList.Config.Builder()
+                                    .setPageSize(20)
+                                    .setEnablePlaceholders(false)
+                                    .setPrefetchDistance(1)
+                                    .build())
+            )
         }
-    }
 
-    override fun getPendingIncomingGossipingRequests(): List<IncomingShareRequestCommon> {
-        return doWithRealm(realmConfiguration) {
-            it.where<IncomingGossipingRequestEntity>()
-                    .equalTo(IncomingGossipingRequestEntityFields.REQUEST_STATE_STR, GossipingRequestState.PENDING.name)
-                    .findAll()
-                    .mapNotNull { entity ->
-                        when (entity.type) {
-                            GossipRequestType.KEY    -> {
-                                IncomingRoomKeyRequest(
-                                        userId = entity.otherUserId,
-                                        deviceId = entity.otherDeviceId,
-                                        requestId = entity.requestId,
-                                        requestBody = entity.getRequestedKeyInfo(),
-                                        localCreationTimestamp = entity.localCreationTimestamp
-                                )
-                            }
-                            GossipRequestType.SECRET -> {
-                                IncomingSecretShareRequest(
-                                        userId = entity.otherUserId,
-                                        deviceId = entity.otherDeviceId,
-                                        requestId = entity.requestId,
-                                        secretName = entity.getRequestedSecretName(),
-                                        localCreationTimestamp = entity.localCreationTimestamp
-                                )
+        override fun getGossipingEvents(): List<AuditTrail> {
+            return monarchy.fetchAllCopiedSync { realm ->
+                realm.where<AuditTrailEntity>()
+            }.mapNotNull {
+                AuditTrailMapper.map(it)
+            }
+        }
+
+        override fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody,
+                                                    recipients: Map<String, List<String>>,
+                                                    fromIndex: Int): OutgoingKeyRequest {
+            // Insert the request and return the one passed in parameter
+            lateinit var request: OutgoingKeyRequest
+            doRealmTransaction(realmConfiguration) { realm ->
+
+                val existing = realm.where<OutgoingKeyRequestEntity>()
+                        .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
+                        .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
+                        .findAll()
+                        .map {
+                            it.toOutgoingGossipingRequest()
+                        }.also {
+                            if (it.size > 1) {
+                                // there should be one or zero but not more, worth warning
+                                Timber.tag(loggerTag.value).w("There should not be more than one active key request per session")
                             }
                         }
-                    }
-        }
-    }
+                        .firstOrNull {
+                            it.requestBody?.algorithm == requestBody.algorithm &&
+                                    it.requestBody?.sessionId == requestBody.sessionId &&
+                                    it.requestBody?.senderKey == requestBody.senderKey &&
+                                    it.requestBody?.roomId == requestBody.roomId
+                        }
 
-    override fun storeIncomingGossipingRequest(request: IncomingShareRequestCommon, ageLocalTS: Long?) {
-        doRealmTransactionAsync(realmConfiguration) { realm ->
-
-            // After a clear cache, we might have a
-
-            realm.createObject(IncomingGossipingRequestEntity::class.java).let {
-                it.otherDeviceId = request.deviceId
-                it.otherUserId = request.userId
-                it.requestId = request.requestId ?: ""
-                it.requestState = GossipingRequestState.PENDING
-                it.localCreationTimestamp = ageLocalTS ?: System.currentTimeMillis()
-                if (request is IncomingSecretShareRequest) {
-                    it.type = GossipRequestType.SECRET
-                    it.requestedInfoStr = request.secretName
-                } else if (request is IncomingRoomKeyRequest) {
-                    it.type = GossipRequestType.KEY
-                    it.requestedInfoStr = request.requestBody?.toJson()
-                }
-            }
-        }
-    }
-
-    override fun storeIncomingGossipingRequests(requests: List<IncomingShareRequestCommon>) {
-        doRealmTransactionAsync(realmConfiguration) { realm ->
-            requests.forEach { request ->
-                // After a clear cache, we might have a
-                realm.createObject(IncomingGossipingRequestEntity::class.java).let {
-                    it.otherDeviceId = request.deviceId
-                    it.otherUserId = request.userId
-                    it.requestId = request.requestId ?: ""
-                    it.requestState = GossipingRequestState.PENDING
-                    it.localCreationTimestamp = request.localCreationTimestamp ?: System.currentTimeMillis()
-                    if (request is IncomingSecretShareRequest) {
-                        it.type = GossipRequestType.SECRET
-                        it.requestedInfoStr = request.secretName
-                    } else if (request is IncomingRoomKeyRequest) {
-                        it.type = GossipRequestType.KEY
-                        it.requestedInfoStr = request.requestBody?.toJson()
-                    }
-                }
-            }
-        }
-    }
-
-//    override fun getPendingIncomingSecretShareRequests(): List<IncomingSecretShareRequest> {
-//        return doRealmQueryAndCopyList(realmConfiguration) {
-//            it.where<GossipingEventEntity>()
-//                    .findAll()
-//        }.map {
-//            it.toIncomingSecretShareRequest()
-//        }
-//    }
-
-    /* ==========================================================================================
-     * Cross Signing
-     * ========================================================================================== */
-    override fun getMyCrossSigningInfo(): MXCrossSigningInfo? {
-        return doWithRealm(realmConfiguration) {
-            it.where<CryptoMetadataEntity>().findFirst()?.userId
-        }?.let {
-            getCrossSigningInfo(it)
-        }
-    }
-
-    override fun setMyCrossSigningInfo(info: MXCrossSigningInfo?) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { userId ->
-                addOrUpdateCrossSigningInfo(realm, userId, info)
-            }
-        }
-    }
-
-    override fun setUserKeysAsTrusted(userId: String, trusted: Boolean) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            val xInfoEntity = realm.where(CrossSigningInfoEntity::class.java)
-                    .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
-                    .findFirst()
-            xInfoEntity?.crossSigningKeys?.forEach { info ->
-                val level = info.trustLevelEntity
-                if (level == null) {
-                    val newLevel = realm.createObject(TrustLevelEntity::class.java)
-                    newLevel.locallyVerified = trusted
-                    newLevel.crossSignedVerified = trusted
-                    info.trustLevelEntity = newLevel
+                if (existing == null) {
+                    request = realm.createObject(OutgoingKeyRequestEntity::class.java).apply {
+                        this.requestId = RequestIdHelper.createUniqueRequestId()
+                        this.setRecipients(recipients)
+                        this.requestedIndex = fromIndex
+                        this.requestState = OutgoingRoomKeyRequestState.UNSENT
+                        this.setRequestBody(requestBody)
+                        this.creationTimeStamp = System.currentTimeMillis()
+                    }.toOutgoingGossipingRequest()
                 } else {
-                    level.locallyVerified = trusted
-                    level.crossSignedVerified = trusted
+                    request = existing
                 }
             }
+            return request
         }
-    }
 
-    override fun setDeviceTrust(userId: String, deviceId: String, crossSignedVerified: Boolean, locallyVerified: Boolean?) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where(DeviceInfoEntity::class.java)
-                    .equalTo(DeviceInfoEntityFields.PRIMARY_KEY, DeviceInfoEntity.createPrimaryKey(userId, deviceId))
-                    .findFirst()?.let { deviceInfoEntity ->
-                        val trustEntity = deviceInfoEntity.trustLevelEntity
-                        if (trustEntity == null) {
-                            realm.createObject(TrustLevelEntity::class.java).let {
-                                it.locallyVerified = locallyVerified
-                                it.crossSignedVerified = crossSignedVerified
-                                deviceInfoEntity.trustLevelEntity = it
+        override fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where<OutgoingKeyRequestEntity>()
+                        .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                        .findFirst()?.apply {
+                            this.requestState = newState
+                            if (newState == OutgoingRoomKeyRequestState.UNSENT) {
+                                // clear the old replies
+                                this.replies.deleteAllFromRealm()
                             }
-                        } else {
-                            locallyVerified?.let { trustEntity.locallyVerified = it }
-                            trustEntity.crossSignedVerified = crossSignedVerified
                         }
-                    }
-        }
-    }
-
-    override fun clearOtherUserTrust() {
-        doRealmTransaction(realmConfiguration) { realm ->
-            val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
-                    .findAll()
-            xInfoEntities?.forEach { info ->
-                // Need to ignore mine
-                if (info.userId != userId) {
-                    info.crossSigningKeys.forEach {
-                        it.trustLevelEntity = null
-                    }
-                }
             }
         }
-    }
 
-    override fun updateUsersTrust(check: (String) -> Boolean) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
-                    .findAll()
-            xInfoEntities?.forEach { xInfoEntity ->
-                // Need to ignore mine
-                if (xInfoEntity.userId == userId) return@forEach
-                val mapped = mapCrossSigningInfoEntity(xInfoEntity)
-                val currentTrust = mapped.isTrusted()
-                val newTrust = check(mapped.userId)
-                if (currentTrust != newTrust) {
-                    xInfoEntity.crossSigningKeys.forEach { info ->
-                        val level = info.trustLevelEntity
-                        if (level == null) {
-                            val newLevel = realm.createObject(TrustLevelEntity::class.java)
-                            newLevel.locallyVerified = newTrust
-                            newLevel.crossSignedVerified = newTrust
-                            info.trustLevelEntity = newLevel
-                        } else {
-                            level.locallyVerified = newTrust
-                            level.crossSignedVerified = newTrust
+        override fun updateOutgoingRoomKeyRequiredIndex(requestId: String, newIndex: Int) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where<OutgoingKeyRequestEntity>()
+                        .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                        .findFirst()?.apply {
+                            this.requestedIndex = newIndex
                         }
+            }
+        }
+
+        override fun updateOutgoingRoomKeyReply(roomId: String,
+                                                sessionId: String,
+                                                algorithm: String,
+                                                senderKey: String,
+                                                fromDevice: String?,
+                                                event: Event) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where<OutgoingKeyRequestEntity>()
+                        .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
+                        .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
+                        .findAll().firstOrNull { entity ->
+                            entity.toOutgoingGossipingRequest().let {
+                                it.requestBody?.senderKey == senderKey &&
+                                        it.requestBody?.algorithm == algorithm
+                            }
+                        }?.apply {
+                            event.senderId?.let { addReply(it, fromDevice, event) }
+                        }
+            }
+        }
+
+        override fun deleteOutgoingRoomKeyRequest(requestId: String) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where<OutgoingKeyRequestEntity>()
+                        .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                        .findFirst()?.deleteOnCascade()
+            }
+        }
+
+        override fun saveIncomingKeyRequestAuditTrail(
+                requestId: String,
+                roomId: String,
+                sessionId: String,
+                senderKey: String,
+                algorithm: String,
+                fromUser: String,
+                fromDevice: String) {
+            monarchy.writeAsync { realm ->
+                val now = System.currentTimeMillis()
+                realm.createObject<AuditTrailEntity>().apply {
+                    this.ageLocalTs = now
+                    this.type = TrailType.IncomingKeyRequest.name
+                    val info = IncomingKeyRequestInfo(
+                            roomId = roomId,
+                            sessionId = sessionId,
+                            senderKey = senderKey,
+                            alg = algorithm,
+                            userId = fromUser,
+                            deviceId = fromDevice,
+                            requestId = requestId
+                    )
+                    MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).toJson(info)?.let {
+                        this.contentJson = it
                     }
                 }
             }
         }
-    }
 
-    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
-        return monarchy.fetchAllMappedSync({ realm ->
-            realm
-                    .where(OutgoingKeyRequestEntity::class.java)
-        }, { entity ->
-            entity.toOutgoingGossipingRequest()
-        })
-                .filterNotNull()
-    }
-
-    override fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest> {
-        return monarchy.fetchAllMappedSync({ realm ->
-            realm
-                    .where(OutgoingKeyRequestEntity::class.java)
-                    .`in`(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, inStates.map { it.name }.toTypedArray())
-        }, { entity ->
-            entity.toOutgoingGossipingRequest()
-        })
-                .filterNotNull()
-    }
-
-    override fun getOutgoingSecretKeyRequests(): List<OutgoingSecretRequest> {
-//        return monarchy.fetchAllMappedSync({ realm ->
-//            realm
-//                    .where(OutgoingGossipingRequestEntity::class.java)
-//                    .equalTo(OutgoingGossipingRequestEntityFields.TYPE_STR, GossipRequestType.SECRET.name)
-//        }, { entity ->
-//            entity.toOutgoingGossipingRequest() as? OutgoingSecretRequest
-//        })
-//                .filterNotNull()
-        return emptyList()
-    }
-
-    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
-        val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
-            realm
-                    .where(OutgoingKeyRequestEntity::class.java)
-        }
-        val dataSourceFactory = realmDataSourceFactory.map {
-            it.toOutgoingGossipingRequest()
-        }
-        val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                LivePagedListBuilder(dataSourceFactory,
-                        PagedList.Config.Builder()
-                                .setPageSize(20)
-                                .setEnablePlaceholders(false)
-                                .setPrefetchDistance(1)
-                                .build())
-        )
-        return trail
-    }
-
-    override fun getCrossSigningInfo(userId: String): MXCrossSigningInfo? {
-        return doWithRealm(realmConfiguration) { realm ->
-            val crossSigningInfo = realm.where(CrossSigningInfoEntity::class.java)
-                    .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
-                    .findFirst()
-            if (crossSigningInfo == null) {
-                null
-            } else {
-                mapCrossSigningInfoEntity(crossSigningInfo)
+        override fun saveWithheldAuditTrail(roomId: String,
+                                            sessionId: String,
+                                            senderKey: String,
+                                            algorithm: String,
+                                            code: WithHeldCode,
+                                            userId: String,
+                                            deviceId: String) {
+            monarchy.writeAsync { realm ->
+                val now = System.currentTimeMillis()
+                realm.createObject<AuditTrailEntity>().apply {
+                    this.ageLocalTs = now
+                    this.type = TrailType.OutgoingKeyWithheld.name
+                    val info = WithheldInfo(
+                            roomId = roomId,
+                            sessionId = sessionId,
+                            senderKey = senderKey,
+                            alg = algorithm,
+                            code = code,
+                            userId = userId,
+                            deviceId = deviceId
+                    )
+                    MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).toJson(info)?.let {
+                        this.contentJson = it
+                    }
+                }
             }
         }
-    }
 
-    private fun mapCrossSigningInfoEntity(xsignInfo: CrossSigningInfoEntity): MXCrossSigningInfo {
-        val userId = xsignInfo.userId ?: ""
-        return MXCrossSigningInfo(
-                userId = userId,
-                crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull {
-                    crossSigningKeysMapper.map(userId, it)
+        override fun saveForwardKeyAuditTrail(roomId: String,
+                                              sessionId: String,
+                                              senderKey: String,
+                                              algorithm: String,
+                                              userId: String,
+                                              deviceId: String,
+                                              chainIndex: Long?) {
+            monarchy.writeAsync { realm ->
+                val now = System.currentTimeMillis()
+                realm.createObject<AuditTrailEntity>().apply {
+                    this.ageLocalTs = now
+                    this.type = TrailType.OutgoingKeyForward.name
+                    val info = ForwardInfo(
+                            roomId = roomId,
+                            sessionId = sessionId,
+                            senderKey = senderKey,
+                            alg = algorithm,
+                            userId = userId,
+                            deviceId = deviceId,
+                            chainIndex = chainIndex
+                    )
+                    MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).toJson(info)?.let {
+                        this.contentJson = it
+                    }
                 }
-        )
-    }
-
-    override fun getLiveCrossSigningInfo(userId: String): LiveData<Optional<MXCrossSigningInfo>> {
-        val liveData = monarchy.findAllMappedWithChanges(
-                { realm: Realm ->
-                    realm.where<CrossSigningInfoEntity>()
-                            .equalTo(UserEntityFields.USER_ID, userId)
-                },
-                { mapCrossSigningInfoEntity(it) }
-        )
-        return Transformations.map(liveData) {
-            it.firstOrNull().toOptional()
+            }
         }
-    }
 
-    override fun setCrossSigningInfo(userId: String, info: MXCrossSigningInfo?) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            addOrUpdateCrossSigningInfo(realm, userId, info)
+        /* ==========================================================================================
+         * Cross Signing
+         * ========================================================================================== */
+        override fun getMyCrossSigningInfo(): MXCrossSigningInfo? {
+            return doWithRealm(realmConfiguration) {
+                it.where<CryptoMetadataEntity>().findFirst()?.userId
+            }?.let {
+                getCrossSigningInfo(it)
+            }
         }
-    }
 
-    override fun markMyMasterKeyAsLocallyTrusted(trusted: Boolean) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { myUserId ->
-                CrossSigningInfoEntity.get(realm, myUserId)?.getMasterKey()?.let { xInfoEntity ->
-                    val level = xInfoEntity.trustLevelEntity
+        override fun setMyCrossSigningInfo(info: MXCrossSigningInfo?) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { userId ->
+                    addOrUpdateCrossSigningInfo(realm, userId, info)
+                }
+            }
+        }
+
+        override fun setUserKeysAsTrusted(userId: String, trusted: Boolean) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                val xInfoEntity = realm.where(CrossSigningInfoEntity::class.java)
+                        .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
+                        .findFirst()
+                xInfoEntity?.crossSigningKeys?.forEach { info ->
+                    val level = info.trustLevelEntity
                     if (level == null) {
                         val newLevel = realm.createObject(TrustLevelEntity::class.java)
                         newLevel.locallyVerified = trusted
-                        xInfoEntity.trustLevelEntity = newLevel
+                        newLevel.crossSignedVerified = trusted
+                        info.trustLevelEntity = newLevel
                     } else {
                         level.locallyVerified = trusted
+                        level.crossSignedVerified = trusted
                     }
                 }
             }
         }
-    }
 
-    private fun addOrUpdateCrossSigningInfo(realm: Realm, userId: String, info: MXCrossSigningInfo?): CrossSigningInfoEntity? {
-        if (info == null) {
-            // Delete known if needed
-            CrossSigningInfoEntity.get(realm, userId)?.deleteFromRealm()
-            return null
-            // TODO notify, we might need to untrust things?
-        } else {
-            // Just override existing, caller should check and untrust id needed
-            val existing = CrossSigningInfoEntity.getOrCreate(realm, userId)
-            existing.crossSigningKeys.clearWith { it.deleteOnCascade() }
-            existing.crossSigningKeys.addAll(
-                    info.crossSigningKeys.map {
-                        crossSigningKeysMapper.map(it)
-                    }
-            )
-            return existing
-        }
-    }
-
-    override fun addWithHeldMegolmSession(withHeldContent: RoomKeyWithHeldContent) {
-        val roomId = withHeldContent.roomId ?: return
-        val sessionId = withHeldContent.sessionId ?: return
-        if (withHeldContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return
-        doRealmTransaction(realmConfiguration) { realm ->
-            WithHeldSessionEntity.getOrCreate(realm, roomId, sessionId)?.let {
-                it.code = withHeldContent.code
-                it.senderKey = withHeldContent.senderKey
-                it.reason = withHeldContent.reason
+        override fun setDeviceTrust(userId: String, deviceId: String, crossSignedVerified: Boolean, locallyVerified: Boolean?) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where(DeviceInfoEntity::class.java)
+                        .equalTo(DeviceInfoEntityFields.PRIMARY_KEY, DeviceInfoEntity.createPrimaryKey(userId, deviceId))
+                        .findFirst()?.let { deviceInfoEntity ->
+                            val trustEntity = deviceInfoEntity.trustLevelEntity
+                            if (trustEntity == null) {
+                                realm.createObject(TrustLevelEntity::class.java).let {
+                                    it.locallyVerified = locallyVerified
+                                    it.crossSignedVerified = crossSignedVerified
+                                    deviceInfoEntity.trustLevelEntity = it
+                                }
+                            } else {
+                                locallyVerified?.let { trustEntity.locallyVerified = it }
+                                trustEntity.crossSignedVerified = crossSignedVerified
+                            }
+                        }
             }
         }
-    }
 
-    override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
-        return doWithRealm(realmConfiguration) { realm ->
-            WithHeldSessionEntity.get(realm, roomId, sessionId)?.let {
-                RoomKeyWithHeldContent(
+        override fun clearOtherUserTrust() {
+            doRealmTransaction(realmConfiguration) { realm ->
+                val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
+                        .findAll()
+                xInfoEntities?.forEach { info ->
+                    // Need to ignore mine
+                    if (info.userId != userId) {
+                        info.crossSigningKeys.forEach {
+                            it.trustLevelEntity = null
+                        }
+                    }
+                }
+            }
+        }
+
+        override fun updateUsersTrust(check: (String) -> Boolean) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
+                        .findAll()
+                xInfoEntities?.forEach { xInfoEntity ->
+                    // Need to ignore mine
+                    if (xInfoEntity.userId == userId) return@forEach
+                    val mapped = mapCrossSigningInfoEntity(xInfoEntity)
+                    val currentTrust = mapped.isTrusted()
+                    val newTrust = check(mapped.userId)
+                    if (currentTrust != newTrust) {
+                        xInfoEntity.crossSigningKeys.forEach { info ->
+                            val level = info.trustLevelEntity
+                            if (level == null) {
+                                val newLevel = realm.createObject(TrustLevelEntity::class.java)
+                                newLevel.locallyVerified = newTrust
+                                newLevel.crossSignedVerified = newTrust
+                                info.trustLevelEntity = newLevel
+                            } else {
+                                level.locallyVerified = newTrust
+                                level.crossSignedVerified = newTrust
+                            }
+                        }
+                    }
+                }
+            }
+        }
+
+        override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
+            return monarchy.fetchAllMappedSync({ realm ->
+                realm
+                        .where(OutgoingKeyRequestEntity::class.java)
+            }, { entity ->
+                entity.toOutgoingGossipingRequest()
+            })
+                    .filterNotNull()
+        }
+
+        override fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest> {
+            return monarchy.fetchAllMappedSync({ realm ->
+                realm
+                        .where(OutgoingKeyRequestEntity::class.java)
+                        .`in`(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, inStates.map { it.name }.toTypedArray())
+            }, { entity ->
+                entity.toOutgoingGossipingRequest()
+            })
+                    .filterNotNull()
+        }
+
+        override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
+            val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
+                realm
+                        .where(OutgoingKeyRequestEntity::class.java)
+            }
+            val dataSourceFactory = realmDataSourceFactory.map {
+                it.toOutgoingGossipingRequest()
+            }
+            val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
+                    LivePagedListBuilder(dataSourceFactory,
+                            PagedList.Config.Builder()
+                                    .setPageSize(20)
+                                    .setEnablePlaceholders(false)
+                                    .setPrefetchDistance(1)
+                                    .build())
+            )
+            return trail
+        }
+
+        override fun getCrossSigningInfo(userId: String): MXCrossSigningInfo? {
+            return doWithRealm(realmConfiguration) { realm ->
+                val crossSigningInfo = realm.where(CrossSigningInfoEntity::class.java)
+                        .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
+                        .findFirst()
+                if (crossSigningInfo == null) {
+                    null
+                } else {
+                    mapCrossSigningInfoEntity(crossSigningInfo)
+                }
+            }
+        }
+
+        private fun mapCrossSigningInfoEntity(xsignInfo: CrossSigningInfoEntity): MXCrossSigningInfo {
+            val userId = xsignInfo.userId ?: ""
+            return MXCrossSigningInfo(
+                    userId = userId,
+                    crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull {
+                        crossSigningKeysMapper.map(userId, it)
+                    }
+            )
+        }
+
+        override fun getLiveCrossSigningInfo(userId: String): LiveData<Optional<MXCrossSigningInfo>> {
+            val liveData = monarchy.findAllMappedWithChanges(
+                    { realm: Realm ->
+                        realm.where<CrossSigningInfoEntity>()
+                                .equalTo(UserEntityFields.USER_ID, userId)
+                    },
+                    { mapCrossSigningInfoEntity(it) }
+            )
+            return Transformations.map(liveData) {
+                it.firstOrNull().toOptional()
+            }
+        }
+
+        override fun setCrossSigningInfo(userId: String, info: MXCrossSigningInfo?) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                addOrUpdateCrossSigningInfo(realm, userId, info)
+            }
+        }
+
+        override fun markMyMasterKeyAsLocallyTrusted(trusted: Boolean) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { myUserId ->
+                    CrossSigningInfoEntity.get(realm, myUserId)?.getMasterKey()?.let { xInfoEntity ->
+                        val level = xInfoEntity.trustLevelEntity
+                        if (level == null) {
+                            val newLevel = realm.createObject(TrustLevelEntity::class.java)
+                            newLevel.locallyVerified = trusted
+                            xInfoEntity.trustLevelEntity = newLevel
+                        } else {
+                            level.locallyVerified = trusted
+                        }
+                    }
+                }
+            }
+        }
+
+        private fun addOrUpdateCrossSigningInfo(realm: Realm, userId: String, info: MXCrossSigningInfo?): CrossSigningInfoEntity? {
+            if (info == null) {
+                // Delete known if needed
+                CrossSigningInfoEntity.get(realm, userId)?.deleteFromRealm()
+                return null
+                // TODO notify, we might need to untrust things?
+            } else {
+                // Just override existing, caller should check and untrust id needed
+                val existing = CrossSigningInfoEntity.getOrCreate(realm, userId)
+                existing.crossSigningKeys.clearWith { it.deleteOnCascade() }
+                existing.crossSigningKeys.addAll(
+                        info.crossSigningKeys.map {
+                            crossSigningKeysMapper.map(it)
+                        }
+                )
+                return existing
+            }
+        }
+
+        override fun addWithHeldMegolmSession(withHeldContent: RoomKeyWithHeldContent) {
+            val roomId = withHeldContent.roomId ?: return
+            val sessionId = withHeldContent.sessionId ?: return
+            if (withHeldContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return
+            doRealmTransaction(realmConfiguration) { realm ->
+                WithHeldSessionEntity.getOrCreate(realm, roomId, sessionId)?.let {
+                    it.code = withHeldContent.code
+                    it.senderKey = withHeldContent.senderKey
+                    it.reason = withHeldContent.reason
+                }
+            }
+        }
+
+        override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
+            return doWithRealm(realmConfiguration) { realm ->
+                WithHeldSessionEntity.get(realm, roomId, sessionId)?.let {
+                    RoomKeyWithHeldContent(
+                            roomId = roomId,
+                            sessionId = sessionId,
+                            algorithm = it.algorithm,
+                            codeString = it.codeString,
+                            reason = it.reason,
+                            senderKey = it.senderKey
+                    )
+                }
+            }
+        }
+
+        override fun markedSessionAsShared(roomId: String?,
+                                           sessionId: String,
+                                           userId: String,
+                                           deviceId: String,
+                                           deviceIdentityKey: String,
+                                           chainIndex: Int) {
+            doRealmTransaction(realmConfiguration) { realm ->
+                SharedSessionEntity.create(
+                        realm = realm,
                         roomId = roomId,
                         sessionId = sessionId,
-                        algorithm = it.algorithm,
-                        codeString = it.codeString,
-                        reason = it.reason,
-                        senderKey = it.senderKey
+                        userId = userId,
+                        deviceId = deviceId,
+                        deviceIdentityKey = deviceIdentityKey,
+                        chainIndex = chainIndex
                 )
             }
         }
-    }
 
-    override fun markedSessionAsShared(roomId: String?,
-                                       sessionId: String,
-                                       userId: String,
-                                       deviceId: String,
-                                       deviceIdentityKey: String,
-                                       chainIndex: Int) {
-        doRealmTransaction(realmConfiguration) { realm ->
-            SharedSessionEntity.create(
-                    realm = realm,
-                    roomId = roomId,
-                    sessionId = sessionId,
-                    userId = userId,
-                    deviceId = deviceId,
-                    deviceIdentityKey = deviceIdentityKey,
-                    chainIndex = chainIndex
-            )
+        override fun getSharedSessionInfo(roomId: String?, sessionId: String, deviceInfo: CryptoDeviceInfo): IMXCryptoStore.SharedSessionResult {
+            return doWithRealm(realmConfiguration) { realm ->
+                SharedSessionEntity.get(
+                        realm = realm,
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        userId = deviceInfo.userId,
+                        deviceId = deviceInfo.deviceId,
+                        deviceIdentityKey = deviceInfo.identityKey()
+                )?.let {
+                    IMXCryptoStore.SharedSessionResult(true, it.chainIndex)
+                } ?: IMXCryptoStore.SharedSessionResult(false, null)
+            }
         }
-    }
 
-    override fun getSharedSessionInfo(roomId: String?, sessionId: String, deviceInfo: CryptoDeviceInfo): IMXCryptoStore.SharedSessionResult {
-        return doWithRealm(realmConfiguration) { realm ->
-            SharedSessionEntity.get(
-                    realm = realm,
-                    roomId = roomId,
-                    sessionId = sessionId,
-                    userId = deviceInfo.userId,
-                    deviceId = deviceInfo.deviceId,
-                    deviceIdentityKey = deviceInfo.identityKey()
-            )?.let {
-                IMXCryptoStore.SharedSessionResult(true, it.chainIndex)
-            } ?: IMXCryptoStore.SharedSessionResult(false, null)
-        }
-    }
-
-    override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
-        return doWithRealm(realmConfiguration) { realm ->
-            val result = MXUsersDevicesMap<Int>()
-            SharedSessionEntity.get(realm, roomId, sessionId)
-                    .groupBy { it.userId }
-                    .forEach { (userId, shared) ->
-                        shared.forEach {
-                            result.setObject(userId, it.deviceId, it.chainIndex)
+        override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
+            return doWithRealm(realmConfiguration) { realm ->
+                val result = MXUsersDevicesMap<Int>()
+                SharedSessionEntity.get(realm, roomId, sessionId)
+                        .groupBy { it.userId }
+                        .forEach { (userId, shared) ->
+                            shared.forEach {
+                                result.setObject(userId, it.deviceId, it.chainIndex)
+                            }
                         }
-                    }
 
-            result
+                result
+            }
+        }
+
+        /**
+         * Some entries in the DB can get a bit out of control with time
+         * So we need to tidy up a bit
+         */
+        override fun tidyUpDataBase() {
+            val prevWeekTs = System.currentTimeMillis() - 7 * 24 * 60 * 60 * 1_000
+            doRealmTransaction(realmConfiguration) { realm ->
+
+                // Clean the old ones?
+                realm.where<OutgoingKeyRequestEntity>()
+                        .lessThan(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, prevWeekTs)
+                        .findAll()
+                        .also { Timber.i("## Crypto Clean up ${it.size} OutgoingKeyRequestEntity") }
+                        .deleteAllFromRealm()
+
+                // Only keep one month history
+
+                val prevMonthTs = System.currentTimeMillis() - 4 * 7 * 24 * 60 * 60 * 1_000L
+                realm.where<AuditTrailEntity>()
+                        .lessThan(AuditTrailEntityFields.AGE_LOCAL_TS, prevMonthTs)
+                        .findAll()
+                        .also { Timber.i("## Crypto Clean up ${it.size} AuditTrailEntity") }
+                        .deleteAllFromRealm()
+
+                // Can we do something for WithHeldSessionEntity?
+            }
+        }
+
+        /**
+         * Prints out database info
+         */
+        override fun logDbUsageInfo() {
+            RealmDebugTools(realmConfiguration).logInfo("Crypto")
         }
     }
-
-    /**
-     * Some entries in the DB can get a bit out of control with time
-     * So we need to tidy up a bit
-     */
-    override fun tidyUpDataBase() {
-        val prevWeekTs = System.currentTimeMillis() - 7 * 24 * 60 * 60 * 1_000
-        doRealmTransaction(realmConfiguration) { realm ->
-
-            // Only keep one week history
-            realm.where<IncomingGossipingRequestEntity>()
-                    .lessThan(IncomingGossipingRequestEntityFields.LOCAL_CREATION_TIMESTAMP, prevWeekTs)
-                    .findAll()
-                    .also { Timber.i("## Crypto Clean up ${it.size} IncomingGossipingRequestEntity") }
-                    .deleteAllFromRealm()
-
-            // Clean the old ones?
-            realm.where<OutgoingKeyRequestEntity>()
-                    .lessThan(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, prevWeekTs)
-                    .findAll()
-                    .also { Timber.i("## Crypto Clean up ${it.size} OutgoingKeyRequestEntity") }
-                    .deleteAllFromRealm()
-
-            // Only keep one week history
-            realm.where<GossipingEventEntity>()
-                    .lessThan(GossipingEventEntityFields.AGE_LOCAL_TS, prevWeekTs)
-                    .findAll()
-                    .also { Timber.i("## Crypto Clean up ${it.size} GossipingEventEntityFields") }
-                    .deleteAllFromRealm()
-
-            // Can we do something for WithHeldSessionEntity?
-        }
-    }
-
-    /**
-     * Prints out database info
-     */
-    override fun logDbUsageInfo() {
-        RealmDebugTools(realmConfiguration).logInfo("Crypto")
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt
index e3e195ff8c..26761a860c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStoreModule.kt
@@ -22,8 +22,6 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.CrossSigningInfoEnt
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMetadataEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoRoomEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.DeviceInfoEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.GossipingEventEntity
-import org.matrix.android.sdk.internal.crypto.store.db.model.IncomingGossipingRequestEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeyInfoEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeysBackupDataEntity
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index 832272f574..17d7494968 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 New Vector Ltd
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -45,7 +45,6 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
                 .addField(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, Long::class.java)
                 .setNullable(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, true)
 
-
         realm.schema.create("AuditTrailEntity")
                 .addField(AuditTrailEntityFields.AGE_LOCAL_TS, Long::class.java)
                 .setNullable(AuditTrailEntityFields.AGE_LOCAL_TS, true)
@@ -56,6 +55,5 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
                 .addField(KeyRequestReplyEntityFields.SENDER_ID, String::class.java)
                 .addField(KeyRequestReplyEntityFields.FROM_DEVICE, String::class.java)
                 .addField(KeyRequestReplyEntityFields.EVENT_JSON, String::class.java)
-
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
index c58b3a684d..5ac659d327 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
@@ -18,13 +18,6 @@ package org.matrix.android.sdk.internal.crypto.store.db.model
 
 import io.realm.RealmObject
 import io.realm.annotations.Index
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.session.crypto.model.GossipingRequestState
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
-import org.matrix.android.sdk.internal.crypto.GossipRequestType
-import org.matrix.android.sdk.internal.crypto.IncomingShareRequestCommon
 
 // not used anymore, just here for db migration
 internal open class IncomingGossipingRequestEntity(@Index var requestId: String? = "",
@@ -35,56 +28,7 @@ internal open class IncomingGossipingRequestEntity(@Index var requestId: String?
                                                    var localCreationTimestamp: Long? = null
 ) : RealmObject() {
 
-    fun getRequestedSecretName(): String? = if (type == GossipRequestType.SECRET) {
-        requestedInfoStr
-    } else null
-
-    fun getRequestedKeyInfo(): RoomKeyRequestBody? = if (type == GossipRequestType.KEY) {
-        RoomKeyRequestBody.fromJson(requestedInfoStr)
-    } else null
-
-    var type: GossipRequestType
-        get() {
-            return tryOrNull { typeStr?.let { GossipRequestType.valueOf(it) } } ?: GossipRequestType.KEY
-        }
-        set(value) {
-            typeStr = value.name
-        }
-
-    private var requestStateStr: String = GossipingRequestState.NONE.name
-
-    var requestState: GossipingRequestState
-        get() {
-            return tryOrNull { GossipingRequestState.valueOf(requestStateStr) }
-                    ?: GossipingRequestState.NONE
-        }
-        set(value) {
-            requestStateStr = value.name
-        }
+    private var requestStateStr: String = ""
 
     companion object
-
-    fun toIncomingGossipingRequest(): IncomingShareRequestCommon {
-        return when (type) {
-            GossipRequestType.KEY    -> {
-                IncomingRoomKeyRequest(
-                        requestBody = getRequestedKeyInfo(),
-                        deviceId = otherDeviceId,
-                        userId = otherUserId,
-                        requestId = requestId,
-                        state = requestState,
-                        localCreationTimestamp = localCreationTimestamp
-                )
-            }
-            GossipRequestType.SECRET -> {
-                IncomingSecretShareRequest(
-                        secretName = getRequestedSecretName(),
-                        deviceId = otherDeviceId,
-                        userId = otherUserId,
-                        requestId = requestId,
-                        localCreationTimestamp = localCreationTimestamp
-                )
-            }
-        }
-    }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
index ccb4590fb9..cd3b21f7ba 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
@@ -18,7 +18,6 @@ package org.matrix.android.sdk.internal.crypto.store.db.model
 
 import io.realm.RealmObject
 import io.realm.annotations.Index
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestState
 
 // not used anymore, just here for db migration
 internal open class OutgoingGossipingRequestEntity(
@@ -28,5 +27,5 @@ internal open class OutgoingGossipingRequestEntity(
         @Index var typeStr: String? = null
 ) : RealmObject() {
 
-    private var requestStateStr: String = OutgoingGossipingRequestState.UNSENT.name
+    private var requestStateStr: String = ""
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
index 3e00ce7cce..6ff93b0224 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2022 New Vector Ltd
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -32,10 +32,10 @@ import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 import org.matrix.android.sdk.internal.crypto.RequestReply
 import org.matrix.android.sdk.internal.crypto.RequestResult
 import org.matrix.android.sdk.internal.di.MoshiProvider
-import timber.log.Timber
 
 internal open class OutgoingKeyRequestEntity(
         @Index var requestId: String? = null,
+        var requestedIndex: Int? = null,
         var recipientsData: String? = null,
         var requestedInfoStr: String? = null,
         var creationTimeStamp: Long? = null,
@@ -84,7 +84,6 @@ internal open class OutgoingKeyRequestEntity(
     }
 
     fun addReply(userId: String, fromDevice: String?, event: Event) {
-        Timber.w("##VALR: add reply $userId / $fromDevice  / $event")
         val newReply = KeyRequestReplyEntity(
                 senderId = userId,
                 fromDevice = fromDevice,
@@ -98,6 +97,7 @@ internal open class OutgoingKeyRequestEntity(
                 requestBody = getRequestedKeyInfo(),
                 recipients = getRecipients().orEmpty(),
                 requestId = requestId ?: "",
+                fromIndex = requestedIndex ?: 0,
                 state = requestState,
                 results = replies.mapNotNull { entity ->
                     val userId = entity.senderId ?: return@mapNotNull null
@@ -107,9 +107,9 @@ internal open class OutgoingKeyRequestEntity(
                         eventToResult(event)
                     } ?: return@mapNotNull null
                     RequestReply(
-                            userId,
-                            entity.fromDevice,
-                            result
+                            userId = userId,
+                            fromDevice = entity.fromDevice,
+                            result = result
                     )
                 }
         )
@@ -123,7 +123,7 @@ internal open class OutgoingKeyRequestEntity(
                 }
             }
             EventType.FORWARDED_ROOM_KEY -> {
-                RequestResult.Success
+                RequestResult.Success((event.content?.get("chain_index") as? Number)?.toInt() ?: 0)
             }
             else                         -> null
         }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt
index 7b850628f6..15c55f81ea 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultIncomingSASDefaultVerificationTransaction.kt
@@ -23,7 +23,7 @@ import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerific
 import org.matrix.android.sdk.api.session.crypto.verification.SasMode
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -35,7 +35,7 @@ internal class DefaultIncomingSASDefaultVerificationTransaction(
         override val deviceId: String?,
         private val cryptoStore: IMXCryptoStore,
         crossSigningService: CrossSigningService,
-        outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        outgoingKeyRequestManager: OutgoingKeyRequestManager,
         secretShareManager: SecretShareManager,
         deviceFingerprint: String,
         transactionId: String,
@@ -47,7 +47,7 @@ internal class DefaultIncomingSASDefaultVerificationTransaction(
         deviceId,
         cryptoStore,
         crossSigningService,
-        outgoingGossipingRequestManager,
+        outgoingKeyRequestManager,
         secretShareManager,
         deviceFingerprint,
         transactionId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt
index 5c5f8dd668..00a2b8f82a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultOutgoingSASDefaultVerificationTransaction.kt
@@ -20,7 +20,7 @@ import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
 import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -32,7 +32,7 @@ internal class DefaultOutgoingSASDefaultVerificationTransaction(
         deviceId: String?,
         cryptoStore: IMXCryptoStore,
         crossSigningService: CrossSigningService,
-        outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        outgoingKeyRequestManager: OutgoingKeyRequestManager,
         secretShareManager: SecretShareManager,
         deviceFingerprint: String,
         transactionId: String,
@@ -44,7 +44,7 @@ internal class DefaultOutgoingSASDefaultVerificationTransaction(
         deviceId,
         cryptoStore,
         crossSigningService,
-        outgoingGossipingRequestManager,
+        outgoingKeyRequestManager,
         secretShareManager,
         deviceFingerprint,
         transactionId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
index 00d01f02ed..16f1f7d719 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
@@ -60,7 +60,7 @@ import org.matrix.android.sdk.api.session.room.model.message.MessageVerification
 import org.matrix.android.sdk.api.session.room.model.message.ValidVerificationDone
 import org.matrix.android.sdk.internal.crypto.DeviceListManager
 import org.matrix.android.sdk.internal.crypto.MyDeviceInfoHolder
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.model.rest.KeyVerificationAccept
@@ -94,7 +94,7 @@ internal class DefaultVerificationService @Inject constructor(
         @UserId private val userId: String,
         @DeviceId private val deviceId: String?,
         private val cryptoStore: IMXCryptoStore,
-        private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
         private val secretShareManager: SecretShareManager,
         private val myDeviceInfoHolder: Lazy<MyDeviceInfoHolder>,
         private val deviceListManager: DeviceListManager,
@@ -547,7 +547,7 @@ internal class DefaultVerificationService @Inject constructor(
                             deviceId,
                             cryptoStore,
                             crossSigningService,
-                            outgoingGossipingRequestManager,
+                            outgoingKeyRequestManager,
                             secretShareManager,
                             myDeviceInfoHolder.get().myDevice.fingerprint()!!,
                             startReq.transactionId,
@@ -909,7 +909,7 @@ internal class DefaultVerificationService @Inject constructor(
                     otherUserId = senderId,
                     otherDeviceId = readyReq.fromDevice,
                     crossSigningService = crossSigningService,
-                    outgoingGossipingRequestManager = outgoingGossipingRequestManager,
+                    outgoingKeyRequestManager = outgoingKeyRequestManager,
                     secretShareManager = secretShareManager,
                     cryptoStore = cryptoStore,
                     qrCodeData = qrCodeData,
@@ -1108,7 +1108,7 @@ internal class DefaultVerificationService @Inject constructor(
                     deviceId,
                     cryptoStore,
                     crossSigningService,
-                    outgoingGossipingRequestManager,
+                    outgoingKeyRequestManager,
                     secretShareManager,
                     myDeviceInfoHolder.get().myDevice.fingerprint()!!,
                     txID,
@@ -1300,7 +1300,7 @@ internal class DefaultVerificationService @Inject constructor(
                     deviceId,
                     cryptoStore,
                     crossSigningService,
-                    outgoingGossipingRequestManager,
+                    outgoingKeyRequestManager,
                     secretShareManager,
                     myDeviceInfoHolder.get().myDevice.fingerprint()!!,
                     transactionId,
@@ -1438,7 +1438,7 @@ internal class DefaultVerificationService @Inject constructor(
                         otherUserId = otherUserId,
                         otherDeviceId = otherDeviceId,
                         crossSigningService = crossSigningService,
-                        outgoingGossipingRequestManager = outgoingGossipingRequestManager,
+                        outgoingKeyRequestManager = outgoingKeyRequestManager,
                         secretShareManager = secretShareManager,
                         cryptoStore = cryptoStore,
                         qrCodeData = qrCodeData,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt
index 770a6ba54c..bb90d7b100 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationTransaction.kt
@@ -20,7 +20,7 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.CrossSigningServic
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import timber.log.Timber
@@ -31,7 +31,7 @@ import timber.log.Timber
 internal abstract class DefaultVerificationTransaction(
         private val setDeviceVerificationAction: SetDeviceVerificationAction,
         private val crossSigningService: CrossSigningService,
-        private val outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
         private val secretShareManager: SecretShareManager,
         private val userId: String,
         override val transactionId: String,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt
index 43e25ab2bf..133dfe2328 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SASDefaultVerificationTransaction.kt
@@ -23,7 +23,7 @@ import org.matrix.android.sdk.api.session.crypto.verification.SasMode
 import org.matrix.android.sdk.api.session.crypto.verification.SasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -42,7 +42,7 @@ internal abstract class SASDefaultVerificationTransaction(
         open val deviceId: String?,
         private val cryptoStore: IMXCryptoStore,
         crossSigningService: CrossSigningService,
-        outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        outgoingKeyRequestManager: OutgoingKeyRequestManager,
         secretShareManager: SecretShareManager,
         private val deviceFingerprint: String,
         transactionId: String,
@@ -52,7 +52,7 @@ internal abstract class SASDefaultVerificationTransaction(
 ) : DefaultVerificationTransaction(
         setDeviceVerificationAction,
         crossSigningService,
-        outgoingGossipingRequestManager,
+        outgoingKeyRequestManager,
         secretShareManager,
         userId,
         transactionId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
index 9cc31d9542..ba434444bf 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
@@ -21,8 +21,7 @@ import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
 import org.matrix.android.sdk.api.session.crypto.verification.QrCodeVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.util.fromBase64
-import org.matrix.android.sdk.internal.crypto.OutgoingGossipingRequestManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
 import org.matrix.android.sdk.internal.crypto.crosssigning.fromBase64Safe
@@ -37,7 +36,7 @@ internal class DefaultQrCodeVerificationTransaction(
         override val otherUserId: String,
         override var otherDeviceId: String?,
         private val crossSigningService: CrossSigningService,
-        outgoingGossipingRequestManager: OutgoingGossipingRequestManager,
+        outgoingKeyRequestManager: OutgoingKeyRequestManager,
         secretShareManager: SecretShareManager,
         private val cryptoStore: IMXCryptoStore,
         // Not null only if other user is able to scan QR code
@@ -48,7 +47,7 @@ internal class DefaultQrCodeVerificationTransaction(
 ) : DefaultVerificationTransaction(
         setDeviceVerificationAction,
         crossSigningService,
-        outgoingGossipingRequestManager,
+        outgoingKeyRequestManager,
         secretShareManager,
         userId,
         transactionId,
diff --git a/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt b/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
index 0fbb18e63c..cbaafed7e3 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
@@ -22,6 +22,8 @@ import im.vector.app.core.date.DateFormatKind
 import im.vector.app.core.date.VectorDateFormatter
 import im.vector.app.features.popup.DefaultVectorAlert
 import im.vector.app.features.popup.PopupAlertManager
+import im.vector.app.features.session.coroutineScope
+import kotlinx.coroutines.launch
 import org.matrix.android.sdk.api.MatrixCallback
 import org.matrix.android.sdk.api.session.Session
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
@@ -36,6 +38,12 @@ import org.matrix.android.sdk.api.session.crypto.verification.SasVerificationTra
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationService
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
+import org.matrix.android.sdk.internal.crypto.IncomingRoomKeyRequest
+import org.matrix.android.sdk.internal.crypto.crosssigning.DeviceTrustLevel
+import org.matrix.android.sdk.internal.crypto.model.CryptoDeviceInfo
+import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.internal.crypto.model.rest.DeviceInfo
+import org.matrix.android.sdk.internal.crypto.model.rest.SecretShareRequest
 import timber.log.Timber
 import javax.inject.Inject
 import javax.inject.Singleton
@@ -72,10 +80,9 @@ class KeyRequestHandler @Inject constructor(
         session = null
     }
 
-    override fun onSecretShareRequest(request: IncomingSecretShareRequest): Boolean {
+    override fun onSecretShareRequest(request: SecretShareRequest): Boolean {
         // By default Element will not prompt if the SDK has decided that the request should not be fulfilled
         Timber.v("## onSecretShareRequest() : Ignoring $request")
-        request.ignore?.run()
         return true
     }
 
@@ -195,15 +202,14 @@ class KeyRequestHandler @Inject constructor(
     }
 
     private fun denyAllRequests(mappingKey: String) {
-        alertsToRequests[mappingKey]?.forEach {
-            it.ignore?.run()
-        }
         alertsToRequests.remove(mappingKey)
     }
 
     private fun shareAllSessions(mappingKey: String) {
         alertsToRequests[mappingKey]?.forEach {
-            it.share?.run()
+            session?.coroutineScope?.launch {
+                session?.cryptoService()?.manuallyAcceptRoomKeyRequest(it)
+            }
         }
         alertsToRequests.remove(mappingKey)
     }
@@ -213,7 +219,7 @@ class KeyRequestHandler @Inject constructor(
      *
      * @param request the cancellation request.
      */
-    override fun onRoomKeyRequestCancellation(request: IncomingRequestCancellation) {
+    override fun onRequestCancelled(request: IncomingRoomKeyRequest) {
         // see if we can find the request in the queue
         val userId = request.userId
         val deviceId = request.deviceId
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt
index 4653f04f2c..de867b8693 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt
@@ -62,10 +62,6 @@ class IncomingKeyRequestPagedController @Inject constructor(
                             textStyle = "bold"
                         }
                         +"${roomKeyRequest.deviceId}"
-                        span("\nstate: ") {
-                            textStyle = "bold"
-                        }
-                        +roomKeyRequest.state.name
                     }.toEpoxyCharSequence()
             )
         }

From b1db6ca180b23de79fc32d6105b7edd3b905c938 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 16 Mar 2022 15:55:00 +0100
Subject: [PATCH 03/27] fix db migration

---
 .../crypto/store/db/migration/MigrateCryptoTo016.kt         | 4 ++++
 .../sdk/internal/crypto/store/db/model/AuditTrailEntity.kt  | 3 ++-
 .../settings/devtools/GossipingTrailPagedEpoxyController.kt | 6 ++++++
 3 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index 17d7494968..dac2ba2c31 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -42,6 +42,9 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
                 .addField(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, String::class.java)
                 .addIndex(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR)
                 .addField(OutgoingKeyRequestEntityFields.REQUESTED_INFO_STR, String::class.java)
+                .addField(OutgoingKeyRequestEntityFields.ROOM_ID, String::class.java)
+                .addIndex(OutgoingKeyRequestEntityFields.ROOM_ID)
+                .addField(OutgoingKeyRequestEntityFields.REQUESTED_INDEX, String::class.java)
                 .addField(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, Long::class.java)
                 .setNullable(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, true)
 
@@ -50,6 +53,7 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
                 .setNullable(AuditTrailEntityFields.AGE_LOCAL_TS, true)
                 .addField(AuditTrailEntityFields.CONTENT_JSON, String::class.java)
                 .addField(AuditTrailEntityFields.TYPE, String::class.java)
+                .addIndex(AuditTrailEntityFields.TYPE)
 
         realm.schema.create("KeyRequestReplyEntity")
                 .addField(KeyRequestReplyEntityFields.SENDER_ID, String::class.java)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt
index a3963e9485..2e0e9c8c8b 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailEntity.kt
@@ -17,10 +17,11 @@
 package org.matrix.android.sdk.internal.crypto.store.db.model
 
 import io.realm.RealmObject
+import io.realm.annotations.Index
 
 internal open class AuditTrailEntity(
         var ageLocalTs: Long? = null,
-        var type: String? = null,
+        @Index var type: String? = null,
         var contentJson: String? = null
 ) : RealmObject() {
     companion object
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
index 79b4564e7a..5831a6eacf 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
@@ -88,6 +88,12 @@ class GossipingTrailPagedEpoxyController @Inject constructor(
                                 TrailType.IncomingKeyRequest  -> {
                                     // no additional info
                                 }
+                                TrailType.IncomingKeyForward  -> {
+
+                                }
+                                TrailType.Unknown             -> {
+
+                                }
                             }
                         }
                     }.toEpoxyCharSequence()

From ae6df469e2adb4b0378aef6d4d31d121ad4fd3d4 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 16 Mar 2022 17:47:52 +0100
Subject: [PATCH 04/27] Add incoming key forward trail

---
 .../algorithms/megolm/MXMegolmDecryption.kt   |  9 +++
 .../internal/crypto/store/IMXCryptoStore.kt   | 10 +++
 .../crypto/store/db/RealmCryptoStore.kt       | 69 ++++++++++++-------
 .../devtools/GossipingEventsSerializer.kt     |  6 ++
 .../GossipingTrailPagedEpoxyController.kt     |  7 +-
 .../IncomingKeyRequestPagedController.kt      |  1 +
 6 files changed, 76 insertions(+), 26 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 4b90617998..8e5edd3643 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -234,6 +234,15 @@ internal class MXMegolmDecryption(
                         fromDevice = fromDevice,
                         event = event)
 
+                cryptoStore.saveIncomingForwardKeyAuditTrail(
+                        roomId = roomKeyContent.roomId,
+                        sessionId = roomKeyContent.sessionId,
+                        senderKey = senderKey,
+                        algorithm = roomKeyContent.algorithm ?: "",
+                        userId = event.senderId ?: "",
+                        deviceId = fromDevice ?: "",
+                        chainIndex = index.toLong())
+
                 // The index is used to decide if we cancel sent request or if we wait for a better key
                 outgoingKeyRequestManager.postCancelRequestForSessionIfNeeded(roomKeyContent.sessionId, roomKeyContent.roomId, senderKey, index)
             }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
index 1a8be74d92..182b54a096 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
@@ -417,6 +417,16 @@ internal interface IMXCryptoStore {
             chainIndex: Long?
     )
 
+    fun saveIncomingForwardKeyAuditTrail(
+            roomId: String,
+            sessionId: String,
+            senderKey: String,
+            algorithm: String,
+            userId: String,
+            deviceId: String,
+            chainIndex: Long?
+    )
+
     fun addNewSessionListener(listener: NewSessionListener)
 
     fun removeSessionListener(listener: NewSessionListener)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index c7cbf9cdf1..f14ad97745 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -1269,30 +1269,51 @@ internal class RealmCryptoStore @Inject constructor(
             }
         }
 
-        override fun saveForwardKeyAuditTrail(roomId: String,
-                                              sessionId: String,
-                                              senderKey: String,
-                                              algorithm: String,
-                                              userId: String,
-                                              deviceId: String,
-                                              chainIndex: Long?) {
-            monarchy.writeAsync { realm ->
-                val now = System.currentTimeMillis()
-                realm.createObject<AuditTrailEntity>().apply {
-                    this.ageLocalTs = now
-                    this.type = TrailType.OutgoingKeyForward.name
-                    val info = ForwardInfo(
-                            roomId = roomId,
-                            sessionId = sessionId,
-                            senderKey = senderKey,
-                            alg = algorithm,
-                            userId = userId,
-                            deviceId = deviceId,
-                            chainIndex = chainIndex
-                    )
-                    MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).toJson(info)?.let {
-                        this.contentJson = it
-                    }
+    override fun saveForwardKeyAuditTrail(roomId: String,
+                                          sessionId: String,
+                                          senderKey: String,
+                                          algorithm: String,
+                                          userId: String,
+                                          deviceId: String,
+                                          chainIndex: Long?) {
+        saveForwardKeyTrail(roomId, sessionId, senderKey, algorithm, userId, deviceId, chainIndex, false)
+    }
+
+    override fun saveIncomingForwardKeyAuditTrail(roomId: String,
+                                                  sessionId: String,
+                                                  senderKey: String,
+                                                  algorithm: String,
+                                                  userId: String,
+                                                  deviceId: String,
+                                                  chainIndex: Long?) {
+        saveForwardKeyTrail(roomId, sessionId, senderKey, algorithm, userId, deviceId, chainIndex, true)
+    }
+
+    private fun saveForwardKeyTrail(roomId: String,
+                                    sessionId: String,
+                                    senderKey: String,
+                                    algorithm: String,
+                                    userId: String,
+                                    deviceId: String,
+                                    chainIndex: Long?,
+                                    incoming: Boolean
+    ) {
+        monarchy.writeAsync { realm ->
+            val now = System.currentTimeMillis()
+            realm.createObject<AuditTrailEntity>().apply {
+                this.ageLocalTs = now
+                this.type = if (incoming) TrailType.IncomingKeyForward.name else TrailType.OutgoingKeyForward.name
+                val info = ForwardInfo(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        senderKey = senderKey,
+                        alg = algorithm,
+                        userId = userId,
+                        deviceId = deviceId,
+                        chainIndex = chainIndex
+                )
+                MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).toJson(info)?.let {
+                    this.contentJson = it
                 }
             }
         }
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
index 20a14df6b2..05fc3a570d 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
@@ -49,6 +49,12 @@ class GossipingEventsSerializer {
                             append("code: ${it.code} ")
                         }
                     }
+                    TrailType.IncomingKeyForward -> {
+                        append("from:${info.userId}|${info.deviceId} - ")
+                        (trail.info as? ForwardInfo)?.let {
+                            append("chainIndex: ${it.chainIndex} ")
+                        }
+                    }
                     else                         -> {
                         append("??")
                     }
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
index 5831a6eacf..1377cad1b8 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
@@ -89,10 +89,13 @@ class GossipingTrailPagedEpoxyController @Inject constructor(
                                     // no additional info
                                 }
                                 TrailType.IncomingKeyForward  -> {
-
+                                    val fInfo = event.info as ForwardInfo
+                                    span("\nchainIndex: ") {
+                                        textStyle = "bold"
+                                    }
+                                    +"${fInfo.chainIndex}"
                                 }
                                 TrailType.Unknown             -> {
-
                                 }
                             }
                         }
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt
index de867b8693..09dd198bee 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/IncomingKeyRequestPagedController.kt
@@ -53,6 +53,7 @@ class IncomingKeyRequestPagedController @Inject constructor(
                             textStyle = "bold"
                         }
                         span("${roomKeyRequest.userId}")
+                        +"\n"
                         +host.vectorDateFormatter.format(roomKeyRequest.localCreationTimestamp, DateFormatKind.DEFAULT_DATE_AND_TIME)
                         span("\nsessionId:") {
                             textStyle = "bold"

From 6a509ce22d072ed658e119a95d7822bf6d3eabfe Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Thu, 17 Mar 2022 08:58:02 +0100
Subject: [PATCH 05/27] fix unused var

---
 .../sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
index 4717697288..e9a4fb206d 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
@@ -280,7 +280,7 @@ internal class MXMegolmEncryption(
         // attempted to share with) rather than the contentMap (those we did
         // share with), because we don't want to try to claim a one-time-key
         // for dead devices on every message.
-        for ((userId, devicesToShareWith) in devicesByUser) {
+        for ((_, devicesToShareWith) in devicesByUser) {
             for (deviceInfo in devicesToShareWith) {
                 session.sharedWithHelper.markedSessionAsShared(deviceInfo, chainIndex)
                 // XXX is it needed to add it to the audit trail?

From 1d948d6b2003078159aa1734da0fb40a967e5eaa Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 18 Mar 2022 17:11:56 +0100
Subject: [PATCH 06/27] Add option to disable key gossip, clear key request on
 trust change

---
 .../sdk/internal/crypto/E2eeSanityTests.kt    |   91 +-
 .../crypto/gossiping/KeyShareTests.kt         |   45 +-
 .../sdk/api/session/crypto/CryptoService.kt   |    9 +
 .../internal/crypto/DefaultCryptoService.kt   |    6 +
 .../crypto/OutgoingKeyRequestManager.kt       |   47 +-
 .../algorithms/megolm/MXMegolmDecryption.kt   |   10 +-
 .../DefaultCrossSigningService.kt             |   21 +-
 .../internal/crypto/store/IMXCryptoStore.kt   |   12 +-
 .../crypto/store/db/RealmCryptoStore.kt       | 1007 +++++++++--------
 .../store/db/migration/MigrateCryptoTo016.kt  |    8 +
 .../store/db/model/CryptoMetadataEntity.kt    |    2 +
 .../room/membership/joining/JoinRoomTask.kt   |   15 +-
 12 files changed, 696 insertions(+), 577 deletions(-)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index d5ae06a0e3..fe7c17636b 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -64,9 +64,6 @@ import java.util.concurrent.CountDownLatch
 @LargeTest
 class E2eeSanityTests : InstrumentedTest {
 
-    private val testHelper = CommonTestHelper(context())
-    private val cryptoTestHelper = CryptoTestHelper(testHelper)
-
     /**
      * Simple test that create an e2ee room.
      * Some new members are added, and a message is sent.
@@ -78,16 +75,24 @@ class E2eeSanityTests : InstrumentedTest {
      */
     @Test
     fun testSendingE2EEMessages() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val cryptoTestData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = cryptoTestData.firstSession
         val e2eRoomID = cryptoTestData.roomId
 
         val aliceRoomPOV = aliceSession.getRoom(e2eRoomID)!!
+        // we want to disable key gossiping to just check initial sending of keys
+        aliceSession.cryptoService().enableKeyGossiping(false)
+        cryptoTestData.secondSession?.cryptoService()?.enableKeyGossiping(false)
 
         // add some more users and invite them
         val otherAccounts = listOf("benoit", "valere", "ganfra") // , "adam", "manu")
                 .map {
-                    testHelper.createAccount(it, SessionTestParams(true))
+                    testHelper.createAccount(it, SessionTestParams(true)).also {
+                        it.cryptoService().enableKeyGossiping(false)
+                    }
                 }
 
         Log.v("#E2E TEST", "All accounts created")
@@ -101,18 +106,18 @@ class E2eeSanityTests : InstrumentedTest {
 
         // All user should accept invite
         otherAccounts.forEach { otherSession ->
-            waitForAndAcceptInviteInRoom(otherSession, e2eRoomID)
+            waitForAndAcceptInviteInRoom(testHelper, otherSession, e2eRoomID)
             Log.v("#E2E TEST", "${otherSession.myUserId} joined room $e2eRoomID")
         }
 
         // check that alice see them as joined (not really necessary?)
-        ensureMembersHaveJoined(aliceSession, otherAccounts, e2eRoomID)
+        ensureMembersHaveJoined(testHelper, aliceSession, otherAccounts, e2eRoomID)
 
         Log.v("#E2E TEST", "All users have joined the room")
         Log.v("#E2E TEST", "Alice is sending the message")
 
         val text = "This is my message"
-        val sentEventId: String? = sendMessageInRoom(aliceRoomPOV, text)
+        val sentEventId: String? = sendMessageInRoom(testHelper, aliceRoomPOV, text)
         //        val sentEvent = testHelper.sendTextMessage(aliceRoomPOV, "Hello all", 1).first()
         Assert.assertTrue("Message should be sent", sentEventId != null)
 
@@ -142,10 +147,10 @@ class E2eeSanityTests : InstrumentedTest {
         }
 
         newAccount.forEach {
-            waitForAndAcceptInviteInRoom(it, e2eRoomID)
+            waitForAndAcceptInviteInRoom(testHelper, it, e2eRoomID)
         }
 
-        ensureMembersHaveJoined(aliceSession, newAccount, e2eRoomID)
+        ensureMembersHaveJoined(testHelper, aliceSession, newAccount, e2eRoomID)
 
         // wait a bit
         testHelper.runBlockingTest {
@@ -170,7 +175,7 @@ class E2eeSanityTests : InstrumentedTest {
         Log.v("#E2E TEST", "Alice sends a new message")
 
         val secondMessage = "2 This is my message"
-        val secondSentEventId: String? = sendMessageInRoom(aliceRoomPOV, secondMessage)
+        val secondSentEventId: String? = sendMessageInRoom(testHelper, aliceRoomPOV, secondMessage)
 
         // new members should be able to decrypt it
         newAccount.forEach { otherSession ->
@@ -194,6 +199,14 @@ class E2eeSanityTests : InstrumentedTest {
         cryptoTestData.cleanUp(testHelper)
     }
 
+    @Test
+    fun testKeyGossipingIsEnabledByDefault() {
+        val testHelper = CommonTestHelper(context())
+        val session = testHelper.createAccount("alice", SessionTestParams(true))
+        Assert.assertTrue("Key gossiping should be enabled by default", session.cryptoService().isKeyGossipingEnabled())
+        testHelper.signOutAndClose(session)
+    }
+
     /**
      * Quick test for basic key backup
      * 1. Create e2e between Alice and Bob
@@ -210,6 +223,9 @@ class E2eeSanityTests : InstrumentedTest {
      */
     @Test
     fun testBasicBackupImport() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val cryptoTestData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = cryptoTestData.firstSession
         val bobSession = cryptoTestData.secondSession!!
@@ -233,7 +249,7 @@ class E2eeSanityTests : InstrumentedTest {
         val sentEventIds = mutableListOf<String>()
         val messagesText = listOf("1. Hello", "2. Bob", "3. Good morning")
         messagesText.forEach { text ->
-            val sentEventId = sendMessageInRoom(aliceRoomPOV, text)!!.also {
+            val sentEventId = sendMessageInRoom(testHelper, aliceRoomPOV, text)!!.also {
                 sentEventIds.add(it)
             }
 
@@ -327,6 +343,9 @@ class E2eeSanityTests : InstrumentedTest {
      */
     @Test
     fun testSimpleGossip() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val cryptoTestData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = cryptoTestData.firstSession
         val bobSession = cryptoTestData.secondSession!!
@@ -334,15 +353,13 @@ class E2eeSanityTests : InstrumentedTest {
 
         val aliceRoomPOV = aliceSession.getRoom(e2eRoomID)!!
 
-        cryptoTestHelper.initializeCrossSigning(bobSession)
-
         // let's send a few message to bob
         val sentEventIds = mutableListOf<String>()
         val messagesText = listOf("1. Hello", "2. Bob")
 
         Log.v("#E2E TEST", "Alice sends some messages")
         messagesText.forEach { text ->
-            val sentEventId = sendMessageInRoom(aliceRoomPOV, text)!!.also {
+            val sentEventId = sendMessageInRoom(testHelper, aliceRoomPOV, text)!!.also {
                 sentEventIds.add(it)
             }
 
@@ -357,7 +374,7 @@ class E2eeSanityTests : InstrumentedTest {
         }
 
         // Ensure bob can decrypt
-        ensureIsDecrypted(sentEventIds, bobSession, e2eRoomID)
+        ensureIsDecrypted(testHelper, sentEventIds, bobSession, e2eRoomID)
 
         // Let's now add a new bob session
         // Create a new session for bob
@@ -431,6 +448,9 @@ class E2eeSanityTests : InstrumentedTest {
      */
     @Test
     fun testForwardBetterKey() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val cryptoTestData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = cryptoTestData.firstSession
         val bobSessionWithBetterKey = cryptoTestData.secondSession!!
@@ -438,15 +458,13 @@ class E2eeSanityTests : InstrumentedTest {
 
         val aliceRoomPOV = aliceSession.getRoom(e2eRoomID)!!
 
-        cryptoTestHelper.initializeCrossSigning(bobSessionWithBetterKey)
-
         // let's send a few message to bob
         var firstEventId: String
         val firstMessage = "1. Hello"
 
         Log.v("#E2E TEST", "Alice sends some messages")
         firstMessage.let { text ->
-            firstEventId = sendMessageInRoom(aliceRoomPOV, text)!!
+            firstEventId = sendMessageInRoom(testHelper, aliceRoomPOV, text)!!
 
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
@@ -459,7 +477,7 @@ class E2eeSanityTests : InstrumentedTest {
         }
 
         // Ensure bob can decrypt
-        ensureIsDecrypted(listOf(firstEventId), bobSessionWithBetterKey, e2eRoomID)
+        ensureIsDecrypted(testHelper, listOf(firstEventId), bobSessionWithBetterKey, e2eRoomID)
 
         // Let's add a new unverified session from bob
         val newBobSession = testHelper.logIntoAccount(bobSessionWithBetterKey.myUserId, SessionTestParams(true))
@@ -474,7 +492,7 @@ class E2eeSanityTests : InstrumentedTest {
 
         Log.v("#E2E TEST", "Alice sends some messages")
         secondMessage.let { text ->
-            secondEventId = sendMessageInRoom(aliceRoomPOV, text)!!
+            secondEventId = sendMessageInRoom(testHelper, aliceRoomPOV, text)!!
 
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
@@ -524,7 +542,7 @@ class E2eeSanityTests : InstrumentedTest {
                 .markedLocallyAsManuallyVerified(bobSessionWithBetterKey.myUserId, bobSessionWithBetterKey.sessionParams.deviceId!!)
 
         // now let new session request
-        newBobSession.cryptoService().requestRoomKeyForEvent(firstEventNewBobPov.root)
+        newBobSession.cryptoService().reRequestRoomKeyForEvent(firstEventNewBobPov.root)
 
         // We need to wait for the key request to be sent out and then a reply to be received
 
@@ -552,11 +570,12 @@ class E2eeSanityTests : InstrumentedTest {
             }
         }
 
-        cryptoTestData.cleanUp(testHelper)
+        testHelper.signOutAndClose(aliceSession)
+        testHelper.signOutAndClose(bobSessionWithBetterKey)
         testHelper.signOutAndClose(newBobSession)
     }
 
-    private fun sendMessageInRoom(aliceRoomPOV: Room, text: String): String? {
+    private fun sendMessageInRoom(testHelper: CommonTestHelper, aliceRoomPOV: Room, text: String): String? {
         aliceRoomPOV.sendTextMessage(text)
         var sentEventId: String? = null
         testHelper.waitWithLatch(4 * 60_000L) { latch ->
@@ -586,6 +605,9 @@ class E2eeSanityTests : InstrumentedTest {
      */
     @Test
     fun testSelfInteractiveVerificationAndGossip() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val aliceSession = testHelper.createAccount("alice", SessionTestParams(true))
         cryptoTestHelper.bootstrapSecurity(aliceSession)
 
@@ -614,16 +636,16 @@ class E2eeSanityTests : InstrumentedTest {
                 Log.d("##TEST", "exitsingPov: $tx")
                 val sasTx = tx as OutgoingSasVerificationTransaction
                 when (sasTx.uxState) {
-                    OutgoingSasVerificationTransaction.UxState.SHOW_SAS               -> {
+                    OutgoingSasVerificationTransaction.UxState.SHOW_SAS -> {
                         // for the test we just accept?
                         oldCode = sasTx.getDecimalCodeRepresentation()
                         sasTx.userHasVerifiedShortCode()
                     }
-                    OutgoingSasVerificationTransaction.UxState.VERIFIED               -> {
+                    OutgoingSasVerificationTransaction.UxState.VERIFIED -> {
                         // we can release this latch?
                         oldCompleteLatch.countDown()
                     }
-                    else     -> Unit
+                    else                                                -> Unit
                 }
             }
         })
@@ -647,20 +669,20 @@ class E2eeSanityTests : InstrumentedTest {
 
                 val sasTx = tx as IncomingSasVerificationTransaction
                 when (sasTx.uxState) {
-                    IncomingSasVerificationTransaction.UxState.SHOW_ACCEPT            -> {
+                    IncomingSasVerificationTransaction.UxState.SHOW_ACCEPT -> {
                         // no need to accept as there was a request first it will auto accept
                     }
-                    IncomingSasVerificationTransaction.UxState.SHOW_SAS               -> {
+                    IncomingSasVerificationTransaction.UxState.SHOW_SAS    -> {
                         if (matchOnce) {
                             sasTx.userHasVerifiedShortCode()
                             newCode = sasTx.getDecimalCodeRepresentation()
                             matchOnce = false
                         }
                     }
-                    IncomingSasVerificationTransaction.UxState.VERIFIED               -> {
+                    IncomingSasVerificationTransaction.UxState.VERIFIED    -> {
                         newCompleteLatch.countDown()
                     }
-                    else     ->  Unit
+                    else                                                   -> Unit
                 }
             }
         })
@@ -727,7 +749,7 @@ class E2eeSanityTests : InstrumentedTest {
         testHelper.signOutAndClose(aliceNewSession)
     }
 
-    private fun ensureMembersHaveJoined(aliceSession: Session, otherAccounts: List<Session>, e2eRoomID: String) {
+    private fun ensureMembersHaveJoined(testHelper: CommonTestHelper, aliceSession: Session, otherAccounts: List<Session>, e2eRoomID: String) {
         testHelper.waitWithLatch { latch ->
             testHelper.retryPeriodicallyWithLatch(latch) {
                 otherAccounts.map {
@@ -739,7 +761,7 @@ class E2eeSanityTests : InstrumentedTest {
         }
     }
 
-    private fun waitForAndAcceptInviteInRoom(otherSession: Session, e2eRoomID: String) {
+    private fun waitForAndAcceptInviteInRoom(testHelper: CommonTestHelper, otherSession: Session, e2eRoomID: String) {
         testHelper.waitWithLatch { latch ->
             testHelper.retryPeriodicallyWithLatch(latch) {
                 val roomSummary = otherSession.getRoomSummary(e2eRoomID)
@@ -751,7 +773,8 @@ class E2eeSanityTests : InstrumentedTest {
             }
         }
 
-        testHelper.runBlockingTest(60_000) {
+        // not sure why it's taking so long :/
+        testHelper.runBlockingTest(90_000) {
             Log.v("#E2E TEST", "${otherSession.myUserId} tries to join room $e2eRoomID")
             try {
                 otherSession.roomService().joinRoom(e2eRoomID)
@@ -769,7 +792,7 @@ class E2eeSanityTests : InstrumentedTest {
         }
     }
 
-    private fun ensureIsDecrypted(sentEventIds: List<String>, session: Session, e2eRoomID: String) {
+    private fun ensureIsDecrypted(testHelper: CommonTestHelper, sentEventIds: List<String>, session: Session, e2eRoomID: String) {
         testHelper.waitWithLatch { latch ->
             sentEventIds.forEach { sentEventId ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
index 3e8ca8daff..631b241c6c 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
@@ -50,11 +50,11 @@ import org.matrix.android.sdk.internal.crypto.RequestResult
 @LargeTest
 class KeyShareTests : InstrumentedTest {
 
-    private val commonTestHelper = CommonTestHelper(context())
-    private val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
-
     @Test
     fun test_DoNotSelfShareIfNotTrusted() {
+        val commonTestHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
+
         val aliceSession = commonTestHelper.createAccount(TestConstants.USER_ALICE, SessionTestParams(true))
         Log.v("TEST", "=======> AliceSession 1 is ${aliceSession.sessionParams.deviceId}")
 
@@ -71,13 +71,17 @@ class KeyShareTests : InstrumentedTest {
         assertNotNull(room)
         Thread.sleep(4_000)
         assertTrue(room?.isEncrypted() == true)
+
         val sentEvent = commonTestHelper.sendTextMessage(room!!, "My Message", 1).first()
         val sentEventId = sentEvent.eventId
         val sentEventText = sentEvent.getLastMessageContent()?.body
 
-        // Open a new sessionx
+        // Open a new session
+        val aliceSession2 = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(false))
+        // block key requesting for now as decrypt will send requests (room summary is trying to decrypt)
+        aliceSession2.cryptoService().enableKeyGossiping(false)
+        commonTestHelper.syncSession(aliceSession2)
 
-        val aliceSession2 = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
         Log.v("TEST", "=======> AliceSession 2 is ${aliceSession2.sessionParams.deviceId}")
 
         val roomSecondSessionPOV = aliceSession2.getRoom(roomId)
@@ -95,7 +99,10 @@ class KeyShareTests : InstrumentedTest {
         }
 
         val outgoingRequestsBefore = aliceSession2.cryptoService().getOutgoingRoomKeyRequests()
+        assertEquals("There should be no request as it's disabled", 0, outgoingRequestsBefore.size)
+
         // Try to request
+        aliceSession2.cryptoService().enableKeyGossiping(true)
         aliceSession2.cryptoService().requestRoomKeyForEvent(receivedEvent.root)
 
         val eventMegolmSessionId = receivedEvent.root.content.toModel<EncryptedEventContent>()?.sessionId
@@ -105,10 +112,6 @@ class KeyShareTests : InstrumentedTest {
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
                 aliceSession2.cryptoService().getOutgoingRoomKeyRequests()
-                        .filter { req ->
-                            // filter out request that was known before
-                            !outgoingRequestsBefore.any { req.requestId == it.requestId }
-                        }
                         .let {
                             val outgoing = it.firstOrNull { it.sessionId == eventMegolmSessionId }
                             outGoingRequestId = outgoing?.requestId
@@ -156,7 +159,7 @@ class KeyShareTests : InstrumentedTest {
                 val outgoing = aliceSession2.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.requestId == outGoingRequestId }
                 val reply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
                 val resultCode = (reply?.result as? RequestResult.Failure)?.code
-                resultCode == WithHeldCode.UNAUTHORISED
+                resultCode == WithHeldCode.UNVERIFIED
             }
         }
 
@@ -189,6 +192,9 @@ class KeyShareTests : InstrumentedTest {
      */
     @Test
     fun test_reShareIfWasIntendedToBeShared() {
+        val commonTestHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
+
         val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = testData.firstSession
         val roomFromAlice = aliceSession.getRoom(testData.roomId)!!
@@ -219,6 +225,9 @@ class KeyShareTests : InstrumentedTest {
      */
     @Test
     fun test_reShareToUnverifiedIfWasIntendedToBeShared() {
+        val commonTestHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
+
         val testData = cryptoTestHelper.doE2ETestWithAliceInARoom(true)
         val aliceSession = testData.firstSession
         val roomFromAlice = aliceSession.getRoom(testData.roomId)!!
@@ -254,6 +263,9 @@ class KeyShareTests : InstrumentedTest {
      */
     @Test
     fun test_reShareFromTheEarliestKnownIndexWithOwnVerifiedSession() {
+        val commonTestHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
+
         val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = testData.firstSession
         val bobSession = testData.secondSession!!
@@ -263,7 +275,9 @@ class KeyShareTests : InstrumentedTest {
         val sentEventMegolmSession = sentEvents.first().root.content.toModel<EncryptedEventContent>()!!.sessionId!!
 
         // Let alice now add a new session
-        val aliceNewSession = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(true))
+        val aliceNewSession = commonTestHelper.logIntoAccount(aliceSession.myUserId, SessionTestParams(false))
+        aliceNewSession.cryptoService().enableKeyGossiping(false)
+        commonTestHelper.syncSession(aliceNewSession)
 
         // we wait bob first session to be aware of that session?
         commonTestHelper.waitWithLatch { latch ->
@@ -289,7 +303,8 @@ class KeyShareTests : InstrumentedTest {
         }
         assertEquals(sentEventMegolmSession, newEvent.root.content.toModel<EncryptedEventContent>()!!.sessionId)
 
-        // Request a first time, bob and alice should reply with unauthorized
+        // Request a first time, bob should reply with unauthorized and alice should reply with unverified
+        aliceNewSession.cryptoService().enableKeyGossiping(true)
         aliceNewSession.cryptoService().reRequestRoomKeyForEvent(newEvent.root)
 
         commonTestHelper.waitWithLatch { latch ->
@@ -309,6 +324,7 @@ class KeyShareTests : InstrumentedTest {
                 val bobDeviceReply = outgoing?.results
                         ?.firstOrNull { it.userId == bobSession.myUserId && it.fromDevice == bobSession.sessionParams.deviceId }
                 val result = bobDeviceReply?.result
+                Log.v("TEST", "bob device result is $result")
                 result != null && result is RequestResult.Success && result.chainIndex > 0
             }
         }
@@ -322,7 +338,7 @@ class KeyShareTests : InstrumentedTest {
                 .markedLocallyAsManuallyVerified(aliceNewSession.myUserId, aliceNewSession.sessionParams.deviceId!!)
 
         // Let's now try to request
-        aliceNewSession.cryptoService().reRequestRoomKeyForEvent(newEvent.root)
+        aliceNewSession.cryptoService().reRequestRoomKeyForEvent(sentEvents.first().root)
 
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
@@ -368,6 +384,9 @@ class KeyShareTests : InstrumentedTest {
      */
     @Test
     fun test_dontCancelToEarly() {
+        val commonTestHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(commonTestHelper)
+
         val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom(true)
         val aliceSession = testData.firstSession
         val bobSession = testData.secondSession!!
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
index b62908ade0..5a2d8702be 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
@@ -76,6 +76,15 @@ interface CryptoService {
 
     fun setGlobalBlacklistUnverifiedDevices(block: Boolean)
 
+    /**
+     * Enable or disable key gossiping.
+     * Default is true.
+     * If set to false this device won't send key_request nor will accept key forwarded
+     */
+    fun enableKeyGossiping(enable: Boolean)
+
+    fun isKeyGossipingEnabled(): Boolean
+
     fun setRoomUnBlacklistUnverifiedDevices(roomId: String)
 
     fun getDeviceTrackingStatus(userId: String): Int
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 0f040bd322..2ce517d79c 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -1080,6 +1080,12 @@ internal class DefaultCryptoService @Inject constructor(
         cryptoStore.setGlobalBlacklistUnverifiedDevices(block)
     }
 
+    override fun enableKeyGossiping(enable: Boolean) {
+        cryptoStore.enableKeyGossiping(enable)
+    }
+
+    override fun isKeyGossipingEnabled() = cryptoStore.isKeyGossipingEnabled()
+
     /**
      * Tells whether the client should ever send encrypted messages to unverified devices.
      * The default value is false.
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index d8d3296d25..c0b94f5584 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -23,18 +23,19 @@ import kotlinx.coroutines.cancel
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.crypto.MXCryptoConfig
 import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.internal.crypto.crosssigning.fromBase64
-import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.internal.crypto.model.event.EncryptedEventContent
-import org.matrix.android.sdk.internal.crypto.model.rest.GossipingToDeviceObject
-import org.matrix.android.sdk.internal.crypto.model.rest.RoomKeyRequestBody
-import org.matrix.android.sdk.internal.crypto.model.rest.RoomKeyShareRequest
+import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendToDeviceTask
 import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
@@ -75,7 +76,7 @@ internal class OutgoingKeyRequestManager @Inject constructor(
     // We only have one active key request per session, so we don't request if it's already requested
     // But it could make sense to check more the backup, as it's evolving.
     // We keep a stack as we consider that the key requested last is more likely to be on screen?
-    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<String>()
+    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<Pair<String, String>>()
 
     fun requestKeyForEvent(event: Event, force: Boolean) {
         val (targets, body) = getRoomKeyRequestTargetForEvent(event) ?: return
@@ -157,6 +158,20 @@ internal class OutgoingKeyRequestManager @Inject constructor(
         }
     }
 
+    fun onSelfCrossSigningTrustChanged(newTrust: Boolean) {
+        if (newTrust) {
+            // we were previously not cross signed, but we are now
+            // so there is now more chances to get better replies for existing request
+            // Let's forget about sent request so that next time we try to decrypt we will resend requests
+            // We don't resend all because we don't want to generate a bulk of traffic
+            outgoingRequestScope.launch {
+                sequencer.post {
+                    cryptoStore.deleteOutgoingRoomKeyRequestInState(OutgoingRoomKeyRequestState.SENT)
+                }
+            }
+        }
+    }
+
     fun onRoomKeyForwarded(sessionId: String,
                            algorithm: String,
                            roomId: String,
@@ -274,6 +289,15 @@ internal class OutgoingKeyRequestManager @Inject constructor(
     }
 
     private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean) {
+        if (!cryptoStore.isKeyGossipingEnabled()) {
+            // we might want to try backup?
+            if (requestBody.roomId != null && requestBody.sessionId != null) {
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(requestBody.roomId to requestBody.sessionId)
+            }
+            Timber.tag(loggerTag.value).d("discarding request for ${requestBody.sessionId} as gossiping is disabled")
+            return
+        }
+
         Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId} force:$force")
         val existing = cryptoStore.getOutgoingRoomKeyRequest(requestBody)
         Timber.tag(loggerTag.value).v("Queueing key request exiting is ${existing?.state}")
@@ -293,7 +317,9 @@ internal class OutgoingKeyRequestManager @Inject constructor(
                     Timber.tag(loggerTag.value).d(".. force to request  ${requestBody.sessionId}")
                     cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
                 } else {
-                    requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.requestId)
+                    if (existing.roomId != null && existing.sessionId != null) {
+                        requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.roomId to existing.sessionId)
+                    }
                 }
             }
             OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
@@ -343,10 +369,7 @@ internal class OutgoingKeyRequestManager @Inject constructor(
         var currentCalls = 0
         measureTimeMillis {
             while (requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.isNotEmpty() && currentCalls < maxBackupCallsBySync) {
-                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let {
-                    val req = cryptoStore.getOutgoingRoomKeyRequest(it)
-                    val sessionId = req?.sessionId ?: return@let
-                    val roomId = req.roomId ?: return@let
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let { (roomId, sessionId) ->
                     // we want to rate limit that somehow :/
                     perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)
                 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 8e5edd3643..464a1ca3e7 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -54,10 +54,7 @@ internal class MXMegolmDecryption(
 
     @Throws(MXCryptoError::class)
     override suspend fun decryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
-        // If cross signing is enabled, we don't send request until the keys are trusted
-        // There could be a race effect here when xsigning is enabled, we should ensure that keys was downloaded once
-        val requestOnFail = cryptoStore.getMyCrossSigningInfo()?.isTrusted() == true
-        return decryptEvent(event, timeline, requestOnFail)
+        return decryptEvent(event, timeline, true)
     }
 
     @Throws(MXCryptoError::class)
@@ -164,6 +161,11 @@ internal class MXMegolmDecryption(
             return
         }
         if (event.getClearType() == EventType.FORWARDED_ROOM_KEY) {
+            if (!cryptoStore.isKeyGossipingEnabled()) {
+                Timber.tag(loggerTag.value)
+                        .i("onRoomKeyEvent(), ignore forward adding as per crypto config : ${roomKeyContent.roomId}|${roomKeyContent.sessionId}")
+                return
+            }
             Timber.tag(loggerTag.value).i("onRoomKeyEvent(), forward adding key : ${roomKeyContent.roomId}|${roomKeyContent.sessionId}")
             val forwardedRoomKeyContent = event.getClearContent().toModel<ForwardedRoomKeyContent>()
                     ?: return
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
index ba1718688f..18e1608f95 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
@@ -38,6 +38,8 @@ import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.internal.crypto.DeviceListManager
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
+import org.matrix.android.sdk.internal.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.internal.crypto.model.rest.UploadSignatureQueryBuilder
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.InitializeCrossSigningTask
@@ -70,6 +72,7 @@ internal class DefaultCrossSigningService @Inject constructor(
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
         private val cryptoCoroutineScope: CoroutineScope,
         private val workManagerProvider: WorkManagerProvider,
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
         private val updateTrustWorkerDataRepository: UpdateTrustWorkerDataRepository
 ) : CrossSigningService,
         DeviceListManager.UserDevicesUpdateListener {
@@ -781,7 +784,8 @@ internal class DefaultCrossSigningService @Inject constructor(
         // If it's me, recheck trust of all users and devices?
         val users = ArrayList<String>()
         if (otherUserId == userId && currentTrust != trusted) {
-//                reRequestAllPendingRoomKeyRequest()
+            // notify key requester
+            outgoingKeyRequestManager.onSelfCrossSigningTrustChanged(trusted)
             cryptoStore.updateUsersTrust {
                 users.add(it)
                 checkUserTrust(it).isVerified()
@@ -796,19 +800,4 @@ internal class DefaultCrossSigningService @Inject constructor(
             }
         }
     }
-
-//    private fun reRequestAllPendingRoomKeyRequest() {
-//        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-//            Timber.d("## CrossSigning - reRequest pending outgoing room key requests")
-//            cryptoStore.getOutgoingRoomKeyRequests().forEach {
-//                it.requestBody?.let { requestBody ->
-//                    if (cryptoStore.getInboundGroupSession(requestBody.sessionId ?: "", requestBody.senderKey ?: "") == null) {
-//                        outgoingRoomKeyRequestManager.resendRoomKeyRequest(requestBody)
-//                    } else {
-//                        outgoingRoomKeyRequestManager.cancelRoomKeyRequest(requestBody)
-//                    }
-//                }
-//            }
-//        }
-//    }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
index 182b54a096..438fb53717 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
@@ -32,7 +32,7 @@ import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldCo
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
 import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
@@ -81,6 +81,15 @@ internal interface IMXCryptoStore {
      */
     fun setGlobalBlacklistUnverifiedDevices(block: Boolean)
 
+    /**
+     * Enable or disable key gossiping.
+     * Default is true.
+     * If set to false this device won't send key_request nor will accept key forwarded
+     */
+    fun enableKeyGossiping(enable: Boolean)
+
+    fun isKeyGossipingEnabled(): Boolean
+
     /**
      * Provides the rooms ids list in which the messages are not encrypted for the unverified devices.
      *
@@ -386,6 +395,7 @@ internal interface IMXCryptoStore {
             event: Event)
 
     fun deleteOutgoingRoomKeyRequest(requestId: String)
+    fun deleteOutgoingRoomKeyRequestInState(state: OutgoingRoomKeyRequestState)
 
     fun saveIncomingKeyRequestAuditTrail(
             requestId: String,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index f14ad97745..3595609eef 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -37,12 +37,14 @@ import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInf
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
+import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.api.util.toOptional
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
 import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
@@ -93,7 +95,6 @@ import org.matrix.android.sdk.internal.di.MoshiProvider
 import org.matrix.android.sdk.internal.di.UserId
 import org.matrix.android.sdk.internal.extensions.clearWith
 import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 import org.matrix.olm.OlmAccount
 import org.matrix.olm.OlmException
 import org.matrix.olm.OlmOutboundGroupSession
@@ -101,7 +102,6 @@ import timber.log.Timber
 import java.util.concurrent.Executors
 import java.util.concurrent.TimeUnit
 import javax.inject.Inject
-import org.matrix.android.sdk.api.util.Optional
 
 private val loggerTag = LoggerTag("RealmCryptoStore", LoggerTag.CRYPTO)
 
@@ -925,6 +925,18 @@ internal class RealmCryptoStore @Inject constructor(
         }
     }
 
+    override fun enableKeyGossiping(enable: Boolean) {
+        doRealmTransaction(realmConfiguration) {
+            it.where<CryptoMetadataEntity>().findFirst()?.globalEnableKeyRequestingAndSharing = enable
+        }
+    }
+
+    override fun isKeyGossipingEnabled(): Boolean {
+        return doWithRealm(realmConfiguration) {
+            it.where<CryptoMetadataEntity>().findFirst()?.globalEnableKeyRequestingAndSharing
+        } ?: true
+    }
+
     override fun getGlobalBlacklistUnverifiedDevices(): Boolean {
         return doWithRealm(realmConfiguration) {
             it.where<CryptoMetadataEntity>().findFirst()?.globalBlacklistUnverifiedDevices
@@ -1081,193 +1093,203 @@ internal class RealmCryptoStore @Inject constructor(
                     .equalTo(AuditTrailEntityFields.TYPE, type.name)
                     .sort(AuditTrailEntityFields.AGE_LOCAL_TS, Sort.DESCENDING)
         }
-            val dataSourceFactory = realmDataSourceFactory.map { entity ->
-                (AuditTrailMapper.map(entity)
-                // mm we can't map not null...
-                        ?: AuditTrail(
-                                System.currentTimeMillis(),
-                                type,
-                                IncomingKeyRequestInfo(
-                                        "",
-                                        "",
-                                        "",
-                                        "",
-                                        "",
-                                        "",
-                                        "",
-                                )
-                        )
-                        ).let { mapper.invoke(it) }
-            }
-            return monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                    LivePagedListBuilder(dataSourceFactory,
-                            PagedList.Config.Builder()
-                                    .setPageSize(20)
-                                    .setEnablePlaceholders(false)
-                                    .setPrefetchDistance(1)
-                                    .build())
-            )
-        }
-
-        override fun getGossipingEvents(): List<AuditTrail> {
-            return monarchy.fetchAllCopiedSync { realm ->
-                realm.where<AuditTrailEntity>()
-            }.mapNotNull {
-                AuditTrailMapper.map(it)
-            }
-        }
-
-        override fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody,
-                                                    recipients: Map<String, List<String>>,
-                                                    fromIndex: Int): OutgoingKeyRequest {
-            // Insert the request and return the one passed in parameter
-            lateinit var request: OutgoingKeyRequest
-            doRealmTransaction(realmConfiguration) { realm ->
-
-                val existing = realm.where<OutgoingKeyRequestEntity>()
-                        .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
-                        .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
-                        .findAll()
-                        .map {
-                            it.toOutgoingGossipingRequest()
-                        }.also {
-                            if (it.size > 1) {
-                                // there should be one or zero but not more, worth warning
-                                Timber.tag(loggerTag.value).w("There should not be more than one active key request per session")
-                            }
-                        }
-                        .firstOrNull {
-                            it.requestBody?.algorithm == requestBody.algorithm &&
-                                    it.requestBody?.sessionId == requestBody.sessionId &&
-                                    it.requestBody?.senderKey == requestBody.senderKey &&
-                                    it.requestBody?.roomId == requestBody.roomId
-                        }
-
-                if (existing == null) {
-                    request = realm.createObject(OutgoingKeyRequestEntity::class.java).apply {
-                        this.requestId = RequestIdHelper.createUniqueRequestId()
-                        this.setRecipients(recipients)
-                        this.requestedIndex = fromIndex
-                        this.requestState = OutgoingRoomKeyRequestState.UNSENT
-                        this.setRequestBody(requestBody)
-                        this.creationTimeStamp = System.currentTimeMillis()
-                    }.toOutgoingGossipingRequest()
-                } else {
-                    request = existing
-                }
-            }
-            return request
-        }
-
-        override fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where<OutgoingKeyRequestEntity>()
-                        .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
-                        .findFirst()?.apply {
-                            this.requestState = newState
-                            if (newState == OutgoingRoomKeyRequestState.UNSENT) {
-                                // clear the old replies
-                                this.replies.deleteAllFromRealm()
-                            }
-                        }
-            }
-        }
-
-        override fun updateOutgoingRoomKeyRequiredIndex(requestId: String, newIndex: Int) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where<OutgoingKeyRequestEntity>()
-                        .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
-                        .findFirst()?.apply {
-                            this.requestedIndex = newIndex
-                        }
-            }
-        }
-
-        override fun updateOutgoingRoomKeyReply(roomId: String,
-                                                sessionId: String,
-                                                algorithm: String,
-                                                senderKey: String,
-                                                fromDevice: String?,
-                                                event: Event) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where<OutgoingKeyRequestEntity>()
-                        .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
-                        .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
-                        .findAll().firstOrNull { entity ->
-                            entity.toOutgoingGossipingRequest().let {
-                                it.requestBody?.senderKey == senderKey &&
-                                        it.requestBody?.algorithm == algorithm
-                            }
-                        }?.apply {
-                            event.senderId?.let { addReply(it, fromDevice, event) }
-                        }
-            }
-        }
-
-        override fun deleteOutgoingRoomKeyRequest(requestId: String) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where<OutgoingKeyRequestEntity>()
-                        .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
-                        .findFirst()?.deleteOnCascade()
-            }
-        }
-
-        override fun saveIncomingKeyRequestAuditTrail(
-                requestId: String,
-                roomId: String,
-                sessionId: String,
-                senderKey: String,
-                algorithm: String,
-                fromUser: String,
-                fromDevice: String) {
-            monarchy.writeAsync { realm ->
-                val now = System.currentTimeMillis()
-                realm.createObject<AuditTrailEntity>().apply {
-                    this.ageLocalTs = now
-                    this.type = TrailType.IncomingKeyRequest.name
-                    val info = IncomingKeyRequestInfo(
-                            roomId = roomId,
-                            sessionId = sessionId,
-                            senderKey = senderKey,
-                            alg = algorithm,
-                            userId = fromUser,
-                            deviceId = fromDevice,
-                            requestId = requestId
+        val dataSourceFactory = realmDataSourceFactory.map { entity ->
+            (AuditTrailMapper.map(entity)
+            // mm we can't map not null...
+                    ?: AuditTrail(
+                            System.currentTimeMillis(),
+                            type,
+                            IncomingKeyRequestInfo(
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                                    "",
+                            )
                     )
-                    MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).toJson(info)?.let {
-                        this.contentJson = it
+                    ).let { mapper.invoke(it) }
+        }
+        return monarchy.findAllPagedWithChanges(realmDataSourceFactory,
+                LivePagedListBuilder(dataSourceFactory,
+                        PagedList.Config.Builder()
+                                .setPageSize(20)
+                                .setEnablePlaceholders(false)
+                                .setPrefetchDistance(1)
+                                .build())
+        )
+    }
+
+    override fun getGossipingEvents(): List<AuditTrail> {
+        return monarchy.fetchAllCopiedSync { realm ->
+            realm.where<AuditTrailEntity>()
+        }.mapNotNull {
+            AuditTrailMapper.map(it)
+        }
+    }
+
+    override fun getOrAddOutgoingRoomKeyRequest(requestBody: RoomKeyRequestBody,
+                                                recipients: Map<String, List<String>>,
+                                                fromIndex: Int): OutgoingKeyRequest {
+        // Insert the request and return the one passed in parameter
+        lateinit var request: OutgoingKeyRequest
+        doRealmTransaction(realmConfiguration) { realm ->
+
+            val existing = realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
+                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
+                    .findAll()
+                    .map {
+                        it.toOutgoingGossipingRequest()
+                    }.also {
+                        if (it.size > 1) {
+                            // there should be one or zero but not more, worth warning
+                            Timber.tag(loggerTag.value).w("There should not be more than one active key request per session")
+                        }
                     }
-                }
+                    .firstOrNull {
+                        it.requestBody?.algorithm == requestBody.algorithm &&
+                                it.requestBody?.sessionId == requestBody.sessionId &&
+                                it.requestBody?.senderKey == requestBody.senderKey &&
+                                it.requestBody?.roomId == requestBody.roomId
+                    }
+
+            if (existing == null) {
+                request = realm.createObject(OutgoingKeyRequestEntity::class.java).apply {
+                    this.requestId = RequestIdHelper.createUniqueRequestId()
+                    this.setRecipients(recipients)
+                    this.requestedIndex = fromIndex
+                    this.requestState = OutgoingRoomKeyRequestState.UNSENT
+                    this.setRequestBody(requestBody)
+                    this.creationTimeStamp = System.currentTimeMillis()
+                }.toOutgoingGossipingRequest()
+            } else {
+                request = existing
             }
         }
+        return request
+    }
 
-        override fun saveWithheldAuditTrail(roomId: String,
+    override fun updateOutgoingRoomKeyRequestState(requestId: String, newState: OutgoingRoomKeyRequestState) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                    .findFirst()?.apply {
+                        this.requestState = newState
+                        if (newState == OutgoingRoomKeyRequestState.UNSENT) {
+                            // clear the old replies
+                            this.replies.deleteAllFromRealm()
+                        }
+                    }
+        }
+    }
+
+    override fun updateOutgoingRoomKeyRequiredIndex(requestId: String, newIndex: Int) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                    .findFirst()?.apply {
+                        this.requestedIndex = newIndex
+                    }
+        }
+    }
+
+    override fun updateOutgoingRoomKeyReply(roomId: String,
                                             sessionId: String,
-                                            senderKey: String,
                                             algorithm: String,
-                                            code: WithHeldCode,
-                                            userId: String,
-                                            deviceId: String) {
-            monarchy.writeAsync { realm ->
-                val now = System.currentTimeMillis()
-                realm.createObject<AuditTrailEntity>().apply {
-                    this.ageLocalTs = now
-                    this.type = TrailType.OutgoingKeyWithheld.name
-                    val info = WithheldInfo(
-                            roomId = roomId,
-                            sessionId = sessionId,
-                            senderKey = senderKey,
-                            alg = algorithm,
-                            code = code,
-                            userId = userId,
-                            deviceId = deviceId
-                    )
-                    MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).toJson(info)?.let {
-                        this.contentJson = it
+                                            senderKey: String,
+                                            fromDevice: String?,
+                                            event: Event) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
+                    .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
+                    .findAll().firstOrNull { entity ->
+                        entity.toOutgoingGossipingRequest().let {
+                            it.requestBody?.senderKey == senderKey &&
+                                    it.requestBody?.algorithm == algorithm
+                        }
+                    }?.apply {
+                        event.senderId?.let { addReply(it, fromDevice, event) }
                     }
+        }
+    }
+
+    override fun deleteOutgoingRoomKeyRequest(requestId: String) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
+                    .findFirst()?.deleteOnCascade()
+        }
+    }
+
+    override fun deleteOutgoingRoomKeyRequestInState(state: OutgoingRoomKeyRequestState) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<OutgoingKeyRequestEntity>()
+                    .equalTo(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, state.name)
+                    .findAll()
+                    // I delete like this because I want to cascade delete replies?
+                    .onEach { it.deleteOnCascade() }
+        }
+    }
+
+    override fun saveIncomingKeyRequestAuditTrail(
+            requestId: String,
+            roomId: String,
+            sessionId: String,
+            senderKey: String,
+            algorithm: String,
+            fromUser: String,
+            fromDevice: String) {
+        monarchy.writeAsync { realm ->
+            val now = System.currentTimeMillis()
+            realm.createObject<AuditTrailEntity>().apply {
+                this.ageLocalTs = now
+                this.type = TrailType.IncomingKeyRequest.name
+                val info = IncomingKeyRequestInfo(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        senderKey = senderKey,
+                        alg = algorithm,
+                        userId = fromUser,
+                        deviceId = fromDevice,
+                        requestId = requestId
+                )
+                MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).toJson(info)?.let {
+                    this.contentJson = it
                 }
             }
         }
+    }
+
+    override fun saveWithheldAuditTrail(roomId: String,
+                                        sessionId: String,
+                                        senderKey: String,
+                                        algorithm: String,
+                                        code: WithHeldCode,
+                                        userId: String,
+                                        deviceId: String) {
+        monarchy.writeAsync { realm ->
+            val now = System.currentTimeMillis()
+            realm.createObject<AuditTrailEntity>().apply {
+                this.ageLocalTs = now
+                this.type = TrailType.OutgoingKeyWithheld.name
+                val info = WithheldInfo(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        senderKey = senderKey,
+                        alg = algorithm,
+                        code = code,
+                        userId = userId,
+                        deviceId = deviceId
+                )
+                MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).toJson(info)?.let {
+                    this.contentJson = it
+                }
+            }
+        }
+    }
 
     override fun saveForwardKeyAuditTrail(roomId: String,
                                           sessionId: String,
@@ -1317,336 +1339,337 @@ internal class RealmCryptoStore @Inject constructor(
                 }
             }
         }
+    }
 
-        /* ==========================================================================================
-         * Cross Signing
-         * ========================================================================================== */
-        override fun getMyCrossSigningInfo(): MXCrossSigningInfo? {
-            return doWithRealm(realmConfiguration) {
-                it.where<CryptoMetadataEntity>().findFirst()?.userId
-            }?.let {
-                getCrossSigningInfo(it)
-            }
+    /* ==========================================================================================
+     * Cross Signing
+     * ========================================================================================== */
+    override fun getMyCrossSigningInfo(): MXCrossSigningInfo? {
+        return doWithRealm(realmConfiguration) {
+            it.where<CryptoMetadataEntity>().findFirst()?.userId
+        }?.let {
+            getCrossSigningInfo(it)
         }
+    }
 
-        override fun setMyCrossSigningInfo(info: MXCrossSigningInfo?) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { userId ->
-                    addOrUpdateCrossSigningInfo(realm, userId, info)
-                }
-            }
-        }
-
-        override fun setUserKeysAsTrusted(userId: String, trusted: Boolean) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                val xInfoEntity = realm.where(CrossSigningInfoEntity::class.java)
-                        .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
-                        .findFirst()
-                xInfoEntity?.crossSigningKeys?.forEach { info ->
-                    val level = info.trustLevelEntity
-                    if (level == null) {
-                        val newLevel = realm.createObject(TrustLevelEntity::class.java)
-                        newLevel.locallyVerified = trusted
-                        newLevel.crossSignedVerified = trusted
-                        info.trustLevelEntity = newLevel
-                    } else {
-                        level.locallyVerified = trusted
-                        level.crossSignedVerified = trusted
-                    }
-                }
-            }
-        }
-
-        override fun setDeviceTrust(userId: String, deviceId: String, crossSignedVerified: Boolean, locallyVerified: Boolean?) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where(DeviceInfoEntity::class.java)
-                        .equalTo(DeviceInfoEntityFields.PRIMARY_KEY, DeviceInfoEntity.createPrimaryKey(userId, deviceId))
-                        .findFirst()?.let { deviceInfoEntity ->
-                            val trustEntity = deviceInfoEntity.trustLevelEntity
-                            if (trustEntity == null) {
-                                realm.createObject(TrustLevelEntity::class.java).let {
-                                    it.locallyVerified = locallyVerified
-                                    it.crossSignedVerified = crossSignedVerified
-                                    deviceInfoEntity.trustLevelEntity = it
-                                }
-                            } else {
-                                locallyVerified?.let { trustEntity.locallyVerified = it }
-                                trustEntity.crossSignedVerified = crossSignedVerified
-                            }
-                        }
-            }
-        }
-
-        override fun clearOtherUserTrust() {
-            doRealmTransaction(realmConfiguration) { realm ->
-                val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
-                        .findAll()
-                xInfoEntities?.forEach { info ->
-                    // Need to ignore mine
-                    if (info.userId != userId) {
-                        info.crossSigningKeys.forEach {
-                            it.trustLevelEntity = null
-                        }
-                    }
-                }
-            }
-        }
-
-        override fun updateUsersTrust(check: (String) -> Boolean) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
-                        .findAll()
-                xInfoEntities?.forEach { xInfoEntity ->
-                    // Need to ignore mine
-                    if (xInfoEntity.userId == userId) return@forEach
-                    val mapped = mapCrossSigningInfoEntity(xInfoEntity)
-                    val currentTrust = mapped.isTrusted()
-                    val newTrust = check(mapped.userId)
-                    if (currentTrust != newTrust) {
-                        xInfoEntity.crossSigningKeys.forEach { info ->
-                            val level = info.trustLevelEntity
-                            if (level == null) {
-                                val newLevel = realm.createObject(TrustLevelEntity::class.java)
-                                newLevel.locallyVerified = newTrust
-                                newLevel.crossSignedVerified = newTrust
-                                info.trustLevelEntity = newLevel
-                            } else {
-                                level.locallyVerified = newTrust
-                                level.crossSignedVerified = newTrust
-                            }
-                        }
-                    }
-                }
-            }
-        }
-
-        override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
-            return monarchy.fetchAllMappedSync({ realm ->
-                realm
-                        .where(OutgoingKeyRequestEntity::class.java)
-            }, { entity ->
-                entity.toOutgoingGossipingRequest()
-            })
-                    .filterNotNull()
-        }
-
-        override fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest> {
-            return monarchy.fetchAllMappedSync({ realm ->
-                realm
-                        .where(OutgoingKeyRequestEntity::class.java)
-                        .`in`(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, inStates.map { it.name }.toTypedArray())
-            }, { entity ->
-                entity.toOutgoingGossipingRequest()
-            })
-                    .filterNotNull()
-        }
-
-        override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
-            val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
-                realm
-                        .where(OutgoingKeyRequestEntity::class.java)
-            }
-            val dataSourceFactory = realmDataSourceFactory.map {
-                it.toOutgoingGossipingRequest()
-            }
-            val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                    LivePagedListBuilder(dataSourceFactory,
-                            PagedList.Config.Builder()
-                                    .setPageSize(20)
-                                    .setEnablePlaceholders(false)
-                                    .setPrefetchDistance(1)
-                                    .build())
-            )
-            return trail
-        }
-
-        override fun getCrossSigningInfo(userId: String): MXCrossSigningInfo? {
-            return doWithRealm(realmConfiguration) { realm ->
-                val crossSigningInfo = realm.where(CrossSigningInfoEntity::class.java)
-                        .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
-                        .findFirst()
-                if (crossSigningInfo == null) {
-                    null
-                } else {
-                    mapCrossSigningInfoEntity(crossSigningInfo)
-                }
-            }
-        }
-
-        private fun mapCrossSigningInfoEntity(xsignInfo: CrossSigningInfoEntity): MXCrossSigningInfo {
-            val userId = xsignInfo.userId ?: ""
-            return MXCrossSigningInfo(
-                    userId = userId,
-                    crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull {
-                        crossSigningKeysMapper.map(userId, it)
-                    }
-            )
-        }
-
-        override fun getLiveCrossSigningInfo(userId: String): LiveData<Optional<MXCrossSigningInfo>> {
-            val liveData = monarchy.findAllMappedWithChanges(
-                    { realm: Realm ->
-                        realm.where<CrossSigningInfoEntity>()
-                                .equalTo(UserEntityFields.USER_ID, userId)
-                    },
-                    { mapCrossSigningInfoEntity(it) }
-            )
-            return Transformations.map(liveData) {
-                it.firstOrNull().toOptional()
-            }
-        }
-
-        override fun setCrossSigningInfo(userId: String, info: MXCrossSigningInfo?) {
-            doRealmTransaction(realmConfiguration) { realm ->
+    override fun setMyCrossSigningInfo(info: MXCrossSigningInfo?) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { userId ->
                 addOrUpdateCrossSigningInfo(realm, userId, info)
             }
         }
+    }
 
-        override fun markMyMasterKeyAsLocallyTrusted(trusted: Boolean) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { myUserId ->
-                    CrossSigningInfoEntity.get(realm, myUserId)?.getMasterKey()?.let { xInfoEntity ->
-                        val level = xInfoEntity.trustLevelEntity
+    override fun setUserKeysAsTrusted(userId: String, trusted: Boolean) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            val xInfoEntity = realm.where(CrossSigningInfoEntity::class.java)
+                    .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
+                    .findFirst()
+            xInfoEntity?.crossSigningKeys?.forEach { info ->
+                val level = info.trustLevelEntity
+                if (level == null) {
+                    val newLevel = realm.createObject(TrustLevelEntity::class.java)
+                    newLevel.locallyVerified = trusted
+                    newLevel.crossSignedVerified = trusted
+                    info.trustLevelEntity = newLevel
+                } else {
+                    level.locallyVerified = trusted
+                    level.crossSignedVerified = trusted
+                }
+            }
+        }
+    }
+
+    override fun setDeviceTrust(userId: String, deviceId: String, crossSignedVerified: Boolean, locallyVerified: Boolean?) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where(DeviceInfoEntity::class.java)
+                    .equalTo(DeviceInfoEntityFields.PRIMARY_KEY, DeviceInfoEntity.createPrimaryKey(userId, deviceId))
+                    .findFirst()?.let { deviceInfoEntity ->
+                        val trustEntity = deviceInfoEntity.trustLevelEntity
+                        if (trustEntity == null) {
+                            realm.createObject(TrustLevelEntity::class.java).let {
+                                it.locallyVerified = locallyVerified
+                                it.crossSignedVerified = crossSignedVerified
+                                deviceInfoEntity.trustLevelEntity = it
+                            }
+                        } else {
+                            locallyVerified?.let { trustEntity.locallyVerified = it }
+                            trustEntity.crossSignedVerified = crossSignedVerified
+                        }
+                    }
+        }
+    }
+
+    override fun clearOtherUserTrust() {
+        doRealmTransaction(realmConfiguration) { realm ->
+            val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
+                    .findAll()
+            xInfoEntities?.forEach { info ->
+                // Need to ignore mine
+                if (info.userId != userId) {
+                    info.crossSigningKeys.forEach {
+                        it.trustLevelEntity = null
+                    }
+                }
+            }
+        }
+    }
+
+    override fun updateUsersTrust(check: (String) -> Boolean) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            val xInfoEntities = realm.where(CrossSigningInfoEntity::class.java)
+                    .findAll()
+            xInfoEntities?.forEach { xInfoEntity ->
+                // Need to ignore mine
+                if (xInfoEntity.userId == userId) return@forEach
+                val mapped = mapCrossSigningInfoEntity(xInfoEntity)
+                val currentTrust = mapped.isTrusted()
+                val newTrust = check(mapped.userId)
+                if (currentTrust != newTrust) {
+                    xInfoEntity.crossSigningKeys.forEach { info ->
+                        val level = info.trustLevelEntity
                         if (level == null) {
                             val newLevel = realm.createObject(TrustLevelEntity::class.java)
-                            newLevel.locallyVerified = trusted
-                            xInfoEntity.trustLevelEntity = newLevel
+                            newLevel.locallyVerified = newTrust
+                            newLevel.crossSignedVerified = newTrust
+                            info.trustLevelEntity = newLevel
                         } else {
-                            level.locallyVerified = trusted
+                            level.locallyVerified = newTrust
+                            level.crossSignedVerified = newTrust
                         }
                     }
                 }
             }
         }
+    }
 
-        private fun addOrUpdateCrossSigningInfo(realm: Realm, userId: String, info: MXCrossSigningInfo?): CrossSigningInfoEntity? {
-            if (info == null) {
-                // Delete known if needed
-                CrossSigningInfoEntity.get(realm, userId)?.deleteFromRealm()
-                return null
-                // TODO notify, we might need to untrust things?
+    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
+        return monarchy.fetchAllMappedSync({ realm ->
+            realm
+                    .where(OutgoingKeyRequestEntity::class.java)
+        }, { entity ->
+            entity.toOutgoingGossipingRequest()
+        })
+                .filterNotNull()
+    }
+
+    override fun getOutgoingRoomKeyRequests(inStates: Set<OutgoingRoomKeyRequestState>): List<OutgoingKeyRequest> {
+        return monarchy.fetchAllMappedSync({ realm ->
+            realm
+                    .where(OutgoingKeyRequestEntity::class.java)
+                    .`in`(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, inStates.map { it.name }.toTypedArray())
+        }, { entity ->
+            entity.toOutgoingGossipingRequest()
+        })
+                .filterNotNull()
+    }
+
+    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
+        val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
+            realm
+                    .where(OutgoingKeyRequestEntity::class.java)
+        }
+        val dataSourceFactory = realmDataSourceFactory.map {
+            it.toOutgoingGossipingRequest()
+        }
+        val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
+                LivePagedListBuilder(dataSourceFactory,
+                        PagedList.Config.Builder()
+                                .setPageSize(20)
+                                .setEnablePlaceholders(false)
+                                .setPrefetchDistance(1)
+                                .build())
+        )
+        return trail
+    }
+
+    override fun getCrossSigningInfo(userId: String): MXCrossSigningInfo? {
+        return doWithRealm(realmConfiguration) { realm ->
+            val crossSigningInfo = realm.where(CrossSigningInfoEntity::class.java)
+                    .equalTo(CrossSigningInfoEntityFields.USER_ID, userId)
+                    .findFirst()
+            if (crossSigningInfo == null) {
+                null
             } else {
-                // Just override existing, caller should check and untrust id needed
-                val existing = CrossSigningInfoEntity.getOrCreate(realm, userId)
-                existing.crossSigningKeys.clearWith { it.deleteOnCascade() }
-                existing.crossSigningKeys.addAll(
-                        info.crossSigningKeys.map {
-                            crossSigningKeysMapper.map(it)
-                        }
-                )
-                return existing
+                mapCrossSigningInfoEntity(crossSigningInfo)
             }
         }
-
-        override fun addWithHeldMegolmSession(withHeldContent: RoomKeyWithHeldContent) {
-            val roomId = withHeldContent.roomId ?: return
-            val sessionId = withHeldContent.sessionId ?: return
-            if (withHeldContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return
-            doRealmTransaction(realmConfiguration) { realm ->
-                WithHeldSessionEntity.getOrCreate(realm, roomId, sessionId)?.let {
-                    it.code = withHeldContent.code
-                    it.senderKey = withHeldContent.senderKey
-                    it.reason = withHeldContent.reason
-                }
-            }
-        }
-
-        override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
-            return doWithRealm(realmConfiguration) { realm ->
-                WithHeldSessionEntity.get(realm, roomId, sessionId)?.let {
-                    RoomKeyWithHeldContent(
-                            roomId = roomId,
-                            sessionId = sessionId,
-                            algorithm = it.algorithm,
-                            codeString = it.codeString,
-                            reason = it.reason,
-                            senderKey = it.senderKey
-                    )
-                }
-            }
-        }
-
-        override fun markedSessionAsShared(roomId: String?,
-                                           sessionId: String,
-                                           userId: String,
-                                           deviceId: String,
-                                           deviceIdentityKey: String,
-                                           chainIndex: Int) {
-            doRealmTransaction(realmConfiguration) { realm ->
-                SharedSessionEntity.create(
-                        realm = realm,
-                        roomId = roomId,
-                        sessionId = sessionId,
-                        userId = userId,
-                        deviceId = deviceId,
-                        deviceIdentityKey = deviceIdentityKey,
-                        chainIndex = chainIndex
-                )
-            }
-        }
-
-        override fun getSharedSessionInfo(roomId: String?, sessionId: String, deviceInfo: CryptoDeviceInfo): IMXCryptoStore.SharedSessionResult {
-            return doWithRealm(realmConfiguration) { realm ->
-                SharedSessionEntity.get(
-                        realm = realm,
-                        roomId = roomId,
-                        sessionId = sessionId,
-                        userId = deviceInfo.userId,
-                        deviceId = deviceInfo.deviceId,
-                        deviceIdentityKey = deviceInfo.identityKey()
-                )?.let {
-                    IMXCryptoStore.SharedSessionResult(true, it.chainIndex)
-                } ?: IMXCryptoStore.SharedSessionResult(false, null)
-            }
-        }
-
-        override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
-            return doWithRealm(realmConfiguration) { realm ->
-                val result = MXUsersDevicesMap<Int>()
-                SharedSessionEntity.get(realm, roomId, sessionId)
-                        .groupBy { it.userId }
-                        .forEach { (userId, shared) ->
-                            shared.forEach {
-                                result.setObject(userId, it.deviceId, it.chainIndex)
-                            }
-                        }
-
-                result
-            }
-        }
-
-        /**
-         * Some entries in the DB can get a bit out of control with time
-         * So we need to tidy up a bit
-         */
-        override fun tidyUpDataBase() {
-            val prevWeekTs = System.currentTimeMillis() - 7 * 24 * 60 * 60 * 1_000
-            doRealmTransaction(realmConfiguration) { realm ->
-
-                // Clean the old ones?
-                realm.where<OutgoingKeyRequestEntity>()
-                        .lessThan(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, prevWeekTs)
-                        .findAll()
-                        .also { Timber.i("## Crypto Clean up ${it.size} OutgoingKeyRequestEntity") }
-                        .deleteAllFromRealm()
-
-                // Only keep one month history
-
-                val prevMonthTs = System.currentTimeMillis() - 4 * 7 * 24 * 60 * 60 * 1_000L
-                realm.where<AuditTrailEntity>()
-                        .lessThan(AuditTrailEntityFields.AGE_LOCAL_TS, prevMonthTs)
-                        .findAll()
-                        .also { Timber.i("## Crypto Clean up ${it.size} AuditTrailEntity") }
-                        .deleteAllFromRealm()
-
-                // Can we do something for WithHeldSessionEntity?
-            }
-        }
-
-        /**
-         * Prints out database info
-         */
-        override fun logDbUsageInfo() {
-            RealmDebugTools(realmConfiguration).logInfo("Crypto")
-        }
     }
+
+    private fun mapCrossSigningInfoEntity(xsignInfo: CrossSigningInfoEntity): MXCrossSigningInfo {
+        val userId = xsignInfo.userId ?: ""
+        return MXCrossSigningInfo(
+                userId = userId,
+                crossSigningKeys = xsignInfo.crossSigningKeys.mapNotNull {
+                    crossSigningKeysMapper.map(userId, it)
+                }
+        )
+    }
+
+    override fun getLiveCrossSigningInfo(userId: String): LiveData<Optional<MXCrossSigningInfo>> {
+        val liveData = monarchy.findAllMappedWithChanges(
+                { realm: Realm ->
+                    realm.where<CrossSigningInfoEntity>()
+                            .equalTo(UserEntityFields.USER_ID, userId)
+                },
+                { mapCrossSigningInfoEntity(it) }
+        )
+        return Transformations.map(liveData) {
+            it.firstOrNull().toOptional()
+        }
+    }
+
+    override fun setCrossSigningInfo(userId: String, info: MXCrossSigningInfo?) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            addOrUpdateCrossSigningInfo(realm, userId, info)
+        }
+    }
+
+    override fun markMyMasterKeyAsLocallyTrusted(trusted: Boolean) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            realm.where<CryptoMetadataEntity>().findFirst()?.userId?.let { myUserId ->
+                CrossSigningInfoEntity.get(realm, myUserId)?.getMasterKey()?.let { xInfoEntity ->
+                    val level = xInfoEntity.trustLevelEntity
+                    if (level == null) {
+                        val newLevel = realm.createObject(TrustLevelEntity::class.java)
+                        newLevel.locallyVerified = trusted
+                        xInfoEntity.trustLevelEntity = newLevel
+                    } else {
+                        level.locallyVerified = trusted
+                    }
+                }
+            }
+        }
+    }
+
+    private fun addOrUpdateCrossSigningInfo(realm: Realm, userId: String, info: MXCrossSigningInfo?): CrossSigningInfoEntity? {
+        if (info == null) {
+            // Delete known if needed
+            CrossSigningInfoEntity.get(realm, userId)?.deleteFromRealm()
+            return null
+            // TODO notify, we might need to untrust things?
+        } else {
+            // Just override existing, caller should check and untrust id needed
+            val existing = CrossSigningInfoEntity.getOrCreate(realm, userId)
+            existing.crossSigningKeys.clearWith { it.deleteOnCascade() }
+            existing.crossSigningKeys.addAll(
+                    info.crossSigningKeys.map {
+                        crossSigningKeysMapper.map(it)
+                    }
+            )
+            return existing
+        }
+    }
+
+    override fun addWithHeldMegolmSession(withHeldContent: RoomKeyWithHeldContent) {
+        val roomId = withHeldContent.roomId ?: return
+        val sessionId = withHeldContent.sessionId ?: return
+        if (withHeldContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return
+        doRealmTransaction(realmConfiguration) { realm ->
+            WithHeldSessionEntity.getOrCreate(realm, roomId, sessionId)?.let {
+                it.code = withHeldContent.code
+                it.senderKey = withHeldContent.senderKey
+                it.reason = withHeldContent.reason
+            }
+        }
+    }
+
+    override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
+        return doWithRealm(realmConfiguration) { realm ->
+            WithHeldSessionEntity.get(realm, roomId, sessionId)?.let {
+                RoomKeyWithHeldContent(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = it.algorithm,
+                        codeString = it.codeString,
+                        reason = it.reason,
+                        senderKey = it.senderKey
+                )
+            }
+        }
+    }
+
+    override fun markedSessionAsShared(roomId: String?,
+                                       sessionId: String,
+                                       userId: String,
+                                       deviceId: String,
+                                       deviceIdentityKey: String,
+                                       chainIndex: Int) {
+        doRealmTransaction(realmConfiguration) { realm ->
+            SharedSessionEntity.create(
+                    realm = realm,
+                    roomId = roomId,
+                    sessionId = sessionId,
+                    userId = userId,
+                    deviceId = deviceId,
+                    deviceIdentityKey = deviceIdentityKey,
+                    chainIndex = chainIndex
+            )
+        }
+    }
+
+    override fun getSharedSessionInfo(roomId: String?, sessionId: String, deviceInfo: CryptoDeviceInfo): IMXCryptoStore.SharedSessionResult {
+        return doWithRealm(realmConfiguration) { realm ->
+            SharedSessionEntity.get(
+                    realm = realm,
+                    roomId = roomId,
+                    sessionId = sessionId,
+                    userId = deviceInfo.userId,
+                    deviceId = deviceInfo.deviceId,
+                    deviceIdentityKey = deviceInfo.identityKey()
+            )?.let {
+                IMXCryptoStore.SharedSessionResult(true, it.chainIndex)
+            } ?: IMXCryptoStore.SharedSessionResult(false, null)
+        }
+    }
+
+    override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
+        return doWithRealm(realmConfiguration) { realm ->
+            val result = MXUsersDevicesMap<Int>()
+            SharedSessionEntity.get(realm, roomId, sessionId)
+                    .groupBy { it.userId }
+                    .forEach { (userId, shared) ->
+                        shared.forEach {
+                            result.setObject(userId, it.deviceId, it.chainIndex)
+                        }
+                    }
+
+            result
+        }
+    }
+
+    /**
+     * Some entries in the DB can get a bit out of control with time
+     * So we need to tidy up a bit
+     */
+    override fun tidyUpDataBase() {
+        val prevWeekTs = System.currentTimeMillis() - 7 * 24 * 60 * 60 * 1_000
+        doRealmTransaction(realmConfiguration) { realm ->
+
+            // Clean the old ones?
+            realm.where<OutgoingKeyRequestEntity>()
+                    .lessThan(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, prevWeekTs)
+                    .findAll()
+                    .also { Timber.i("## Crypto Clean up ${it.size} OutgoingKeyRequestEntity") }
+                    .deleteAllFromRealm()
+
+            // Only keep one month history
+
+            val prevMonthTs = System.currentTimeMillis() - 4 * 7 * 24 * 60 * 60 * 1_000L
+            realm.where<AuditTrailEntity>()
+                    .lessThan(AuditTrailEntityFields.AGE_LOCAL_TS, prevMonthTs)
+                    .findAll()
+                    .also { Timber.i("## Crypto Clean up ${it.size} AuditTrailEntity") }
+                    .deleteAllFromRealm()
+
+            // Can we do something for WithHeldSessionEntity?
+        }
+    }
+
+    /**
+     * Prints out database info
+     */
+    override fun logDbUsageInfo() {
+        RealmDebugTools(realmConfiguration).logInfo("Crypto")
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index dac2ba2c31..6d8891d356 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -18,6 +18,7 @@ package org.matrix.android.sdk.internal.crypto.store.db.migration
 
 import io.realm.DynamicRealm
 import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntityFields
+import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMetadataEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
@@ -59,5 +60,12 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
                 .addField(KeyRequestReplyEntityFields.SENDER_ID, String::class.java)
                 .addField(KeyRequestReplyEntityFields.FROM_DEVICE, String::class.java)
                 .addField(KeyRequestReplyEntityFields.EVENT_JSON, String::class.java)
+
+        realm.schema.get("CryptoMetadataEntity")
+                ?.addField(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_REQUESTING_AND_SHARING, Boolean::class.java)
+                ?.transform {
+                    // set the default value to true
+                    it.setBoolean(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_REQUESTING_AND_SHARING, true)
+                }
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt
index 35ae86db8b..9776d2073a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt
@@ -33,6 +33,8 @@ internal open class CryptoMetadataEntity(
         var deviceSyncToken: String? = null,
         // Settings for blacklisting unverified devices.
         var globalBlacklistUnverifiedDevices: Boolean = false,
+        // setting to enable or disable key gossiping
+        var globalEnableKeyRequestingAndSharing: Boolean = true,
         // The keys backup version currently used. Null means no backup.
         var backupVersion: String? = null,
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
index f883cc33ec..fa7dfd8726 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
@@ -18,6 +18,8 @@ package org.matrix.android.sdk.internal.session.room.membership.joining
 
 import io.realm.RealmConfiguration
 import kotlinx.coroutines.TimeoutCancellationException
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
 import org.matrix.android.sdk.api.session.events.model.toContent
 import org.matrix.android.sdk.api.session.identity.model.SignInvitationResult
 import org.matrix.android.sdk.api.session.room.failure.JoinRoomFailure
@@ -52,6 +54,7 @@ internal class DefaultJoinRoomTask @Inject constructor(
         private val readMarkersTask: SetReadMarkersTask,
         @SessionDatabase
         private val realmConfiguration: RealmConfiguration,
+        private val coroutineDispatcher: MatrixCoroutineDispatchers,
         private val roomChangeMembershipStateDataSource: RoomChangeMembershipStateDataSource,
         private val globalErrorReceiver: GlobalErrorReceiver
 ) : JoinRoomTask {
@@ -68,11 +71,13 @@ internal class DefaultJoinRoomTask @Inject constructor(
         }
         val joinRoomResponse = try {
             executeRequest(globalErrorReceiver) {
-                roomAPI.join(
-                        roomIdOrAlias = params.roomIdOrAlias,
-                        viaServers = params.viaServers.take(3),
-                        params = extraParams
-                )
+                withContext(coroutineDispatcher.io) {
+                    roomAPI.join(
+                            roomIdOrAlias = params.roomIdOrAlias,
+                            viaServers = params.viaServers.take(3),
+                            params = extraParams
+                    )
+                }
             }
         } catch (failure: Throwable) {
             roomChangeMembershipStateDataSource.updateState(params.roomIdOrAlias, ChangeMembershipState.FailedJoining(failure))

From 81b114fc8277916537abec51312c7ae91970b856 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Mon, 21 Mar 2022 09:48:57 +0100
Subject: [PATCH 07/27] Add change log + quick quality fix

---
 changelog.d/5494.feature                                        | 1 +
 .../sdk/api/session/crypto/keyshare/GossipingRequestListener.kt | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 changelog.d/5494.feature

diff --git a/changelog.d/5494.feature b/changelog.d/5494.feature
new file mode 100644
index 0000000000..59b8a78a2c
--- /dev/null
+++ b/changelog.d/5494.feature
@@ -0,0 +1 @@
+Use key backup before requesting keys + refactor & improvement of key request/forward
\ No newline at end of file
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt
index 6fdbaf3301..24d3cf4004 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/keyshare/GossipingRequestListener.kt
@@ -41,5 +41,5 @@ interface GossipingRequestListener {
      *
      * @param request the cancellation request
      */
-    fun onRequestCancelled(requestId: IncomingRoomKeyRequest)
+    fun onRequestCancelled(request: IncomingRoomKeyRequest)
 }

From cc107498ebf1e9af052abd525d184329afb44c9f Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Mon, 21 Mar 2022 12:31:15 +0100
Subject: [PATCH 08/27] Fix database migration

---
 .../store/db/migration/MigrateCryptoTo016.kt      | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index 6d8891d356..3b2a08dba3 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -19,7 +19,6 @@ package org.matrix.android.sdk.internal.crypto.store.db.migration
 import io.realm.DynamicRealm
 import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.CryptoMetadataEntityFields
-import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntity
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEntityFields
 import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
 import org.matrix.android.sdk.internal.util.database.RealmMigrator
@@ -33,19 +32,24 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
 
         // No need to migrate existing request, just start fresh
 
+        val replySchema = realm.schema.create("KeyRequestReplyEntity")
+                .addField(KeyRequestReplyEntityFields.SENDER_ID, String::class.java)
+                .addField(KeyRequestReplyEntityFields.FROM_DEVICE, String::class.java)
+                .addField(KeyRequestReplyEntityFields.EVENT_JSON, String::class.java)
+
         realm.schema.create("OutgoingKeyRequestEntity")
                 .addField(OutgoingKeyRequestEntityFields.REQUEST_ID, String::class.java)
                 .addIndex(OutgoingKeyRequestEntityFields.REQUEST_ID)
                 .addField(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, String::class.java)
                 .addIndex(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID)
-                .addRealmListField(OutgoingKeyRequestEntityFields.REPLIES.`$`, KeyRequestReplyEntity::class.java)
+                .addRealmListField(OutgoingKeyRequestEntityFields.REPLIES.`$`, replySchema)
                 .addField(OutgoingKeyRequestEntityFields.RECIPIENTS_DATA, String::class.java)
                 .addField(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, String::class.java)
                 .addIndex(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR)
                 .addField(OutgoingKeyRequestEntityFields.REQUESTED_INFO_STR, String::class.java)
                 .addField(OutgoingKeyRequestEntityFields.ROOM_ID, String::class.java)
                 .addIndex(OutgoingKeyRequestEntityFields.ROOM_ID)
-                .addField(OutgoingKeyRequestEntityFields.REQUESTED_INDEX, String::class.java)
+                .addField(OutgoingKeyRequestEntityFields.REQUESTED_INDEX, Integer::class.java)
                 .addField(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, Long::class.java)
                 .setNullable(OutgoingKeyRequestEntityFields.CREATION_TIME_STAMP, true)
 
@@ -56,11 +60,6 @@ class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
                 .addField(AuditTrailEntityFields.TYPE, String::class.java)
                 .addIndex(AuditTrailEntityFields.TYPE)
 
-        realm.schema.create("KeyRequestReplyEntity")
-                .addField(KeyRequestReplyEntityFields.SENDER_ID, String::class.java)
-                .addField(KeyRequestReplyEntityFields.FROM_DEVICE, String::class.java)
-                .addField(KeyRequestReplyEntityFields.EVENT_JSON, String::class.java)
-
         realm.schema.get("CryptoMetadataEntity")
                 ?.addField(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_REQUESTING_AND_SHARING, Boolean::class.java)
                 ?.transform {

From 88cf1a5e67a71d846776dc4b355896d7dd95de05 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Tue, 29 Mar 2022 15:56:34 +0200
Subject: [PATCH 09/27] Fix unneeded re-uploade of key got from backup

and disabled prompting for untrusted key sharing
---
 .../crypto/OutgoingKeyRequestManager.kt       |   6 +
 .../PerSessionBackupQueryRateLimiter.kt       |   2 +-
 .../keysbackup/DefaultKeysBackupService.kt    | 259 +++++++++---------
 .../crypto/store/db/RealmCryptoStore.kt       |  46 +++-
 .../crypto/keysrequest/KeyRequestHandler.kt   |   5 +
 5 files changed, 183 insertions(+), 135 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index c0b94f5584..fa2a26bbce 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -20,6 +20,7 @@ import kotlinx.coroutines.CoroutineScope
 import kotlinx.coroutines.SupervisorJob
 import kotlinx.coroutines.asCoroutineDispatcher
 import kotlinx.coroutines.cancel
+import kotlinx.coroutines.delay
 import kotlinx.coroutines.launch
 import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
@@ -168,6 +169,11 @@ internal class OutgoingKeyRequestManager @Inject constructor(
                 sequencer.post {
                     cryptoStore.deleteOutgoingRoomKeyRequestInState(OutgoingRoomKeyRequestState.SENT)
                 }
+
+                sequencer.post {
+                    delay(1000)
+                    perSessionBackupQueryRateLimiter.refreshBackupInfoIfNeeded(true)
+                }
             }
         }
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
index 65fcfd4f8d..daf69f892d 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
@@ -68,7 +68,7 @@ internal class PerSessionBackupQueryRateLimiter @Inject constructor(
     var backupWasCheckedFromServer: Boolean = false
     var now = System.currentTimeMillis()
 
-    private fun refreshBackupInfoIfNeeded(force: Boolean = false) {
+    fun refreshBackupInfoIfNeeded(force: Boolean = false) {
         if (backupWasCheckedFromServer && !force) return
         Timber.tag(loggerTag.value).v("Checking if can access a backup")
         backupWasCheckedFromServer = true
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
index f8db708268..778bdb9849 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
@@ -63,16 +63,11 @@ import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.RoomKeysBack
 import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.UpdateKeysBackupVersionBody
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.CreateKeysBackupVersionTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.DeleteBackupTask
-import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.DeleteRoomSessionDataTask
-import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.DeleteRoomSessionsDataTask
-import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.DeleteSessionsDataTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.GetKeysBackupLastVersionTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.GetKeysBackupVersionTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.GetRoomSessionDataTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.GetRoomSessionsDataTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.GetSessionsDataTask
-import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreRoomSessionDataTask
-import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreRoomSessionsDataTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.StoreSessionsDataTask
 import org.matrix.android.sdk.internal.crypto.keysbackup.tasks.UpdateKeysBackupVersionTask
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
@@ -112,16 +107,11 @@ internal class DefaultKeysBackupService @Inject constructor(
         // Tasks
         private val createKeysBackupVersionTask: CreateKeysBackupVersionTask,
         private val deleteBackupTask: DeleteBackupTask,
-        private val deleteRoomSessionDataTask: DeleteRoomSessionDataTask,
-        private val deleteRoomSessionsDataTask: DeleteRoomSessionsDataTask,
-        private val deleteSessionDataTask: DeleteSessionsDataTask,
         private val getKeysBackupLastVersionTask: GetKeysBackupLastVersionTask,
         private val getKeysBackupVersionTask: GetKeysBackupVersionTask,
         private val getRoomSessionDataTask: GetRoomSessionDataTask,
         private val getRoomSessionsDataTask: GetRoomSessionsDataTask,
         private val getSessionsDataTask: GetSessionsDataTask,
-        private val storeRoomSessionDataTask: StoreRoomSessionDataTask,
-        private val storeSessionsDataTask: StoreRoomSessionsDataTask,
         private val storeSessionDataTask: StoreSessionsDataTask,
         private val updateKeysBackupVersionTask: UpdateKeysBackupVersionTask,
         // Task executor
@@ -168,58 +158,63 @@ internal class DefaultKeysBackupService @Inject constructor(
     override fun prepareKeysBackupVersion(password: String?,
                                           progressListener: ProgressListener?,
                                           callback: MatrixCallback<MegolmBackupCreationInfo>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
-            runCatching {
-                withContext(coroutineDispatchers.crypto) {
-                    val olmPkDecryption = OlmPkDecryption()
-                    val signalableMegolmBackupAuthData = if (password != null) {
-                        // Generate a private key from the password
-                        val backgroundProgressListener = if (progressListener == null) {
-                            null
-                        } else {
-                            object : ProgressListener {
-                                override fun onProgress(progress: Int, total: Int) {
-                                    uiHandler.post {
-                                        try {
-                                            progressListener.onProgress(progress, total)
-                                        } catch (e: Exception) {
-                                            Timber.e(e, "prepareKeysBackupVersion: onProgress failure")
-                                        }
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
+            try {
+                val olmPkDecryption = OlmPkDecryption()
+                val signalableMegolmBackupAuthData = if (password != null) {
+                    // Generate a private key from the password
+                    val backgroundProgressListener = if (progressListener == null) {
+                        null
+                    } else {
+                        object : ProgressListener {
+                            override fun onProgress(progress: Int, total: Int) {
+                                uiHandler.post {
+                                    try {
+                                        progressListener.onProgress(progress, total)
+                                    } catch (e: Exception) {
+                                        Timber.e(e, "prepareKeysBackupVersion: onProgress failure")
                                     }
                                 }
                             }
                         }
-
-                        val generatePrivateKeyResult = generatePrivateKeyWithPassword(password, backgroundProgressListener)
-                        SignalableMegolmBackupAuthData(
-                                publicKey = olmPkDecryption.setPrivateKey(generatePrivateKeyResult.privateKey),
-                                privateKeySalt = generatePrivateKeyResult.salt,
-                                privateKeyIterations = generatePrivateKeyResult.iterations
-                        )
-                    } else {
-                        val publicKey = olmPkDecryption.generateKey()
-
-                        SignalableMegolmBackupAuthData(
-                                publicKey = publicKey
-                        )
                     }
 
-                    val canonicalJson = JsonCanonicalizer.getCanonicalJson(Map::class.java, signalableMegolmBackupAuthData.signalableJSONDictionary())
-
-                    val signedMegolmBackupAuthData = MegolmBackupAuthData(
-                            publicKey = signalableMegolmBackupAuthData.publicKey,
-                            privateKeySalt = signalableMegolmBackupAuthData.privateKeySalt,
-                            privateKeyIterations = signalableMegolmBackupAuthData.privateKeyIterations,
-                            signatures = objectSigner.signObject(canonicalJson)
+                    val generatePrivateKeyResult = generatePrivateKeyWithPassword(password, backgroundProgressListener)
+                    SignalableMegolmBackupAuthData(
+                            publicKey = olmPkDecryption.setPrivateKey(generatePrivateKeyResult.privateKey),
+                            privateKeySalt = generatePrivateKeyResult.salt,
+                            privateKeyIterations = generatePrivateKeyResult.iterations
                     )
+                } else {
+                    val publicKey = olmPkDecryption.generateKey()
 
-                    MegolmBackupCreationInfo(
-                            algorithm = MXCRYPTO_ALGORITHM_MEGOLM_BACKUP,
-                            authData = signedMegolmBackupAuthData,
-                            recoveryKey = computeRecoveryKey(olmPkDecryption.privateKey())
+                    SignalableMegolmBackupAuthData(
+                            publicKey = publicKey
                     )
                 }
-            }.foldToCallback(callback)
+
+                val canonicalJson = JsonCanonicalizer.getCanonicalJson(Map::class.java, signalableMegolmBackupAuthData.signalableJSONDictionary())
+
+                val signedMegolmBackupAuthData = MegolmBackupAuthData(
+                        publicKey = signalableMegolmBackupAuthData.publicKey,
+                        privateKeySalt = signalableMegolmBackupAuthData.privateKeySalt,
+                        privateKeyIterations = signalableMegolmBackupAuthData.privateKeyIterations,
+                        signatures = objectSigner.signObject(canonicalJson)
+                )
+
+                val creationInfo = MegolmBackupCreationInfo(
+                        algorithm = MXCRYPTO_ALGORITHM_MEGOLM_BACKUP,
+                        authData = signedMegolmBackupAuthData,
+                        recoveryKey = computeRecoveryKey(olmPkDecryption.privateKey())
+                )
+                uiHandler.post {
+                    callback.onSuccess(creationInfo)
+                }
+            } catch (failure: Throwable) {
+                uiHandler.post {
+                    callback.onFailure(failure)
+                }
+            }
         }
     }
 
@@ -267,41 +262,39 @@ internal class DefaultKeysBackupService @Inject constructor(
     }
 
     override fun deleteBackup(version: String, callback: MatrixCallback<Unit>?) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
-            withContext(coroutineDispatchers.crypto) {
-                // If we're currently backing up to this backup... stop.
-                // (We start using it automatically in createKeysBackupVersion so this is symmetrical).
-                if (keysBackupVersion != null && version == keysBackupVersion?.version) {
-                    resetKeysBackupData()
-                    keysBackupVersion = null
-                    keysBackupStateManager.state = KeysBackupState.Unknown
-                }
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
+            // If we're currently backing up to this backup... stop.
+            // (We start using it automatically in createKeysBackupVersion so this is symmetrical).
+            if (keysBackupVersion != null && version == keysBackupVersion?.version) {
+                resetKeysBackupData()
+                keysBackupVersion = null
+                keysBackupStateManager.state = KeysBackupState.Unknown
+            }
 
-                deleteBackupTask
-                        .configureWith(DeleteBackupTask.Params(version)) {
-                            this.callback = object : MatrixCallback<Unit> {
-                                private fun eventuallyRestartBackup() {
-                                    // Do not stay in KeysBackupState.Unknown but check what is available on the homeserver
-                                    if (state == KeysBackupState.Unknown) {
-                                        checkAndStartKeysBackup()
-                                    }
-                                }
-
-                                override fun onSuccess(data: Unit) {
-                                    eventuallyRestartBackup()
-
-                                    uiHandler.post { callback?.onSuccess(Unit) }
-                                }
-
-                                override fun onFailure(failure: Throwable) {
-                                    eventuallyRestartBackup()
-
-                                    uiHandler.post { callback?.onFailure(failure) }
+            deleteBackupTask
+                    .configureWith(DeleteBackupTask.Params(version)) {
+                        this.callback = object : MatrixCallback<Unit> {
+                            private fun eventuallyRestartBackup() {
+                                // Do not stay in KeysBackupState.Unknown but check what is available on the homeserver
+                                if (state == KeysBackupState.Unknown) {
+                                    checkAndStartKeysBackup()
                                 }
                             }
+
+                            override fun onSuccess(data: Unit) {
+                                eventuallyRestartBackup()
+
+                                uiHandler.post { callback?.onSuccess(Unit) }
+                            }
+
+                            override fun onFailure(failure: Throwable) {
+                                eventuallyRestartBackup()
+
+                                uiHandler.post { callback?.onFailure(failure) }
+                            }
                         }
-                        .executeBy(taskExecutor)
-            }
+                    }
+                    .executeBy(taskExecutor)
         }
     }
 
@@ -480,10 +473,11 @@ internal class DefaultKeysBackupService @Inject constructor(
 
         if (authData == null) {
             Timber.w("trustKeyBackupVersion:trust: Key backup is missing required data")
-
-            callback.onFailure(IllegalArgumentException("Missing element"))
+            uiHandler.post {
+                callback.onFailure(IllegalArgumentException("Missing element"))
+            }
         } else {
-            cryptoCoroutineScope.launch(coroutineDispatchers.main) {
+            cryptoCoroutineScope.launch(coroutineDispatchers.io) {
                 val updateKeysBackupVersionBody = withContext(coroutineDispatchers.crypto) {
                     // Get current signatures, or create an empty set
                     val myUserSignatures = authData.signatures?.get(userId).orEmpty().toMutableMap()
@@ -535,11 +529,15 @@ internal class DefaultKeysBackupService @Inject constructor(
 
                                     checkAndStartWithKeysBackupVersion(newKeysBackupVersion)
 
-                                    callback.onSuccess(data)
+                                    uiHandler.post {
+                                        callback.onSuccess(data)
+                                    }
                                 }
 
                                 override fun onFailure(failure: Throwable) {
-                                    callback.onFailure(failure)
+                                    uiHandler.post {
+                                        callback.onFailure(failure)
+                                    }
                                 }
                             }
                         }
@@ -553,15 +551,14 @@ internal class DefaultKeysBackupService @Inject constructor(
                                                        callback: MatrixCallback<Unit>) {
         Timber.v("trustKeysBackupVersionWithRecoveryKey: version ${keysBackupVersion.version}")
 
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
-            val isValid = withContext(coroutineDispatchers.crypto) {
-                isValidRecoveryKeyForKeysBackupVersion(recoveryKey, keysBackupVersion)
-            }
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
+            val isValid = isValidRecoveryKeyForKeysBackupVersion(recoveryKey, keysBackupVersion)
 
             if (!isValid) {
                 Timber.w("trustKeyBackupVersionWithRecoveryKey: Invalid recovery key.")
-
-                callback.onFailure(IllegalArgumentException("Invalid recovery key or password"))
+                uiHandler.post {
+                    callback.onFailure(IllegalArgumentException("Invalid recovery key or password"))
+                }
             } else {
                 trustKeysBackupVersion(keysBackupVersion, true, callback)
             }
@@ -573,15 +570,14 @@ internal class DefaultKeysBackupService @Inject constructor(
                                                       callback: MatrixCallback<Unit>) {
         Timber.v("trustKeysBackupVersionWithPassphrase: version ${keysBackupVersion.version}")
 
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
-            val recoveryKey = withContext(coroutineDispatchers.crypto) {
-                recoveryKeyFromPassword(password, keysBackupVersion, null)
-            }
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
+            val recoveryKey = recoveryKeyFromPassword(password, keysBackupVersion, null)
 
             if (recoveryKey == null) {
                 Timber.w("trustKeysBackupVersionWithPassphrase: Key backup is missing required data")
-
-                callback.onFailure(IllegalArgumentException("Missing element"))
+                uiHandler.post {
+                    callback.onFailure(IllegalArgumentException("Missing element"))
+                }
             } else {
                 // Check trust using the recovery key
                 trustKeysBackupVersionWithRecoveryKey(keysBackupVersion, recoveryKey, callback)
@@ -592,30 +588,23 @@ internal class DefaultKeysBackupService @Inject constructor(
     override fun onSecretKeyGossip(secret: String) {
         Timber.i("## CrossSigning - onSecretKeyGossip")
 
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
             try {
                 when (val keysBackupLastVersionResult = getKeysBackupLastVersionTask.execute(Unit)) {
                     KeysBackupLastVersionResult.NoKeysBackup  -> {
                         Timber.d("No keys backup found")
                     }
-                    is KeysBackupLastVersionResult.KeysBackup -> {
-                        val keysBackupVersion = keysBackupLastVersionResult.keysVersionResult
-                        val recoveryKey = computeRecoveryKey(secret.fromBase64())
-                        if (isValidRecoveryKeyForKeysBackupVersion(recoveryKey, keysBackupVersion)) {
-                            awaitCallback<Unit> {
-                                trustKeysBackupVersion(keysBackupVersion, true, it)
-                            }
-                            val importResult = awaitCallback<ImportRoomKeysResult> {
-                                restoreKeysWithRecoveryKey(keysBackupVersion, recoveryKey, null, null, null, it)
-                            }
-                            withContext(coroutineDispatchers.crypto) {
-                                cryptoStore.saveBackupRecoveryKey(recoveryKey, keysBackupVersion.version)
-                            }
-                            Timber.i("onSecretKeyGossip: Recovered keys $importResult")
-                        } else {
-                            Timber.e("onSecretKeyGossip: Recovery key is not valid ${keysBackupVersion.version}")
-                        }
+                    // we don't want to start immediately downloading all as it can take very long
+
+//                    val importResult = awaitCallback<ImportRoomKeysResult> {
+//                        restoreKeysWithRecoveryKey(keysBackupVersion, recoveryKey, null, null, null, it)
+//                    }
+                    withContext(coroutineDispatchers.crypto) {
+                        cryptoStore.saveBackupRecoveryKey(recoveryKey, keysBackupVersion.version)
                     }
+                    Timber.i("onSecretKeyGossip: saved valid backup key")
+                } else {
+                    Timber.e("onSecretKeyGossip: Recovery key is not valid ${keysBackupVersion.version}")
                 }
             } catch (failure: Throwable) {
                 Timber.e("onSecretKeyGossip: failed to trust key backup version ${keysBackupVersion?.version}")
@@ -678,9 +667,9 @@ internal class DefaultKeysBackupService @Inject constructor(
                                             callback: MatrixCallback<ImportRoomKeysResult>) {
         Timber.v("restoreKeysWithRecoveryKey: From backup version: ${keysVersionResult.version}")
 
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
             runCatching {
-                val decryption = withContext(coroutineDispatchers.crypto) {
+                val decryption = withContext(coroutineDispatchers.computation) {
                     // Check if the recovery is valid before going any further
                     if (!isValidRecoveryKeyForKeysBackupVersion(recoveryKey, keysVersionResult)) {
                         Timber.e("restoreKeysWithRecoveryKey: Invalid recovery key for this keys version")
@@ -749,7 +738,19 @@ internal class DefaultKeysBackupService @Inject constructor(
                     }
                     result
                 }
-            }.foldToCallback(callback)
+            }.foldToCallback(object : MatrixCallback<ImportRoomKeysResult> {
+                override fun onSuccess(data: ImportRoomKeysResult) {
+                    uiHandler.post {
+                        callback.onSuccess(data)
+                    }
+                }
+
+                override fun onFailure(failure: Throwable) {
+                    uiHandler.post {
+                        callback.onFailure(failure)
+                    }
+                }
+            })
         }
     }
 
@@ -761,7 +762,7 @@ internal class DefaultKeysBackupService @Inject constructor(
                                               callback: MatrixCallback<ImportRoomKeysResult>) {
         Timber.v("[MXKeyBackup] restoreKeyBackup with password: From backup version: ${keysBackupVersion.version}")
 
-        cryptoCoroutineScope.launch(coroutineDispatchers.main) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.io) {
             runCatching {
                 val progressListener = if (stepProgressListener != null) {
                     object : ProgressListener {
@@ -786,7 +787,19 @@ internal class DefaultKeysBackupService @Inject constructor(
                         restoreKeysWithRecoveryKey(keysBackupVersion, recoveryKey, roomId, sessionId, stepProgressListener, it)
                     }
                 }
-            }.foldToCallback(callback)
+            }.foldToCallback(object : MatrixCallback<ImportRoomKeysResult> {
+                override fun onSuccess(data: ImportRoomKeysResult) {
+                    uiHandler.post {
+                        callback.onSuccess(data)
+                    }
+                }
+
+                override fun onFailure(failure: Throwable) {
+                    uiHandler.post {
+                        callback.onFailure(failure)
+                    }
+                }
+            })
         }
     }
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index 3595609eef..ff2aa1dba7 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -740,14 +740,23 @@ internal class RealmCryptoStore @Inject constructor(
                 if (sessionIdentifier != null) {
                     val key = OlmInboundGroupSessionEntity.createPrimaryKey(sessionIdentifier, session.senderKey)
 
-                    val realmOlmInboundGroupSession = OlmInboundGroupSessionEntity().apply {
-                        primaryKey = key
-                        sessionId = sessionIdentifier
-                        senderKey = session.senderKey
-                        putInboundGroupSession(session)
-                    }
+                    val existing =  realm.where<OlmInboundGroupSessionEntity>()
+                            .equalTo(OlmInboundGroupSessionEntityFields.PRIMARY_KEY, key)
+                            .findFirst()
 
-                    realm.insertOrUpdate(realmOlmInboundGroupSession)
+                    if (existing != null) {
+                        // we want to keep the existing backup status
+                        existing.putInboundGroupSession(session)
+                    } else {
+                        val realmOlmInboundGroupSession = OlmInboundGroupSessionEntity().apply {
+                            primaryKey = key
+                            sessionId = sessionIdentifier
+                            senderKey = session.senderKey
+                            putInboundGroupSession(session)
+                        }
+
+                        realm.insertOrUpdate(realmOlmInboundGroupSession)
+                    }
                 }
             }
         }
@@ -876,17 +885,32 @@ internal class RealmCryptoStore @Inject constructor(
             return
         }
 
-        doRealmTransaction(realmConfiguration) {
+        doRealmTransaction(realmConfiguration) { realm ->
             olmInboundGroupSessionWrappers.forEach { olmInboundGroupSessionWrapper ->
                 try {
+                    val sessionIdentifier = olmInboundGroupSessionWrapper.olmInboundGroupSession?.sessionIdentifier()
                     val key = OlmInboundGroupSessionEntity.createPrimaryKey(
-                            olmInboundGroupSessionWrapper.olmInboundGroupSession?.sessionIdentifier(),
+                            sessionIdentifier,
                             olmInboundGroupSessionWrapper.senderKey)
 
-                    it.where<OlmInboundGroupSessionEntity>()
+                    val existing =  realm.where<OlmInboundGroupSessionEntity>()
                             .equalTo(OlmInboundGroupSessionEntityFields.PRIMARY_KEY, key)
                             .findFirst()
-                            ?.backedUp = true
+
+                    if (existing != null) {
+                        existing.backedUp = true
+                    } else {
+                        // ... might be in cache but not yet persisted, create a record to persist backedup state
+                        val realmOlmInboundGroupSession = OlmInboundGroupSessionEntity().apply {
+                            primaryKey = key
+                            sessionId = sessionIdentifier
+                            senderKey = olmInboundGroupSessionWrapper.senderKey
+                            putInboundGroupSession(olmInboundGroupSessionWrapper)
+                            backedUp = true
+                        }
+
+                        realm.insertOrUpdate(realmOlmInboundGroupSession)
+                    }
                 } catch (e: OlmException) {
                     Timber.e(e, "OlmException")
                 }
diff --git a/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt b/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
index cbaafed7e3..4f40916825 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
@@ -68,6 +68,9 @@ class KeyRequestHandler @Inject constructor(
 
     var session: Session? = null
 
+    // This functionality is disabled in element for now. As it could be prone to social attacks
+    var enablePromptingForRequest = false
+
     fun start(session: Session) {
         this.session = session
         session.cryptoService().verificationService().addListener(this)
@@ -92,6 +95,8 @@ class KeyRequestHandler @Inject constructor(
      * @param request the key request.
      */
     override fun onRoomKeyRequest(request: IncomingRoomKeyRequest) {
+        if (!enablePromptingForRequest) return
+
         val userId = request.userId
         val deviceId = request.deviceId
         val requestId = request.requestId

From 54fb4ae8dbb84be5ad48af3e4362fb52adddd814 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Tue, 12 Apr 2022 23:37:04 +0200
Subject: [PATCH 10/27] proper initial withheld support

---
 .../crypto/OutgoingKeyRequestManager.kt       | 37 +++++++++++++++++++
 .../algorithms/megolm/MXMegolmDecryption.kt   | 23 ++++++++++++
 .../algorithms/megolm/MXMegolmEncryption.kt   |  3 +-
 .../crypto/store/db/RealmCryptoStore.kt       | 13 ++++---
 4 files changed, 69 insertions(+), 7 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index fa2a26bbce..47465ceaa5 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -35,6 +35,7 @@ import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
@@ -68,6 +69,7 @@ internal class OutgoingKeyRequestManager @Inject constructor(
         private val cryptoConfig: MXCryptoConfig,
         private val inboundGroupSessionStore: InboundGroupSessionStore,
         private val sendToDeviceTask: DefaultSendToDeviceTask,
+        private val deviceListManager: DeviceListManager,
         private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
 
     private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
@@ -215,6 +217,41 @@ internal class OutgoingKeyRequestManager @Inject constructor(
         outgoingRequestScope.launch {
             sequencer.post {
                 Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
+                Timber.tag(loggerTag.value).v("Withheld content ${event.getClearContent()}")
+
+                // We want to store withheld code from the sender of the message (owner of the megolm session), not from
+                // other devices that might gossip the key. If not the initial reason might be overridden
+                // by a request to one of our session.
+                event.getClearContent().toModel<RoomKeyWithHeldContent>()?.let { withheld ->
+                    withContext(coroutineDispatchers.crypto) {
+                        tryOrNull {
+                            deviceListManager.downloadKeys(listOf(event.senderId ?: ""), false)
+                        }
+                        cryptoStore.getUserDeviceList(event.senderId ?: "")
+                                .also { devices ->
+                                    Timber.tag(loggerTag.value).v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
+                                }
+                                ?.firstOrNull {
+                                    it.identityKey() == senderKey
+                                }
+                    }.also {
+                        Timber.tag(loggerTag.value).v("Withheld device for sender key $senderKey is from ${it?.shortDebugString()}")
+                    }?.let {
+                        if (it.userId == event.senderId) {
+                            if (fromDevice != null) {
+                                if (it.deviceId == fromDevice) {
+                                    Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
+                                    cryptoStore.addWithHeldMegolmSession(withheld)
+                                }
+                            } else {
+                                Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
+                                cryptoStore.addWithHeldMegolmSession(withheld)
+                            }
+                        }
+                    }
+                }
+
+                // Here we store the replies from a given request
                 cryptoStore.updateOutgoingRoomKeyReply(
                         roomId = roomId,
                         sessionId = sessionId,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 464a1ca3e7..17c15d9d3c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -102,9 +102,20 @@ internal class MXMegolmDecryption(
                             if (throwable is MXCryptoError.OlmError) {
                                 // TODO Check the value of .message
                                 if (throwable.olmException.message == "UNKNOWN_MESSAGE_INDEX") {
+                                    // So we know that session, but it's ratcheted and we can't decrypt at that index
+
                                     if (requestKeysOnFail) {
                                         requestKeysForEvent(event)
                                     }
+                                    // Check if partially withheld
+                                    val withHeldInfo = cryptoStore.getWithHeldMegolmSession(event.roomId, encryptedEventContent.sessionId)
+                                    if (withHeldInfo != null) {
+                                        // Encapsulate as withHeld exception
+                                        throw MXCryptoError.Base(MXCryptoError.ErrorType.KEYS_WITHHELD,
+                                                withHeldInfo.code?.value ?: "",
+                                                withHeldInfo.reason)
+                                    }
+
                                     throw MXCryptoError.Base(
                                             MXCryptoError.ErrorType.UNKNOWN_MESSAGE_INDEX,
                                             "UNKNOWN_MESSAGE_INDEX",
@@ -121,6 +132,18 @@ internal class MXMegolmDecryption(
                             }
                             if (throwable is MXCryptoError.Base) {
                                 if (throwable.errorType == MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID) {
+                                    // Check if it was withheld by sender to enrich error code
+                                    val withHeldInfo = cryptoStore.getWithHeldMegolmSession(event.roomId, encryptedEventContent.sessionId)
+                                    if (withHeldInfo != null) {
+                                        if (requestKeysOnFail) {
+                                            requestKeysForEvent(event)
+                                        }
+                                        // Encapsulate as withHeld exception
+                                        throw MXCryptoError.Base(MXCryptoError.ErrorType.KEYS_WITHHELD,
+                                                withHeldInfo.code?.value ?: "",
+                                                withHeldInfo.reason)
+                                    }
+
                                     if (requestKeysOnFail) {
                                         requestKeysForEvent(event)
                                     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
index e9a4fb206d..064d47f3ff 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmEncryption.kt
@@ -328,7 +328,8 @@ internal class MXMegolmEncryption(
                 senderKey = senderKey,
                 algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
                 sessionId = sessionId,
-                codeString = code.value
+                codeString = code.value,
+                fromDevice = myDeviceId
         )
         val params = SendToDeviceTask.Params(
                 EventType.ROOM_KEY_WITHHELD,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index ff2aa1dba7..0b43be8551 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -271,12 +271,13 @@ internal class RealmCryptoStore @Inject constructor(
     }
 
     override fun deviceWithIdentityKey(identityKey: String): CryptoDeviceInfo? {
-        return doWithRealm(realmConfiguration) {
-            it.where<DeviceInfoEntity>()
-                    .equalTo(DeviceInfoEntityFields.IDENTITY_KEY, identityKey)
-                    .findFirst()
-                    ?.let { deviceInfo ->
-                        CryptoMapper.mapToModel(deviceInfo)
+        return doWithRealm(realmConfiguration) { realm ->
+            realm.where<DeviceInfoEntity>()
+                    .contains(DeviceInfoEntityFields.KEYS_MAP_JSON, identityKey)
+                    .findAll()
+                    .mapNotNull { CryptoMapper.mapToModel(it)  }
+                    .firstOrNull {
+                        it.identityKey() == identityKey
                     }
         }
     }

From f9dd3b96d6f38e15e89bf7e7e05f3c97e0272fde Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 15 Apr 2022 10:11:30 +0200
Subject: [PATCH 11/27] Stop using workers for interactive verification

---
 .../internal/crypto/DefaultCryptoService.kt   |  13 +-
 .../internal/crypto/tasks/EncryptEventTask.kt |   7 +-
 .../tasks/SendVerificationMessageTask.kt      |   2 +-
 .../DefaultVerificationService.kt             |  11 +-
 .../SendVerificationMessageWorker.kt          |  88 ------
 .../VerificationMessageProcessor.kt           |  46 +---
 .../VerificationTransportRoomMessage.kt       | 257 +++++++-----------
 ...VerificationTransportRoomMessageFactory.kt |  26 +-
 .../sdk/internal/session/SessionComponent.kt  |   3 -
 .../sdk/internal/session/SessionModule.kt     |   5 -
 .../sync/handler/room/RoomSyncHandler.kt      |   7 +-
 .../internal/worker/MatrixWorkerFactory.kt    |   3 -
 12 files changed, 145 insertions(+), 323 deletions(-)
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SendVerificationMessageWorker.kt

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 2ce517d79c..dbe9880111 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -97,6 +97,7 @@ import org.matrix.android.sdk.internal.crypto.tasks.GetDevicesTask
 import org.matrix.android.sdk.internal.crypto.tasks.SetDeviceNameTask
 import org.matrix.android.sdk.internal.crypto.tasks.UploadKeysTask
 import org.matrix.android.sdk.internal.crypto.verification.DefaultVerificationService
+import org.matrix.android.sdk.internal.crypto.verification.VerificationMessageProcessor
 import org.matrix.android.sdk.internal.di.DeviceId
 import org.matrix.android.sdk.internal.di.MoshiProvider
 import org.matrix.android.sdk.internal.di.UserId
@@ -183,6 +184,7 @@ internal class DefaultCryptoService @Inject constructor(
         private val taskExecutor: TaskExecutor,
         private val cryptoCoroutineScope: CoroutineScope,
         private val eventDecryptor: EventDecryptor,
+        private val verificationMessageProcessor: VerificationMessageProcessor,
         private val liveEventManager: Lazy<StreamEventsManager>
 ) : CryptoService {
 
@@ -197,7 +199,7 @@ internal class DefaultCryptoService @Inject constructor(
         }
     }
 
-    fun onLiveEvent(roomId: String, event: Event) {
+    fun onLiveEvent(roomId: String, event: Event, isInitialSync: Boolean) {
         // handle state events
         if (event.isStateEvent()) {
             when (event.type) {
@@ -206,6 +208,15 @@ internal class DefaultCryptoService @Inject constructor(
                 EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
             }
         }
+
+        // handle verification
+        if (!isInitialSync) {
+            if (event.type != null && verificationMessageProcessor.shouldProcess(event.type)) {
+                cryptoCoroutineScope.launch(coroutineDispatchers.dmVerif) {
+                    verificationMessageProcessor.process(event)
+                }
+            }
+        }
     }
 
 //    val gossipingBuffer = mutableListOf<Event>()
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt
index 1e395796a9..ba64f0c0a5 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt
@@ -16,6 +16,7 @@
 package org.matrix.android.sdk.internal.crypto.tasks
 
 import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import dagger.Lazy
 import org.matrix.android.sdk.api.session.crypto.CryptoService
 import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
@@ -39,7 +40,7 @@ internal interface EncryptEventTask : Task<EncryptEventTask.Params, Event> {
 
 internal class DefaultEncryptEventTask @Inject constructor(
         private val localEchoRepository: LocalEchoRepository,
-        private val cryptoService: CryptoService
+        private val cryptoService: Lazy<CryptoService>
 ) : EncryptEventTask {
     override suspend fun execute(params: EncryptEventTask.Params): Event {
         // don't want to wait for any query
@@ -59,7 +60,7 @@ internal class DefaultEncryptEventTask @Inject constructor(
 //        try {
         // let it throws
         awaitCallback<MXEncryptEventContentResult> {
-            cryptoService.encryptEventContent(localMutableContent, localEvent.type, params.roomId, it)
+            cryptoService.get().encryptEventContent(localMutableContent, localEvent.type, params.roomId, it)
         }.let { result ->
             val modifiedContent = HashMap(result.eventContent)
             params.keepKeys?.forEach { toKeep ->
@@ -80,7 +81,7 @@ internal class DefaultEncryptEventTask @Inject constructor(
                         ).toContent(),
                         forwardingCurve25519KeyChain = emptyList(),
                         senderCurve25519Key = result.eventContent["sender_key"] as? String,
-                        claimedEd25519Key = cryptoService.getMyDevice().fingerprint()
+                        claimedEd25519Key = cryptoService.get().getMyDevice().fingerprint()
                 )
             } else {
                 null
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendVerificationMessageTask.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendVerificationMessageTask.kt
index c4a6ba27d6..ca23bcd4c4 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendVerificationMessageTask.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/SendVerificationMessageTask.kt
@@ -47,7 +47,7 @@ internal class DefaultSendVerificationMessageTask @Inject constructor(
             localEchoRepository.updateSendState(localId, event.roomId, SendState.SENDING)
             val response = executeRequest(globalErrorReceiver) {
                 roomAPI.send(
-                        localId,
+                        txId = localId,
                         roomId = event.roomId ?: "",
                         content = event.content,
                         eventType = event.type ?: ""
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
index 16f1f7d719..46d53355a8 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/DefaultVerificationService.kt
@@ -764,8 +764,15 @@ internal class DefaultVerificationService @Inject constructor(
             return
         }
 
+        val roomId = event.roomId
+        if (roomId == null) {
+            Timber.e("## SAS Verification missing roomId for event")
+            // TODO cancel?
+            return
+        }
+
         handleReadyReceived(event.senderId, readyReq) {
-            verificationTransportRoomMessageFactory.createTransport(event.roomId!!, it)
+            verificationTransportRoomMessageFactory.createTransport(roomId, it)
         }
     }
 
@@ -1171,6 +1178,7 @@ internal class DefaultVerificationService @Inject constructor(
         }
                 .distinct()
 
+        requestsForUser.add(verificationRequest)
         transport.sendVerificationRequest(methodValues, validLocalId, otherUserId, roomId, null) { syncedId, info ->
             // We need to update with the syncedID
             updatePendingRequest(verificationRequest.copy(
@@ -1180,7 +1188,6 @@ internal class DefaultVerificationService @Inject constructor(
             ))
         }
 
-        requestsForUser.add(verificationRequest)
         dispatchRequestAdded(verificationRequest)
 
         return verificationRequest
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SendVerificationMessageWorker.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SendVerificationMessageWorker.kt
deleted file mode 100644
index 0a175ae3ca..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/SendVerificationMessageWorker.kt
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.matrix.android.sdk.internal.crypto.verification
-
-import android.content.Context
-import androidx.work.Data
-import androidx.work.WorkerParameters
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.failure.shouldBeRetried
-import org.matrix.android.sdk.internal.SessionManager
-import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
-import org.matrix.android.sdk.internal.session.SessionComponent
-import org.matrix.android.sdk.internal.session.room.send.CancelSendTracker
-import org.matrix.android.sdk.internal.session.room.send.LocalEchoRepository
-import org.matrix.android.sdk.internal.worker.SessionSafeCoroutineWorker
-import org.matrix.android.sdk.internal.worker.SessionWorkerParams
-import timber.log.Timber
-import javax.inject.Inject
-
-/**
- * Possible previous worker: None
- * Possible next worker    : None
- */
-internal class SendVerificationMessageWorker(context: Context, params: WorkerParameters, sessionManager: SessionManager) :
-        SessionSafeCoroutineWorker<SendVerificationMessageWorker.Params>(context, params, sessionManager, Params::class.java) {
-
-    @JsonClass(generateAdapter = true)
-    internal data class Params(
-            override val sessionId: String,
-            val eventId: String,
-            override val lastFailureMessage: String? = null
-    ) : SessionWorkerParams
-
-    @Inject lateinit var sendVerificationMessageTask: SendVerificationMessageTask
-    @Inject lateinit var localEchoRepository: LocalEchoRepository
-    @Inject lateinit var cancelSendTracker: CancelSendTracker
-
-    override fun injectWith(injector: SessionComponent) {
-        injector.inject(this)
-    }
-
-    override suspend fun doSafeWork(params: Params): Result {
-        val localEvent = localEchoRepository.getUpToDateEcho(params.eventId) ?: return buildErrorResult(params, "Event not found")
-        val localEventId = localEvent.eventId ?: ""
-        val roomId = localEvent.roomId ?: ""
-
-        if (cancelSendTracker.isCancelRequestedFor(localEventId, roomId)) {
-            return Result.success()
-                    .also {
-                        cancelSendTracker.markCancelled(localEventId, roomId)
-                        Timber.e("## SendEvent: Event sending has been cancelled $localEventId")
-                    }
-        }
-
-        return try {
-            val resultEventId = sendVerificationMessageTask.execute(
-                    SendVerificationMessageTask.Params(
-                            event = localEvent
-                    )
-            )
-
-            Result.success(Data.Builder().putString(localEventId, resultEventId).build())
-        } catch (throwable: Throwable) {
-            if (throwable.shouldBeRetried()) {
-                Result.retry()
-            } else {
-                buildErrorResult(params, throwable.localizedMessage ?: "error")
-            }
-        }
-    }
-
-    override fun buildErrorParams(params: Params, message: String): Params {
-        return params.copy(lastFailureMessage = params.lastFailureMessage ?: message)
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationMessageProcessor.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationMessageProcessor.kt
index 52166761ab..7e756e8914 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationMessageProcessor.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationMessageProcessor.kt
@@ -15,13 +15,9 @@
  */
 package org.matrix.android.sdk.internal.crypto.verification
 
-import io.realm.Realm
-import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationService
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.LocalEcho
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.session.room.model.message.MessageContent
 import org.matrix.android.sdk.api.session.room.model.message.MessageRelationContent
@@ -29,20 +25,16 @@ import org.matrix.android.sdk.api.session.room.model.message.MessageType
 import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationReadyContent
 import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationRequestContent
 import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationStartContent
-import org.matrix.android.sdk.internal.crypto.EventDecryptor
-import org.matrix.android.sdk.internal.database.model.EventInsertType
 import org.matrix.android.sdk.internal.di.DeviceId
 import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.android.sdk.internal.session.EventInsertLiveProcessor
 import timber.log.Timber
 import javax.inject.Inject
 
 internal class VerificationMessageProcessor @Inject constructor(
-        private val eventDecryptor: EventDecryptor,
         private val verificationService: DefaultVerificationService,
         @UserId private val userId: String,
         @DeviceId private val deviceId: String?
-) : EventInsertLiveProcessor {
+) {
 
     private val transactionsHandledByOtherDevice = ArrayList<String>()
 
@@ -58,41 +50,20 @@ internal class VerificationMessageProcessor @Inject constructor(
             EventType.ENCRYPTED
     )
 
-    override fun shouldProcess(eventId: String, eventType: String, insertType: EventInsertType): Boolean {
-        if (insertType != EventInsertType.INCREMENTAL_SYNC) {
-            return false
-        }
-        return allowedTypes.contains(eventType) && !LocalEcho.isLocalEchoId(eventId)
+    fun shouldProcess(eventType: String): Boolean {
+        return allowedTypes.contains(eventType)
     }
 
-    override suspend fun process(realm: Realm, event: Event) {
-        Timber.v("## SAS Verification live observer: received msgId: ${event.eventId} msgtype: ${event.type} from ${event.senderId}")
+    suspend fun process(event: Event) {
+        Timber.v("## SAS Verification live observer: received msgId: ${event.eventId} msgtype: ${event.getClearType()} from ${event.senderId}")
 
         // If the request is in the future by more than 5 minutes or more than 10 minutes in the past,
         // the message should be ignored by the receiver.
 
-        if (!VerificationService.isValidRequest(event.ageLocalTs
-                        ?: event.originServerTs)) return Unit.also {
-            Timber.d("## SAS Verification live observer: msgId: ${event.eventId} is outdated")
+        if (event.ageLocalTs != null && !VerificationService.isValidRequest(event.ageLocalTs)) return Unit.also {
+            Timber.d("## SAS Verification live observer: msgId: ${event.eventId} is outdated age:$event.ageLocalTs ms")
         }
 
-        // decrypt if needed?
-        if (event.isEncrypted() && event.mxDecryptionResult == null) {
-            // TODO use a global event decryptor? attache to session and that listen to new sessionId?
-            // for now decrypt sync
-            try {
-                val result = eventDecryptor.decryptEvent(event, "")
-                event.mxDecryptionResult = OlmDecryptionResult(
-                        payload = result.clearEvent,
-                        senderKey = result.senderCurve25519Key,
-                        keysClaimed = result.claimedEd25519Key?.let { mapOf("ed25519" to it) },
-                        forwardingCurve25519KeyChain = result.forwardingCurve25519KeyChain
-                )
-            } catch (e: MXCryptoError) {
-                Timber.e("## SAS Failed to decrypt event: ${event.eventId}")
-                verificationService.onPotentiallyInterestingEventRoomFailToDecrypt(event)
-            }
-        }
         Timber.v("## SAS Verification live observer: received msgId: ${event.eventId} type: ${event.getClearType()}")
 
         // Relates to is not encrypted
@@ -101,7 +72,6 @@ internal class VerificationMessageProcessor @Inject constructor(
         if (event.senderId == userId) {
             // If it's send from me, we need to keep track of Requests or Start
             // done from another device of mine
-
             if (EventType.MESSAGE == event.getClearType()) {
                 val msgType = event.getClearContent().toModel<MessageContent>()?.msgType
                 if (MessageType.MSGTYPE_VERIFICATION_REQUEST == msgType) {
@@ -136,6 +106,8 @@ internal class VerificationMessageProcessor @Inject constructor(
                     transactionsHandledByOtherDevice.remove(it)
                     verificationService.onRoomRequestHandledByOtherDevice(event)
                 }
+            } else if (EventType.ENCRYPTED == event.getClearType()) {
+                verificationService.onPotentiallyInterestingEventRoomFailToDecrypt(event)
             }
 
             Timber.v("## SAS Verification ignoring message sent by me: ${event.eventId} type: ${event.getClearType()}")
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
index 49235c5744..b6eba6b3b4 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
@@ -15,14 +15,9 @@
  */
 package org.matrix.android.sdk.internal.crypto.verification
 
-import androidx.lifecycle.Observer
-import androidx.work.BackoffPolicy
-import androidx.work.Data
-import androidx.work.ExistingWorkPolicy
-import androidx.work.Operation
-import androidx.work.WorkInfo
 import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.asCoroutineDispatcher
 import kotlinx.coroutines.launch
 import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
 import org.matrix.android.sdk.api.session.crypto.verification.ValidVerificationInfoRequest
@@ -45,25 +40,25 @@ import org.matrix.android.sdk.api.session.room.model.message.MessageVerification
 import org.matrix.android.sdk.api.session.room.model.relation.RelationDefaultContent
 import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_RECIPROCATE
 import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_SAS
-import org.matrix.android.sdk.internal.di.WorkManagerProvider
+import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
 import org.matrix.android.sdk.internal.session.room.send.LocalEchoEventFactory
-import org.matrix.android.sdk.internal.worker.SessionSafeCoroutineWorker
-import org.matrix.android.sdk.internal.worker.WorkerParamsFactory
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
 import timber.log.Timber
-import java.util.UUID
-import java.util.concurrent.TimeUnit
+import java.util.concurrent.Executors
 
 internal class VerificationTransportRoomMessage(
-        private val workManagerProvider: WorkManagerProvider,
-        private val sessionId: String,
+        private val sendVerificationMessageTask: SendVerificationMessageTask,
         private val userId: String,
         private val userDeviceId: String?,
         private val roomId: String,
         private val localEchoEventFactory: LocalEchoEventFactory,
-        private val tx: DefaultVerificationTransaction?,
-        private val coroutineScope: CoroutineScope
+        private val tx: DefaultVerificationTransaction?
 ) : VerificationTransport {
 
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val verificationSenderScope = CoroutineScope(SupervisorJob() + dispatcher)
+    private val sequencer = SemaphoreCoroutineSequencer()
+
     override fun <T> sendToOther(type: String,
                                  verificationInfo: VerificationInfo<T>,
                                  nextState: VerificationTxState,
@@ -77,68 +72,22 @@ internal class VerificationTransportRoomMessage(
                 content = verificationInfo.toEventContent()!!
         )
 
-        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
-                sessionId = sessionId,
-                eventId = event.eventId ?: ""
-        ))
-        val enqueueInfo = enqueueSendWork(workerParams)
-
-        // I cannot just listen to the given work request, because when used in a uniqueWork,
-        // The callback is called while it is still Running ...
-
-//        Futures.addCallback(enqueueInfo.first.result, object : FutureCallback<Operation.State.SUCCESS> {
-//            override fun onSuccess(result: Operation.State.SUCCESS?) {
-//                if (onDone != null) {
-//                    onDone()
-//                } else {
-//                    tx?.state = nextState
-//                }
-//            }
-//
-//            override fun onFailure(t: Throwable) {
-//                Timber.e("## SAS verification [${tx?.transactionId}] failed to send toDevice in state : ${tx?.state}, reason: ${t.localizedMessage}")
-//                tx?.cancel(onErrorReason)
-//            }
-//        }, listenerExecutor)
-
-        val workLiveData = workManagerProvider.workManager
-                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
-
-        val observer = object : Observer<List<WorkInfo>> {
-            override fun onChanged(workInfoList: List<WorkInfo>?) {
-                workInfoList
-                        ?.firstOrNull { it.id == enqueueInfo.second }
-                        ?.let { wInfo ->
-                            when (wInfo.state) {
-                                WorkInfo.State.FAILED    -> {
-                                    tx?.cancel(onErrorReason)
-                                    workLiveData.removeObserver(this)
-                                }
-                                WorkInfo.State.SUCCEEDED -> {
-                                    if (SessionSafeCoroutineWorker.hasFailed(wInfo.outputData)) {
-                                        Timber.e("## SAS verification [${tx?.transactionId}] failed to send verification message in state : ${tx?.state}")
-                                        tx?.cancel(onErrorReason)
-                                    } else {
-                                        if (onDone != null) {
-                                            onDone()
-                                        } else {
-                                            tx?.state = nextState
-                                        }
-                                    }
-                                    workLiveData.removeObserver(this)
-                                }
-                                else                     -> {
-                                    // nop
-                                }
-                            }
-                        }
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                    // Do I need to update local echo state to sent?
+                    if (onDone != null) {
+                        onDone()
+                    } else {
+                        tx?.state = nextState
+                    }
+                } catch (failure: Throwable) {
+                    tx?.cancel(onErrorReason)
+                }
             }
         }
-
-        // TODO listen to DB to get synced info
-        coroutineScope.launch(Dispatchers.Main) {
-            workLiveData.observeForever(observer)
-        }
     }
 
     override fun sendVerificationRequest(supportedMethods: List<String>,
@@ -169,58 +118,24 @@ internal class VerificationTransportRoomMessage(
         val content = info.toContent()
 
         val event = createEventAndLocalEcho(
-                localId,
-                EventType.MESSAGE,
-                roomId,
-                content
+                localId = localId,
+                type = EventType.MESSAGE,
+                roomId = roomId,
+                content = content
         )
 
-        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
-                sessionId = sessionId,
-                eventId = event.eventId ?: ""
-        ))
-
-        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
-                .setConstraints(WorkManagerProvider.workConstraints)
-                .setInputData(workerParams)
-                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
-                .build()
-
-        workManagerProvider.workManager
-                .beginUniqueWork("${roomId}_VerificationWork", ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
-                .enqueue()
-
-        // I cannot just listen to the given work request, because when used in a uniqueWork,
-        // The callback is called while it is still Running ...
-
-        val workLiveData = workManagerProvider.workManager
-                .getWorkInfosForUniqueWorkLiveData("${roomId}_VerificationWork")
-
-        val observer = object : Observer<List<WorkInfo>> {
-            override fun onChanged(workInfoList: List<WorkInfo>?) {
-                workInfoList
-                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
-                        ?.firstOrNull { it.id == workRequest.id }
-                        ?.let { wInfo ->
-                            if (SessionSafeCoroutineWorker.hasFailed(wInfo.outputData)) {
-                                callback(null, null)
-                            } else {
-                                val eventId = wInfo.outputData.getString(localId)
-                                if (eventId != null) {
-                                    callback(eventId, validInfo)
-                                } else {
-                                    callback(null, null)
-                                }
-                            }
-                            workLiveData.removeObserver(this)
-                        }
+        verificationSenderScope.launch {
+            val params = SendVerificationMessageTask.Params(event)
+            sequencer.post {
+                try {
+                    val eventId = sendVerificationMessageTask.executeRetry(params, 5)
+                    // Do I need to update local echo state to sent?
+                    callback(eventId, validInfo)
+                } catch (failure: Throwable) {
+                    callback(null, null)
+                }
             }
         }
-
-        // TODO listen to DB to get synced info
-        coroutineScope.launch(Dispatchers.Main) {
-            workLiveData.observeForever(observer)
-        }
     }
 
     override fun cancelTransaction(transactionId: String, otherUserId: String, otherUserDeviceId: String?, code: CancelCode) {
@@ -230,11 +145,17 @@ internal class VerificationTransportRoomMessage(
                 roomId = roomId,
                 content = MessageVerificationCancelContent.create(transactionId, code).toContent()
         )
-        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
-                sessionId = sessionId,
-                eventId = event.eventId ?: ""
-        ))
-        enqueueSendWork(workerParams)
+
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                } catch (failure: Throwable) {
+                    Timber.w("")
+                }
+            }
+        }
     }
 
     override fun done(transactionId: String,
@@ -250,44 +171,56 @@ internal class VerificationTransportRoomMessage(
                         )
                 ).toContent()
         )
-        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
-                sessionId = sessionId,
-                eventId = event.eventId ?: ""
-        ))
-        val enqueueInfo = enqueueSendWork(workerParams)
-
-        val workLiveData = workManagerProvider.workManager
-                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
-        val observer = object : Observer<List<WorkInfo>> {
-            override fun onChanged(workInfoList: List<WorkInfo>?) {
-                workInfoList
-                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
-                        ?.firstOrNull { it.id == enqueueInfo.second }
-                        ?.let { _ ->
-                            onDone?.invoke()
-                            workLiveData.removeObserver(this)
-                        }
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                } catch (failure: Throwable) {
+                    Timber.w("")
+                } finally {
+                    onDone?.invoke()
+                }
             }
         }
-
-        // TODO listen to DB to get synced info
-        coroutineScope.launch(Dispatchers.Main) {
-            workLiveData.observeForever(observer)
-        }
+//        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
+//                sessionId = sessionId,
+//                eventId = event.eventId ?: ""
+//        ))
+//        val enqueueInfo = enqueueSendWork(workerParams)
+//
+//        val workLiveData = workManagerProvider.workManager
+//                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
+//        val observer = object : Observer<List<WorkInfo>> {
+//            override fun onChanged(workInfoList: List<WorkInfo>?) {
+//                workInfoList
+//                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
+//                        ?.firstOrNull { it.id == enqueueInfo.second }
+//                        ?.let { _ ->
+//                            onDone?.invoke()
+//                            workLiveData.removeObserver(this)
+//                        }
+//            }
+//        }
+//
+//        // TODO listen to DB to get synced info
+//        coroutineScope.launch(Dispatchers.Main) {
+//            workLiveData.observeForever(observer)
+//        }
     }
 
-    private fun enqueueSendWork(workerParams: Data): Pair<Operation, UUID> {
-        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
-                .setConstraints(WorkManagerProvider.workConstraints)
-                .setInputData(workerParams)
-                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
-                .build()
-        return workManagerProvider.workManager
-                .beginUniqueWork(uniqueQueueName(), ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
-                .enqueue() to workRequest.id
-    }
+//    private fun enqueueSendWork(workerParams: Data): Pair<Operation, UUID> {
+//        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
+//                .setConstraints(WorkManagerProvider.workConstraints)
+//                .setInputData(workerParams)
+//                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
+//                .build()
+//        return workManagerProvider.workManager
+//                .beginUniqueWork(uniqueQueueName(), ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
+//                .enqueue() to workRequest.id
+//    }
 
-    private fun uniqueQueueName() = "${roomId}_VerificationWork"
+//    private fun uniqueQueueName() = "${roomId}_VerificationWork"
 
     override fun createAccept(tid: String,
                               keyAgreementProtocol: String,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt
index f89127273b..efbdd9c175 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt
@@ -16,34 +16,28 @@
 
 package org.matrix.android.sdk.internal.crypto.verification
 
+import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
 import org.matrix.android.sdk.internal.di.DeviceId
-import org.matrix.android.sdk.internal.di.SessionId
 import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.android.sdk.internal.di.WorkManagerProvider
 import org.matrix.android.sdk.internal.session.room.send.LocalEchoEventFactory
-import org.matrix.android.sdk.internal.task.TaskExecutor
 import javax.inject.Inject
 
 internal class VerificationTransportRoomMessageFactory @Inject constructor(
-        private val workManagerProvider: WorkManagerProvider,
-        @SessionId
-        private val sessionId: String,
+        private val sendVerificationMessageTask: SendVerificationMessageTask,
         @UserId
         private val userId: String,
         @DeviceId
         private val deviceId: String?,
-        private val localEchoEventFactory: LocalEchoEventFactory,
-        private val taskExecutor: TaskExecutor
+        private val localEchoEventFactory: LocalEchoEventFactory
 ) {
 
     fun createTransport(roomId: String, tx: DefaultVerificationTransaction?): VerificationTransportRoomMessage {
-        return VerificationTransportRoomMessage(workManagerProvider,
-                sessionId,
-                userId,
-                deviceId,
-                roomId,
-                localEchoEventFactory,
-                tx,
-                taskExecutor.executorScope)
+        return VerificationTransportRoomMessage(
+                sendVerificationMessageTask = sendVerificationMessageTask,
+                userId = userId,
+                userDeviceId = deviceId,
+                roomId = roomId,
+                localEchoEventFactory = localEchoEventFactory,
+                tx = tx)
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt
index 4c1a06f1c7..e1e4f7fd50 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionComponent.kt
@@ -23,7 +23,6 @@ import org.matrix.android.sdk.api.auth.data.SessionParams
 import org.matrix.android.sdk.api.session.Session
 import org.matrix.android.sdk.internal.crypto.CryptoModule
 import org.matrix.android.sdk.internal.crypto.crosssigning.UpdateTrustWorker
-import org.matrix.android.sdk.internal.crypto.verification.SendVerificationMessageWorker
 import org.matrix.android.sdk.internal.di.MatrixComponent
 import org.matrix.android.sdk.internal.federation.FederationModule
 import org.matrix.android.sdk.internal.network.NetworkConnectivityChecker
@@ -129,8 +128,6 @@ internal interface SessionComponent {
 
     fun inject(worker: AddPusherWorker)
 
-    fun inject(worker: SendVerificationMessageWorker)
-
     fun inject(worker: UpdateTrustWorker)
 
     @Component.Factory
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt
index 0aae9f3105..7ceb89e892 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/SessionModule.kt
@@ -49,7 +49,6 @@ import org.matrix.android.sdk.api.util.md5
 import org.matrix.android.sdk.internal.crypto.secrets.DefaultSharedSecretStorageService
 import org.matrix.android.sdk.internal.crypto.tasks.DefaultRedactEventTask
 import org.matrix.android.sdk.internal.crypto.tasks.RedactEventTask
-import org.matrix.android.sdk.internal.crypto.verification.VerificationMessageProcessor
 import org.matrix.android.sdk.internal.database.EventInsertLiveObserver
 import org.matrix.android.sdk.internal.database.RealmSessionProvider
 import org.matrix.android.sdk.internal.database.SessionRealmConfigurationFactory
@@ -318,10 +317,6 @@ internal abstract class SessionModule {
     @IntoSet
     abstract fun bindRoomCreateEventProcessor(processor: RoomCreateEventProcessor): EventInsertLiveProcessor
 
-    @Binds
-    @IntoSet
-    abstract fun bindVerificationMessageProcessor(processor: VerificationMessageProcessor): EventInsertLiveProcessor
-
     @Binds
     @IntoSet
     abstract fun bindCallEventProcessor(processor: CallEventProcessor): EventInsertLiveProcessor
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/room/RoomSyncHandler.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/room/RoomSyncHandler.kt
index afd8e1bb99..18cc420e1a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/room/RoomSyncHandler.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/sync/handler/room/RoomSyncHandler.kt
@@ -378,7 +378,10 @@ internal class RoomSyncHandler @Inject constructor(private val readReceiptHandle
         val roomMemberContentsByUser = HashMap<String, RoomMemberContent?>()
 
         val optimizedThreadSummaryMap = hashMapOf<String, EventEntity>()
-        for (event in eventList) {
+        for (rawEvent in eventList) {
+            // It's annoying roomId is not there, but lot of code rely on it.
+            // And had to do it now as copy would delete all decryption results..
+            val event = rawEvent.copy(roomId = roomId)
             if (event.eventId == null || event.senderId == null || event.type == null) {
                 continue
             }
@@ -445,7 +448,7 @@ internal class RoomSyncHandler @Inject constructor(private val readReceiptHandle
                 }
             }
             // Give info to crypto module
-            cryptoService.onLiveEvent(roomEntity.roomId, event)
+            cryptoService.onLiveEvent(roomEntity.roomId, event, isInitialSync)
 
             // Try to remove local echo
             event.unsignedData?.transactionId?.also {
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt
index 94dd36114b..8e5576d2ce 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/worker/MatrixWorkerFactory.kt
@@ -23,7 +23,6 @@ import androidx.work.WorkerFactory
 import androidx.work.WorkerParameters
 import org.matrix.android.sdk.internal.SessionManager
 import org.matrix.android.sdk.internal.crypto.crosssigning.UpdateTrustWorker
-import org.matrix.android.sdk.internal.crypto.verification.SendVerificationMessageWorker
 import org.matrix.android.sdk.internal.di.MatrixScope
 import org.matrix.android.sdk.internal.session.content.UploadContentWorker
 import org.matrix.android.sdk.internal.session.group.GetGroupDataWorker
@@ -61,8 +60,6 @@ internal class MatrixWorkerFactory @Inject constructor(private val sessionManage
                 RedactEventWorker(appContext, workerParameters, sessionManager)
             SendEventWorker::class.java.name                      ->
                 SendEventWorker(appContext, workerParameters, sessionManager)
-            SendVerificationMessageWorker::class.java.name        ->
-                SendVerificationMessageWorker(appContext, workerParameters, sessionManager)
             SyncWorker::class.java.name                           ->
                 SyncWorker(appContext, workerParameters, sessionManager)
             UpdateTrustWorker::class.java.name                    ->

From a60171ce29c553c61d0a8a2d5aaa046efa28eb79 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 15 Apr 2022 10:11:48 +0200
Subject: [PATCH 12/27] Reactivate withheld and verification tests

---
 .../android/sdk/common/CryptoTestHelper.kt    | 57 ++++++++++++-------
 .../crypto/gossiping/WithHeldTests.kt         | 23 +++++---
 .../verification/qrcode/VerificationTest.kt   |  2 -
 .../internal/crypto/DefaultCryptoService.kt   |  8 ---
 .../sdk/internal/crypto/OutgoingKeyRequest.kt |  1 -
 .../internal/crypto/OutgoingSecretRequest.kt  |  1 -
 .../PerSessionBackupQueryRateLimiter.kt       |  8 +--
 .../internal/crypto/RoomEncryptorsStore.kt    |  2 +
 .../sdk/internal/crypto/SecretShareManager.kt | 10 ++--
 .../DefaultCrossSigningService.kt             |  1 -
 .../keysbackup/DefaultKeysBackupService.kt    | 11 +++-
 .../sdk/internal/crypto/model/AuditTrail.kt   |  2 +-
 .../store/db/migration/MigrateCryptoTo016.kt  |  2 +-
 .../db/model/OutgoingKeyRequestEntity.kt      |  2 +-
 .../DefaultQrCodeVerificationTransaction.kt   |  1 +
 .../crypto/keysrequest/KeyRequestHandler.kt   |  9 +--
 16 files changed, 76 insertions(+), 64 deletions(-)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
index ffcae5ad01..84bf9c06ee 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
@@ -366,29 +366,37 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
         assertTrue(alice.cryptoService().crossSigningService().canCrossSign())
         assertTrue(bob.cryptoService().crossSigningService().canCrossSign())
 
-        val requestID = UUID.randomUUID().toString()
         val aliceVerificationService = alice.cryptoService().verificationService()
         val bobVerificationService = bob.cryptoService().verificationService()
 
-        aliceVerificationService.beginKeyVerificationInDMs(
-                VerificationMethod.SAS,
-                requestID,
-                roomId,
-                bob.myUserId,
-                bob.sessionParams.credentials.deviceId!!
-        )
+        val localId = UUID.randomUUID().toString()
+        aliceVerificationService.requestKeyVerificationInDMs(
+                localId = localId,
+                methods = listOf(VerificationMethod.SAS, VerificationMethod.QR_CODE_SCAN, VerificationMethod.QR_CODE_SHOW),
+                otherUserId = bob.myUserId,
+                roomId = roomId
+        ).transactionId
 
-        // we should reach SHOW SAS on both
-        var alicePovTx: OutgoingSasVerificationTransaction? = null
-        var bobPovTx: IncomingSasVerificationTransaction? = null
-
-        // wait for alice to get the ready
         testHelper.waitWithLatch {
             testHelper.retryPeriodicallyWithLatch(it) {
-                bobPovTx = bobVerificationService.getExistingTransaction(alice.myUserId, requestID) as? IncomingSasVerificationTransaction
-                Log.v("TEST", "== bobPovTx is ${alicePovTx?.uxState}")
-                if (bobPovTx?.state == VerificationTxState.OnStarted) {
-                    bobPovTx?.performAccept()
+                    bobVerificationService.getExistingVerificationRequests(alice.myUserId).firstOrNull {
+                        it.requestInfo?.fromDevice == alice.sessionParams.deviceId
+                    } != null
+            }
+        }
+        val incomingRequest = bobVerificationService.getExistingVerificationRequests(alice.myUserId).first {
+            it.requestInfo?.fromDevice == alice.sessionParams.deviceId
+        }
+        bobVerificationService.readyPendingVerification(listOf(VerificationMethod.SAS), alice.myUserId, incomingRequest.transactionId!!)
+
+        var requestID: String? = null
+        // wait for it to be readied
+        testHelper.waitWithLatch {
+            testHelper.retryPeriodicallyWithLatch(it) {
+                val outgoingRequest = aliceVerificationService.getExistingVerificationRequests(bob.myUserId)
+                        .firstOrNull { it.localId == localId }
+                if (outgoingRequest?.isReady == true) {
+                    requestID = outgoingRequest.transactionId!!
                     true
                 } else {
                     false
@@ -396,9 +404,20 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
             }
         }
 
+        aliceVerificationService.beginKeyVerificationInDMs(
+                VerificationMethod.SAS,
+                requestID!!,
+                roomId,
+                bob.myUserId,
+                bob.sessionParams.credentials.deviceId!!)
+
+        // we should reach SHOW SAS on both
+        var alicePovTx: OutgoingSasVerificationTransaction? = null
+        var bobPovTx: IncomingSasVerificationTransaction? = null
+
         testHelper.waitWithLatch {
             testHelper.retryPeriodicallyWithLatch(it) {
-                alicePovTx = aliceVerificationService.getExistingTransaction(bob.myUserId, requestID) as? OutgoingSasVerificationTransaction
+                alicePovTx = aliceVerificationService.getExistingTransaction(bob.myUserId, requestID!!) as? OutgoingSasVerificationTransaction
                 Log.v("TEST", "== alicePovTx is ${alicePovTx?.uxState}")
                 alicePovTx?.state == VerificationTxState.ShortCodeReady
             }
@@ -406,7 +425,7 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
         // wait for alice to get the ready
         testHelper.waitWithLatch {
             testHelper.retryPeriodicallyWithLatch(it) {
-                bobPovTx = bobVerificationService.getExistingTransaction(alice.myUserId, requestID) as? IncomingSasVerificationTransaction
+                bobPovTx = bobVerificationService.getExistingTransaction(alice.myUserId, requestID!!) as? IncomingSasVerificationTransaction
                 Log.v("TEST", "== bobPovTx is ${alicePovTx?.uxState}")
                 if (bobPovTx?.state == VerificationTxState.OnStarted) {
                     bobPovTx?.performAccept()
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
index 8f906c56a7..d799bf7a7c 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
@@ -21,7 +21,6 @@ import androidx.test.ext.junit.runners.AndroidJUnit4
 import androidx.test.filters.LargeTest
 import org.junit.Assert
 import org.junit.FixMethodOrder
-import org.junit.Ignore
 import org.junit.Test
 import org.junit.runner.RunWith
 import org.junit.runners.MethodSorters
@@ -45,12 +44,11 @@ import org.matrix.android.sdk.common.TestConstants
 @LargeTest
 class WithHeldTests : InstrumentedTest {
 
-    private val testHelper = CommonTestHelper(context())
-    private val cryptoTestHelper = CryptoTestHelper(testHelper)
-
     @Test
-    @Ignore("This test will be ignored until it is fixed")
     fun test_WithHeldUnverifiedReason() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         // =============================
         // ARRANGE
         // =============================
@@ -138,8 +136,10 @@ class WithHeldTests : InstrumentedTest {
     }
 
     @Test
-    @Ignore("This test will be ignored until it is fixed")
-    fun test_WithHeldNoOlm() {
+    fun  test_WithHeldNoOlm() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom()
         val aliceSession = testData.firstSession
         val bobSession = testData.secondSession!!
@@ -211,8 +211,10 @@ class WithHeldTests : InstrumentedTest {
     }
 
     @Test
-    @Ignore("This test will be ignored until it is fixed")
-    fun test_WithHeldKeyRequest() {
+    fun  test_WithHeldKeyRequest() {
+        val testHelper = CommonTestHelper(context())
+        val cryptoTestHelper = CryptoTestHelper(testHelper)
+
         val testData = cryptoTestHelper.doE2ETestWithAliceAndBobInARoom()
         val aliceSession = testData.firstSession
         val bobSession = testData.secondSession!!
@@ -258,5 +260,8 @@ class WithHeldTests : InstrumentedTest {
                 wc?.code == WithHeldCode.UNAUTHORISED
             }
         }
+
+        testHelper.signOutAndClose(aliceSession)
+        testHelper.signOutAndClose(bobSecondSession)
     }
 }
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/VerificationTest.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/VerificationTest.kt
index 374d709505..e757f9b60f 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/VerificationTest.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/VerificationTest.kt
@@ -19,7 +19,6 @@ package org.matrix.android.sdk.internal.crypto.verification.qrcode
 import androidx.test.ext.junit.runners.AndroidJUnit4
 import org.amshove.kluent.shouldBe
 import org.junit.FixMethodOrder
-import org.junit.Ignore
 import org.junit.Test
 import org.junit.runner.RunWith
 import org.junit.runners.MethodSorters
@@ -40,7 +39,6 @@ import kotlin.coroutines.resume
 
 @RunWith(AndroidJUnit4::class)
 @FixMethodOrder(MethodSorters.JVM)
-@Ignore("This test is flaky ; see issue #5449")
 class VerificationTest : InstrumentedTest {
 
     data class ExpectedResult(
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index dbe9880111..0b7b8036e3 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -57,12 +57,10 @@ import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
 import org.matrix.android.sdk.api.session.events.model.Content
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.toModel
@@ -81,13 +79,7 @@ import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningSe
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
 import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
-import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.internal.crypto.model.TrailType
-import org.matrix.android.sdk.internal.crypto.model.event.RoomKeyContent
-import org.matrix.android.sdk.internal.crypto.model.event.RoomKeyWithHeldContent
-import org.matrix.android.sdk.internal.crypto.model.rest.DeviceInfo
-import org.matrix.android.sdk.internal.crypto.model.rest.DevicesListResponse
-import org.matrix.android.sdk.internal.crypto.model.rest.RoomKeyShareRequest
 import org.matrix.android.sdk.internal.crypto.model.toRest
 import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
index 95148513ac..e96f8079d2 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
@@ -16,7 +16,6 @@
 
 package org.matrix.android.sdk.internal.crypto
 
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
index 27ab1ca542..20add23666 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
@@ -17,7 +17,6 @@
 package org.matrix.android.sdk.internal.crypto
 
 import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 
 /**
  * Represents an outgoing room key request
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
index daf69f892d..8e0def5b76 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
@@ -20,12 +20,12 @@ import dagger.Lazy
 import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
 import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersionResult
+import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
+import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
+import org.matrix.android.sdk.api.util.awaitCallback
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
-import org.matrix.android.sdk.internal.crypto.keysbackup.model.rest.KeysVersionResult
-import org.matrix.android.sdk.internal.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.store.SavedKeyBackupKeyInfo
-import org.matrix.android.sdk.internal.util.awaitCallback
 import timber.log.Timber
 import javax.inject.Inject
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
index 169bfca4e1..58378e556a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
@@ -16,6 +16,8 @@
 
 package org.matrix.android.sdk.internal.crypto
 
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_OLM
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
 import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
 import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
index 1905c540ef..1bdf18b272 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
@@ -28,17 +28,17 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_S
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
 import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
 import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.util.toBase64NoPadding
 import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
 import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
-import org.matrix.android.sdk.internal.crypto.crosssigning.toBase64NoPadding
-import org.matrix.android.sdk.internal.crypto.keysbackup.util.extractCurveKeyFromRecoveryKey
-import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.internal.crypto.model.event.SecretSendEventContent
-import org.matrix.android.sdk.internal.crypto.model.rest.SecretShareRequest
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
 import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
index 18e1608f95..20fcf70e18 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/crosssigning/DefaultCrossSigningService.kt
@@ -39,7 +39,6 @@ import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.internal.crypto.DeviceListManager
 import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
-import org.matrix.android.sdk.internal.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.internal.crypto.model.rest.UploadSignatureQueryBuilder
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.InitializeCrossSigningTask
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
index 778bdb9849..107a3337b0 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/keysbackup/DefaultKeysBackupService.kt
@@ -590,9 +590,14 @@ internal class DefaultKeysBackupService @Inject constructor(
 
         cryptoCoroutineScope.launch(coroutineDispatchers.io) {
             try {
-                when (val keysBackupLastVersionResult = getKeysBackupLastVersionTask.execute(Unit)) {
-                    KeysBackupLastVersionResult.NoKeysBackup  -> {
-                        Timber.d("No keys backup found")
+                val keysBackupVersion = getKeysBackupLastVersionTask.execute(Unit).toKeysVersionResult()
+                        ?: return@launch Unit.also {
+                            Timber.d("Failed to get backup last version")
+                        }
+                val recoveryKey = computeRecoveryKey(secret.fromBase64())
+                if (isValidRecoveryKeyForKeysBackupVersion(recoveryKey, keysBackupVersion)) {
+                    awaitCallback<Unit> {
+                        trustKeysBackupVersion(keysBackupVersion, true, it)
                     }
                     // we don't want to start immediately downloading all as it can take very long
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
index dece891439..dcf01e6342 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
@@ -17,7 +17,7 @@
 package org.matrix.android.sdk.internal.crypto.model
 
 import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.internal.crypto.model.event.WithHeldCode
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 
 enum class TrailType {
     OutgoingKeyForward,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index 3b2a08dba3..8d79ba3075 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -23,7 +23,7 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEnti
 import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
 import org.matrix.android.sdk.internal.util.database.RealmMigrator
 
-class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
+internal class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
 
     override fun doMigrate(realm: DynamicRealm) {
         realm.schema.remove("OutgoingGossipingRequestEntity")
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
index 6ff93b0224..ee8785ea6b 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
@@ -22,13 +22,13 @@ import io.realm.RealmList
 import io.realm.RealmObject
 import io.realm.annotations.Index
 import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.session.crypto.model.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.internal.crypto.RequestReply
 import org.matrix.android.sdk.internal.crypto.RequestResult
 import org.matrix.android.sdk.internal.di.MoshiProvider
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
index ba434444bf..e40cd46455 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/qrcode/DefaultQrCodeVerificationTransaction.kt
@@ -21,6 +21,7 @@ import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
 import org.matrix.android.sdk.api.session.crypto.verification.QrCodeVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
 import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.SecretShareManager
 import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
diff --git a/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt b/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
index 4f40916825..034c667aac 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/keysrequest/KeyRequestHandler.kt
@@ -30,20 +30,13 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRequestCancellation
 import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.IncomingSecretShareRequest
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
 import org.matrix.android.sdk.api.session.crypto.verification.SasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationService
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
-import org.matrix.android.sdk.internal.crypto.IncomingRoomKeyRequest
-import org.matrix.android.sdk.internal.crypto.crosssigning.DeviceTrustLevel
-import org.matrix.android.sdk.internal.crypto.model.CryptoDeviceInfo
-import org.matrix.android.sdk.internal.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.internal.crypto.model.rest.DeviceInfo
-import org.matrix.android.sdk.internal.crypto.model.rest.SecretShareRequest
 import timber.log.Timber
 import javax.inject.Inject
 import javax.inject.Singleton

From 3f5f2dc0f1c1bf4585019159b5d6713ee577d51a Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 15 Apr 2022 16:42:15 +0200
Subject: [PATCH 13/27] Fix tests

---
 .../sdk/internal/crypto/E2eeSanityTests.kt    |  7 +++---
 .../crypto/gossiping/WithHeldTests.kt         | 25 +++++++++++++++----
 2 files changed, 23 insertions(+), 9 deletions(-)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index fe7c17636b..e13dbd5c6f 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -484,7 +484,7 @@ class E2eeSanityTests : InstrumentedTest {
 
         // check that new bob can't currently decrypt
         Log.v("#E2E TEST", "check that new bob can't currently decrypt")
-        cryptoTestHelper.ensureCannotDecrypt(listOf(firstEventId), newBobSession, e2eRoomID, MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID)
+        cryptoTestHelper.ensureCannotDecrypt(listOf(firstEventId), newBobSession, e2eRoomID, null)
 
         // Now let alice send a new message. this time the new bob session will be able to decrypt
         var secondEventId: String
@@ -518,9 +518,8 @@ class E2eeSanityTests : InstrumentedTest {
             try {
                 newBobSession.cryptoService().decryptEvent(firstEventNewBobPov.root, "")
                 fail("Should not be able to decrypt event")
-            } catch (error: MXCryptoError) {
-                val errorType = (error as? MXCryptoError.Base)?.errorType
-                assertEquals(MXCryptoError.ErrorType.UNKNOWN_MESSAGE_INDEX, errorType)
+            } catch (_: MXCryptoError) {
+
             }
         }
 
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
index d799bf7a7c..fc26f132a1 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
@@ -38,6 +38,7 @@ import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.MockOkHttpInterceptor
 import org.matrix.android.sdk.common.SessionTestParams
 import org.matrix.android.sdk.common.TestConstants
+import org.matrix.android.sdk.internal.crypto.RequestResult
 
 @RunWith(AndroidJUnit4::class)
 @FixMethodOrder(MethodSorters.JVM)
@@ -66,7 +67,6 @@ class WithHeldTests : InstrumentedTest {
         val roomAlicePOV = aliceSession.getRoom(roomId)!!
 
         val bobUnverifiedSession = testHelper.logIntoAccount(bobSession.myUserId, SessionTestParams(true))
-
         // =============================
         // ACT
         // =============================
@@ -85,6 +85,7 @@ class WithHeldTests : InstrumentedTest {
 
         val eventBobPOV = bobUnverifiedSession.getRoom(roomId)?.getTimelineEvent(timelineEvent.eventId)!!
 
+        val megolmSessionId = eventBobPOV.root.content.toModel<EncryptedEventContent>()!!.sessionId!!
         // =============================
         // ASSERT
         // =============================
@@ -100,9 +101,23 @@ class WithHeldTests : InstrumentedTest {
             val type = (failure as MXCryptoError.Base).errorType
             val technicalMessage = failure.technicalMessage
             Assert.assertEquals("Error should be withheld", MXCryptoError.ErrorType.KEYS_WITHHELD, type)
-            Assert.assertEquals("Cause should be unverified", WithHeldCode.UNVERIFIED.value, technicalMessage)
+            Assert.assertEquals("Cause should be unverified", WithHeldCode.UNAUTHORISED.value, technicalMessage)
         }
 
+        // Let's see if the reply we got from bob first session is unverified
+        testHelper.waitWithLatch { latch ->
+            testHelper.retryPeriodicallyWithLatch(latch) {
+                bobUnverifiedSession.cryptoService().getOutgoingRoomKeyRequests()
+                        .firstOrNull { it.sessionId == megolmSessionId }
+                        ?.results
+                        ?.firstOrNull { it.fromDevice == bobSession.sessionParams.deviceId }
+                        ?.result
+                        ?.let {
+                           it as? RequestResult.Failure
+                        }
+                        ?.code == WithHeldCode.UNVERIFIED
+            }
+        }
         // enable back sending to unverified
         aliceSession.cryptoService().setGlobalBlacklistUnverifiedDevices(false)
 
@@ -127,7 +142,7 @@ class WithHeldTests : InstrumentedTest {
             val type = (failure as MXCryptoError.Base).errorType
             val technicalMessage = failure.technicalMessage
             Assert.assertEquals("Error should be withheld", MXCryptoError.ErrorType.KEYS_WITHHELD, type)
-            Assert.assertEquals("Cause should be unverified", WithHeldCode.UNVERIFIED.value, technicalMessage)
+            Assert.assertEquals("Cause should be unverified", WithHeldCode.UNAUTHORISED.value, technicalMessage)
         }
 
         testHelper.signOutAndClose(aliceSession)
@@ -136,7 +151,7 @@ class WithHeldTests : InstrumentedTest {
     }
 
     @Test
-    fun  test_WithHeldNoOlm() {
+    fun test_WithHeldNoOlm() {
         val testHelper = CommonTestHelper(context())
         val cryptoTestHelper = CryptoTestHelper(testHelper)
 
@@ -211,7 +226,7 @@ class WithHeldTests : InstrumentedTest {
     }
 
     @Test
-    fun  test_WithHeldKeyRequest() {
+    fun test_WithHeldKeyRequest() {
         val testHelper = CommonTestHelper(context())
         val cryptoTestHelper = CryptoTestHelper(testHelper)
 

From 631ea50bdeaea55ce80e066f6aa3e8add39999b7 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 15 Apr 2022 19:38:10 +0200
Subject: [PATCH 14/27] Move some crypto classes to API + cleaning

---
 .../sdk/internal/crypto/E2eeSanityTests.kt    |  5 ++---
 .../sdk/internal/crypto/PreShareKeysTest.kt   |  1 -
 .../crypto/gossiping/KeyShareTests.kt         |  2 +-
 .../sdk/api/session/crypto/CryptoService.kt   |  3 +--
 .../session}/crypto/OutgoingKeyRequest.kt     |  2 +-
 .../crypto/OutgoingRoomKeyRequestState.kt     |  4 ++--
 .../session}/crypto/model/AuditTrail.kt       |  2 +-
 .../crypto/model/IncomingRoomKeyRequest.kt    |  4 ----
 .../internal/crypto/DefaultCryptoService.kt   |  5 +++--
 .../crypto/OutgoingGossipingRequest.kt        |  2 ++
 .../crypto/OutgoingKeyRequestManager.kt       |  5 ++++-
 .../internal/crypto/OutgoingSecretRequest.kt  |  1 +
 .../actions/MegolmSessionDataImporter.kt      |  2 +-
 .../algorithms/megolm/MXMegolmDecryption.kt   |  2 +-
 .../internal/crypto/store/IMXCryptoStore.kt   |  8 ++++----
 .../crypto/store/db/RealmCryptoStore.kt       | 20 +++++++++----------
 .../crypto/store/db/model/AuditTrailMapper.kt | 16 +++++++--------
 .../db/model/OutgoingKeyRequestEntity.kt      |  8 ++++----
 .../internal/crypto/tasks/EncryptEventTask.kt |  2 +-
 .../VerificationBottomSheetViewModel.kt       |  1 -
 .../GossipingEventsPaperTrailFragment.kt      |  2 +-
 .../GossipingEventsPaperTrailViewModel.kt     |  2 +-
 .../devtools/GossipingEventsSerializer.kt     |  8 ++++----
 .../GossipingTrailPagedEpoxyController.kt     | 10 ++++------
 .../devtools/KeyRequestListViewModel.kt       |  2 +-
 .../OutgoingKeyRequestPagedController.kt      |  2 +-
 26 files changed, 59 insertions(+), 62 deletions(-)
 rename matrix-sdk-android/src/main/java/org/matrix/android/sdk/{internal => api/session}/crypto/OutgoingKeyRequest.kt (97%)
 rename matrix-sdk-android/src/main/java/org/matrix/android/sdk/{internal => api/session}/crypto/OutgoingRoomKeyRequestState.kt (89%)
 rename matrix-sdk-android/src/main/java/org/matrix/android/sdk/{internal => api/session}/crypto/model/AuditTrail.kt (97%)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index e13dbd5c6f..f82741b8f2 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -33,6 +33,7 @@ import org.matrix.android.sdk.api.session.crypto.MXCryptoError
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersionResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
+import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.session.crypto.verification.IncomingSasVerificationTransaction
 import org.matrix.android.sdk.api.session.crypto.verification.OutgoingSasVerificationTransaction
@@ -42,6 +43,7 @@ import org.matrix.android.sdk.api.session.crypto.verification.VerificationServic
 import org.matrix.android.sdk.api.session.crypto.verification.VerificationTransaction
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.session.getRoom
 import org.matrix.android.sdk.api.session.getRoomSummary
@@ -55,8 +57,6 @@ import org.matrix.android.sdk.common.CommonTestHelper
 import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.SessionTestParams
 import org.matrix.android.sdk.common.TestMatrixCallback
-import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
-import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import java.util.concurrent.CountDownLatch
 
 @RunWith(JUnit4::class)
@@ -519,7 +519,6 @@ class E2eeSanityTests : InstrumentedTest {
                 newBobSession.cryptoService().decryptEvent(firstEventNewBobPov.root, "")
                 fail("Should not be able to decrypt event")
             } catch (_: MXCryptoError) {
-
             }
         }
 
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt
index d4f9d01c4a..bd5ca1d594 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/PreShareKeysTest.kt
@@ -27,7 +27,6 @@ import org.junit.runners.MethodSorters
 import org.matrix.android.sdk.InstrumentedTest
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.api.session.getRoom
 import org.matrix.android.sdk.common.CommonTestHelper
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
index 631b241c6c..14970dd258 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
@@ -30,6 +30,7 @@ import org.junit.Test
 import org.junit.runner.RunWith
 import org.junit.runners.MethodSorters
 import org.matrix.android.sdk.InstrumentedTest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
@@ -42,7 +43,6 @@ import org.matrix.android.sdk.common.CommonTestHelper
 import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.SessionTestParams
 import org.matrix.android.sdk.common.TestConstants
-import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.internal.crypto.RequestResult
 
 @RunWith(AndroidJUnit4::class)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
index 5a2d8702be..b8c08d23dc 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/CryptoService.kt
@@ -26,6 +26,7 @@ import org.matrix.android.sdk.api.session.crypto.crosssigning.CrossSigningServic
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysBackupService
 import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DevicesListResponse
@@ -39,8 +40,6 @@ import org.matrix.android.sdk.api.session.crypto.verification.VerificationServic
 import org.matrix.android.sdk.api.session.events.model.Content
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 
 interface CryptoService {
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/OutgoingKeyRequest.kt
similarity index 97%
rename from matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
rename to matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/OutgoingKeyRequest.kt
index e96f8079d2..855f17a34f 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/OutgoingKeyRequest.kt
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.matrix.android.sdk.internal.crypto
+package org.matrix.android.sdk.api.session.crypto
 
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingRoomKeyRequestState.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/OutgoingRoomKeyRequestState.kt
similarity index 89%
rename from matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingRoomKeyRequestState.kt
rename to matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/OutgoingRoomKeyRequestState.kt
index 98019200d0..6e80bdc133 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingRoomKeyRequestState.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/OutgoingRoomKeyRequestState.kt
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.matrix.android.sdk.internal.crypto
+package org.matrix.android.sdk.api.session.crypto
 
 enum class OutgoingRoomKeyRequestState {
     UNSENT,
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
similarity index 97%
rename from matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
rename to matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
index dcf01e6342..6100c19118 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/model/AuditTrail.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.matrix.android.sdk.internal.crypto.model
+package org.matrix.android.sdk.api.session.crypto.model
 
 import com.squareup.moshi.JsonClass
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
index c5d8f5f285..ed8fa91408 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
@@ -16,10 +16,6 @@
 
 package org.matrix.android.sdk.api.session.crypto.model
 
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
-import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
-import org.matrix.android.sdk.internal.crypto.model.TrailType
-
 /**
  * IncomingRoomKeyRequest class defines the incoming room keys request.
  */
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 0b7b8036e3..d969da12b3 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -42,12 +42,14 @@ import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.api.session.crypto.CryptoService
 import org.matrix.android.sdk.api.session.crypto.MXCryptoError
 import org.matrix.android.sdk.api.session.crypto.NewSessionListener
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
 import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DevicesListResponse
@@ -58,6 +60,7 @@ import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResu
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
 import org.matrix.android.sdk.api.session.events.model.Content
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
@@ -77,9 +80,7 @@ import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncrypti
 import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
 import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningService
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
-import org.matrix.android.sdk.internal.crypto.model.TrailType
 import org.matrix.android.sdk.internal.crypto.model.toRest
 import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
index 7f41b50e38..16e520c668 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
@@ -16,6 +16,8 @@
 
 package org.matrix.android.sdk.internal.crypto
 
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
+
 interface OutgoingGossipingRequest {
     var recipients: Map<String, List<String>>
     var requestId: String
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index 47465ceaa5..037c8020d5 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -28,6 +28,8 @@ import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.crypto.MXCryptoConfig
 import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
@@ -229,7 +231,8 @@ internal class OutgoingKeyRequestManager @Inject constructor(
                         }
                         cryptoStore.getUserDeviceList(event.senderId ?: "")
                                 .also { devices ->
-                                    Timber.tag(loggerTag.value).v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
+                                    Timber.tag(loggerTag.value)
+                                            .v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
                                 }
                                 ?.firstOrNull {
                                     it.identityKey() == senderKey
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
index 20add23666..fae7a2f1c4 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
@@ -17,6 +17,7 @@
 package org.matrix.android.sdk.internal.crypto
 
 import com.squareup.moshi.JsonClass
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
 
 /**
  * Represents an outgoing room key request
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
index 7b4df00282..26333cf3ee 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/actions/MegolmSessionDataImporter.kt
@@ -19,8 +19,8 @@ package org.matrix.android.sdk.internal.crypto.actions
 import androidx.annotation.WorkerThread
 import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.listeners.ProgressListener
-import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
 import org.matrix.android.sdk.internal.crypto.MegolmSessionData
 import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 17c15d9d3c..37fb8ba0f9 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -28,9 +28,9 @@ import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventCon
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
 import org.matrix.android.sdk.api.session.events.model.toModel
 import org.matrix.android.sdk.internal.crypto.MXOlmDevice
+import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.algorithms.IMXDecrypting
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequestManager
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.session.StreamEventsManager
 import timber.log.Timber
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
index 438fb53717..d720777ae1 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/IMXCryptoStore.kt
@@ -19,25 +19,25 @@ package org.matrix.android.sdk.internal.crypto.store
 import androidx.lifecycle.LiveData
 import androidx.paging.PagedList
 import org.matrix.android.sdk.api.session.crypto.NewSessionListener
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
 import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
 import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.util.Optional
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
 import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
 import org.matrix.android.sdk.internal.crypto.model.OutboundGroupSessionWrapper
-import org.matrix.android.sdk.internal.crypto.model.TrailType
 import org.matrix.android.sdk.internal.crypto.store.db.model.KeysBackupDataEntity
 import org.matrix.olm.OlmAccount
 import org.matrix.olm.OlmOutboundGroupSession
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index 0b43be8551..2db3dba50d 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -30,29 +30,29 @@ import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.logger.LoggerTag
 import org.matrix.android.sdk.api.session.crypto.NewSessionListener
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
 import org.matrix.android.sdk.api.session.crypto.crosssigning.CryptoCrossSigningKey
 import org.matrix.android.sdk.api.session.crypto.crosssigning.MXCrossSigningInfo
 import org.matrix.android.sdk.api.session.crypto.crosssigning.PrivateKeysInfo
 import org.matrix.android.sdk.api.session.crypto.keysbackup.SavedKeyBackupKeyInfo
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
 import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.ForwardInfo
+import org.matrix.android.sdk.api.session.crypto.model.IncomingKeyRequestInfo
 import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.crypto.model.WithheldInfo
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
 import org.matrix.android.sdk.api.util.Optional
 import org.matrix.android.sdk.api.util.toOptional
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
-import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
-import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
 import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
 import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
 import org.matrix.android.sdk.internal.crypto.model.OutboundGroupSessionWrapper
-import org.matrix.android.sdk.internal.crypto.model.TrailType
-import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.store.db.mapper.CrossSigningKeysMapper
 import org.matrix.android.sdk.internal.crypto.store.db.model.AuditTrailEntity
@@ -275,7 +275,7 @@ internal class RealmCryptoStore @Inject constructor(
             realm.where<DeviceInfoEntity>()
                     .contains(DeviceInfoEntityFields.KEYS_MAP_JSON, identityKey)
                     .findAll()
-                    .mapNotNull { CryptoMapper.mapToModel(it)  }
+                    .mapNotNull { CryptoMapper.mapToModel(it) }
                     .firstOrNull {
                         it.identityKey() == identityKey
                     }
@@ -741,7 +741,7 @@ internal class RealmCryptoStore @Inject constructor(
                 if (sessionIdentifier != null) {
                     val key = OlmInboundGroupSessionEntity.createPrimaryKey(sessionIdentifier, session.senderKey)
 
-                    val existing =  realm.where<OlmInboundGroupSessionEntity>()
+                    val existing = realm.where<OlmInboundGroupSessionEntity>()
                             .equalTo(OlmInboundGroupSessionEntityFields.PRIMARY_KEY, key)
                             .findFirst()
 
@@ -894,7 +894,7 @@ internal class RealmCryptoStore @Inject constructor(
                             sessionIdentifier,
                             olmInboundGroupSessionWrapper.senderKey)
 
-                    val existing =  realm.where<OlmInboundGroupSessionEntity>()
+                    val existing = realm.where<OlmInboundGroupSessionEntity>()
                             .equalTo(OlmInboundGroupSessionEntityFields.PRIMARY_KEY, key)
                             .findFirst()
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
index a89c5599ef..465837bc81 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
@@ -17,12 +17,12 @@
 package org.matrix.android.sdk.internal.crypto.store.db.model
 
 import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.internal.crypto.model.AuditInfo
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
-import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
-import org.matrix.android.sdk.internal.crypto.model.IncomingKeyRequestInfo
-import org.matrix.android.sdk.internal.crypto.model.TrailType
-import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
+import org.matrix.android.sdk.api.session.crypto.model.AuditInfo
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.ForwardInfo
+import org.matrix.android.sdk.api.session.crypto.model.IncomingKeyRequestInfo
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.crypto.model.WithheldInfo
 import org.matrix.android.sdk.internal.di.MoshiProvider
 
 internal object AuditTrailMapper {
@@ -30,7 +30,7 @@ internal object AuditTrailMapper {
     fun map(entity: AuditTrailEntity): AuditTrail? {
         val contentJson = entity.contentJson ?: return null
         return when (entity.type) {
-            TrailType.OutgoingKeyForward.name         -> {
+            TrailType.OutgoingKeyForward.name  -> {
                 val info = tryOrNull {
                     MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).fromJson(contentJson)
                 } ?: return null
@@ -40,7 +40,7 @@ internal object AuditTrailMapper {
                         info = info
                 )
             }
-            TrailType.OutgoingKeyWithheld.name        -> {
+            TrailType.OutgoingKeyWithheld.name -> {
                 val info = tryOrNull {
                     MoshiProvider.providesMoshi().adapter(WithheldInfo::class.java).fromJson(contentJson)
                 } ?: return null
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
index ee8785ea6b..11c2514845 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
@@ -22,15 +22,15 @@ import io.realm.RealmList
 import io.realm.RealmObject
 import io.realm.annotations.Index
 import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.api.session.crypto.RequestReply
+import org.matrix.android.sdk.api.session.crypto.RequestResult
 import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
 import org.matrix.android.sdk.api.session.events.model.Event
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
 import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingRoomKeyRequestState
-import org.matrix.android.sdk.internal.crypto.RequestReply
-import org.matrix.android.sdk.internal.crypto.RequestResult
 import org.matrix.android.sdk.internal.di.MoshiProvider
 
 internal open class OutgoingKeyRequestEntity(
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt
index ba64f0c0a5..394c618968 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/tasks/EncryptEventTask.kt
@@ -15,8 +15,8 @@
  */
 package org.matrix.android.sdk.internal.crypto.tasks
 
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import dagger.Lazy
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
 import org.matrix.android.sdk.api.session.crypto.CryptoService
 import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
 import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
diff --git a/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt b/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
index db94bb61ea..1e14d0a2ed 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
@@ -57,7 +57,6 @@ import org.matrix.android.sdk.api.util.MatrixItem
 import org.matrix.android.sdk.api.util.awaitCallback
 import org.matrix.android.sdk.api.util.fromBase64
 import org.matrix.android.sdk.api.util.toMatrixItem
-
 import timber.log.Timber
 
 data class VerificationBottomSheetViewState(
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
index f99b450cdd..ec4ef26001 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailFragment.kt
@@ -28,7 +28,7 @@ import im.vector.app.core.extensions.configureWith
 import im.vector.app.core.platform.VectorBaseFragment
 import im.vector.app.core.resources.ColorProvider
 import im.vector.app.databinding.FragmentGenericRecyclerBinding
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 import javax.inject.Inject
 
 class GossipingEventsPaperTrailFragment @Inject constructor(
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt
index feec469f80..e7f09b09e0 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsPaperTrailViewModel.kt
@@ -32,7 +32,7 @@ import im.vector.app.core.platform.EmptyAction
 import im.vector.app.core.platform.EmptyViewEvents
 import im.vector.app.core.platform.VectorViewModel
 import org.matrix.android.sdk.api.session.Session
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 
 data class GossipingEventsPaperTrailState(
         val events: Async<PagedList<AuditTrail>> = Uninitialized
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
index 05fc3a570d..b8d82699e6 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingEventsSerializer.kt
@@ -17,10 +17,10 @@
 package im.vector.app.features.settings.devtools
 
 import im.vector.app.core.resources.DateProvider
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
-import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
-import org.matrix.android.sdk.internal.crypto.model.TrailType
-import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.ForwardInfo
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.crypto.model.WithheldInfo
 import org.threeten.bp.format.DateTimeFormatter
 
 class GossipingEventsSerializer {
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
index 1377cad1b8..b6e7a3c88b 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
@@ -25,12 +25,10 @@ import im.vector.app.core.ui.list.GenericItem_
 import im.vector.app.core.utils.createUIHandler
 import im.vector.lib.core.utils.epoxy.charsequence.toEpoxyCharSequence
 import me.gujun.android.span.span
-
-import org.matrix.android.sdk.internal.crypto.model.AuditTrail
-import org.matrix.android.sdk.internal.crypto.model.ForwardInfo
-import org.matrix.android.sdk.internal.crypto.model.TrailType
-import org.matrix.android.sdk.internal.crypto.model.WithheldInfo
-
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.ForwardInfo
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.crypto.model.WithheldInfo
 import javax.inject.Inject
 
 class GossipingTrailPagedEpoxyController @Inject constructor(
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt
index ef2aabd7fe..e0a130a1e6 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/KeyRequestListViewModel.kt
@@ -32,8 +32,8 @@ import im.vector.app.core.platform.EmptyViewEvents
 import im.vector.app.core.platform.VectorViewModel
 import kotlinx.coroutines.launch
 import org.matrix.android.sdk.api.session.Session
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
 import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
 
 data class KeyRequestListViewState(
         val incomingRequests: Async<PagedList<IncomingRoomKeyRequest>> = Uninitialized,
diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt
index e3b31227b6..13ba4a69ac 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/OutgoingKeyRequestPagedController.kt
@@ -22,7 +22,7 @@ import im.vector.app.core.ui.list.GenericItem_
 import im.vector.app.core.utils.createUIHandler
 import im.vector.lib.core.utils.epoxy.charsequence.toEpoxyCharSequence
 import me.gujun.android.span.span
-import org.matrix.android.sdk.internal.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
 import javax.inject.Inject
 
 class OutgoingKeyRequestPagedController @Inject constructor() : PagedListEpoxyController<OutgoingKeyRequest>(

From effbc47bd3bab613e848b2d169183f6e9a064768 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 20 Apr 2022 15:44:00 +0200
Subject: [PATCH 15/27] FIx unit test compilation

---
 .../sdk/internal/crypto/E2eeSanityTests.kt    |   1 +
 .../crypto/gossiping/KeyShareTests.kt         |  17 +-
 .../crypto/gossiping/WithHeldTests.kt         |   2 +-
 .../api/session/crypto/model/AuditTrail.kt    | 152 +++++++++---------
 4 files changed, 89 insertions(+), 83 deletions(-)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index f82741b8f2..6fdcf53478 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -30,6 +30,7 @@ import org.junit.runners.MethodSorters
 import org.matrix.android.sdk.InstrumentedTest
 import org.matrix.android.sdk.api.session.Session
 import org.matrix.android.sdk.api.session.crypto.MXCryptoError
+import org.matrix.android.sdk.api.session.crypto.RequestResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersion
 import org.matrix.android.sdk.api.session.crypto.keysbackup.KeysVersionResult
 import org.matrix.android.sdk.api.session.crypto.keysbackup.MegolmBackupCreationInfo
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
index 14970dd258..bc286a75be 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
@@ -31,6 +31,7 @@ import org.junit.runner.RunWith
 import org.junit.runners.MethodSorters
 import org.matrix.android.sdk.InstrumentedTest
 import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.api.session.crypto.RequestResult
 import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
@@ -43,7 +44,6 @@ import org.matrix.android.sdk.common.CommonTestHelper
 import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.SessionTestParams
 import org.matrix.android.sdk.common.TestConstants
-import org.matrix.android.sdk.internal.crypto.RequestResult
 
 @RunWith(AndroidJUnit4::class)
 @FixMethodOrder(MethodSorters.JVM)
@@ -172,8 +172,10 @@ class KeyShareTests : InstrumentedTest {
         }
 
         // Mark the device as trusted
-        aliceSession.cryptoService().setDeviceVerification(DeviceTrustLevel(crossSigningVerified = false, locallyVerified = true), aliceSession.myUserId,
-                aliceSession2.sessionParams.deviceId ?: "")
+        aliceSession.cryptoService().setDeviceVerification(
+                DeviceTrustLevel(crossSigningVerified = false, locallyVerified = true), aliceSession.myUserId,
+                aliceSession2.sessionParams.deviceId ?: ""
+        )
 
         // Re request
         aliceSession2.cryptoService().reRequestRoomKeyForEvent(receivedEvent.root)
@@ -252,7 +254,8 @@ class KeyShareTests : InstrumentedTest {
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
                 val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
-                val ownDeviceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val ownDeviceReply =
+                        outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
                 ownDeviceReply != null && ownDeviceReply.result is RequestResult.Success
             }
         }
@@ -350,7 +353,8 @@ class KeyShareTests : InstrumentedTest {
                     Log.v("TEST", "=========================")
                 }
                 val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
-                val ownDeviceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val ownDeviceReply =
+                        outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
                 val result = ownDeviceReply?.result
                 result != null && result is RequestResult.Success && result.chainIndex == 0
             }
@@ -455,7 +459,8 @@ class KeyShareTests : InstrumentedTest {
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
                 val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
-                val ownDeviceReply = outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
+                val ownDeviceReply =
+                        outgoing?.results?.firstOrNull { it.userId == aliceSession.myUserId && it.fromDevice == aliceSession.sessionParams.deviceId }
                 val result = ownDeviceReply?.result
                 result != null && result is RequestResult.Success && result.chainIndex == 0
             }
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
index fc26f132a1..63c856d0f1 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
@@ -28,6 +28,7 @@ import org.matrix.android.sdk.InstrumentedTest
 import org.matrix.android.sdk.api.NoOpMatrixCallback
 import org.matrix.android.sdk.api.extensions.tryOrNull
 import org.matrix.android.sdk.api.session.crypto.MXCryptoError
+import org.matrix.android.sdk.api.session.crypto.RequestResult
 import org.matrix.android.sdk.api.session.events.model.EventType
 import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
 import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
@@ -38,7 +39,6 @@ import org.matrix.android.sdk.common.CryptoTestHelper
 import org.matrix.android.sdk.common.MockOkHttpInterceptor
 import org.matrix.android.sdk.common.SessionTestParams
 import org.matrix.android.sdk.common.TestConstants
-import org.matrix.android.sdk.internal.crypto.RequestResult
 
 @RunWith(AndroidJUnit4::class)
 @FixMethodOrder(MethodSorters.JVM)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
index 6100c19118..c479ee8146 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
@@ -1,76 +1,76 @@
-/*
- * Copyright 2022 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.api.session.crypto.model
-
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
-
-enum class TrailType {
-    OutgoingKeyForward,
-    IncomingKeyForward,
-    OutgoingKeyWithheld,
-    IncomingKeyRequest,
-    Unknown
-}
-
-interface AuditInfo {
-    val roomId: String
-    val sessionId: String
-    val senderKey: String
-    val alg: String
-    val userId: String
-    val deviceId: String
-}
-
-@JsonClass(generateAdapter = true)
-data class ForwardInfo(
-        override val roomId: String,
-        override val sessionId: String,
-        override val senderKey: String,
-        override val alg: String,
-        override val userId: String,
-        override val deviceId: String,
-        val chainIndex: Long?
-) : AuditInfo
-
-@JsonClass(generateAdapter = true)
-data class WithheldInfo(
-        override val roomId: String,
-        override val sessionId: String,
-        override val senderKey: String,
-        override val alg: String,
-        val code: WithHeldCode,
-        override val userId: String,
-        override val deviceId: String
-) : AuditInfo
-
-@JsonClass(generateAdapter = true)
-data class IncomingKeyRequestInfo(
-        override val roomId: String,
-        override val sessionId: String,
-        override val senderKey: String,
-        override val alg: String,
-        override val userId: String,
-        override val deviceId: String,
-        val requestId: String
-) : AuditInfo
-
-data class AuditTrail(
-        val ageLocalTs: Long,
-        val type: TrailType,
-        val info: AuditInfo
-)
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.api.session.crypto.model
+
+import com.squareup.moshi.JsonClass
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
+
+enum class TrailType {
+    OutgoingKeyForward,
+    IncomingKeyForward,
+    OutgoingKeyWithheld,
+    IncomingKeyRequest,
+    Unknown
+}
+
+interface AuditInfo {
+    val roomId: String
+    val sessionId: String
+    val senderKey: String
+    val alg: String
+    val userId: String
+    val deviceId: String
+}
+
+@JsonClass(generateAdapter = true)
+data class ForwardInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        override val userId: String,
+        override val deviceId: String,
+        val chainIndex: Long?
+) : AuditInfo
+
+@JsonClass(generateAdapter = true)
+data class WithheldInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        val code: WithHeldCode,
+        override val userId: String,
+        override val deviceId: String
+) : AuditInfo
+
+@JsonClass(generateAdapter = true)
+data class IncomingKeyRequestInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        override val userId: String,
+        override val deviceId: String,
+        val requestId: String
+) : AuditInfo
+
+data class AuditTrail(
+        val ageLocalTs: Long,
+        val type: TrailType,
+        val info: AuditInfo
+)

From 885f836adb1f8e88e78a5926726fa69b6dd01812 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 20 Apr 2022 18:06:24 +0200
Subject: [PATCH 16/27] Cleaning, review

---
 .../internal/crypto/DefaultCryptoService.kt   | 2668 ++++++++---------
 .../sdk/internal/crypto/MXOlmDevice.kt        | 1844 ++++++------
 .../crypto/OutgoingKeyRequestManager.kt       | 1039 ++++---
 .../sdk/internal/crypto/SecretShareManager.kt |  592 ++--
 .../model/OutgoingGossipingRequestEntity.kt   |   62 +-
 .../VerificationTransportRoomMessage.kt       |  631 ++--
 6 files changed, 3416 insertions(+), 3420 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index d969da12b3..f89927f9c2 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -1,1334 +1,1334 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import android.content.Context
-import androidx.annotation.VisibleForTesting
-import androidx.lifecycle.LiveData
-import androidx.paging.PagedList
-import com.squareup.moshi.Types
-import dagger.Lazy
-import kotlinx.coroutines.CancellationException
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.cancelChildren
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.runBlocking
-import kotlinx.coroutines.withContext
-import org.matrix.android.sdk.api.MatrixCallback
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.NoOpMatrixCallback
-import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_OLM
-import org.matrix.android.sdk.api.crypto.MXCryptoConfig
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.failure.Failure
-import org.matrix.android.sdk.api.listeners.ProgressListener
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.CryptoService
-import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.NewSessionListener
-import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
-import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
-import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
-import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.DevicesListResponse
-import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
-import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.TrailType
-import org.matrix.android.sdk.api.session.events.model.Content
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.session.room.model.Membership
-import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibility
-import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibilityContent
-import org.matrix.android.sdk.api.session.room.model.RoomMemberContent
-import org.matrix.android.sdk.api.session.sync.model.SyncResponse
-import org.matrix.android.sdk.internal.crypto.actions.MegolmSessionDataImporter
-import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXGroupEncryption
-import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
-import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
-import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningService
-import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
-import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
-import org.matrix.android.sdk.internal.crypto.model.toRest
-import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.DeleteDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.GetDeviceInfoTask
-import org.matrix.android.sdk.internal.crypto.tasks.GetDevicesTask
-import org.matrix.android.sdk.internal.crypto.tasks.SetDeviceNameTask
-import org.matrix.android.sdk.internal.crypto.tasks.UploadKeysTask
-import org.matrix.android.sdk.internal.crypto.verification.DefaultVerificationService
-import org.matrix.android.sdk.internal.crypto.verification.VerificationMessageProcessor
-import org.matrix.android.sdk.internal.di.DeviceId
-import org.matrix.android.sdk.internal.di.MoshiProvider
-import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.android.sdk.internal.extensions.foldToCallback
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.session.StreamEventsManager
-import org.matrix.android.sdk.internal.session.room.membership.LoadRoomMembersTask
-import org.matrix.android.sdk.internal.task.TaskExecutor
-import org.matrix.android.sdk.internal.task.TaskThread
-import org.matrix.android.sdk.internal.task.configureWith
-import org.matrix.android.sdk.internal.task.launchToCallback
-import org.matrix.android.sdk.internal.util.JsonCanonicalizer
-import org.matrix.olm.OlmManager
-import timber.log.Timber
-import java.util.concurrent.atomic.AtomicBoolean
-import javax.inject.Inject
-import kotlin.math.max
-
-/**
- * A `CryptoService` class instance manages the end-to-end crypto for a session.
- *
- *
- * Messages posted by the user are automatically redirected to CryptoService in order to be encrypted
- * before sending.
- * In the other hand, received events goes through CryptoService for decrypting.
- * CryptoService maintains all necessary keys and their sharing with other devices required for the crypto.
- * Specially, it tracks all room membership changes events in order to do keys updates.
- */
-
-private val loggerTag = LoggerTag("DefaultCryptoService", LoggerTag.CRYPTO)
-
-@SessionScope
-internal class DefaultCryptoService @Inject constructor(
-        // Olm Manager
-        private val olmManager: OlmManager,
-        @UserId
-        private val userId: String,
-        @DeviceId
-        private val deviceId: String?,
-        private val myDeviceInfoHolder: Lazy<MyDeviceInfoHolder>,
-        // the crypto store
-        private val cryptoStore: IMXCryptoStore,
-        // Room encryptors store
-        private val roomEncryptorsStore: RoomEncryptorsStore,
-        // Olm device
-        private val olmDevice: MXOlmDevice,
-        // Set of parameters used to configure/customize the end-to-end crypto.
-        private val mxCryptoConfig: MXCryptoConfig,
-        // Device list manager
-        private val deviceListManager: DeviceListManager,
-        // The key backup service.
-        private val keysBackupService: DefaultKeysBackupService,
-        //
-        private val objectSigner: ObjectSigner,
-        //
-        private val oneTimeKeysUploader: OneTimeKeysUploader,
-        //
-        private val roomDecryptorProvider: RoomDecryptorProvider,
-        // The verification service.
-        private val verificationService: DefaultVerificationService,
-
-        private val crossSigningService: DefaultCrossSigningService,
-        //
-        private val incomingKeyRequestManager: IncomingKeyRequestManager,
-        private val secretShareManager: SecretShareManager,
-        //
-        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
-        // Actions
-        private val setDeviceVerificationAction: SetDeviceVerificationAction,
-        private val megolmSessionDataImporter: MegolmSessionDataImporter,
-        private val warnOnUnknownDevicesRepository: WarnOnUnknownDeviceRepository,
-        // Repository
-        private val megolmEncryptionFactory: MXMegolmEncryptionFactory,
-        private val olmEncryptionFactory: MXOlmEncryptionFactory,
-        // Tasks
-        private val deleteDeviceTask: DeleteDeviceTask,
-        private val getDevicesTask: GetDevicesTask,
-        private val getDeviceInfoTask: GetDeviceInfoTask,
-        private val setDeviceNameTask: SetDeviceNameTask,
-        private val uploadKeysTask: UploadKeysTask,
-        private val loadRoomMembersTask: LoadRoomMembersTask,
-        private val cryptoSessionInfoProvider: CryptoSessionInfoProvider,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val taskExecutor: TaskExecutor,
-        private val cryptoCoroutineScope: CoroutineScope,
-        private val eventDecryptor: EventDecryptor,
-        private val verificationMessageProcessor: VerificationMessageProcessor,
-        private val liveEventManager: Lazy<StreamEventsManager>
-) : CryptoService {
-
-    private val isStarting = AtomicBoolean(false)
-    private val isStarted = AtomicBoolean(false)
-
-    fun onStateEvent(roomId: String, event: Event) {
-        when (event.type) {
-            EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
-            EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
-            EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
-        }
-    }
-
-    fun onLiveEvent(roomId: String, event: Event, isInitialSync: Boolean) {
-        // handle state events
-        if (event.isStateEvent()) {
-            when (event.type) {
-                EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
-                EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
-                EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
-            }
-        }
-
-        // handle verification
-        if (!isInitialSync) {
-            if (event.type != null && verificationMessageProcessor.shouldProcess(event.type)) {
-                cryptoCoroutineScope.launch(coroutineDispatchers.dmVerif) {
-                    verificationMessageProcessor.process(event)
-                }
-            }
-        }
-    }
-
-//    val gossipingBuffer = mutableListOf<Event>()
-
-    override fun setDeviceName(deviceId: String, deviceName: String, callback: MatrixCallback<Unit>) {
-        setDeviceNameTask
-                .configureWith(SetDeviceNameTask.Params(deviceId, deviceName)) {
-                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = object : MatrixCallback<Unit> {
-                        override fun onSuccess(data: Unit) {
-                            // bg refresh of crypto device
-                            downloadKeys(listOf(userId), true, NoOpMatrixCallback())
-                            callback.onSuccess(data)
-                        }
-
-                        override fun onFailure(failure: Throwable) {
-                            callback.onFailure(failure)
-                        }
-                    }
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun deleteDevice(deviceId: String, userInteractiveAuthInterceptor: UserInteractiveAuthInterceptor, callback: MatrixCallback<Unit>) {
-        deleteDeviceTask
-                .configureWith(DeleteDeviceTask.Params(deviceId, userInteractiveAuthInterceptor, null)) {
-                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = callback
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun getCryptoVersion(context: Context, longFormat: Boolean): String {
-        return if (longFormat) olmManager.getDetailedVersion(context) else olmManager.version
-    }
-
-    override fun getMyDevice(): CryptoDeviceInfo {
-        return myDeviceInfoHolder.get().myDevice
-    }
-
-    override fun fetchDevicesList(callback: MatrixCallback<DevicesListResponse>) {
-        getDevicesTask
-                .configureWith {
-                    //                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = object : MatrixCallback<DevicesListResponse> {
-                        override fun onFailure(failure: Throwable) {
-                            callback.onFailure(failure)
-                        }
-
-                        override fun onSuccess(data: DevicesListResponse) {
-                            // Save in local DB
-                            cryptoStore.saveMyDevicesInfo(data.devices.orEmpty())
-                            callback.onSuccess(data)
-                        }
-                    }
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>> {
-        return cryptoStore.getLiveMyDevicesInfo()
-    }
-
-    override fun getMyDevicesInfo(): List<DeviceInfo> {
-        return cryptoStore.getMyDevicesInfo()
-    }
-
-    override fun getDeviceInfo(deviceId: String, callback: MatrixCallback<DeviceInfo>) {
-        getDeviceInfoTask
-                .configureWith(GetDeviceInfoTask.Params(deviceId)) {
-                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = callback
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun inboundGroupSessionsCount(onlyBackedUp: Boolean): Int {
-        return cryptoStore.inboundGroupSessionsCount(onlyBackedUp)
-    }
-
-    /**
-     * Provides the tracking status
-     *
-     * @param userId the user id
-     * @return the tracking status
-     */
-    override fun getDeviceTrackingStatus(userId: String): Int {
-        return cryptoStore.getDeviceTrackingStatus(userId, DeviceListManager.TRACKING_STATUS_NOT_TRACKED)
-    }
-
-    /**
-     * Tell if the MXCrypto is started
-     *
-     * @return true if the crypto is started
-     */
-    fun isStarted(): Boolean {
-        return isStarted.get()
-    }
-
-    /**
-     * Tells if the MXCrypto is starting.
-     *
-     * @return true if the crypto is starting
-     */
-    fun isStarting(): Boolean {
-        return isStarting.get()
-    }
-
-    /**
-     * Start the crypto module.
-     * Device keys will be uploaded, then one time keys if there are not enough on the homeserver
-     * and, then, if this is the first time, this new device will be announced to all other users
-     * devices.
-     *
-     */
-    fun start() {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            internalStart()
-        }
-        // Just update
-        fetchDevicesList(NoOpMatrixCallback())
-
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            cryptoStore.tidyUpDataBase()
-        }
-    }
-
-    fun ensureDevice() {
-        cryptoCoroutineScope.launchToCallback(coroutineDispatchers.crypto, NoOpMatrixCallback()) {
-            // Open the store
-            cryptoStore.open()
-
-            if (!cryptoStore.areDeviceKeysUploaded()) {
-                // Schedule upload of OTK
-                oneTimeKeysUploader.updateOneTimeKeyCount(0)
-            }
-
-            // this can throw if no network
-            tryOrNull {
-                uploadDeviceKeys()
-            }
-
-            oneTimeKeysUploader.maybeUploadOneTimeKeys()
-            // this can throw if no backup
-            tryOrNull {
-                keysBackupService.checkAndStartKeysBackup()
-            }
-        }
-    }
-
-    fun onSyncWillProcess(isInitialSync: Boolean) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            if (isInitialSync) {
-                try {
-                    // On initial sync, we start all our tracking from
-                    // scratch, so mark everything as untracked. onCryptoEvent will
-                    // be called for all e2e rooms during the processing of the sync,
-                    // at which point we'll start tracking all the users of that room.
-                    deviceListManager.invalidateAllDeviceLists()
-                    // always track my devices?
-                    deviceListManager.startTrackingDeviceList(listOf(userId))
-                    deviceListManager.refreshOutdatedDeviceLists()
-                } catch (failure: Throwable) {
-                    Timber.tag(loggerTag.value).e(failure, "onSyncWillProcess ")
-                }
-            }
-        }
-    }
-
-    private fun internalStart() {
-        if (isStarted.get() || isStarting.get()) {
-            return
-        }
-        isStarting.set(true)
-
-        // Open the store
-        cryptoStore.open()
-
-        isStarting.set(false)
-        isStarted.set(true)
-    }
-
-    /**
-     * Close the crypto
-     */
-    fun close() = runBlocking(coroutineDispatchers.crypto) {
-        cryptoCoroutineScope.coroutineContext.cancelChildren(CancellationException("Closing crypto module"))
-        incomingKeyRequestManager.close()
-        outgoingKeyRequestManager.close()
-        olmDevice.release()
-        cryptoStore.close()
-    }
-
-    // Always enabled on Matrix Android SDK2
-    override fun isCryptoEnabled() = true
-
-    /**
-     * @return the Keys backup Service
-     */
-    override fun keysBackupService() = keysBackupService
-
-    /**
-     * @return the VerificationService
-     */
-    override fun verificationService() = verificationService
-
-    override fun crossSigningService() = crossSigningService
-
-    /**
-     * A sync response has been received
-     *
-     * @param syncResponse the syncResponse
-     */
-    fun onSyncCompleted(syncResponse: SyncResponse) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            runCatching {
-                if (syncResponse.deviceLists != null) {
-                    deviceListManager.handleDeviceListsChanges(syncResponse.deviceLists.changed, syncResponse.deviceLists.left)
-                }
-                if (syncResponse.deviceOneTimeKeysCount != null) {
-                    val currentCount = syncResponse.deviceOneTimeKeysCount.signedCurve25519 ?: 0
-                    oneTimeKeysUploader.updateOneTimeKeyCount(currentCount)
-                }
-
-                // unwedge if needed
-                try {
-                    eventDecryptor.unwedgeDevicesIfNeeded()
-                } catch (failure: Throwable) {
-                    Timber.tag(loggerTag.value).w("unwedgeDevicesIfNeeded failed")
-                }
-
-                // There is a limit of to_device events returned per sync.
-                // If we are in a case of such limited to_device sync we can't try to generate/upload
-                // new otk now, because there might be some pending olm pre-key to_device messages that would fail if we rotate
-                // the old otk too early. In this case we want to wait for the pending to_device before doing anything
-                // As per spec:
-                // If there is a large queue of send-to-device messages, the server should limit the number sent in each /sync response.
-                // 100 messages is recommended as a reasonable limit.
-                // The limit is not part of the spec, so it's probably safer to handle that when there are no more to_device ( so we are sure
-                // that there are no pending to_device
-                val toDevices = syncResponse.toDevice?.events.orEmpty()
-                if (isStarted() && toDevices.isEmpty()) {
-                    // Make sure we process to-device messages before generating new one-time-keys #2782
-                    deviceListManager.refreshOutdatedDeviceLists()
-                    // The presence of device_unused_fallback_key_types indicates that the server supports fallback keys.
-                    // If there's no unused signed_curve25519 fallback key we need a new one.
-                    if (syncResponse.deviceUnusedFallbackKeyTypes != null &&
-                            // Generate a fallback key only if the server does not already have an unused fallback key.
-                            !syncResponse.deviceUnusedFallbackKeyTypes.contains(KEY_SIGNED_CURVE_25519_TYPE)) {
-                        oneTimeKeysUploader.needsNewFallback()
-                    }
-
-                    oneTimeKeysUploader.maybeUploadOneTimeKeys()
-                }
-
-                // Process pending key requests
-                try {
-                    if (toDevices.isEmpty()) {
-                        // this is not blocking
-                        outgoingKeyRequestManager.requireProcessAllPendingKeyRequests()
-                    } else {
-                        Timber.tag(loggerTag.value)
-                                .w("Don't process key requests yet as their might be more to_device to catchup")
-                    }
-                } catch (failure: Throwable) {
-                    // just for safety but should not throw
-                    Timber.tag(loggerTag.value).w("failed to process pending request")
-                }
-
-                try {
-                    incomingKeyRequestManager.processIncomingRequests()
-                } catch (failure: Throwable) {
-                    // just for safety but should not throw
-                    Timber.tag(loggerTag.value).w("failed to process incoming room key requests")
-                }
-            }
-        }
-    }
-
-    /**
-     * Find a device by curve25519 identity key
-     *
-     * @param senderKey the curve25519 key to match.
-     * @param algorithm the encryption algorithm.
-     * @return the device info, or null if not found / unsupported algorithm / crypto released
-     */
-    override fun deviceWithIdentityKey(senderKey: String, algorithm: String): CryptoDeviceInfo? {
-        return if (algorithm != MXCRYPTO_ALGORITHM_MEGOLM && algorithm != MXCRYPTO_ALGORITHM_OLM) {
-            // We only deal in olm keys
-            null
-        } else cryptoStore.deviceWithIdentityKey(senderKey)
-    }
-
-    /**
-     * Provides the device information for a user id and a device Id
-     *
-     * @param userId   the user id
-     * @param deviceId the device id
-     */
-    override fun getDeviceInfo(userId: String, deviceId: String?): CryptoDeviceInfo? {
-        return if (userId.isNotEmpty() && !deviceId.isNullOrEmpty()) {
-            cryptoStore.getUserDevice(userId, deviceId)
-        } else {
-            null
-        }
-    }
-
-    override fun getCryptoDeviceInfo(userId: String): List<CryptoDeviceInfo> {
-        return cryptoStore.getUserDeviceList(userId).orEmpty()
-    }
-
-    override fun getLiveCryptoDeviceInfo(): LiveData<List<CryptoDeviceInfo>> {
-        return cryptoStore.getLiveDeviceList()
-    }
-
-    override fun getLiveCryptoDeviceInfo(userId: String): LiveData<List<CryptoDeviceInfo>> {
-        return cryptoStore.getLiveDeviceList(userId)
-    }
-
-    override fun getLiveCryptoDeviceInfo(userIds: List<String>): LiveData<List<CryptoDeviceInfo>> {
-        return cryptoStore.getLiveDeviceList(userIds)
-    }
-
-    /**
-     * Set the devices as known
-     *
-     * @param devices  the devices. Note that the verified member of the devices in this list will not be updated by this method.
-     * @param callback the asynchronous callback
-     */
-    override fun setDevicesKnown(devices: List<MXDeviceInfo>, callback: MatrixCallback<Unit>?) {
-        // build a devices map
-        val devicesIdListByUserId = devices.groupBy({ it.userId }, { it.deviceId })
-
-        for ((userId, deviceIds) in devicesIdListByUserId) {
-            val storedDeviceIDs = cryptoStore.getUserDevices(userId)
-
-            // sanity checks
-            if (null != storedDeviceIDs) {
-                var isUpdated = false
-
-                deviceIds.forEach { deviceId ->
-                    val device = storedDeviceIDs[deviceId]
-
-                    // assume if the device is either verified or blocked
-                    // it means that the device is known
-                    if (device?.isUnknown == true) {
-                        device.trustLevel = DeviceTrustLevel(crossSigningVerified = false, locallyVerified = false)
-                        isUpdated = true
-                    }
-                }
-
-                if (isUpdated) {
-                    cryptoStore.storeUserDevices(userId, storedDeviceIDs)
-                }
-            }
-        }
-
-        callback?.onSuccess(Unit)
-    }
-
-    /**
-     * Update the blocked/verified state of the given device.
-     *
-     * @param trustLevel the new trust level
-     * @param userId     the owner of the device
-     * @param deviceId   the unique identifier for the device.
-     */
-    override fun setDeviceVerification(trustLevel: DeviceTrustLevel, userId: String, deviceId: String) {
-        setDeviceVerificationAction.handle(trustLevel, userId, deviceId)
-    }
-
-    /**
-     * Configure a room to use encryption.
-     *
-     * @param roomId             the room id to enable encryption in.
-     * @param algorithm          the encryption config for the room.
-     * @param inhibitDeviceQuery true to suppress device list query for users in the room (for now)
-     * @param membersId          list of members to start tracking their devices
-     * @return true if the operation succeeds.
-     */
-    private suspend fun setEncryptionInRoom(roomId: String,
-                                            algorithm: String?,
-                                            inhibitDeviceQuery: Boolean,
-                                            membersId: List<String>): Boolean {
-        // If we already have encryption in this room, we should ignore this event
-        // (for now at least. Maybe we should alert the user somehow?)
-        val existingAlgorithm = cryptoStore.getRoomAlgorithm(roomId)
-
-        if (existingAlgorithm == algorithm) {
-            // ignore
-            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Ignoring m.room.encryption for same alg ($algorithm) in  $roomId")
-            return false
-        }
-
-        val encryptingClass = MXCryptoAlgorithms.hasEncryptorClassForAlgorithm(algorithm)
-
-        // Always store even if not supported
-        cryptoStore.storeRoomAlgorithm(roomId, algorithm)
-
-        if (!encryptingClass) {
-            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Unable to encrypt room $roomId with $algorithm")
-            return false
-        }
-
-        val alg: IMXEncrypting? = when (algorithm) {
-            MXCRYPTO_ALGORITHM_MEGOLM -> megolmEncryptionFactory.create(roomId)
-            MXCRYPTO_ALGORITHM_OLM    -> olmEncryptionFactory.create(roomId)
-            else                      -> null
-        }
-
-        if (alg != null) {
-            roomEncryptorsStore.put(roomId, alg)
-        }
-
-        // if encryption was not previously enabled in this room, we will have been
-        // ignoring new device events for these users so far. We may well have
-        // up-to-date lists for some users, for instance if we were sharing other
-        // e2e rooms with them, so there is room for optimisation here, but for now
-        // we just invalidate everyone in the room.
-        if (null == existingAlgorithm) {
-            Timber.tag(loggerTag.value).d("Enabling encryption in $roomId for the first time; invalidating device lists for all users therein")
-
-            val userIds = ArrayList(membersId)
-
-            deviceListManager.startTrackingDeviceList(userIds)
-
-            if (!inhibitDeviceQuery) {
-                deviceListManager.refreshOutdatedDeviceLists()
-            }
-        }
-
-        return true
-    }
-
-    /**
-     * Tells if a room is encrypted with MXCRYPTO_ALGORITHM_MEGOLM
-     *
-     * @param roomId the room id
-     * @return true if the room is encrypted with algorithm MXCRYPTO_ALGORITHM_MEGOLM
-     */
-    override fun isRoomEncrypted(roomId: String): Boolean {
-        return cryptoSessionInfoProvider.isRoomEncrypted(roomId)
-    }
-
-    /**
-     * @return the stored device keys for a user.
-     */
-    override fun getUserDevices(userId: String): MutableList<CryptoDeviceInfo> {
-        return cryptoStore.getUserDevices(userId)?.values?.toMutableList() ?: ArrayList()
-    }
-
-    private fun isEncryptionEnabledForInvitedUser(): Boolean {
-        return mxCryptoConfig.enableEncryptionForInvitedMembers
-    }
-
-    override fun getEncryptionAlgorithm(roomId: String): String? {
-        return cryptoStore.getRoomAlgorithm(roomId)
-    }
-
-    /**
-     * Determine whether we should encrypt messages for invited users in this room.
-     * <p>
-     * Check here whether the invited members are allowed to read messages in the room history
-     * from the point they were invited onwards.
-     *
-     * @return true if we should encrypt messages for invited users.
-     */
-    override fun shouldEncryptForInvitedMembers(roomId: String): Boolean {
-        return cryptoStore.shouldEncryptForInvitedMembers(roomId)
-    }
-
-    /**
-     * Encrypt an event content according to the configuration of the room.
-     *
-     * @param eventContent the content of the event.
-     * @param eventType    the type of the event.
-     * @param roomId       the room identifier the event will be sent.
-     * @param callback     the asynchronous callback
-     */
-    override fun encryptEventContent(eventContent: Content,
-                                     eventType: String,
-                                     roomId: String,
-                                     callback: MatrixCallback<MXEncryptEventContentResult>) {
-        // moved to crypto scope to have uptodate values
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val userIds = getRoomUserIds(roomId)
-            var alg = roomEncryptorsStore.get(roomId)
-            if (alg == null) {
-                val algorithm = getEncryptionAlgorithm(roomId)
-                if (algorithm != null) {
-                    if (setEncryptionInRoom(roomId, algorithm, false, userIds)) {
-                        alg = roomEncryptorsStore.get(roomId)
-                    }
-                }
-            }
-            val safeAlgorithm = alg
-            if (safeAlgorithm != null) {
-                val t0 = System.currentTimeMillis()
-                Timber.tag(loggerTag.value).v("encryptEventContent() starts")
-                runCatching {
-                    val content = safeAlgorithm.encryptEventContent(eventContent, eventType, userIds)
-                    Timber.tag(loggerTag.value).v("## CRYPTO | encryptEventContent() : succeeds after ${System.currentTimeMillis() - t0} ms")
-                    MXEncryptEventContentResult(content, EventType.ENCRYPTED)
-                }.foldToCallback(callback)
-            } else {
-                val algorithm = getEncryptionAlgorithm(roomId)
-                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON,
-                        algorithm ?: MXCryptoError.NO_MORE_ALGORITHM_REASON)
-                Timber.tag(loggerTag.value).e("encryptEventContent() : failed $reason")
-                callback.onFailure(Failure.CryptoError(MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_ENCRYPT, reason)))
-            }
-        }
-    }
-
-    override fun discardOutboundSession(roomId: String) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val roomEncryptor = roomEncryptorsStore.get(roomId)
-            if (roomEncryptor is IMXGroupEncryption) {
-                roomEncryptor.discardSessionKey()
-            } else {
-                Timber.tag(loggerTag.value).e("discardOutboundSession() for:$roomId: Unable to handle IMXGroupEncryption")
-            }
-        }
-    }
-
-    /**
-     * Decrypt an event
-     *
-     * @param event    the raw event.
-     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @return the MXEventDecryptionResult data, or throw in case of error
-     */
-    @Throws(MXCryptoError::class)
-    override suspend fun decryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
-        return internalDecryptEvent(event, timeline)
-    }
-
-    /**
-     * Decrypt an event asynchronously
-     *
-     * @param event    the raw event.
-     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @param callback the callback to return data or null
-     */
-    override fun decryptEventAsync(event: Event, timeline: String, callback: MatrixCallback<MXEventDecryptionResult>) {
-        eventDecryptor.decryptEventAsync(event, timeline, callback)
-    }
-
-    /**
-     * Decrypt an event
-     *
-     * @param event    the raw event.
-     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @return the MXEventDecryptionResult data, or null in case of error
-     */
-    @Throws(MXCryptoError::class)
-    private suspend fun internalDecryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
-        return eventDecryptor.decryptEvent(event, timeline)
-    }
-
-    /**
-     * Reset replay attack data for the given timeline.
-     *
-     * @param timelineId the timeline id
-     */
-    fun resetReplayAttackCheckInTimeline(timelineId: String) {
-        olmDevice.resetReplayAttackCheckInTimeline(timelineId)
-    }
-
-    /**
-     * Handle the 'toDevice' event
-     *
-     * @param event the event
-     */
-    fun onToDeviceEvent(event: Event) {
-        // event have already been decrypted
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            when (event.getClearType()) {
-                EventType.ROOM_KEY, EventType.FORWARDED_ROOM_KEY -> {
-                    // Keys are imported directly, not waiting for end of sync
-                    onRoomKeyEvent(event)
-                }
-                EventType.REQUEST_SECRET                         -> {
-                    secretShareManager.handleSecretRequest(event)
-                }
-                EventType.ROOM_KEY_REQUEST                       -> {
-                    event.getClearContent().toModel<RoomKeyShareRequest>()?.let { req ->
-                        event.senderId?.let { incomingKeyRequestManager.addNewIncomingRequest(it, req) }
-                    }
-                }
-                EventType.SEND_SECRET                            -> {
-                    onSecretSendReceived(event)
-                }
-                EventType.ROOM_KEY_WITHHELD                      -> {
-                    onKeyWithHeldReceived(event)
-                }
-                else                                             -> {
-                    // ignore
-                }
-            }
-        }
-        liveEventManager.get().dispatchOnLiveToDevice(event)
-    }
-
-    /**
-     * Handle a key event.
-     *
-     * @param event the key event.
-     */
-    private fun onRoomKeyEvent(event: Event) {
-        val roomKeyContent = event.getClearContent().toModel<RoomKeyContent>() ?: return
-        Timber.tag(loggerTag.value).i("onRoomKeyEvent() from: ${event.senderId} type<${event.getClearType()}> , sessionId<${roomKeyContent.sessionId}>")
-        if (roomKeyContent.roomId.isNullOrEmpty() || roomKeyContent.algorithm.isNullOrEmpty()) {
-            Timber.tag(loggerTag.value).e("onRoomKeyEvent() : missing fields")
-            return
-        }
-        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(roomKeyContent.roomId, roomKeyContent.algorithm)
-        if (alg == null) {
-            Timber.tag(loggerTag.value).e("GOSSIP onRoomKeyEvent() : Unable to handle keys for ${roomKeyContent.algorithm}")
-            return
-        }
-        alg.onRoomKeyEvent(event, keysBackupService)
-    }
-
-    private fun onKeyWithHeldReceived(event: Event) {
-        val withHeldContent = event.getClearContent().toModel<RoomKeyWithHeldContent>() ?: return Unit.also {
-            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
-        }
-        val senderId = event.senderId ?: return Unit.also {
-            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
-        }
-        withHeldContent.sessionId ?: return
-        withHeldContent.algorithm ?: return
-        withHeldContent.roomId ?: return
-        withHeldContent.senderKey ?: return
-        outgoingKeyRequestManager.onRoomKeyWithHeld(
-                sessionId = withHeldContent.sessionId,
-                algorithm = withHeldContent.algorithm,
-                roomId = withHeldContent.roomId,
-                senderKey = withHeldContent.senderKey,
-                fromDevice = withHeldContent.fromDevice,
-                event = Event(
-                        type = EventType.ROOM_KEY_WITHHELD,
-                        senderId = senderId,
-                        content = event.getClearContent()
-                )
-        )
-    }
-
-    private suspend fun onSecretSendReceived(event: Event) {
-        secretShareManager.onSecretSendReceived(event) { secretName, secretValue ->
-            handleSDKLevelGossip(secretName, secretValue)
-        }
-    }
-
-    /**
-     * Returns true if handled by SDK, otherwise should be sent to application layer
-     */
-    private fun handleSDKLevelGossip(secretName: String?,
-                                     secretValue: String): Boolean {
-        return when (secretName) {
-            MASTER_KEY_SSSS_NAME       -> {
-                crossSigningService.onSecretMSKGossip(secretValue)
-                true
-            }
-            SELF_SIGNING_KEY_SSSS_NAME -> {
-                crossSigningService.onSecretSSKGossip(secretValue)
-                true
-            }
-            USER_SIGNING_KEY_SSSS_NAME -> {
-                crossSigningService.onSecretUSKGossip(secretValue)
-                true
-            }
-            KEYBACKUP_SECRET_SSSS_NAME -> {
-                keysBackupService.onSecretKeyGossip(secretValue)
-                true
-            }
-            else                       -> false
-        }
-    }
-
-    /**
-     * Handle an m.room.encryption event.
-     *
-     * @param event the encryption event.
-     */
-    private fun onRoomEncryptionEvent(roomId: String, event: Event) {
-        if (!event.isStateEvent()) {
-            // Ignore
-            Timber.tag(loggerTag.value).w("Invalid encryption event")
-            return
-        }
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val userIds = getRoomUserIds(roomId)
-            setEncryptionInRoom(roomId, event.content?.get("algorithm")?.toString(), true, userIds)
-        }
-    }
-
-    private fun getRoomUserIds(roomId: String): List<String> {
-        val encryptForInvitedMembers = isEncryptionEnabledForInvitedUser() &&
-                shouldEncryptForInvitedMembers(roomId)
-        return cryptoSessionInfoProvider.getRoomUserIds(roomId, encryptForInvitedMembers)
-    }
-
-    /**
-     * Handle a change in the membership state of a member of a room.
-     *
-     * @param event the membership event causing the change
-     */
-    private fun onRoomMembershipEvent(roomId: String, event: Event) {
-        roomEncryptorsStore.get(roomId) ?: /* No encrypting in this room */ return
-
-        event.stateKey?.let { userId ->
-            val roomMember: RoomMemberContent? = event.content.toModel()
-            val membership = roomMember?.membership
-            if (membership == Membership.JOIN) {
-                // make sure we are tracking the deviceList for this user.
-                deviceListManager.startTrackingDeviceList(listOf(userId))
-            } else if (membership == Membership.INVITE &&
-                    shouldEncryptForInvitedMembers(roomId) &&
-                    isEncryptionEnabledForInvitedUser()) {
-                // track the deviceList for this invited user.
-                // Caution: there's a big edge case here in that federated servers do not
-                // know what other servers are in the room at the time they've been invited.
-                // They therefore will not send device updates if a user logs in whilst
-                // their state is invite.
-                deviceListManager.startTrackingDeviceList(listOf(userId))
-            }
-        }
-    }
-
-    private fun onRoomHistoryVisibilityEvent(roomId: String, event: Event) {
-        if (!event.isStateEvent()) return
-        val eventContent = event.content.toModel<RoomHistoryVisibilityContent>()
-        eventContent?.historyVisibility?.let {
-            cryptoStore.setShouldEncryptForInvitedMembers(roomId, it != RoomHistoryVisibility.JOINED)
-        }
-    }
-
-    /**
-     * Upload my user's device keys.
-     */
-    private suspend fun uploadDeviceKeys() {
-        if (cryptoStore.areDeviceKeysUploaded()) {
-            Timber.tag(loggerTag.value).d("Keys already uploaded, nothing to do")
-            return
-        }
-        // Prepare the device keys data to send
-        // Sign it
-        val canonicalJson = JsonCanonicalizer.getCanonicalJson(Map::class.java, getMyDevice().signalableJSONDictionary())
-        var rest = getMyDevice().toRest()
-
-        rest = rest.copy(
-                signatures = objectSigner.signObject(canonicalJson)
-        )
-
-        val uploadDeviceKeysParams = UploadKeysTask.Params(rest, null, null)
-        uploadKeysTask.execute(uploadDeviceKeysParams)
-
-        cryptoStore.setDeviceKeysUploaded(true)
-    }
-
-    /**
-     * Export the crypto keys
-     *
-     * @param password the password
-     * @return the exported keys
-     */
-    override suspend fun exportRoomKeys(password: String): ByteArray {
-        return exportRoomKeys(password, MXMegolmExportEncryption.DEFAULT_ITERATION_COUNT)
-    }
-
-    /**
-     * Export the crypto keys
-     *
-     * @param password         the password
-     * @param anIterationCount the encryption iteration count (0 means no encryption)
-     */
-    private suspend fun exportRoomKeys(password: String, anIterationCount: Int): ByteArray {
-        return withContext(coroutineDispatchers.crypto) {
-            val iterationCount = max(0, anIterationCount)
-
-            val exportedSessions = cryptoStore.getInboundGroupSessions().mapNotNull { it.exportKeys() }
-
-            val adapter = MoshiProvider.providesMoshi()
-                    .adapter(List::class.java)
-
-            MXMegolmExportEncryption.encryptMegolmKeyFile(adapter.toJson(exportedSessions), password, iterationCount)
-        }
-    }
-
-    /**
-     * Import the room keys
-     *
-     * @param roomKeysAsArray  the room keys as array.
-     * @param password         the password
-     * @param progressListener the progress listener
-     * @return the result ImportRoomKeysResult
-     */
-    override suspend fun importRoomKeys(roomKeysAsArray: ByteArray,
-                                        password: String,
-                                        progressListener: ProgressListener?): ImportRoomKeysResult {
-        return withContext(coroutineDispatchers.crypto) {
-            Timber.tag(loggerTag.value).v("importRoomKeys starts")
-
-            val t0 = System.currentTimeMillis()
-            val roomKeys = MXMegolmExportEncryption.decryptMegolmKeyFile(roomKeysAsArray, password)
-            val t1 = System.currentTimeMillis()
-
-            Timber.tag(loggerTag.value).v("importRoomKeys : decryptMegolmKeyFile done in ${t1 - t0} ms")
-
-            val importedSessions = MoshiProvider.providesMoshi()
-                    .adapter<List<MegolmSessionData>>(Types.newParameterizedType(List::class.java, MegolmSessionData::class.java))
-                    .fromJson(roomKeys)
-
-            val t2 = System.currentTimeMillis()
-
-            Timber.tag(loggerTag.value).v("importRoomKeys : JSON parsing ${t2 - t1} ms")
-
-            if (importedSessions == null) {
-                throw Exception("Error")
-            }
-
-            megolmSessionDataImporter.handle(
-                    megolmSessionsData = importedSessions,
-                    fromBackup = false,
-                    progressListener = progressListener
-            )
-        }
-    }
-
-    /**
-     * Update the warn status when some unknown devices are detected.
-     *
-     * @param warn true to warn when some unknown devices are detected.
-     */
-    override fun setWarnOnUnknownDevices(warn: Boolean) {
-        warnOnUnknownDevicesRepository.setWarnOnUnknownDevices(warn)
-    }
-
-    /**
-     * Check if the user ids list have some unknown devices.
-     * A success means there is no unknown devices.
-     * If there are some unknown devices, a MXCryptoError.UnknownDevice exception is triggered.
-     *
-     * @param userIds  the user ids list
-     * @param callback the asynchronous callback.
-     */
-    fun checkUnknownDevices(userIds: List<String>, callback: MatrixCallback<Unit>) {
-        // force the refresh to ensure that the devices list is up-to-date
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            runCatching {
-                val keys = deviceListManager.downloadKeys(userIds, true)
-                val unknownDevices = getUnknownDevices(keys)
-                if (unknownDevices.map.isNotEmpty()) {
-                    // trigger an an unknown devices exception
-                    throw Failure.CryptoError(MXCryptoError.UnknownDevice(unknownDevices))
-                }
-            }.foldToCallback(callback)
-        }
-    }
-
-    /**
-     * Set the global override for whether the client should ever send encrypted
-     * messages to unverified devices.
-     * If false, it can still be overridden per-room.
-     * If true, it overrides the per-room settings.
-     *
-     * @param block    true to unilaterally blacklist all
-     */
-    override fun setGlobalBlacklistUnverifiedDevices(block: Boolean) {
-        cryptoStore.setGlobalBlacklistUnverifiedDevices(block)
-    }
-
-    override fun enableKeyGossiping(enable: Boolean) {
-        cryptoStore.enableKeyGossiping(enable)
-    }
-
-    override fun isKeyGossipingEnabled() = cryptoStore.isKeyGossipingEnabled()
-
-    /**
-     * Tells whether the client should ever send encrypted messages to unverified devices.
-     * The default value is false.
-     * This function must be called in the getEncryptingThreadHandler() thread.
-     *
-     * @return true to unilaterally blacklist all unverified devices.
-     */
-    override fun getGlobalBlacklistUnverifiedDevices(): Boolean {
-        return cryptoStore.getGlobalBlacklistUnverifiedDevices()
-    }
-
-    /**
-     * Tells whether the client should encrypt messages only for the verified devices
-     * in this room.
-     * The default value is false.
-     *
-     * @param roomId the room id
-     * @return true if the client should encrypt messages only for the verified devices.
-     */
-// TODO add this info in CryptoRoomEntity?
-    override fun isRoomBlacklistUnverifiedDevices(roomId: String?): Boolean {
-        return roomId?.let { cryptoStore.getRoomsListBlacklistUnverifiedDevices().contains(it) }
-                ?: false
-    }
-
-    /**
-     * Manages the room black-listing for unverified devices.
-     *
-     * @param roomId   the room id
-     * @param add      true to add the room id to the list, false to remove it.
-     */
-    private fun setRoomBlacklistUnverifiedDevices(roomId: String, add: Boolean) {
-        val roomIds = cryptoStore.getRoomsListBlacklistUnverifiedDevices().toMutableList()
-
-        if (add) {
-            if (roomId !in roomIds) {
-                roomIds.add(roomId)
-            }
-        } else {
-            roomIds.remove(roomId)
-        }
-
-        cryptoStore.setRoomsListBlacklistUnverifiedDevices(roomIds)
-    }
-
-    /**
-     * Add this room to the ones which don't encrypt messages to unverified devices.
-     *
-     * @param roomId   the room id
-     */
-    override fun setRoomBlacklistUnverifiedDevices(roomId: String) {
-        setRoomBlacklistUnverifiedDevices(roomId, true)
-    }
-
-    /**
-     * Remove this room to the ones which don't encrypt messages to unverified devices.
-     *
-     * @param roomId   the room id
-     */
-    override fun setRoomUnBlacklistUnverifiedDevices(roomId: String) {
-        setRoomBlacklistUnverifiedDevices(roomId, false)
-    }
-
-    /**
-     * Re request the encryption keys required to decrypt an event.
-     *
-     * @param event the event to decrypt again.
-     */
-    override fun reRequestRoomKeyForEvent(event: Event) {
-        outgoingKeyRequestManager.requestKeyForEvent(event, true)
-    }
-
-    override fun requestRoomKeyForEvent(event: Event) {
-        outgoingKeyRequestManager.requestKeyForEvent(event, false)
-    }
-
-    /**
-     * Add a GossipingRequestListener listener.
-     *
-     * @param listener listener
-     */
-    override fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
-        incomingKeyRequestManager.addRoomKeysRequestListener(listener)
-        secretShareManager.addListener(listener)
-    }
-
-    /**
-     * Add a GossipingRequestListener listener.
-     *
-     * @param listener listener
-     */
-    override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
-        incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
-        secretShareManager.addListener(listener)
-    }
-
-    /**
-     * Provides the list of unknown devices
-     *
-     * @param devicesInRoom the devices map
-     * @return the unknown devices map
-     */
-    private fun getUnknownDevices(devicesInRoom: MXUsersDevicesMap<CryptoDeviceInfo>): MXUsersDevicesMap<CryptoDeviceInfo> {
-        val unknownDevices = MXUsersDevicesMap<CryptoDeviceInfo>()
-        val userIds = devicesInRoom.userIds
-        for (userId in userIds) {
-            devicesInRoom.getUserDeviceIds(userId)?.forEach { deviceId ->
-                devicesInRoom.getObject(userId, deviceId)
-                        ?.takeIf { it.isUnknown }
-                        ?.let {
-                            unknownDevices.setObject(userId, deviceId, it)
-                        }
-            }
-        }
-
-        return unknownDevices
-    }
-
-    override fun downloadKeys(userIds: List<String>, forceDownload: Boolean, callback: MatrixCallback<MXUsersDevicesMap<CryptoDeviceInfo>>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            runCatching {
-                deviceListManager.downloadKeys(userIds, forceDownload)
-            }.foldToCallback(callback)
-        }
-    }
-
-    override fun addNewSessionListener(newSessionListener: NewSessionListener) {
-        roomDecryptorProvider.addNewSessionListener(newSessionListener)
-    }
-
-    override fun removeSessionListener(listener: NewSessionListener) {
-        roomDecryptorProvider.removeSessionListener(listener)
-    }
-/* ==========================================================================================
- * DEBUG INFO
- * ========================================================================================== */
-
-    override fun toString(): String {
-        return "DefaultCryptoService of $userId ($deviceId)"
-    }
-
-    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
-        return cryptoStore.getOutgoingRoomKeyRequests()
-    }
-
-    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
-        return cryptoStore.getOutgoingRoomKeyRequestsPaged()
-    }
-
-    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
-        return cryptoStore.getGossipingEvents()
-                .mapNotNull {
-                    IncomingRoomKeyRequest.fromEvent(it)
-                }
-    }
-
-    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
-        return cryptoStore.getGossipingEventsTrail(TrailType.IncomingKeyRequest) {
-            IncomingRoomKeyRequest.fromEvent(it)
-                    ?: IncomingRoomKeyRequest(localCreationTimestamp = 0L)
-        }
-    }
-
-    /**
-     * If you registered a `GossipingRequestListener`, you will be notified of key request
-     * that was not accepted by the SDK. You can call back this manually to accept anyhow.
-     */
-    override suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest) {
-        incomingKeyRequestManager.manuallyAcceptRoomKeyRequest(request)
-    }
-
-    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
-        return cryptoStore.getGossipingEventsTrail()
-    }
-
-    override fun getGossipingEvents(): List<AuditTrail> {
-        return cryptoStore.getGossipingEvents()
-    }
-
-    override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
-        return cryptoStore.getSharedWithInfo(roomId, sessionId)
-    }
-
-    override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
-        return cryptoStore.getWithHeldMegolmSession(roomId, sessionId)
-    }
-
-    override fun logDbUsageInfo() {
-        cryptoStore.logDbUsageInfo()
-    }
-
-    override fun prepareToEncrypt(roomId: String, callback: MatrixCallback<Unit>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            Timber.tag(loggerTag.value).d("prepareToEncrypt() roomId:$roomId Check room members up to date")
-            // Ensure to load all room members
-            try {
-                loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value).e("prepareToEncrypt() : Failed to load room members")
-//                callback.onFailure(failure)
-//                return@launch
-            }
-
-            val userIds = getRoomUserIds(roomId)
-            val alg = roomEncryptorsStore.get(roomId)
-                    ?: getEncryptionAlgorithm(roomId)
-                            ?.let { setEncryptionInRoom(roomId, it, false, userIds) }
-                            ?.let { roomEncryptorsStore.get(roomId) }
-
-            if (alg == null) {
-                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON, MXCryptoError.NO_MORE_ALGORITHM_REASON)
-                Timber.tag(loggerTag.value).e("prepareToEncrypt() : $reason")
-                callback.onFailure(IllegalArgumentException("Missing algorithm"))
-                return@launch
-            }
-
-            runCatching {
-                (alg as? IMXGroupEncryption)?.preshareKey(userIds)
-            }.fold(
-                    { callback.onSuccess(Unit) },
-                    {
-                        Timber.tag(loggerTag.value).e(it, "prepareToEncrypt() failed.")
-                        callback.onFailure(it)
-                    }
-            )
-        }
-    }
-
-    /* ==========================================================================================
-     * For test only
-     * ========================================================================================== */
-
-    @VisibleForTesting
-    val cryptoStoreForTesting = cryptoStore
-
-    @VisibleForTesting
-    val olmDeviceForTest = olmDevice
-
-    companion object {
-        const val CRYPTO_MIN_FORCE_SESSION_PERIOD_MILLIS = 3_600_000 // one hour
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import android.content.Context
+import androidx.annotation.VisibleForTesting
+import androidx.lifecycle.LiveData
+import androidx.paging.PagedList
+import com.squareup.moshi.Types
+import dagger.Lazy
+import kotlinx.coroutines.CancellationException
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.cancelChildren
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.runBlocking
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCallback
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.NoOpMatrixCallback
+import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_OLM
+import org.matrix.android.sdk.api.crypto.MXCryptoConfig
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.failure.Failure
+import org.matrix.android.sdk.api.listeners.ProgressListener
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.CryptoService
+import org.matrix.android.sdk.api.session.crypto.MXCryptoError
+import org.matrix.android.sdk.api.session.crypto.NewSessionListener
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
+import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.DevicesListResponse
+import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
+import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
+import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
+import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.events.model.Content
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.session.room.model.Membership
+import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibility
+import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibilityContent
+import org.matrix.android.sdk.api.session.room.model.RoomMemberContent
+import org.matrix.android.sdk.api.session.sync.model.SyncResponse
+import org.matrix.android.sdk.internal.crypto.actions.MegolmSessionDataImporter
+import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
+import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
+import org.matrix.android.sdk.internal.crypto.algorithms.IMXGroupEncryption
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
+import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
+import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningService
+import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
+import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
+import org.matrix.android.sdk.internal.crypto.model.toRest
+import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.DeleteDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.GetDeviceInfoTask
+import org.matrix.android.sdk.internal.crypto.tasks.GetDevicesTask
+import org.matrix.android.sdk.internal.crypto.tasks.SetDeviceNameTask
+import org.matrix.android.sdk.internal.crypto.tasks.UploadKeysTask
+import org.matrix.android.sdk.internal.crypto.verification.DefaultVerificationService
+import org.matrix.android.sdk.internal.crypto.verification.VerificationMessageProcessor
+import org.matrix.android.sdk.internal.di.DeviceId
+import org.matrix.android.sdk.internal.di.MoshiProvider
+import org.matrix.android.sdk.internal.di.UserId
+import org.matrix.android.sdk.internal.extensions.foldToCallback
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.session.StreamEventsManager
+import org.matrix.android.sdk.internal.session.room.membership.LoadRoomMembersTask
+import org.matrix.android.sdk.internal.task.TaskExecutor
+import org.matrix.android.sdk.internal.task.TaskThread
+import org.matrix.android.sdk.internal.task.configureWith
+import org.matrix.android.sdk.internal.task.launchToCallback
+import org.matrix.android.sdk.internal.util.JsonCanonicalizer
+import org.matrix.olm.OlmManager
+import timber.log.Timber
+import java.util.concurrent.atomic.AtomicBoolean
+import javax.inject.Inject
+import kotlin.math.max
+
+/**
+ * A `CryptoService` class instance manages the end-to-end crypto for a session.
+ *
+ *
+ * Messages posted by the user are automatically redirected to CryptoService in order to be encrypted
+ * before sending.
+ * In the other hand, received events goes through CryptoService for decrypting.
+ * CryptoService maintains all necessary keys and their sharing with other devices required for the crypto.
+ * Specially, it tracks all room membership changes events in order to do keys updates.
+ */
+
+private val loggerTag = LoggerTag("DefaultCryptoService", LoggerTag.CRYPTO)
+
+@SessionScope
+internal class DefaultCryptoService @Inject constructor(
+        // Olm Manager
+        private val olmManager: OlmManager,
+        @UserId
+        private val userId: String,
+        @DeviceId
+        private val deviceId: String?,
+        private val myDeviceInfoHolder: Lazy<MyDeviceInfoHolder>,
+        // the crypto store
+        private val cryptoStore: IMXCryptoStore,
+        // Room encryptors store
+        private val roomEncryptorsStore: RoomEncryptorsStore,
+        // Olm device
+        private val olmDevice: MXOlmDevice,
+        // Set of parameters used to configure/customize the end-to-end crypto.
+        private val mxCryptoConfig: MXCryptoConfig,
+        // Device list manager
+        private val deviceListManager: DeviceListManager,
+        // The key backup service.
+        private val keysBackupService: DefaultKeysBackupService,
+        //
+        private val objectSigner: ObjectSigner,
+        //
+        private val oneTimeKeysUploader: OneTimeKeysUploader,
+        //
+        private val roomDecryptorProvider: RoomDecryptorProvider,
+        // The verification service.
+        private val verificationService: DefaultVerificationService,
+
+        private val crossSigningService: DefaultCrossSigningService,
+        //
+        private val incomingKeyRequestManager: IncomingKeyRequestManager,
+        private val secretShareManager: SecretShareManager,
+        //
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
+        // Actions
+        private val setDeviceVerificationAction: SetDeviceVerificationAction,
+        private val megolmSessionDataImporter: MegolmSessionDataImporter,
+        private val warnOnUnknownDevicesRepository: WarnOnUnknownDeviceRepository,
+        // Repository
+        private val megolmEncryptionFactory: MXMegolmEncryptionFactory,
+        private val olmEncryptionFactory: MXOlmEncryptionFactory,
+        // Tasks
+        private val deleteDeviceTask: DeleteDeviceTask,
+        private val getDevicesTask: GetDevicesTask,
+        private val getDeviceInfoTask: GetDeviceInfoTask,
+        private val setDeviceNameTask: SetDeviceNameTask,
+        private val uploadKeysTask: UploadKeysTask,
+        private val loadRoomMembersTask: LoadRoomMembersTask,
+        private val cryptoSessionInfoProvider: CryptoSessionInfoProvider,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val taskExecutor: TaskExecutor,
+        private val cryptoCoroutineScope: CoroutineScope,
+        private val eventDecryptor: EventDecryptor,
+        private val verificationMessageProcessor: VerificationMessageProcessor,
+        private val liveEventManager: Lazy<StreamEventsManager>
+) : CryptoService {
+
+    private val isStarting = AtomicBoolean(false)
+    private val isStarted = AtomicBoolean(false)
+
+    fun onStateEvent(roomId: String, event: Event) {
+        when (event.type) {
+            EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
+            EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
+            EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
+        }
+    }
+
+    fun onLiveEvent(roomId: String, event: Event, isInitialSync: Boolean) {
+        // handle state events
+        if (event.isStateEvent()) {
+            when (event.type) {
+                EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
+                EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
+                EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
+            }
+        }
+
+        // handle verification
+        if (!isInitialSync) {
+            if (event.type != null && verificationMessageProcessor.shouldProcess(event.type)) {
+                cryptoCoroutineScope.launch(coroutineDispatchers.dmVerif) {
+                    verificationMessageProcessor.process(event)
+                }
+            }
+        }
+    }
+
+//    val gossipingBuffer = mutableListOf<Event>()
+
+    override fun setDeviceName(deviceId: String, deviceName: String, callback: MatrixCallback<Unit>) {
+        setDeviceNameTask
+                .configureWith(SetDeviceNameTask.Params(deviceId, deviceName)) {
+                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = object : MatrixCallback<Unit> {
+                        override fun onSuccess(data: Unit) {
+                            // bg refresh of crypto device
+                            downloadKeys(listOf(userId), true, NoOpMatrixCallback())
+                            callback.onSuccess(data)
+                        }
+
+                        override fun onFailure(failure: Throwable) {
+                            callback.onFailure(failure)
+                        }
+                    }
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun deleteDevice(deviceId: String, userInteractiveAuthInterceptor: UserInteractiveAuthInterceptor, callback: MatrixCallback<Unit>) {
+        deleteDeviceTask
+                .configureWith(DeleteDeviceTask.Params(deviceId, userInteractiveAuthInterceptor, null)) {
+                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = callback
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun getCryptoVersion(context: Context, longFormat: Boolean): String {
+        return if (longFormat) olmManager.getDetailedVersion(context) else olmManager.version
+    }
+
+    override fun getMyDevice(): CryptoDeviceInfo {
+        return myDeviceInfoHolder.get().myDevice
+    }
+
+    override fun fetchDevicesList(callback: MatrixCallback<DevicesListResponse>) {
+        getDevicesTask
+                .configureWith {
+                    //                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = object : MatrixCallback<DevicesListResponse> {
+                        override fun onFailure(failure: Throwable) {
+                            callback.onFailure(failure)
+                        }
+
+                        override fun onSuccess(data: DevicesListResponse) {
+                            // Save in local DB
+                            cryptoStore.saveMyDevicesInfo(data.devices.orEmpty())
+                            callback.onSuccess(data)
+                        }
+                    }
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>> {
+        return cryptoStore.getLiveMyDevicesInfo()
+    }
+
+    override fun getMyDevicesInfo(): List<DeviceInfo> {
+        return cryptoStore.getMyDevicesInfo()
+    }
+
+    override fun getDeviceInfo(deviceId: String, callback: MatrixCallback<DeviceInfo>) {
+        getDeviceInfoTask
+                .configureWith(GetDeviceInfoTask.Params(deviceId)) {
+                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = callback
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun inboundGroupSessionsCount(onlyBackedUp: Boolean): Int {
+        return cryptoStore.inboundGroupSessionsCount(onlyBackedUp)
+    }
+
+    /**
+     * Provides the tracking status
+     *
+     * @param userId the user id
+     * @return the tracking status
+     */
+    override fun getDeviceTrackingStatus(userId: String): Int {
+        return cryptoStore.getDeviceTrackingStatus(userId, DeviceListManager.TRACKING_STATUS_NOT_TRACKED)
+    }
+
+    /**
+     * Tell if the MXCrypto is started
+     *
+     * @return true if the crypto is started
+     */
+    fun isStarted(): Boolean {
+        return isStarted.get()
+    }
+
+    /**
+     * Tells if the MXCrypto is starting.
+     *
+     * @return true if the crypto is starting
+     */
+    fun isStarting(): Boolean {
+        return isStarting.get()
+    }
+
+    /**
+     * Start the crypto module.
+     * Device keys will be uploaded, then one time keys if there are not enough on the homeserver
+     * and, then, if this is the first time, this new device will be announced to all other users
+     * devices.
+     *
+     */
+    fun start() {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            internalStart()
+        }
+        // Just update
+        fetchDevicesList(NoOpMatrixCallback())
+
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            cryptoStore.tidyUpDataBase()
+        }
+    }
+
+    fun ensureDevice() {
+        cryptoCoroutineScope.launchToCallback(coroutineDispatchers.crypto, NoOpMatrixCallback()) {
+            // Open the store
+            cryptoStore.open()
+
+            if (!cryptoStore.areDeviceKeysUploaded()) {
+                // Schedule upload of OTK
+                oneTimeKeysUploader.updateOneTimeKeyCount(0)
+            }
+
+            // this can throw if no network
+            tryOrNull {
+                uploadDeviceKeys()
+            }
+
+            oneTimeKeysUploader.maybeUploadOneTimeKeys()
+            // this can throw if no backup
+            tryOrNull {
+                keysBackupService.checkAndStartKeysBackup()
+            }
+        }
+    }
+
+    fun onSyncWillProcess(isInitialSync: Boolean) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            if (isInitialSync) {
+                try {
+                    // On initial sync, we start all our tracking from
+                    // scratch, so mark everything as untracked. onCryptoEvent will
+                    // be called for all e2e rooms during the processing of the sync,
+                    // at which point we'll start tracking all the users of that room.
+                    deviceListManager.invalidateAllDeviceLists()
+                    // always track my devices?
+                    deviceListManager.startTrackingDeviceList(listOf(userId))
+                    deviceListManager.refreshOutdatedDeviceLists()
+                } catch (failure: Throwable) {
+                    Timber.tag(loggerTag.value).e(failure, "onSyncWillProcess ")
+                }
+            }
+        }
+    }
+
+    private fun internalStart() {
+        if (isStarted.get() || isStarting.get()) {
+            return
+        }
+        isStarting.set(true)
+
+        // Open the store
+        cryptoStore.open()
+
+        isStarting.set(false)
+        isStarted.set(true)
+    }
+
+    /**
+     * Close the crypto
+     */
+    fun close() = runBlocking(coroutineDispatchers.crypto) {
+        cryptoCoroutineScope.coroutineContext.cancelChildren(CancellationException("Closing crypto module"))
+        incomingKeyRequestManager.close()
+        outgoingKeyRequestManager.close()
+        olmDevice.release()
+        cryptoStore.close()
+    }
+
+    // Always enabled on Matrix Android SDK2
+    override fun isCryptoEnabled() = true
+
+    /**
+     * @return the Keys backup Service
+     */
+    override fun keysBackupService() = keysBackupService
+
+    /**
+     * @return the VerificationService
+     */
+    override fun verificationService() = verificationService
+
+    override fun crossSigningService() = crossSigningService
+
+    /**
+     * A sync response has been received
+     *
+     * @param syncResponse the syncResponse
+     */
+    fun onSyncCompleted(syncResponse: SyncResponse) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            runCatching {
+                if (syncResponse.deviceLists != null) {
+                    deviceListManager.handleDeviceListsChanges(syncResponse.deviceLists.changed, syncResponse.deviceLists.left)
+                }
+                if (syncResponse.deviceOneTimeKeysCount != null) {
+                    val currentCount = syncResponse.deviceOneTimeKeysCount.signedCurve25519 ?: 0
+                    oneTimeKeysUploader.updateOneTimeKeyCount(currentCount)
+                }
+
+                // unwedge if needed
+                try {
+                    eventDecryptor.unwedgeDevicesIfNeeded()
+                } catch (failure: Throwable) {
+                    Timber.tag(loggerTag.value).w("unwedgeDevicesIfNeeded failed")
+                }
+
+                // There is a limit of to_device events returned per sync.
+                // If we are in a case of such limited to_device sync we can't try to generate/upload
+                // new otk now, because there might be some pending olm pre-key to_device messages that would fail if we rotate
+                // the old otk too early. In this case we want to wait for the pending to_device before doing anything
+                // As per spec:
+                // If there is a large queue of send-to-device messages, the server should limit the number sent in each /sync response.
+                // 100 messages is recommended as a reasonable limit.
+                // The limit is not part of the spec, so it's probably safer to handle that when there are no more to_device ( so we are sure
+                // that there are no pending to_device
+                val toDevices = syncResponse.toDevice?.events.orEmpty()
+                if (isStarted() && toDevices.isEmpty()) {
+                    // Make sure we process to-device messages before generating new one-time-keys #2782
+                    deviceListManager.refreshOutdatedDeviceLists()
+                    // The presence of device_unused_fallback_key_types indicates that the server supports fallback keys.
+                    // If there's no unused signed_curve25519 fallback key we need a new one.
+                    if (syncResponse.deviceUnusedFallbackKeyTypes != null &&
+                            // Generate a fallback key only if the server does not already have an unused fallback key.
+                            !syncResponse.deviceUnusedFallbackKeyTypes.contains(KEY_SIGNED_CURVE_25519_TYPE)) {
+                        oneTimeKeysUploader.needsNewFallback()
+                    }
+
+                    oneTimeKeysUploader.maybeUploadOneTimeKeys()
+                }
+
+                // Process pending key requests
+                try {
+                    if (toDevices.isEmpty()) {
+                        // this is not blocking
+                        outgoingKeyRequestManager.requireProcessAllPendingKeyRequests()
+                    } else {
+                        Timber.tag(loggerTag.value)
+                                .w("Don't process key requests yet as there might be more to_device to catchup")
+                    }
+                } catch (failure: Throwable) {
+                    // just for safety but should not throw
+                    Timber.tag(loggerTag.value).w("failed to process pending request")
+                }
+
+                try {
+                    incomingKeyRequestManager.processIncomingRequests()
+                } catch (failure: Throwable) {
+                    // just for safety but should not throw
+                    Timber.tag(loggerTag.value).w("failed to process incoming room key requests")
+                }
+            }
+        }
+    }
+
+    /**
+     * Find a device by curve25519 identity key
+     *
+     * @param senderKey the curve25519 key to match.
+     * @param algorithm the encryption algorithm.
+     * @return the device info, or null if not found / unsupported algorithm / crypto released
+     */
+    override fun deviceWithIdentityKey(senderKey: String, algorithm: String): CryptoDeviceInfo? {
+        return if (algorithm != MXCRYPTO_ALGORITHM_MEGOLM && algorithm != MXCRYPTO_ALGORITHM_OLM) {
+            // We only deal in olm keys
+            null
+        } else cryptoStore.deviceWithIdentityKey(senderKey)
+    }
+
+    /**
+     * Provides the device information for a user id and a device Id
+     *
+     * @param userId   the user id
+     * @param deviceId the device id
+     */
+    override fun getDeviceInfo(userId: String, deviceId: String?): CryptoDeviceInfo? {
+        return if (userId.isNotEmpty() && !deviceId.isNullOrEmpty()) {
+            cryptoStore.getUserDevice(userId, deviceId)
+        } else {
+            null
+        }
+    }
+
+    override fun getCryptoDeviceInfo(userId: String): List<CryptoDeviceInfo> {
+        return cryptoStore.getUserDeviceList(userId).orEmpty()
+    }
+
+    override fun getLiveCryptoDeviceInfo(): LiveData<List<CryptoDeviceInfo>> {
+        return cryptoStore.getLiveDeviceList()
+    }
+
+    override fun getLiveCryptoDeviceInfo(userId: String): LiveData<List<CryptoDeviceInfo>> {
+        return cryptoStore.getLiveDeviceList(userId)
+    }
+
+    override fun getLiveCryptoDeviceInfo(userIds: List<String>): LiveData<List<CryptoDeviceInfo>> {
+        return cryptoStore.getLiveDeviceList(userIds)
+    }
+
+    /**
+     * Set the devices as known
+     *
+     * @param devices  the devices. Note that the verified member of the devices in this list will not be updated by this method.
+     * @param callback the asynchronous callback
+     */
+    override fun setDevicesKnown(devices: List<MXDeviceInfo>, callback: MatrixCallback<Unit>?) {
+        // build a devices map
+        val devicesIdListByUserId = devices.groupBy({ it.userId }, { it.deviceId })
+
+        for ((userId, deviceIds) in devicesIdListByUserId) {
+            val storedDeviceIDs = cryptoStore.getUserDevices(userId)
+
+            // sanity checks
+            if (null != storedDeviceIDs) {
+                var isUpdated = false
+
+                deviceIds.forEach { deviceId ->
+                    val device = storedDeviceIDs[deviceId]
+
+                    // assume if the device is either verified or blocked
+                    // it means that the device is known
+                    if (device?.isUnknown == true) {
+                        device.trustLevel = DeviceTrustLevel(crossSigningVerified = false, locallyVerified = false)
+                        isUpdated = true
+                    }
+                }
+
+                if (isUpdated) {
+                    cryptoStore.storeUserDevices(userId, storedDeviceIDs)
+                }
+            }
+        }
+
+        callback?.onSuccess(Unit)
+    }
+
+    /**
+     * Update the blocked/verified state of the given device.
+     *
+     * @param trustLevel the new trust level
+     * @param userId     the owner of the device
+     * @param deviceId   the unique identifier for the device.
+     */
+    override fun setDeviceVerification(trustLevel: DeviceTrustLevel, userId: String, deviceId: String) {
+        setDeviceVerificationAction.handle(trustLevel, userId, deviceId)
+    }
+
+    /**
+     * Configure a room to use encryption.
+     *
+     * @param roomId             the room id to enable encryption in.
+     * @param algorithm          the encryption config for the room.
+     * @param inhibitDeviceQuery true to suppress device list query for users in the room (for now)
+     * @param membersId          list of members to start tracking their devices
+     * @return true if the operation succeeds.
+     */
+    private suspend fun setEncryptionInRoom(roomId: String,
+                                            algorithm: String?,
+                                            inhibitDeviceQuery: Boolean,
+                                            membersId: List<String>): Boolean {
+        // If we already have encryption in this room, we should ignore this event
+        // (for now at least. Maybe we should alert the user somehow?)
+        val existingAlgorithm = cryptoStore.getRoomAlgorithm(roomId)
+
+        if (existingAlgorithm == algorithm) {
+            // ignore
+            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Ignoring m.room.encryption for same alg ($algorithm) in  $roomId")
+            return false
+        }
+
+        val encryptingClass = MXCryptoAlgorithms.hasEncryptorClassForAlgorithm(algorithm)
+
+        // Always store even if not supported
+        cryptoStore.storeRoomAlgorithm(roomId, algorithm)
+
+        if (!encryptingClass) {
+            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Unable to encrypt room $roomId with $algorithm")
+            return false
+        }
+
+        val alg: IMXEncrypting? = when (algorithm) {
+            MXCRYPTO_ALGORITHM_MEGOLM -> megolmEncryptionFactory.create(roomId)
+            MXCRYPTO_ALGORITHM_OLM    -> olmEncryptionFactory.create(roomId)
+            else                      -> null
+        }
+
+        if (alg != null) {
+            roomEncryptorsStore.put(roomId, alg)
+        }
+
+        // if encryption was not previously enabled in this room, we will have been
+        // ignoring new device events for these users so far. We may well have
+        // up-to-date lists for some users, for instance if we were sharing other
+        // e2e rooms with them, so there is room for optimisation here, but for now
+        // we just invalidate everyone in the room.
+        if (null == existingAlgorithm) {
+            Timber.tag(loggerTag.value).d("Enabling encryption in $roomId for the first time; invalidating device lists for all users therein")
+
+            val userIds = ArrayList(membersId)
+
+            deviceListManager.startTrackingDeviceList(userIds)
+
+            if (!inhibitDeviceQuery) {
+                deviceListManager.refreshOutdatedDeviceLists()
+            }
+        }
+
+        return true
+    }
+
+    /**
+     * Tells if a room is encrypted with MXCRYPTO_ALGORITHM_MEGOLM
+     *
+     * @param roomId the room id
+     * @return true if the room is encrypted with algorithm MXCRYPTO_ALGORITHM_MEGOLM
+     */
+    override fun isRoomEncrypted(roomId: String): Boolean {
+        return cryptoSessionInfoProvider.isRoomEncrypted(roomId)
+    }
+
+    /**
+     * @return the stored device keys for a user.
+     */
+    override fun getUserDevices(userId: String): MutableList<CryptoDeviceInfo> {
+        return cryptoStore.getUserDevices(userId)?.values?.toMutableList() ?: ArrayList()
+    }
+
+    private fun isEncryptionEnabledForInvitedUser(): Boolean {
+        return mxCryptoConfig.enableEncryptionForInvitedMembers
+    }
+
+    override fun getEncryptionAlgorithm(roomId: String): String? {
+        return cryptoStore.getRoomAlgorithm(roomId)
+    }
+
+    /**
+     * Determine whether we should encrypt messages for invited users in this room.
+     * <p>
+     * Check here whether the invited members are allowed to read messages in the room history
+     * from the point they were invited onwards.
+     *
+     * @return true if we should encrypt messages for invited users.
+     */
+    override fun shouldEncryptForInvitedMembers(roomId: String): Boolean {
+        return cryptoStore.shouldEncryptForInvitedMembers(roomId)
+    }
+
+    /**
+     * Encrypt an event content according to the configuration of the room.
+     *
+     * @param eventContent the content of the event.
+     * @param eventType    the type of the event.
+     * @param roomId       the room identifier the event will be sent.
+     * @param callback     the asynchronous callback
+     */
+    override fun encryptEventContent(eventContent: Content,
+                                     eventType: String,
+                                     roomId: String,
+                                     callback: MatrixCallback<MXEncryptEventContentResult>) {
+        // moved to crypto scope to have uptodate values
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            val userIds = getRoomUserIds(roomId)
+            var alg = roomEncryptorsStore.get(roomId)
+            if (alg == null) {
+                val algorithm = getEncryptionAlgorithm(roomId)
+                if (algorithm != null) {
+                    if (setEncryptionInRoom(roomId, algorithm, false, userIds)) {
+                        alg = roomEncryptorsStore.get(roomId)
+                    }
+                }
+            }
+            val safeAlgorithm = alg
+            if (safeAlgorithm != null) {
+                val t0 = System.currentTimeMillis()
+                Timber.tag(loggerTag.value).v("encryptEventContent() starts")
+                runCatching {
+                    val content = safeAlgorithm.encryptEventContent(eventContent, eventType, userIds)
+                    Timber.tag(loggerTag.value).v("## CRYPTO | encryptEventContent() : succeeds after ${System.currentTimeMillis() - t0} ms")
+                    MXEncryptEventContentResult(content, EventType.ENCRYPTED)
+                }.foldToCallback(callback)
+            } else {
+                val algorithm = getEncryptionAlgorithm(roomId)
+                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON,
+                        algorithm ?: MXCryptoError.NO_MORE_ALGORITHM_REASON)
+                Timber.tag(loggerTag.value).e("encryptEventContent() : failed $reason")
+                callback.onFailure(Failure.CryptoError(MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_ENCRYPT, reason)))
+            }
+        }
+    }
+
+    override fun discardOutboundSession(roomId: String) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            val roomEncryptor = roomEncryptorsStore.get(roomId)
+            if (roomEncryptor is IMXGroupEncryption) {
+                roomEncryptor.discardSessionKey()
+            } else {
+                Timber.tag(loggerTag.value).e("discardOutboundSession() for:$roomId: Unable to handle IMXGroupEncryption")
+            }
+        }
+    }
+
+    /**
+     * Decrypt an event
+     *
+     * @param event    the raw event.
+     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @return the MXEventDecryptionResult data, or throw in case of error
+     */
+    @Throws(MXCryptoError::class)
+    override suspend fun decryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
+        return internalDecryptEvent(event, timeline)
+    }
+
+    /**
+     * Decrypt an event asynchronously
+     *
+     * @param event    the raw event.
+     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @param callback the callback to return data or null
+     */
+    override fun decryptEventAsync(event: Event, timeline: String, callback: MatrixCallback<MXEventDecryptionResult>) {
+        eventDecryptor.decryptEventAsync(event, timeline, callback)
+    }
+
+    /**
+     * Decrypt an event
+     *
+     * @param event    the raw event.
+     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @return the MXEventDecryptionResult data, or null in case of error
+     */
+    @Throws(MXCryptoError::class)
+    private suspend fun internalDecryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
+        return eventDecryptor.decryptEvent(event, timeline)
+    }
+
+    /**
+     * Reset replay attack data for the given timeline.
+     *
+     * @param timelineId the timeline id
+     */
+    fun resetReplayAttackCheckInTimeline(timelineId: String) {
+        olmDevice.resetReplayAttackCheckInTimeline(timelineId)
+    }
+
+    /**
+     * Handle the 'toDevice' event
+     *
+     * @param event the event
+     */
+    fun onToDeviceEvent(event: Event) {
+        // event have already been decrypted
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            when (event.getClearType()) {
+                EventType.ROOM_KEY, EventType.FORWARDED_ROOM_KEY -> {
+                    // Keys are imported directly, not waiting for end of sync
+                    onRoomKeyEvent(event)
+                }
+                EventType.REQUEST_SECRET                         -> {
+                    secretShareManager.handleSecretRequest(event)
+                }
+                EventType.ROOM_KEY_REQUEST                       -> {
+                    event.getClearContent().toModel<RoomKeyShareRequest>()?.let { req ->
+                        event.senderId?.let { incomingKeyRequestManager.addNewIncomingRequest(it, req) }
+                    }
+                }
+                EventType.SEND_SECRET                            -> {
+                    onSecretSendReceived(event)
+                }
+                EventType.ROOM_KEY_WITHHELD                      -> {
+                    onKeyWithHeldReceived(event)
+                }
+                else                                             -> {
+                    // ignore
+                }
+            }
+        }
+        liveEventManager.get().dispatchOnLiveToDevice(event)
+    }
+
+    /**
+     * Handle a key event.
+     *
+     * @param event the key event.
+     */
+    private fun onRoomKeyEvent(event: Event) {
+        val roomKeyContent = event.getClearContent().toModel<RoomKeyContent>() ?: return
+        Timber.tag(loggerTag.value).i("onRoomKeyEvent() from: ${event.senderId} type<${event.getClearType()}> , sessionId<${roomKeyContent.sessionId}>")
+        if (roomKeyContent.roomId.isNullOrEmpty() || roomKeyContent.algorithm.isNullOrEmpty()) {
+            Timber.tag(loggerTag.value).e("onRoomKeyEvent() : missing fields")
+            return
+        }
+        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(roomKeyContent.roomId, roomKeyContent.algorithm)
+        if (alg == null) {
+            Timber.tag(loggerTag.value).e("GOSSIP onRoomKeyEvent() : Unable to handle keys for ${roomKeyContent.algorithm}")
+            return
+        }
+        alg.onRoomKeyEvent(event, keysBackupService)
+    }
+
+    private fun onKeyWithHeldReceived(event: Event) {
+        val withHeldContent = event.getClearContent().toModel<RoomKeyWithHeldContent>() ?: return Unit.also {
+            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
+        }
+        val senderId = event.senderId ?: return Unit.also {
+            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
+        }
+        withHeldContent.sessionId ?: return
+        withHeldContent.algorithm ?: return
+        withHeldContent.roomId ?: return
+        withHeldContent.senderKey ?: return
+        outgoingKeyRequestManager.onRoomKeyWithHeld(
+                sessionId = withHeldContent.sessionId,
+                algorithm = withHeldContent.algorithm,
+                roomId = withHeldContent.roomId,
+                senderKey = withHeldContent.senderKey,
+                fromDevice = withHeldContent.fromDevice,
+                event = Event(
+                        type = EventType.ROOM_KEY_WITHHELD,
+                        senderId = senderId,
+                        content = event.getClearContent()
+                )
+        )
+    }
+
+    private suspend fun onSecretSendReceived(event: Event) {
+        secretShareManager.onSecretSendReceived(event) { secretName, secretValue ->
+            handleSDKLevelGossip(secretName, secretValue)
+        }
+    }
+
+    /**
+     * Returns true if handled by SDK, otherwise should be sent to application layer
+     */
+    private fun handleSDKLevelGossip(secretName: String?,
+                                     secretValue: String): Boolean {
+        return when (secretName) {
+            MASTER_KEY_SSSS_NAME       -> {
+                crossSigningService.onSecretMSKGossip(secretValue)
+                true
+            }
+            SELF_SIGNING_KEY_SSSS_NAME -> {
+                crossSigningService.onSecretSSKGossip(secretValue)
+                true
+            }
+            USER_SIGNING_KEY_SSSS_NAME -> {
+                crossSigningService.onSecretUSKGossip(secretValue)
+                true
+            }
+            KEYBACKUP_SECRET_SSSS_NAME -> {
+                keysBackupService.onSecretKeyGossip(secretValue)
+                true
+            }
+            else                       -> false
+        }
+    }
+
+    /**
+     * Handle an m.room.encryption event.
+     *
+     * @param event the encryption event.
+     */
+    private fun onRoomEncryptionEvent(roomId: String, event: Event) {
+        if (!event.isStateEvent()) {
+            // Ignore
+            Timber.tag(loggerTag.value).w("Invalid encryption event")
+            return
+        }
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            val userIds = getRoomUserIds(roomId)
+            setEncryptionInRoom(roomId, event.content?.get("algorithm")?.toString(), true, userIds)
+        }
+    }
+
+    private fun getRoomUserIds(roomId: String): List<String> {
+        val encryptForInvitedMembers = isEncryptionEnabledForInvitedUser() &&
+                shouldEncryptForInvitedMembers(roomId)
+        return cryptoSessionInfoProvider.getRoomUserIds(roomId, encryptForInvitedMembers)
+    }
+
+    /**
+     * Handle a change in the membership state of a member of a room.
+     *
+     * @param event the membership event causing the change
+     */
+    private fun onRoomMembershipEvent(roomId: String, event: Event) {
+        roomEncryptorsStore.get(roomId) ?: /* No encrypting in this room */ return
+
+        event.stateKey?.let { userId ->
+            val roomMember: RoomMemberContent? = event.content.toModel()
+            val membership = roomMember?.membership
+            if (membership == Membership.JOIN) {
+                // make sure we are tracking the deviceList for this user.
+                deviceListManager.startTrackingDeviceList(listOf(userId))
+            } else if (membership == Membership.INVITE &&
+                    shouldEncryptForInvitedMembers(roomId) &&
+                    isEncryptionEnabledForInvitedUser()) {
+                // track the deviceList for this invited user.
+                // Caution: there's a big edge case here in that federated servers do not
+                // know what other servers are in the room at the time they've been invited.
+                // They therefore will not send device updates if a user logs in whilst
+                // their state is invite.
+                deviceListManager.startTrackingDeviceList(listOf(userId))
+            }
+        }
+    }
+
+    private fun onRoomHistoryVisibilityEvent(roomId: String, event: Event) {
+        if (!event.isStateEvent()) return
+        val eventContent = event.content.toModel<RoomHistoryVisibilityContent>()
+        eventContent?.historyVisibility?.let {
+            cryptoStore.setShouldEncryptForInvitedMembers(roomId, it != RoomHistoryVisibility.JOINED)
+        }
+    }
+
+    /**
+     * Upload my user's device keys.
+     */
+    private suspend fun uploadDeviceKeys() {
+        if (cryptoStore.areDeviceKeysUploaded()) {
+            Timber.tag(loggerTag.value).d("Keys already uploaded, nothing to do")
+            return
+        }
+        // Prepare the device keys data to send
+        // Sign it
+        val canonicalJson = JsonCanonicalizer.getCanonicalJson(Map::class.java, getMyDevice().signalableJSONDictionary())
+        var rest = getMyDevice().toRest()
+
+        rest = rest.copy(
+                signatures = objectSigner.signObject(canonicalJson)
+        )
+
+        val uploadDeviceKeysParams = UploadKeysTask.Params(rest, null, null)
+        uploadKeysTask.execute(uploadDeviceKeysParams)
+
+        cryptoStore.setDeviceKeysUploaded(true)
+    }
+
+    /**
+     * Export the crypto keys
+     *
+     * @param password the password
+     * @return the exported keys
+     */
+    override suspend fun exportRoomKeys(password: String): ByteArray {
+        return exportRoomKeys(password, MXMegolmExportEncryption.DEFAULT_ITERATION_COUNT)
+    }
+
+    /**
+     * Export the crypto keys
+     *
+     * @param password         the password
+     * @param anIterationCount the encryption iteration count (0 means no encryption)
+     */
+    private suspend fun exportRoomKeys(password: String, anIterationCount: Int): ByteArray {
+        return withContext(coroutineDispatchers.crypto) {
+            val iterationCount = max(0, anIterationCount)
+
+            val exportedSessions = cryptoStore.getInboundGroupSessions().mapNotNull { it.exportKeys() }
+
+            val adapter = MoshiProvider.providesMoshi()
+                    .adapter(List::class.java)
+
+            MXMegolmExportEncryption.encryptMegolmKeyFile(adapter.toJson(exportedSessions), password, iterationCount)
+        }
+    }
+
+    /**
+     * Import the room keys
+     *
+     * @param roomKeysAsArray  the room keys as array.
+     * @param password         the password
+     * @param progressListener the progress listener
+     * @return the result ImportRoomKeysResult
+     */
+    override suspend fun importRoomKeys(roomKeysAsArray: ByteArray,
+                                        password: String,
+                                        progressListener: ProgressListener?): ImportRoomKeysResult {
+        return withContext(coroutineDispatchers.crypto) {
+            Timber.tag(loggerTag.value).v("importRoomKeys starts")
+
+            val t0 = System.currentTimeMillis()
+            val roomKeys = MXMegolmExportEncryption.decryptMegolmKeyFile(roomKeysAsArray, password)
+            val t1 = System.currentTimeMillis()
+
+            Timber.tag(loggerTag.value).v("importRoomKeys : decryptMegolmKeyFile done in ${t1 - t0} ms")
+
+            val importedSessions = MoshiProvider.providesMoshi()
+                    .adapter<List<MegolmSessionData>>(Types.newParameterizedType(List::class.java, MegolmSessionData::class.java))
+                    .fromJson(roomKeys)
+
+            val t2 = System.currentTimeMillis()
+
+            Timber.tag(loggerTag.value).v("importRoomKeys : JSON parsing ${t2 - t1} ms")
+
+            if (importedSessions == null) {
+                throw Exception("Error")
+            }
+
+            megolmSessionDataImporter.handle(
+                    megolmSessionsData = importedSessions,
+                    fromBackup = false,
+                    progressListener = progressListener
+            )
+        }
+    }
+
+    /**
+     * Update the warn status when some unknown devices are detected.
+     *
+     * @param warn true to warn when some unknown devices are detected.
+     */
+    override fun setWarnOnUnknownDevices(warn: Boolean) {
+        warnOnUnknownDevicesRepository.setWarnOnUnknownDevices(warn)
+    }
+
+    /**
+     * Check if the user ids list have some unknown devices.
+     * A success means there is no unknown devices.
+     * If there are some unknown devices, a MXCryptoError.UnknownDevice exception is triggered.
+     *
+     * @param userIds  the user ids list
+     * @param callback the asynchronous callback.
+     */
+    fun checkUnknownDevices(userIds: List<String>, callback: MatrixCallback<Unit>) {
+        // force the refresh to ensure that the devices list is up-to-date
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            runCatching {
+                val keys = deviceListManager.downloadKeys(userIds, true)
+                val unknownDevices = getUnknownDevices(keys)
+                if (unknownDevices.map.isNotEmpty()) {
+                    // trigger an an unknown devices exception
+                    throw Failure.CryptoError(MXCryptoError.UnknownDevice(unknownDevices))
+                }
+            }.foldToCallback(callback)
+        }
+    }
+
+    /**
+     * Set the global override for whether the client should ever send encrypted
+     * messages to unverified devices.
+     * If false, it can still be overridden per-room.
+     * If true, it overrides the per-room settings.
+     *
+     * @param block    true to unilaterally blacklist all
+     */
+    override fun setGlobalBlacklistUnverifiedDevices(block: Boolean) {
+        cryptoStore.setGlobalBlacklistUnverifiedDevices(block)
+    }
+
+    override fun enableKeyGossiping(enable: Boolean) {
+        cryptoStore.enableKeyGossiping(enable)
+    }
+
+    override fun isKeyGossipingEnabled() = cryptoStore.isKeyGossipingEnabled()
+
+    /**
+     * Tells whether the client should ever send encrypted messages to unverified devices.
+     * The default value is false.
+     * This function must be called in the getEncryptingThreadHandler() thread.
+     *
+     * @return true to unilaterally blacklist all unverified devices.
+     */
+    override fun getGlobalBlacklistUnverifiedDevices(): Boolean {
+        return cryptoStore.getGlobalBlacklistUnverifiedDevices()
+    }
+
+    /**
+     * Tells whether the client should encrypt messages only for the verified devices
+     * in this room.
+     * The default value is false.
+     *
+     * @param roomId the room id
+     * @return true if the client should encrypt messages only for the verified devices.
+     */
+// TODO add this info in CryptoRoomEntity?
+    override fun isRoomBlacklistUnverifiedDevices(roomId: String?): Boolean {
+        return roomId?.let { cryptoStore.getRoomsListBlacklistUnverifiedDevices().contains(it) }
+                ?: false
+    }
+
+    /**
+     * Manages the room black-listing for unverified devices.
+     *
+     * @param roomId   the room id
+     * @param add      true to add the room id to the list, false to remove it.
+     */
+    private fun setRoomBlacklistUnverifiedDevices(roomId: String, add: Boolean) {
+        val roomIds = cryptoStore.getRoomsListBlacklistUnverifiedDevices().toMutableList()
+
+        if (add) {
+            if (roomId !in roomIds) {
+                roomIds.add(roomId)
+            }
+        } else {
+            roomIds.remove(roomId)
+        }
+
+        cryptoStore.setRoomsListBlacklistUnverifiedDevices(roomIds)
+    }
+
+    /**
+     * Add this room to the ones which don't encrypt messages to unverified devices.
+     *
+     * @param roomId   the room id
+     */
+    override fun setRoomBlacklistUnverifiedDevices(roomId: String) {
+        setRoomBlacklistUnverifiedDevices(roomId, true)
+    }
+
+    /**
+     * Remove this room to the ones which don't encrypt messages to unverified devices.
+     *
+     * @param roomId   the room id
+     */
+    override fun setRoomUnBlacklistUnverifiedDevices(roomId: String) {
+        setRoomBlacklistUnverifiedDevices(roomId, false)
+    }
+
+    /**
+     * Re request the encryption keys required to decrypt an event.
+     *
+     * @param event the event to decrypt again.
+     */
+    override fun reRequestRoomKeyForEvent(event: Event) {
+        outgoingKeyRequestManager.requestKeyForEvent(event, true)
+    }
+
+    override fun requestRoomKeyForEvent(event: Event) {
+        outgoingKeyRequestManager.requestKeyForEvent(event, false)
+    }
+
+    /**
+     * Add a GossipingRequestListener listener.
+     *
+     * @param listener listener
+     */
+    override fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
+        incomingKeyRequestManager.addRoomKeysRequestListener(listener)
+        secretShareManager.addListener(listener)
+    }
+
+    /**
+     * Add a GossipingRequestListener listener.
+     *
+     * @param listener listener
+     */
+    override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
+        incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
+        secretShareManager.addListener(listener)
+    }
+
+    /**
+     * Provides the list of unknown devices
+     *
+     * @param devicesInRoom the devices map
+     * @return the unknown devices map
+     */
+    private fun getUnknownDevices(devicesInRoom: MXUsersDevicesMap<CryptoDeviceInfo>): MXUsersDevicesMap<CryptoDeviceInfo> {
+        val unknownDevices = MXUsersDevicesMap<CryptoDeviceInfo>()
+        val userIds = devicesInRoom.userIds
+        for (userId in userIds) {
+            devicesInRoom.getUserDeviceIds(userId)?.forEach { deviceId ->
+                devicesInRoom.getObject(userId, deviceId)
+                        ?.takeIf { it.isUnknown }
+                        ?.let {
+                            unknownDevices.setObject(userId, deviceId, it)
+                        }
+            }
+        }
+
+        return unknownDevices
+    }
+
+    override fun downloadKeys(userIds: List<String>, forceDownload: Boolean, callback: MatrixCallback<MXUsersDevicesMap<CryptoDeviceInfo>>) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            runCatching {
+                deviceListManager.downloadKeys(userIds, forceDownload)
+            }.foldToCallback(callback)
+        }
+    }
+
+    override fun addNewSessionListener(newSessionListener: NewSessionListener) {
+        roomDecryptorProvider.addNewSessionListener(newSessionListener)
+    }
+
+    override fun removeSessionListener(listener: NewSessionListener) {
+        roomDecryptorProvider.removeSessionListener(listener)
+    }
+/* ==========================================================================================
+ * DEBUG INFO
+ * ========================================================================================== */
+
+    override fun toString(): String {
+        return "DefaultCryptoService of $userId ($deviceId)"
+    }
+
+    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
+        return cryptoStore.getOutgoingRoomKeyRequests()
+    }
+
+    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
+        return cryptoStore.getOutgoingRoomKeyRequestsPaged()
+    }
+
+    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
+        return cryptoStore.getGossipingEvents()
+                .mapNotNull {
+                    IncomingRoomKeyRequest.fromEvent(it)
+                }
+    }
+
+    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
+        return cryptoStore.getGossipingEventsTrail(TrailType.IncomingKeyRequest) {
+            IncomingRoomKeyRequest.fromEvent(it)
+                    ?: IncomingRoomKeyRequest(localCreationTimestamp = 0L)
+        }
+    }
+
+    /**
+     * If you registered a `GossipingRequestListener`, you will be notified of key request
+     * that was not accepted by the SDK. You can call back this manually to accept anyhow.
+     */
+    override suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest) {
+        incomingKeyRequestManager.manuallyAcceptRoomKeyRequest(request)
+    }
+
+    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
+        return cryptoStore.getGossipingEventsTrail()
+    }
+
+    override fun getGossipingEvents(): List<AuditTrail> {
+        return cryptoStore.getGossipingEvents()
+    }
+
+    override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
+        return cryptoStore.getSharedWithInfo(roomId, sessionId)
+    }
+
+    override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
+        return cryptoStore.getWithHeldMegolmSession(roomId, sessionId)
+    }
+
+    override fun logDbUsageInfo() {
+        cryptoStore.logDbUsageInfo()
+    }
+
+    override fun prepareToEncrypt(roomId: String, callback: MatrixCallback<Unit>) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            Timber.tag(loggerTag.value).d("prepareToEncrypt() roomId:$roomId Check room members up to date")
+            // Ensure to load all room members
+            try {
+                loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value).e("prepareToEncrypt() : Failed to load room members")
+                // we probably shouldn't block sending on that (but questionable)
+                // but some members won't be able to decrypt
+            }
+
+            val userIds = getRoomUserIds(roomId)
+            val alg = roomEncryptorsStore.get(roomId)
+                    ?: getEncryptionAlgorithm(roomId)
+                            ?.let { setEncryptionInRoom(roomId, it, false, userIds) }
+                            ?.let { roomEncryptorsStore.get(roomId) }
+
+            if (alg == null) {
+                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON, MXCryptoError.NO_MORE_ALGORITHM_REASON)
+                Timber.tag(loggerTag.value).e("prepareToEncrypt() : $reason")
+                callback.onFailure(IllegalArgumentException("Missing algorithm"))
+                return@launch
+            }
+
+            runCatching {
+                (alg as? IMXGroupEncryption)?.preshareKey(userIds)
+            }.fold(
+                    { callback.onSuccess(Unit) },
+                    {
+                        Timber.tag(loggerTag.value).e(it, "prepareToEncrypt() failed.")
+                        callback.onFailure(it)
+                    }
+            )
+        }
+    }
+
+    /* ==========================================================================================
+     * For test only
+     * ========================================================================================== */
+
+    @VisibleForTesting
+    val cryptoStoreForTesting = cryptoStore
+
+    @VisibleForTesting
+    val olmDeviceForTest = olmDevice
+
+    companion object {
+        const val CRYPTO_MIN_FORCE_SESSION_PERIOD_MILLIS = 3_600_000 // one hour
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
index 67d544ca43..b91a970fc1 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
@@ -1,926 +1,918 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import androidx.annotation.VisibleForTesting
-import kotlinx.coroutines.sync.Mutex
-import kotlinx.coroutines.sync.withLock
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
-import org.matrix.android.sdk.api.util.JSON_DICT_PARAMETERIZED_TYPE
-import org.matrix.android.sdk.api.util.JsonDict
-import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXOutboundSessionInfo
-import org.matrix.android.sdk.internal.crypto.algorithms.megolm.SharedWithHelper
-import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
-import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.di.MoshiProvider
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.util.JsonCanonicalizer
-import org.matrix.android.sdk.internal.util.convertFromUTF8
-import org.matrix.android.sdk.internal.util.convertToUTF8
-import org.matrix.olm.OlmAccount
-import org.matrix.olm.OlmException
-import org.matrix.olm.OlmMessage
-import org.matrix.olm.OlmOutboundGroupSession
-import org.matrix.olm.OlmSession
-import org.matrix.olm.OlmUtility
-import timber.log.Timber
-import javax.inject.Inject
-
-private val loggerTag = LoggerTag("MXOlmDevice", LoggerTag.CRYPTO)
-
-// The libolm wrapper.
-@SessionScope
-internal class MXOlmDevice @Inject constructor(
-        /**
-         * The store where crypto data is saved.
-         */
-        private val store: IMXCryptoStore,
-        private val olmSessionStore: OlmSessionStore,
-        private val inboundGroupSessionStore: InboundGroupSessionStore
-) {
-
-    val mutex = Mutex()
-
-    /**
-     * @return the Curve25519 key for the account.
-     */
-    var deviceCurve25519Key: String? = null
-        private set
-
-    /**
-     * @return the Ed25519 key for the account.
-     */
-    var deviceEd25519Key: String? = null
-        private set
-
-    // The OLM lib utility instance.
-    private var olmUtility: OlmUtility? = null
-
-    private data class GroupSessionCacheItem(
-            val groupId: String,
-            val groupSession: OlmOutboundGroupSession
-    )
-
-    // The outbound group session.
-    // Caches active outbound session to avoid to sync with DB before read
-    // The key is the session id, the value the <roomID,outbound group session>.
-    private val outboundGroupSessionCache: MutableMap<String, GroupSessionCacheItem> = HashMap()
-
-    // Store a set of decrypted message indexes for each group session.
-    // This partially mitigates a replay attack where a MITM resends a group
-    // message into the room.
-    //
-    // The Matrix SDK exposes events through MXEventTimelines. A developer can open several
-    // timelines from a same room so that a message can be decrypted several times but from
-    // a different timeline.
-    // So, store these message indexes per timeline id.
-    //
-    // The first level keys are timeline ids.
-    // The second level keys are strings of form "<senderKey>|<session_id>|<message_index>"
-    private val inboundGroupSessionMessageIndexes: MutableMap<String, MutableSet<String>> = HashMap()
-
-    init {
-        // Retrieve the account from the store
-        try {
-            store.getOrCreateOlmAccount()
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "MXOlmDevice : cannot initialize olmAccount")
-        }
-
-        try {
-            olmUtility = OlmUtility()
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : OlmUtility failed with error")
-            olmUtility = null
-        }
-
-        try {
-            deviceCurve25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_IDENTITY_KEY] }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_IDENTITY_KEY} with error")
-        }
-
-        try {
-            deviceEd25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_FINGER_PRINT_KEY] }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_FINGER_PRINT_KEY} with error")
-        }
-    }
-
-    /**
-     * @return The current (unused, unpublished) one-time keys for this account.
-     */
-    fun getOneTimeKeys(): Map<String, Map<String, String>>? {
-        try {
-            return store.doWithOlmAccount { it.oneTimeKeys() }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## getOneTimeKeys() : failed")
-        }
-
-        return null
-    }
-
-    /**
-     * @return The maximum number of one-time keys the olm account can store.
-     */
-    fun getMaxNumberOfOneTimeKeys(): Long {
-        return store.doWithOlmAccount { it.maxOneTimeKeys() }
-    }
-
-    /**
-     * Returns an unpublished fallback key
-     * A call to markKeysAsPublished will mark it as published and this
-     * call will return null (until a call to generateFallbackKey is made)
-     */
-    fun getFallbackKey(): MutableMap<String, MutableMap<String, String>>? {
-        try {
-            return store.doWithOlmAccount { it.fallbackKey() }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e("## getFallbackKey() : failed")
-        }
-        return null
-    }
-
-    /**
-     * Generates a new fallback key if there is not already
-     * an unpublished one.
-     * @return true if a new key was generated
-     */
-    fun generateFallbackKeyIfNeeded(): Boolean {
-        try {
-            if (!hasUnpublishedFallbackKey()) {
-                store.doWithOlmAccount {
-                    it.generateFallbackKey()
-                    store.saveOlmAccount()
-                }
-                return true
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e("## generateFallbackKey() : failed")
-        }
-        return false
-    }
-
-    internal fun hasUnpublishedFallbackKey(): Boolean {
-        return getFallbackKey()?.get(OlmAccount.JSON_KEY_ONE_TIME_KEY).orEmpty().isNotEmpty()
-    }
-
-    fun forgetFallbackKey() {
-        try {
-            store.doWithOlmAccount {
-                it.forgetFallbackKey()
-                store.saveOlmAccount()
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e("## forgetFallbackKey() : failed")
-        }
-    }
-
-    /**
-     * Release the instance
-     */
-    fun release() {
-        olmUtility?.releaseUtility()
-        outboundGroupSessionCache.values.forEach {
-            it.groupSession.releaseSession()
-        }
-        outboundGroupSessionCache.clear()
-        inboundGroupSessionStore.clear()
-        olmSessionStore.clear()
-    }
-
-    /**
-     * Signs a message with the ed25519 key for this account.
-     *
-     * @param message the message to be signed.
-     * @return the base64-encoded signature.
-     */
-    fun signMessage(message: String): String? {
-        try {
-            return store.doWithOlmAccount { it.signMessage(message) }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## signMessage() : failed")
-        }
-
-        return null
-    }
-
-    /**
-     * Marks all of the one-time keys as published.
-     */
-    fun markKeysAsPublished() {
-        try {
-            store.doWithOlmAccount {
-                it.markOneTimeKeysAsPublished()
-                store.saveOlmAccount()
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## markKeysAsPublished() : failed")
-        }
-    }
-
-    /**
-     * Generate some new one-time keys
-     *
-     * @param numKeys number of keys to generate
-     */
-    fun generateOneTimeKeys(numKeys: Int) {
-        try {
-            store.doWithOlmAccount {
-                it.generateOneTimeKeys(numKeys)
-                store.saveOlmAccount()
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## generateOneTimeKeys() : failed")
-        }
-    }
-
-    /**
-     * Generate a new outbound session.
-     * The new session will be stored in the MXStore.
-     *
-     * @param theirIdentityKey the remote user's Curve25519 identity key
-     * @param theirOneTimeKey  the remote user's one-time Curve25519 key
-     * @return the session id for the outbound session.
-     */
-    fun createOutboundSession(theirIdentityKey: String, theirOneTimeKey: String): String? {
-        Timber.tag(loggerTag.value).d("## createOutboundSession() ; theirIdentityKey $theirIdentityKey theirOneTimeKey $theirOneTimeKey")
-        var olmSession: OlmSession? = null
-
-        try {
-            olmSession = OlmSession()
-            store.doWithOlmAccount { olmAccount ->
-                olmSession.initOutboundSession(olmAccount, theirIdentityKey, theirOneTimeKey)
-            }
-
-            val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
-
-            // Pretend we've received a message at this point, otherwise
-            // if we try to send a message to the device, it won't use
-            // this session
-            olmSessionWrapper.onMessageReceived()
-
-            olmSessionStore.storeSession(olmSessionWrapper, theirIdentityKey)
-
-            val sessionIdentifier = olmSession.sessionIdentifier()
-
-            Timber.tag(loggerTag.value).v("## createOutboundSession() ;  olmSession.sessionIdentifier: $sessionIdentifier")
-            return sessionIdentifier
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## createOutboundSession() failed")
-
-            olmSession?.releaseSession()
-        }
-
-        return null
-    }
-
-    /**
-     * Generate a new inbound session, given an incoming message.
-     *
-     * @param theirDeviceIdentityKey the remote user's Curve25519 identity key.
-     * @param messageType            the message_type field from the received message (must be 0).
-     * @param ciphertext             base64-encoded body from the received message.
-     * @return {{payload: string, session_id: string}} decrypted payload, and session id of new session.
-     */
-    fun createInboundSession(theirDeviceIdentityKey: String, messageType: Int, ciphertext: String): Map<String, String>? {
-        Timber.tag(loggerTag.value).d("## createInboundSession() : theirIdentityKey: $theirDeviceIdentityKey")
-
-        var olmSession: OlmSession? = null
-
-        try {
-            try {
-                olmSession = OlmSession()
-                store.doWithOlmAccount { olmAccount ->
-                    olmSession.initInboundSessionFrom(olmAccount, theirDeviceIdentityKey, ciphertext)
-                }
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : the session creation failed")
-                return null
-            }
-
-            Timber.tag(loggerTag.value).v("## createInboundSession() : sessionId: ${olmSession.sessionIdentifier()}")
-
-            try {
-                store.doWithOlmAccount { olmAccount ->
-                    olmAccount.removeOneTimeKeys(olmSession)
-                    store.saveOlmAccount()
-                }
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : removeOneTimeKeys failed")
-            }
-
-//            Timber.tag(loggerTag.value).v("## createInboundSession() : ciphertext: $ciphertext.")
-//            try {
-//                val sha256 = olmUtility!!.sha256(URLEncoder.encode(ciphertext, "utf-8"))
-//                Timber.tag(loggerTag.value).v("## createInboundSession() :ciphertext: SHA256: $sha256")
-//            } catch (e: Exception) {
-//                Timber.tag(loggerTag.value).e(e, "## createInboundSession() :ciphertext: cannot encode ciphertext")
-//            }
-
-            val olmMessage = OlmMessage()
-            olmMessage.mCipherText = ciphertext
-            olmMessage.mType = messageType.toLong()
-
-            var payloadString: String? = null
-
-            try {
-                payloadString = olmSession.decryptMessage(olmMessage)
-
-                val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
-                // This counts as a received message: set last received message time to now
-                olmSessionWrapper.onMessageReceived()
-
-                olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : decryptMessage failed")
-            }
-
-            val res = HashMap<String, String>()
-
-            if (!payloadString.isNullOrEmpty()) {
-                res["payload"] = payloadString
-            }
-
-            val sessionIdentifier = olmSession.sessionIdentifier()
-
-            if (!sessionIdentifier.isNullOrEmpty()) {
-                res["session_id"] = sessionIdentifier
-            }
-
-            return res
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## createInboundSession() : OlmSession creation failed")
-
-            olmSession?.releaseSession()
-        }
-
-        return null
-    }
-
-    /**
-     * Get a list of known session IDs for the given device.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @return a list of known session ids for the device.
-     */
-    fun getSessionIds(theirDeviceIdentityKey: String): List<String> {
-        return olmSessionStore.getDeviceSessionIds(theirDeviceIdentityKey)
-    }
-
-    /**
-     * Get the right olm session id for encrypting messages to the given identity key.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @return the session id, or null if no established session.
-     */
-    fun getSessionId(theirDeviceIdentityKey: String): String? {
-        return olmSessionStore.getLastUsedSessionId(theirDeviceIdentityKey)
-    }
-
-    /**
-     * Encrypt an outgoing message using an existing session.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @param sessionId              the id of the active session
-     * @param payloadString          the payload to be encrypted and sent
-     * @return the cipher text
-     */
-    suspend fun encryptMessage(theirDeviceIdentityKey: String, sessionId: String, payloadString: String): Map<String, Any>? {
-        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
-
-        if (olmSessionWrapper != null) {
-            try {
-                Timber.tag(loggerTag.value).v("## encryptMessage() : olmSession.sessionIdentifier: $sessionId")
-
-                val olmMessage = olmSessionWrapper.mutex.withLock {
-                    olmSessionWrapper.olmSession.encryptMessage(payloadString)
-                }
-                return mapOf(
-                        "body" to olmMessage.mCipherText,
-                        "type" to olmMessage.mType,
-                ).also {
-                    olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
-                }
-            } catch (e: Throwable) {
-                Timber.tag(loggerTag.value).e(e, "## encryptMessage() : failed to encrypt olm with device|session:$theirDeviceIdentityKey|$sessionId")
-                return null
-            }
-        } else {
-            Timber.tag(loggerTag.value).e("## encryptMessage() : Failed to encrypt unknown session $sessionId")
-            return null
-        }
-    }
-
-    /**
-     * Decrypt an incoming message using an existing session.
-     *
-     * @param ciphertext             the base64-encoded body from the received message.
-     * @param messageType            message_type field from the received message.
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @param sessionId              the id of the active session.
-     * @return the decrypted payload.
-     */
-    @kotlin.jvm.Throws
-    suspend fun decryptMessage(ciphertext: String, messageType: Int, sessionId: String, theirDeviceIdentityKey: String): String? {
-        var payloadString: String? = null
-
-        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
-
-        if (null != olmSessionWrapper) {
-            val olmMessage = OlmMessage()
-            olmMessage.mCipherText = ciphertext
-            olmMessage.mType = messageType.toLong()
-
-            payloadString =
-                    olmSessionWrapper.mutex.withLock {
-                        olmSessionWrapper.olmSession.decryptMessage(olmMessage).also {
-                            olmSessionWrapper.onMessageReceived()
-                        }
-                    }
-            olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
-        }
-
-        return payloadString
-    }
-
-    /**
-     * Determine if an incoming messages is a prekey message matching an existing session.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @param sessionId              the id of the active session.
-     * @param messageType            message_type field from the received message.
-     * @param ciphertext             the base64-encoded body from the received message.
-     * @return YES if the received message is a prekey message which matchesthe given session.
-     */
-    fun matchesSession(theirDeviceIdentityKey: String, sessionId: String, messageType: Int, ciphertext: String): Boolean {
-        if (messageType != 0) {
-            return false
-        }
-
-        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
-        return null != olmSessionWrapper && olmSessionWrapper.olmSession.matchesInboundSession(ciphertext)
-    }
-
-    // Outbound group session
-
-    /**
-     * Generate a new outbound group session.
-     *
-     * @return the session id for the outbound session.
-     */
-    fun createOutboundGroupSessionForRoom(roomId: String): String? {
-        var session: OlmOutboundGroupSession? = null
-        try {
-            session = OlmOutboundGroupSession()
-            outboundGroupSessionCache[session.sessionIdentifier()] = GroupSessionCacheItem(roomId, session)
-            store.storeCurrentOutboundGroupSessionForRoom(roomId, session)
-            return session.sessionIdentifier()
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "createOutboundGroupSession")
-
-            session?.releaseSession()
-        }
-
-        return null
-    }
-
-    fun storeOutboundGroupSessionForRoom(roomId: String, sessionId: String) {
-        outboundGroupSessionCache[sessionId]?.let {
-            store.storeCurrentOutboundGroupSessionForRoom(roomId, it.groupSession)
-        }
-    }
-
-    fun restoreOutboundGroupSessionForRoom(roomId: String): MXOutboundSessionInfo? {
-        val restoredOutboundGroupSession = store.getCurrentOutboundGroupSessionForRoom(roomId)
-        if (restoredOutboundGroupSession != null) {
-            val sessionId = restoredOutboundGroupSession.outboundGroupSession.sessionIdentifier()
-            // cache it
-            outboundGroupSessionCache[sessionId] = GroupSessionCacheItem(roomId, restoredOutboundGroupSession.outboundGroupSession)
-
-            return MXOutboundSessionInfo(
-                    sessionId = sessionId,
-                    sharedWithHelper = SharedWithHelper(roomId, sessionId, store),
-                    restoredOutboundGroupSession.creationTime
-            )
-        }
-        return null
-    }
-
-    fun discardOutboundGroupSessionForRoom(roomId: String) {
-        val toDiscard = outboundGroupSessionCache.filter {
-            it.value.groupId == roomId
-        }
-        toDiscard.forEach { (sessionId, cacheItem) ->
-            cacheItem.groupSession.releaseSession()
-            outboundGroupSessionCache.remove(sessionId)
-        }
-        store.storeCurrentOutboundGroupSessionForRoom(roomId, null)
-    }
-
-    /**
-     * Get the current session key of  an outbound group session.
-     *
-     * @param sessionId the id of the outbound group session.
-     * @return the base64-encoded secret key.
-     */
-    fun getSessionKey(sessionId: String): String? {
-        if (sessionId.isNotEmpty()) {
-            try {
-                return outboundGroupSessionCache[sessionId]!!.groupSession.sessionKey()
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## getSessionKey() : failed")
-            }
-        }
-        return null
-    }
-
-    /**
-     * Get the current message index of an outbound group session.
-     *
-     * @param sessionId the id of the outbound group session.
-     * @return the current chain index.
-     */
-    fun getMessageIndex(sessionId: String): Int {
-        return if (sessionId.isNotEmpty()) {
-            outboundGroupSessionCache[sessionId]!!.groupSession.messageIndex()
-        } else 0
-    }
-
-    /**
-     * Encrypt an outgoing message with an outbound group session.
-     *
-     * @param sessionId     the id of the outbound group session.
-     * @param payloadString the payload to be encrypted and sent.
-     * @return ciphertext
-     */
-    fun encryptGroupMessage(sessionId: String, payloadString: String): String? {
-        if (sessionId.isNotEmpty() && payloadString.isNotEmpty()) {
-            try {
-                return outboundGroupSessionCache[sessionId]!!.groupSession.encryptMessage(payloadString)
-            } catch (e: Throwable) {
-                Timber.tag(loggerTag.value).e(e, "## encryptGroupMessage() : failed")
-            }
-        }
-        return null
-    }
-
-    //  Inbound group session
-
-    sealed class AddSessionResult {
-        data class Imported(val ratchetIndex: Int) : AddSessionResult()
-        abstract class Failure : AddSessionResult()
-        object NotImported : Failure()
-        data class NotImportedHigherIndex(val newIndex: Int) : AddSessionResult()
-    }
-
-    /**
-     * Add an inbound group session to the session store.
-     *
-     * @param sessionId                    the session identifier.
-     * @param sessionKey                   base64-encoded secret key.
-     * @param roomId                       the id of the room in which this session will be used.
-     * @param senderKey                    the base64-encoded curve25519 key of the sender.
-     * @param forwardingCurve25519KeyChain Devices involved in forwarding this session to us.
-     * @param keysClaimed                  Other keys the sender claims.
-     * @param exportFormat                 true if the megolm keys are in export format
-     * @return true if the operation succeeds.
-     */
-    fun addInboundGroupSession(sessionId: String,
-                               sessionKey: String,
-                               roomId: String,
-                               senderKey: String,
-                               forwardingCurve25519KeyChain: List<String>,
-                               keysClaimed: Map<String, String>,
-                               exportFormat: Boolean): AddSessionResult {
-        val candidateSession = OlmInboundGroupSessionWrapper2(sessionKey, exportFormat)
-        val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
-        val existingSession = existingSessionHolder?.wrapper
-        // If we have an existing one we should check if the new one is not better
-        if (existingSession != null) {
-            Timber.tag(loggerTag.value).d("## addInboundGroupSession() check if known session is better than candidate session")
-            try {
-                val existingFirstKnown = existingSession.firstKnownIndex ?: return AddSessionResult.NotImported.also {
-                    // This is quite unexpected, could throw if native was released?
-                    Timber.tag(loggerTag.value).e("## addInboundGroupSession() null firstKnownIndex on existing session")
-                    candidateSession.olmInboundGroupSession?.releaseSession()
-                    // Probably should discard it?
-                }
-                val newKnownFirstIndex = candidateSession.firstKnownIndex
-                // If our existing session is better we keep it
-                if (newKnownFirstIndex != null && existingFirstKnown <= newKnownFirstIndex) {
-                    Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
-                    candidateSession.olmInboundGroupSession?.releaseSession()
-                    return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
-                }
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value).e("## addInboundGroupSession() Failed to add inbound: ${failure.localizedMessage}")
-                candidateSession.olmInboundGroupSession?.releaseSession()
-                return AddSessionResult.NotImported
-            }
-        }
-
-        Timber.tag(loggerTag.value).d("## addInboundGroupSession() : Candidate session should be added $senderKey/$sessionId")
-
-        // sanity check on the new session
-        val candidateOlmInboundSession = candidateSession.olmInboundGroupSession
-        if (null == candidateOlmInboundSession) {
-            Timber.tag(loggerTag.value).e("## addInboundGroupSession : invalid session <null>")
-            return AddSessionResult.NotImported
-        }
-
-        try {
-            if (candidateOlmInboundSession.sessionIdentifier() != sessionId) {
-                Timber.tag(loggerTag.value).e("## addInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
-                candidateOlmInboundSession.releaseSession()
-                return AddSessionResult.NotImported
-            }
-        } catch (e: Throwable) {
-            candidateOlmInboundSession.releaseSession()
-            Timber.tag(loggerTag.value).e(e, "## addInboundGroupSession : sessionIdentifier() failed")
-            return AddSessionResult.NotImported
-        }
-
-        candidateSession.senderKey = senderKey
-        candidateSession.roomId = roomId
-        candidateSession.keysClaimed = keysClaimed
-        candidateSession.forwardingCurve25519KeyChain = forwardingCurve25519KeyChain
-
-        if (existingSession != null) {
-            inboundGroupSessionStore.replaceGroupSession(existingSessionHolder, InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
-        } else {
-            inboundGroupSessionStore.storeInBoundGroupSession(InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
-        }
-
-        return AddSessionResult.Imported(candidateSession.firstKnownIndex?.toInt() ?: 0)
-    }
-
-    /**
-     * Import an inbound group sessions to the session store.
-     *
-     * @param megolmSessionsData the megolm sessions data
-     * @return the successfully imported sessions.
-     */
-    fun importInboundGroupSessions(megolmSessionsData: List<MegolmSessionData>): List<OlmInboundGroupSessionWrapper2> {
-        val sessions = ArrayList<OlmInboundGroupSessionWrapper2>(megolmSessionsData.size)
-
-        for (megolmSessionData in megolmSessionsData) {
-            val sessionId = megolmSessionData.sessionId ?: continue
-            val senderKey = megolmSessionData.senderKey ?: continue
-            val roomId = megolmSessionData.roomId
-
-            var candidateSessionToImport: OlmInboundGroupSessionWrapper2? = null
-
-            try {
-                candidateSessionToImport = OlmInboundGroupSessionWrapper2(megolmSessionData)
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
-            }
-
-            // sanity check
-            if (candidateSessionToImport?.olmInboundGroupSession == null) {
-                Timber.tag(loggerTag.value).e("## importInboundGroupSession : invalid session")
-                continue
-            }
-
-            val candidateOlmInboundGroupSession = candidateSessionToImport.olmInboundGroupSession
-            try {
-                if (candidateOlmInboundGroupSession?.sessionIdentifier() != sessionId) {
-                    Timber.tag(loggerTag.value).e("## importInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
-                    candidateOlmInboundGroupSession?.releaseSession()
-                    continue
-                }
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession : sessionIdentifier() failed")
-                candidateOlmInboundGroupSession?.releaseSession()
-                continue
-            }
-
-            val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
-            val existingSession = existingSessionHolder?.wrapper
-
-            if (existingSession == null) {
-                // Session does not already exist, add it
-                Timber.tag(loggerTag.value).d("## importInboundGroupSession() : importing new megolm session $senderKey/$sessionId")
-                sessions.add(candidateSessionToImport)
-            } else {
-                Timber.tag(loggerTag.value).e("## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
-                val existingFirstKnown = tryOrNull { existingSession.firstKnownIndex }
-                val candidateFirstKnownIndex = tryOrNull { candidateSessionToImport.firstKnownIndex }
-
-                if (existingFirstKnown == null || candidateFirstKnownIndex == null) {
-                    // should not happen?
-                    candidateSessionToImport.olmInboundGroupSession?.releaseSession()
-                    Timber.tag(loggerTag.value)
-                            .w("## importInboundGroupSession() : Can't check session null index $existingFirstKnown/$candidateFirstKnownIndex")
-                } else {
-                    if (existingFirstKnown <= candidateSessionToImport.firstKnownIndex!!) {
-                        // Ignore this, keep existing
-                        candidateOlmInboundGroupSession.releaseSession()
-                    } else {
-                        // update cache with better session
-                        inboundGroupSessionStore.replaceGroupSession(
-                                existingSessionHolder,
-                                InboundGroupSessionHolder(candidateSessionToImport),
-                                sessionId,
-                                senderKey
-                        )
-                        sessions.add(candidateSessionToImport)
-                    }
-                }
-            }
-        }
-
-        store.storeInboundGroupSessions(sessions)
-
-        return sessions
-    }
-
-    /**
-     * Decrypt a received message with an inbound group session.
-     *
-     * @param body      the base64-encoded body of the encrypted message.
-     * @param roomId    the room in which the message was received.
-     * @param timeline  the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @param sessionId the session identifier.
-     * @param senderKey the base64-encoded curve25519 key of the sender.
-     * @return the decrypting result. Nil if the sessionId is unknown.
-     */
-    @Throws(MXCryptoError::class)
-    suspend fun decryptGroupMessage(body: String,
-                                    roomId: String,
-                                    timeline: String?,
-                                    sessionId: String,
-                                    senderKey: String): OlmDecryptionResult {
-        val sessionHolder = getInboundGroupSession(sessionId, senderKey, roomId)
-        val wrapper = sessionHolder.wrapper
-        val inboundGroupSession = wrapper.olmInboundGroupSession
-                ?: throw MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_DECRYPT, "Session is null")
-        // Check that the room id matches the original one for the session. This stops
-        // the HS pretending a message was targeting a different room.
-        if (roomId == wrapper.roomId) {
-            val decryptResult = try {
-                sessionHolder.mutex.withLock {
-                    inboundGroupSession.decryptMessage(body)
-                }
-            } catch (e: OlmException) {
-                Timber.tag(loggerTag.value).e(e, "## decryptGroupMessage () : decryptMessage failed")
-                throw MXCryptoError.OlmError(e)
-            }
-
-            if (timeline?.isNotBlank() == true) {
-                val timelineSet = inboundGroupSessionMessageIndexes.getOrPut(timeline) { mutableSetOf() }
-
-                val messageIndexKey = senderKey + "|" + sessionId + "|" + decryptResult.mIndex
-
-                if (timelineSet.contains(messageIndexKey)) {
-                    val reason = String.format(MXCryptoError.DUPLICATE_MESSAGE_INDEX_REASON, decryptResult.mIndex)
-                    Timber.tag(loggerTag.value).e("## decryptGroupMessage() timelineId=$timeline: $reason")
-                    throw MXCryptoError.Base(MXCryptoError.ErrorType.DUPLICATED_MESSAGE_INDEX, reason)
-                }
-
-                timelineSet.add(messageIndexKey)
-            }
-
-            inboundGroupSessionStore.storeInBoundGroupSession(sessionHolder, sessionId, senderKey)
-            val payload = try {
-                val adapter = MoshiProvider.providesMoshi().adapter<JsonDict>(JSON_DICT_PARAMETERIZED_TYPE)
-                val payloadString = convertFromUTF8(decryptResult.mDecryptedMessage)
-                adapter.fromJson(payloadString)
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e("## decryptGroupMessage() : fails to parse the payload")
-                throw MXCryptoError.Base(MXCryptoError.ErrorType.BAD_DECRYPTED_FORMAT, MXCryptoError.BAD_DECRYPTED_FORMAT_TEXT_REASON)
-            }
-
-            return OlmDecryptionResult(
-                    payload,
-                    wrapper.keysClaimed,
-                    senderKey,
-                    wrapper.forwardingCurve25519KeyChain
-            )
-        } else {
-            val reason = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, wrapper.roomId)
-            Timber.tag(loggerTag.value).e("## decryptGroupMessage() : $reason")
-            throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, reason)
-        }
-    }
-
-    /**
-     * Reset replay attack data for the given timeline.
-     *
-     * @param timeline the id of the timeline.
-     */
-    fun resetReplayAttackCheckInTimeline(timeline: String?) {
-        if (null != timeline) {
-            inboundGroupSessionMessageIndexes.remove(timeline)
-        }
-    }
-
-//  Utilities
-
-    /**
-     * Verify an ed25519 signature on a JSON object.
-     *
-     * @param key            the ed25519 key.
-     * @param jsonDictionary the JSON object which was signed.
-     * @param signature      the base64-encoded signature to be checked.
-     * @throws Exception the exception
-     */
-    @Throws(Exception::class)
-    fun verifySignature(key: String, jsonDictionary: Map<String, Any>, signature: String) {
-        // Check signature on the canonical version of the JSON
-        olmUtility!!.verifyEd25519Signature(signature, key, JsonCanonicalizer.getCanonicalJson(Map::class.java, jsonDictionary))
-    }
-
-    /**
-     * Calculate the SHA-256 hash of the input and encodes it as base64.
-     *
-     * @param message the message to hash.
-     * @return the base64-encoded hash value.
-     */
-    fun sha256(message: String): String {
-        return olmUtility!!.sha256(convertToUTF8(message))
-    }
-
-    /**
-     * Search an OlmSession
-     *
-     * @param theirDeviceIdentityKey the device key
-     * @param sessionId              the session Id
-     * @return the olm session
-     */
-    private fun getSessionForDevice(theirDeviceIdentityKey: String, sessionId: String): OlmSessionWrapper? {
-        // sanity check
-        return if (theirDeviceIdentityKey.isEmpty() || sessionId.isEmpty()) null else {
-            olmSessionStore.getDeviceSession(sessionId, theirDeviceIdentityKey)
-        }
-    }
-
-    /**
-     * Extract an InboundGroupSession from the session store and do some check.
-     * inboundGroupSessionWithIdError describes the failure reason.
-     *
-     * @param roomId    the room where the session is used.
-     * @param sessionId the session identifier.
-     * @param senderKey the base64-encoded curve25519 key of the sender.
-     * @return the inbound group session.
-     */
-    fun getInboundGroupSession(sessionId: String?, senderKey: String?, roomId: String?): InboundGroupSessionHolder {
-        if (sessionId.isNullOrBlank() || senderKey.isNullOrBlank()) {
-            throw MXCryptoError.Base(MXCryptoError.ErrorType.MISSING_SENDER_KEY, MXCryptoError.ERROR_MISSING_PROPERTY_REASON)
-        }
-
-        val holder = inboundGroupSessionStore.getInboundGroupSession(sessionId, senderKey)
-        val session = holder?.wrapper
-
-        if (session != null) {
-            // Check that the room id matches the original one for the session. This stops
-            // the HS pretending a message was targeting a different room.
-            if (roomId != session.roomId) {
-                val errorDescription = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, session.roomId)
-                Timber.tag(loggerTag.value).e("## getInboundGroupSession() : $errorDescription")
-                throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, errorDescription)
-            } else {
-                return holder
-            }
-        } else {
-            Timber.tag(loggerTag.value).w("## getInboundGroupSession() : UISI $sessionId")
-            throw MXCryptoError.Base(MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID, MXCryptoError.UNKNOWN_INBOUND_SESSION_ID_REASON)
-        }
-    }
-
-    /**
-     * Determine if we have the keys for a given megolm session.
-     *
-     * @param roomId    room in which the message was received
-     * @param senderKey base64-encoded curve25519 key of the sender
-     * @param sessionId session identifier
-     * @return true if the unbound session keys are known.
-     */
-    fun hasInboundSessionKeys(roomId: String, senderKey: String, sessionId: String): Boolean {
-        return runCatching { getInboundGroupSession(sessionId, senderKey, roomId) }.isSuccess
-    }
-
-    @VisibleForTesting
-    fun clearOlmSessionCache() {
-        olmSessionStore.clear()
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import androidx.annotation.VisibleForTesting
+import kotlinx.coroutines.sync.Mutex
+import kotlinx.coroutines.sync.withLock
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.MXCryptoError
+import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
+import org.matrix.android.sdk.api.util.JSON_DICT_PARAMETERIZED_TYPE
+import org.matrix.android.sdk.api.util.JsonDict
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXOutboundSessionInfo
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.SharedWithHelper
+import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
+import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.di.MoshiProvider
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.util.JsonCanonicalizer
+import org.matrix.android.sdk.internal.util.convertFromUTF8
+import org.matrix.android.sdk.internal.util.convertToUTF8
+import org.matrix.olm.OlmAccount
+import org.matrix.olm.OlmException
+import org.matrix.olm.OlmMessage
+import org.matrix.olm.OlmOutboundGroupSession
+import org.matrix.olm.OlmSession
+import org.matrix.olm.OlmUtility
+import timber.log.Timber
+import javax.inject.Inject
+
+private val loggerTag = LoggerTag("MXOlmDevice", LoggerTag.CRYPTO)
+
+// The libolm wrapper.
+@SessionScope
+internal class MXOlmDevice @Inject constructor(
+        /**
+         * The store where crypto data is saved.
+         */
+        private val store: IMXCryptoStore,
+        private val olmSessionStore: OlmSessionStore,
+        private val inboundGroupSessionStore: InboundGroupSessionStore
+) {
+
+    val mutex = Mutex()
+
+    /**
+     * @return the Curve25519 key for the account.
+     */
+    var deviceCurve25519Key: String? = null
+        private set
+
+    /**
+     * @return the Ed25519 key for the account.
+     */
+    var deviceEd25519Key: String? = null
+        private set
+
+    // The OLM lib utility instance.
+    private var olmUtility: OlmUtility? = null
+
+    private data class GroupSessionCacheItem(
+            val groupId: String,
+            val groupSession: OlmOutboundGroupSession
+    )
+
+    // The outbound group session.
+    // Caches active outbound session to avoid to sync with DB before read
+    // The key is the session id, the value the <roomID,outbound group session>.
+    private val outboundGroupSessionCache: MutableMap<String, GroupSessionCacheItem> = HashMap()
+
+    // Store a set of decrypted message indexes for each group session.
+    // This partially mitigates a replay attack where a MITM resends a group
+    // message into the room.
+    //
+    // The Matrix SDK exposes events through MXEventTimelines. A developer can open several
+    // timelines from a same room so that a message can be decrypted several times but from
+    // a different timeline.
+    // So, store these message indexes per timeline id.
+    //
+    // The first level keys are timeline ids.
+    // The second level keys are strings of form "<senderKey>|<session_id>|<message_index>"
+    private val inboundGroupSessionMessageIndexes: MutableMap<String, MutableSet<String>> = HashMap()
+
+    init {
+        // Retrieve the account from the store
+        try {
+            store.getOrCreateOlmAccount()
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "MXOlmDevice : cannot initialize olmAccount")
+        }
+
+        try {
+            olmUtility = OlmUtility()
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : OlmUtility failed with error")
+            olmUtility = null
+        }
+
+        try {
+            deviceCurve25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_IDENTITY_KEY] }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_IDENTITY_KEY} with error")
+        }
+
+        try {
+            deviceEd25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_FINGER_PRINT_KEY] }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_FINGER_PRINT_KEY} with error")
+        }
+    }
+
+    /**
+     * @return The current (unused, unpublished) one-time keys for this account.
+     */
+    fun getOneTimeKeys(): Map<String, Map<String, String>>? {
+        try {
+            return store.doWithOlmAccount { it.oneTimeKeys() }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## getOneTimeKeys() : failed")
+        }
+
+        return null
+    }
+
+    /**
+     * @return The maximum number of one-time keys the olm account can store.
+     */
+    fun getMaxNumberOfOneTimeKeys(): Long {
+        return store.doWithOlmAccount { it.maxOneTimeKeys() }
+    }
+
+    /**
+     * Returns an unpublished fallback key
+     * A call to markKeysAsPublished will mark it as published and this
+     * call will return null (until a call to generateFallbackKey is made)
+     */
+    fun getFallbackKey(): MutableMap<String, MutableMap<String, String>>? {
+        try {
+            return store.doWithOlmAccount { it.fallbackKey() }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e("## getFallbackKey() : failed")
+        }
+        return null
+    }
+
+    /**
+     * Generates a new fallback key if there is not already
+     * an unpublished one.
+     * @return true if a new key was generated
+     */
+    fun generateFallbackKeyIfNeeded(): Boolean {
+        try {
+            if (!hasUnpublishedFallbackKey()) {
+                store.doWithOlmAccount {
+                    it.generateFallbackKey()
+                    store.saveOlmAccount()
+                }
+                return true
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e("## generateFallbackKey() : failed")
+        }
+        return false
+    }
+
+    internal fun hasUnpublishedFallbackKey(): Boolean {
+        return getFallbackKey()?.get(OlmAccount.JSON_KEY_ONE_TIME_KEY).orEmpty().isNotEmpty()
+    }
+
+    fun forgetFallbackKey() {
+        try {
+            store.doWithOlmAccount {
+                it.forgetFallbackKey()
+                store.saveOlmAccount()
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e("## forgetFallbackKey() : failed")
+        }
+    }
+
+    /**
+     * Release the instance
+     */
+    fun release() {
+        olmUtility?.releaseUtility()
+        outboundGroupSessionCache.values.forEach {
+            it.groupSession.releaseSession()
+        }
+        outboundGroupSessionCache.clear()
+        inboundGroupSessionStore.clear()
+        olmSessionStore.clear()
+    }
+
+    /**
+     * Signs a message with the ed25519 key for this account.
+     *
+     * @param message the message to be signed.
+     * @return the base64-encoded signature.
+     */
+    fun signMessage(message: String): String? {
+        try {
+            return store.doWithOlmAccount { it.signMessage(message) }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## signMessage() : failed")
+        }
+
+        return null
+    }
+
+    /**
+     * Marks all of the one-time keys as published.
+     */
+    fun markKeysAsPublished() {
+        try {
+            store.doWithOlmAccount {
+                it.markOneTimeKeysAsPublished()
+                store.saveOlmAccount()
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## markKeysAsPublished() : failed")
+        }
+    }
+
+    /**
+     * Generate some new one-time keys
+     *
+     * @param numKeys number of keys to generate
+     */
+    fun generateOneTimeKeys(numKeys: Int) {
+        try {
+            store.doWithOlmAccount {
+                it.generateOneTimeKeys(numKeys)
+                store.saveOlmAccount()
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## generateOneTimeKeys() : failed")
+        }
+    }
+
+    /**
+     * Generate a new outbound session.
+     * The new session will be stored in the MXStore.
+     *
+     * @param theirIdentityKey the remote user's Curve25519 identity key
+     * @param theirOneTimeKey  the remote user's one-time Curve25519 key
+     * @return the session id for the outbound session.
+     */
+    fun createOutboundSession(theirIdentityKey: String, theirOneTimeKey: String): String? {
+        Timber.tag(loggerTag.value).d("## createOutboundSession() ; theirIdentityKey $theirIdentityKey theirOneTimeKey $theirOneTimeKey")
+        var olmSession: OlmSession? = null
+
+        try {
+            olmSession = OlmSession()
+            store.doWithOlmAccount { olmAccount ->
+                olmSession.initOutboundSession(olmAccount, theirIdentityKey, theirOneTimeKey)
+            }
+
+            val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
+
+            // Pretend we've received a message at this point, otherwise
+            // if we try to send a message to the device, it won't use
+            // this session
+            olmSessionWrapper.onMessageReceived()
+
+            olmSessionStore.storeSession(olmSessionWrapper, theirIdentityKey)
+
+            val sessionIdentifier = olmSession.sessionIdentifier()
+
+            Timber.tag(loggerTag.value).v("## createOutboundSession() ;  olmSession.sessionIdentifier: $sessionIdentifier")
+            return sessionIdentifier
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## createOutboundSession() failed")
+
+            olmSession?.releaseSession()
+        }
+
+        return null
+    }
+
+    /**
+     * Generate a new inbound session, given an incoming message.
+     *
+     * @param theirDeviceIdentityKey the remote user's Curve25519 identity key.
+     * @param messageType            the message_type field from the received message (must be 0).
+     * @param ciphertext             base64-encoded body from the received message.
+     * @return {{payload: string, session_id: string}} decrypted payload, and session id of new session.
+     */
+    fun createInboundSession(theirDeviceIdentityKey: String, messageType: Int, ciphertext: String): Map<String, String>? {
+        Timber.tag(loggerTag.value).d("## createInboundSession() : theirIdentityKey: $theirDeviceIdentityKey")
+
+        var olmSession: OlmSession? = null
+
+        try {
+            try {
+                olmSession = OlmSession()
+                store.doWithOlmAccount { olmAccount ->
+                    olmSession.initInboundSessionFrom(olmAccount, theirDeviceIdentityKey, ciphertext)
+                }
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : the session creation failed")
+                return null
+            }
+
+            Timber.tag(loggerTag.value).v("## createInboundSession() : sessionId: ${olmSession.sessionIdentifier()}")
+
+            try {
+                store.doWithOlmAccount { olmAccount ->
+                    olmAccount.removeOneTimeKeys(olmSession)
+                    store.saveOlmAccount()
+                }
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : removeOneTimeKeys failed")
+            }
+
+            val olmMessage = OlmMessage()
+            olmMessage.mCipherText = ciphertext
+            olmMessage.mType = messageType.toLong()
+
+            var payloadString: String? = null
+
+            try {
+                payloadString = olmSession.decryptMessage(olmMessage)
+
+                val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
+                // This counts as a received message: set last received message time to now
+                olmSessionWrapper.onMessageReceived()
+
+                olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : decryptMessage failed")
+            }
+
+            val res = HashMap<String, String>()
+
+            if (!payloadString.isNullOrEmpty()) {
+                res["payload"] = payloadString
+            }
+
+            val sessionIdentifier = olmSession.sessionIdentifier()
+
+            if (!sessionIdentifier.isNullOrEmpty()) {
+                res["session_id"] = sessionIdentifier
+            }
+
+            return res
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## createInboundSession() : OlmSession creation failed")
+
+            olmSession?.releaseSession()
+        }
+
+        return null
+    }
+
+    /**
+     * Get a list of known session IDs for the given device.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @return a list of known session ids for the device.
+     */
+    fun getSessionIds(theirDeviceIdentityKey: String): List<String> {
+        return olmSessionStore.getDeviceSessionIds(theirDeviceIdentityKey)
+    }
+
+    /**
+     * Get the right olm session id for encrypting messages to the given identity key.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @return the session id, or null if no established session.
+     */
+    fun getSessionId(theirDeviceIdentityKey: String): String? {
+        return olmSessionStore.getLastUsedSessionId(theirDeviceIdentityKey)
+    }
+
+    /**
+     * Encrypt an outgoing message using an existing session.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @param sessionId              the id of the active session
+     * @param payloadString          the payload to be encrypted and sent
+     * @return the cipher text
+     */
+    suspend fun encryptMessage(theirDeviceIdentityKey: String, sessionId: String, payloadString: String): Map<String, Any>? {
+        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
+
+        if (olmSessionWrapper != null) {
+            try {
+                Timber.tag(loggerTag.value).v("## encryptMessage() : olmSession.sessionIdentifier: $sessionId")
+
+                val olmMessage = olmSessionWrapper.mutex.withLock {
+                    olmSessionWrapper.olmSession.encryptMessage(payloadString)
+                }
+                return mapOf(
+                        "body" to olmMessage.mCipherText,
+                        "type" to olmMessage.mType,
+                ).also {
+                    olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
+                }
+            } catch (e: Throwable) {
+                Timber.tag(loggerTag.value).e(e, "## encryptMessage() : failed to encrypt olm with device|session:$theirDeviceIdentityKey|$sessionId")
+                return null
+            }
+        } else {
+            Timber.tag(loggerTag.value).e("## encryptMessage() : Failed to encrypt unknown session $sessionId")
+            return null
+        }
+    }
+
+    /**
+     * Decrypt an incoming message using an existing session.
+     *
+     * @param ciphertext             the base64-encoded body from the received message.
+     * @param messageType            message_type field from the received message.
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @param sessionId              the id of the active session.
+     * @return the decrypted payload.
+     */
+    @kotlin.jvm.Throws
+    suspend fun decryptMessage(ciphertext: String, messageType: Int, sessionId: String, theirDeviceIdentityKey: String): String? {
+        var payloadString: String? = null
+
+        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
+
+        if (null != olmSessionWrapper) {
+            val olmMessage = OlmMessage()
+            olmMessage.mCipherText = ciphertext
+            olmMessage.mType = messageType.toLong()
+
+            payloadString =
+                    olmSessionWrapper.mutex.withLock {
+                        olmSessionWrapper.olmSession.decryptMessage(olmMessage).also {
+                            olmSessionWrapper.onMessageReceived()
+                        }
+                    }
+            olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
+        }
+
+        return payloadString
+    }
+
+    /**
+     * Determine if an incoming messages is a prekey message matching an existing session.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @param sessionId              the id of the active session.
+     * @param messageType            message_type field from the received message.
+     * @param ciphertext             the base64-encoded body from the received message.
+     * @return YES if the received message is a prekey message which matchesthe given session.
+     */
+    fun matchesSession(theirDeviceIdentityKey: String, sessionId: String, messageType: Int, ciphertext: String): Boolean {
+        if (messageType != 0) {
+            return false
+        }
+
+        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
+        return null != olmSessionWrapper && olmSessionWrapper.olmSession.matchesInboundSession(ciphertext)
+    }
+
+    // Outbound group session
+
+    /**
+     * Generate a new outbound group session.
+     *
+     * @return the session id for the outbound session.
+     */
+    fun createOutboundGroupSessionForRoom(roomId: String): String? {
+        var session: OlmOutboundGroupSession? = null
+        try {
+            session = OlmOutboundGroupSession()
+            outboundGroupSessionCache[session.sessionIdentifier()] = GroupSessionCacheItem(roomId, session)
+            store.storeCurrentOutboundGroupSessionForRoom(roomId, session)
+            return session.sessionIdentifier()
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "createOutboundGroupSession")
+
+            session?.releaseSession()
+        }
+
+        return null
+    }
+
+    fun storeOutboundGroupSessionForRoom(roomId: String, sessionId: String) {
+        outboundGroupSessionCache[sessionId]?.let {
+            store.storeCurrentOutboundGroupSessionForRoom(roomId, it.groupSession)
+        }
+    }
+
+    fun restoreOutboundGroupSessionForRoom(roomId: String): MXOutboundSessionInfo? {
+        val restoredOutboundGroupSession = store.getCurrentOutboundGroupSessionForRoom(roomId)
+        if (restoredOutboundGroupSession != null) {
+            val sessionId = restoredOutboundGroupSession.outboundGroupSession.sessionIdentifier()
+            // cache it
+            outboundGroupSessionCache[sessionId] = GroupSessionCacheItem(roomId, restoredOutboundGroupSession.outboundGroupSession)
+
+            return MXOutboundSessionInfo(
+                    sessionId = sessionId,
+                    sharedWithHelper = SharedWithHelper(roomId, sessionId, store),
+                    restoredOutboundGroupSession.creationTime
+            )
+        }
+        return null
+    }
+
+    fun discardOutboundGroupSessionForRoom(roomId: String) {
+        val toDiscard = outboundGroupSessionCache.filter {
+            it.value.groupId == roomId
+        }
+        toDiscard.forEach { (sessionId, cacheItem) ->
+            cacheItem.groupSession.releaseSession()
+            outboundGroupSessionCache.remove(sessionId)
+        }
+        store.storeCurrentOutboundGroupSessionForRoom(roomId, null)
+    }
+
+    /**
+     * Get the current session key of  an outbound group session.
+     *
+     * @param sessionId the id of the outbound group session.
+     * @return the base64-encoded secret key.
+     */
+    fun getSessionKey(sessionId: String): String? {
+        if (sessionId.isNotEmpty()) {
+            try {
+                return outboundGroupSessionCache[sessionId]!!.groupSession.sessionKey()
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## getSessionKey() : failed")
+            }
+        }
+        return null
+    }
+
+    /**
+     * Get the current message index of an outbound group session.
+     *
+     * @param sessionId the id of the outbound group session.
+     * @return the current chain index.
+     */
+    fun getMessageIndex(sessionId: String): Int {
+        return if (sessionId.isNotEmpty()) {
+            outboundGroupSessionCache[sessionId]!!.groupSession.messageIndex()
+        } else 0
+    }
+
+    /**
+     * Encrypt an outgoing message with an outbound group session.
+     *
+     * @param sessionId     the id of the outbound group session.
+     * @param payloadString the payload to be encrypted and sent.
+     * @return ciphertext
+     */
+    fun encryptGroupMessage(sessionId: String, payloadString: String): String? {
+        if (sessionId.isNotEmpty() && payloadString.isNotEmpty()) {
+            try {
+                return outboundGroupSessionCache[sessionId]!!.groupSession.encryptMessage(payloadString)
+            } catch (e: Throwable) {
+                Timber.tag(loggerTag.value).e(e, "## encryptGroupMessage() : failed")
+            }
+        }
+        return null
+    }
+
+    //  Inbound group session
+
+    sealed class AddSessionResult {
+        data class Imported(val ratchetIndex: Int) : AddSessionResult()
+        abstract class Failure : AddSessionResult()
+        object NotImported : Failure()
+        data class NotImportedHigherIndex(val newIndex: Int) : AddSessionResult()
+    }
+
+    /**
+     * Add an inbound group session to the session store.
+     *
+     * @param sessionId                    the session identifier.
+     * @param sessionKey                   base64-encoded secret key.
+     * @param roomId                       the id of the room in which this session will be used.
+     * @param senderKey                    the base64-encoded curve25519 key of the sender.
+     * @param forwardingCurve25519KeyChain Devices involved in forwarding this session to us.
+     * @param keysClaimed                  Other keys the sender claims.
+     * @param exportFormat                 true if the megolm keys are in export format
+     * @return true if the operation succeeds.
+     */
+    fun addInboundGroupSession(sessionId: String,
+                               sessionKey: String,
+                               roomId: String,
+                               senderKey: String,
+                               forwardingCurve25519KeyChain: List<String>,
+                               keysClaimed: Map<String, String>,
+                               exportFormat: Boolean): AddSessionResult {
+        val candidateSession = OlmInboundGroupSessionWrapper2(sessionKey, exportFormat)
+        val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
+        val existingSession = existingSessionHolder?.wrapper
+        // If we have an existing one we should check if the new one is not better
+        if (existingSession != null) {
+            Timber.tag(loggerTag.value).d("## addInboundGroupSession() check if known session is better than candidate session")
+            try {
+                val existingFirstKnown = existingSession.firstKnownIndex ?: return AddSessionResult.NotImported.also {
+                    // This is quite unexpected, could throw if native was released?
+                    Timber.tag(loggerTag.value).e("## addInboundGroupSession() null firstKnownIndex on existing session")
+                    candidateSession.olmInboundGroupSession?.releaseSession()
+                    // Probably should discard it?
+                }
+                val newKnownFirstIndex = candidateSession.firstKnownIndex
+                // If our existing session is better we keep it
+                if (newKnownFirstIndex != null && existingFirstKnown <= newKnownFirstIndex) {
+                    Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
+                    candidateSession.olmInboundGroupSession?.releaseSession()
+                    return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
+                }
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value).e("## addInboundGroupSession() Failed to add inbound: ${failure.localizedMessage}")
+                candidateSession.olmInboundGroupSession?.releaseSession()
+                return AddSessionResult.NotImported
+            }
+        }
+
+        Timber.tag(loggerTag.value).d("## addInboundGroupSession() : Candidate session should be added $senderKey/$sessionId")
+
+        // sanity check on the new session
+        val candidateOlmInboundSession = candidateSession.olmInboundGroupSession
+        if (null == candidateOlmInboundSession) {
+            Timber.tag(loggerTag.value).e("## addInboundGroupSession : invalid session <null>")
+            return AddSessionResult.NotImported
+        }
+
+        try {
+            if (candidateOlmInboundSession.sessionIdentifier() != sessionId) {
+                Timber.tag(loggerTag.value).e("## addInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
+                candidateOlmInboundSession.releaseSession()
+                return AddSessionResult.NotImported
+            }
+        } catch (e: Throwable) {
+            candidateOlmInboundSession.releaseSession()
+            Timber.tag(loggerTag.value).e(e, "## addInboundGroupSession : sessionIdentifier() failed")
+            return AddSessionResult.NotImported
+        }
+
+        candidateSession.senderKey = senderKey
+        candidateSession.roomId = roomId
+        candidateSession.keysClaimed = keysClaimed
+        candidateSession.forwardingCurve25519KeyChain = forwardingCurve25519KeyChain
+
+        if (existingSession != null) {
+            inboundGroupSessionStore.replaceGroupSession(existingSessionHolder, InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
+        } else {
+            inboundGroupSessionStore.storeInBoundGroupSession(InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
+        }
+
+        return AddSessionResult.Imported(candidateSession.firstKnownIndex?.toInt() ?: 0)
+    }
+
+    /**
+     * Import an inbound group sessions to the session store.
+     *
+     * @param megolmSessionsData the megolm sessions data
+     * @return the successfully imported sessions.
+     */
+    fun importInboundGroupSessions(megolmSessionsData: List<MegolmSessionData>): List<OlmInboundGroupSessionWrapper2> {
+        val sessions = ArrayList<OlmInboundGroupSessionWrapper2>(megolmSessionsData.size)
+
+        for (megolmSessionData in megolmSessionsData) {
+            val sessionId = megolmSessionData.sessionId ?: continue
+            val senderKey = megolmSessionData.senderKey ?: continue
+            val roomId = megolmSessionData.roomId
+
+            var candidateSessionToImport: OlmInboundGroupSessionWrapper2? = null
+
+            try {
+                candidateSessionToImport = OlmInboundGroupSessionWrapper2(megolmSessionData)
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
+            }
+
+            // sanity check
+            if (candidateSessionToImport?.olmInboundGroupSession == null) {
+                Timber.tag(loggerTag.value).e("## importInboundGroupSession : invalid session")
+                continue
+            }
+
+            val candidateOlmInboundGroupSession = candidateSessionToImport.olmInboundGroupSession
+            try {
+                if (candidateOlmInboundGroupSession?.sessionIdentifier() != sessionId) {
+                    Timber.tag(loggerTag.value).e("## importInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
+                    candidateOlmInboundGroupSession?.releaseSession()
+                    continue
+                }
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession : sessionIdentifier() failed")
+                candidateOlmInboundGroupSession?.releaseSession()
+                continue
+            }
+
+            val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
+            val existingSession = existingSessionHolder?.wrapper
+
+            if (existingSession == null) {
+                // Session does not already exist, add it
+                Timber.tag(loggerTag.value).d("## importInboundGroupSession() : importing new megolm session $senderKey/$sessionId")
+                sessions.add(candidateSessionToImport)
+            } else {
+                Timber.tag(loggerTag.value).e("## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
+                val existingFirstKnown = tryOrNull { existingSession.firstKnownIndex }
+                val candidateFirstKnownIndex = tryOrNull { candidateSessionToImport.firstKnownIndex }
+
+                if (existingFirstKnown == null || candidateFirstKnownIndex == null) {
+                    // should not happen?
+                    candidateSessionToImport.olmInboundGroupSession?.releaseSession()
+                    Timber.tag(loggerTag.value)
+                            .w("## importInboundGroupSession() : Can't check session null index $existingFirstKnown/$candidateFirstKnownIndex")
+                } else {
+                    if (existingFirstKnown <= candidateSessionToImport.firstKnownIndex!!) {
+                        // Ignore this, keep existing
+                        candidateOlmInboundGroupSession.releaseSession()
+                    } else {
+                        // update cache with better session
+                        inboundGroupSessionStore.replaceGroupSession(
+                                existingSessionHolder,
+                                InboundGroupSessionHolder(candidateSessionToImport),
+                                sessionId,
+                                senderKey
+                        )
+                        sessions.add(candidateSessionToImport)
+                    }
+                }
+            }
+        }
+
+        store.storeInboundGroupSessions(sessions)
+
+        return sessions
+    }
+
+    /**
+     * Decrypt a received message with an inbound group session.
+     *
+     * @param body      the base64-encoded body of the encrypted message.
+     * @param roomId    the room in which the message was received.
+     * @param timeline  the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @param sessionId the session identifier.
+     * @param senderKey the base64-encoded curve25519 key of the sender.
+     * @return the decrypting result. Nil if the sessionId is unknown.
+     */
+    @Throws(MXCryptoError::class)
+    suspend fun decryptGroupMessage(body: String,
+                                    roomId: String,
+                                    timeline: String?,
+                                    sessionId: String,
+                                    senderKey: String): OlmDecryptionResult {
+        val sessionHolder = getInboundGroupSession(sessionId, senderKey, roomId)
+        val wrapper = sessionHolder.wrapper
+        val inboundGroupSession = wrapper.olmInboundGroupSession
+                ?: throw MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_DECRYPT, "Session is null")
+        // Check that the room id matches the original one for the session. This stops
+        // the HS pretending a message was targeting a different room.
+        if (roomId == wrapper.roomId) {
+            val decryptResult = try {
+                sessionHolder.mutex.withLock {
+                    inboundGroupSession.decryptMessage(body)
+                }
+            } catch (e: OlmException) {
+                Timber.tag(loggerTag.value).e(e, "## decryptGroupMessage () : decryptMessage failed")
+                throw MXCryptoError.OlmError(e)
+            }
+
+            if (timeline?.isNotBlank() == true) {
+                val timelineSet = inboundGroupSessionMessageIndexes.getOrPut(timeline) { mutableSetOf() }
+
+                val messageIndexKey = senderKey + "|" + sessionId + "|" + decryptResult.mIndex
+
+                if (timelineSet.contains(messageIndexKey)) {
+                    val reason = String.format(MXCryptoError.DUPLICATE_MESSAGE_INDEX_REASON, decryptResult.mIndex)
+                    Timber.tag(loggerTag.value).e("## decryptGroupMessage() timelineId=$timeline: $reason")
+                    throw MXCryptoError.Base(MXCryptoError.ErrorType.DUPLICATED_MESSAGE_INDEX, reason)
+                }
+
+                timelineSet.add(messageIndexKey)
+            }
+
+            inboundGroupSessionStore.storeInBoundGroupSession(sessionHolder, sessionId, senderKey)
+            val payload = try {
+                val adapter = MoshiProvider.providesMoshi().adapter<JsonDict>(JSON_DICT_PARAMETERIZED_TYPE)
+                val payloadString = convertFromUTF8(decryptResult.mDecryptedMessage)
+                adapter.fromJson(payloadString)
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e("## decryptGroupMessage() : fails to parse the payload")
+                throw MXCryptoError.Base(MXCryptoError.ErrorType.BAD_DECRYPTED_FORMAT, MXCryptoError.BAD_DECRYPTED_FORMAT_TEXT_REASON)
+            }
+
+            return OlmDecryptionResult(
+                    payload,
+                    wrapper.keysClaimed,
+                    senderKey,
+                    wrapper.forwardingCurve25519KeyChain
+            )
+        } else {
+            val reason = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, wrapper.roomId)
+            Timber.tag(loggerTag.value).e("## decryptGroupMessage() : $reason")
+            throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, reason)
+        }
+    }
+
+    /**
+     * Reset replay attack data for the given timeline.
+     *
+     * @param timeline the id of the timeline.
+     */
+    fun resetReplayAttackCheckInTimeline(timeline: String?) {
+        if (null != timeline) {
+            inboundGroupSessionMessageIndexes.remove(timeline)
+        }
+    }
+
+//  Utilities
+
+    /**
+     * Verify an ed25519 signature on a JSON object.
+     *
+     * @param key            the ed25519 key.
+     * @param jsonDictionary the JSON object which was signed.
+     * @param signature      the base64-encoded signature to be checked.
+     * @throws Exception the exception
+     */
+    @Throws(Exception::class)
+    fun verifySignature(key: String, jsonDictionary: Map<String, Any>, signature: String) {
+        // Check signature on the canonical version of the JSON
+        olmUtility!!.verifyEd25519Signature(signature, key, JsonCanonicalizer.getCanonicalJson(Map::class.java, jsonDictionary))
+    }
+
+    /**
+     * Calculate the SHA-256 hash of the input and encodes it as base64.
+     *
+     * @param message the message to hash.
+     * @return the base64-encoded hash value.
+     */
+    fun sha256(message: String): String {
+        return olmUtility!!.sha256(convertToUTF8(message))
+    }
+
+    /**
+     * Search an OlmSession
+     *
+     * @param theirDeviceIdentityKey the device key
+     * @param sessionId              the session Id
+     * @return the olm session
+     */
+    private fun getSessionForDevice(theirDeviceIdentityKey: String, sessionId: String): OlmSessionWrapper? {
+        // sanity check
+        return if (theirDeviceIdentityKey.isEmpty() || sessionId.isEmpty()) null else {
+            olmSessionStore.getDeviceSession(sessionId, theirDeviceIdentityKey)
+        }
+    }
+
+    /**
+     * Extract an InboundGroupSession from the session store and do some check.
+     * inboundGroupSessionWithIdError describes the failure reason.
+     *
+     * @param roomId    the room where the session is used.
+     * @param sessionId the session identifier.
+     * @param senderKey the base64-encoded curve25519 key of the sender.
+     * @return the inbound group session.
+     */
+    fun getInboundGroupSession(sessionId: String?, senderKey: String?, roomId: String?): InboundGroupSessionHolder {
+        if (sessionId.isNullOrBlank() || senderKey.isNullOrBlank()) {
+            throw MXCryptoError.Base(MXCryptoError.ErrorType.MISSING_SENDER_KEY, MXCryptoError.ERROR_MISSING_PROPERTY_REASON)
+        }
+
+        val holder = inboundGroupSessionStore.getInboundGroupSession(sessionId, senderKey)
+        val session = holder?.wrapper
+
+        if (session != null) {
+            // Check that the room id matches the original one for the session. This stops
+            // the HS pretending a message was targeting a different room.
+            if (roomId != session.roomId) {
+                val errorDescription = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, session.roomId)
+                Timber.tag(loggerTag.value).e("## getInboundGroupSession() : $errorDescription")
+                throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, errorDescription)
+            } else {
+                return holder
+            }
+        } else {
+            Timber.tag(loggerTag.value).w("## getInboundGroupSession() : UISI $sessionId")
+            throw MXCryptoError.Base(MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID, MXCryptoError.UNKNOWN_INBOUND_SESSION_ID_REASON)
+        }
+    }
+
+    /**
+     * Determine if we have the keys for a given megolm session.
+     *
+     * @param roomId    room in which the message was received
+     * @param senderKey base64-encoded curve25519 key of the sender
+     * @param sessionId session identifier
+     * @return true if the unbound session keys are known.
+     */
+    fun hasInboundSessionKeys(roomId: String, senderKey: String, sessionId: String): Boolean {
+        return runCatching { getInboundGroupSession(sessionId, senderKey, roomId) }.isSuccess
+    }
+
+    @VisibleForTesting
+    fun clearOlmSessionCache() {
+        olmSessionStore.clear()
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index 037c8020d5..1e192393a2 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -1,520 +1,519 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.SupervisorJob
-import kotlinx.coroutines.asCoroutineDispatcher
-import kotlinx.coroutines.cancel
-import kotlinx.coroutines.delay
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.withContext
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
-import org.matrix.android.sdk.api.crypto.MXCryptoConfig
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.util.fromBase64
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.di.SessionId
-import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
-import timber.log.Timber
-import java.util.Stack
-import java.util.concurrent.Executors
-import javax.inject.Inject
-import kotlin.system.measureTimeMillis
-
-private val loggerTag = LoggerTag("OutgoingKeyRequestManager", LoggerTag.CRYPTO)
-
-/**
- * This class is responsible for sending key requests to other devices when a message failed to decrypt.
- * It's lifecycle is based on the sync pulse:
- *    - You can post queries for session, or report when you got a session
- *    - At the end of the sync (onSyncComplete) it will then process all the posted request and send to devices
- * If a request failed it will be retried at the end of the next sync
- */
-@SessionScope
-internal class OutgoingKeyRequestManager @Inject constructor(
-        @SessionId private val sessionId: String,
-        @UserId private val myUserId: String,
-        private val cryptoStore: IMXCryptoStore,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val cryptoConfig: MXCryptoConfig,
-        private val inboundGroupSessionStore: InboundGroupSessionStore,
-        private val sendToDeviceTask: DefaultSendToDeviceTask,
-        private val deviceListManager: DeviceListManager,
-        private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
-
-    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
-    private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
-    private val sequencer = SemaphoreCoroutineSequencer()
-
-    // We only have one active key request per session, so we don't request if it's already requested
-    // But it could make sense to check more the backup, as it's evolving.
-    // We keep a stack as we consider that the key requested last is more likely to be on screen?
-    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<Pair<String, String>>()
-
-    fun requestKeyForEvent(event: Event, force: Boolean) {
-        val (targets, body) = getRoomKeyRequestTargetForEvent(event) ?: return
-        val index = ratchetIndexForMessage(event) ?: 0
-        postRoomKeyRequest(body, targets, index, force)
-    }
-
-    private fun getRoomKeyRequestTargetForEvent(event: Event): Pair<Map<String, List<String>>, RoomKeyRequestBody>? {
-        val sender = event.senderId ?: return null
-        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return null.also {
-            Timber.tag(loggerTag.value).e("getRoomKeyRequestTargetForEvent Failed to re-request key, null content")
-        }
-        if (encryptedEventContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
-
-        val senderDevice = encryptedEventContent.deviceId
-        val recipients = if (cryptoConfig.limitRoomKeyRequestsToMyDevices) {
-            mapOf(
-                    myUserId to listOf("*")
-            )
-        } else {
-            if (event.senderId == myUserId) {
-                mapOf(
-                        myUserId to listOf("*")
-                )
-            } else {
-                // for the case where you share the key with a device that has a broken olm session
-                // The other user might Re-shares a megolm session key with devices if the key has already been
-                // sent to them.
-                mapOf(
-                        myUserId to listOf("*"),
-
-                        // TODO we might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
-                        // so in this case query to all
-                        sender to listOf(senderDevice ?: "*")
-                )
-            }
-        }
-
-        val requestBody = RoomKeyRequestBody(
-                roomId = event.roomId,
-                algorithm = encryptedEventContent.algorithm,
-                senderKey = encryptedEventContent.senderKey,
-                sessionId = encryptedEventContent.sessionId
-        )
-        return recipients to requestBody
-    }
-
-    private fun ratchetIndexForMessage(event: Event): Int? {
-        val encryptedContent = event.content.toModel<EncryptedEventContent>() ?: return null
-        if (encryptedContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
-        return encryptedContent.ciphertext?.fromBase64()?.inputStream()?.reader()?.let {
-            tryOrNull {
-                val megolmVersion = it.read()
-                if (megolmVersion != 3) return@tryOrNull null
-                /** Int tag */
-                /** Int tag */
-                if (it.read() != 8) return@tryOrNull null
-                it.read()
-            }
-        }
-    }
-
-    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean = false) {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                internalQueueRequest(requestBody, recipients, fromIndex, force)
-            }
-        }
-    }
-
-    /**
-     * Typically called when we the session as been imported or received meanwhile
-     */
-    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String, fromIndex: Int) {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                internalQueueCancelRequest(sessionId, roomId, senderKey, fromIndex)
-            }
-        }
-    }
-
-    fun onSelfCrossSigningTrustChanged(newTrust: Boolean) {
-        if (newTrust) {
-            // we were previously not cross signed, but we are now
-            // so there is now more chances to get better replies for existing request
-            // Let's forget about sent request so that next time we try to decrypt we will resend requests
-            // We don't resend all because we don't want to generate a bulk of traffic
-            outgoingRequestScope.launch {
-                sequencer.post {
-                    cryptoStore.deleteOutgoingRoomKeyRequestInState(OutgoingRoomKeyRequestState.SENT)
-                }
-
-                sequencer.post {
-                    delay(1000)
-                    perSessionBackupQueryRateLimiter.refreshBackupInfoIfNeeded(true)
-                }
-            }
-        }
-    }
-
-    fun onRoomKeyForwarded(sessionId: String,
-                           algorithm: String,
-                           roomId: String,
-                           senderKey: String,
-                           fromDevice: String?,
-                           fromIndex: Int,
-                           event: Event) {
-        Timber.tag(loggerTag.value).d("Key forwarded for $sessionId from ${event.senderId}|$fromDevice at index $fromIndex")
-        outgoingRequestScope.launch {
-            sequencer.post {
-                cryptoStore.updateOutgoingRoomKeyReply(
-                        roomId = roomId,
-                        sessionId = sessionId,
-                        algorithm = algorithm,
-                        senderKey = senderKey,
-                        fromDevice = fromDevice,
-                        // strip out encrypted stuff as it's just a trail?
-                        event = event.copy(
-                                type = event.getClearType(),
-                                content = mapOf(
-                                        "chain_index" to fromIndex
-                                )
-                        )
-                )
-            }
-        }
-    }
-
-    fun onRoomKeyWithHeld(sessionId: String,
-                          algorithm: String,
-                          roomId: String,
-                          senderKey: String,
-                          fromDevice: String?,
-                          event: Event) {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
-                Timber.tag(loggerTag.value).v("Withheld content ${event.getClearContent()}")
-
-                // We want to store withheld code from the sender of the message (owner of the megolm session), not from
-                // other devices that might gossip the key. If not the initial reason might be overridden
-                // by a request to one of our session.
-                event.getClearContent().toModel<RoomKeyWithHeldContent>()?.let { withheld ->
-                    withContext(coroutineDispatchers.crypto) {
-                        tryOrNull {
-                            deviceListManager.downloadKeys(listOf(event.senderId ?: ""), false)
-                        }
-                        cryptoStore.getUserDeviceList(event.senderId ?: "")
-                                .also { devices ->
-                                    Timber.tag(loggerTag.value)
-                                            .v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
-                                }
-                                ?.firstOrNull {
-                                    it.identityKey() == senderKey
-                                }
-                    }.also {
-                        Timber.tag(loggerTag.value).v("Withheld device for sender key $senderKey is from ${it?.shortDebugString()}")
-                    }?.let {
-                        if (it.userId == event.senderId) {
-                            if (fromDevice != null) {
-                                if (it.deviceId == fromDevice) {
-                                    Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
-                                    cryptoStore.addWithHeldMegolmSession(withheld)
-                                }
-                            } else {
-                                Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
-                                cryptoStore.addWithHeldMegolmSession(withheld)
-                            }
-                        }
-                    }
-                }
-
-                // Here we store the replies from a given request
-                cryptoStore.updateOutgoingRoomKeyReply(
-                        roomId = roomId,
-                        sessionId = sessionId,
-                        algorithm = algorithm,
-                        senderKey = senderKey,
-                        fromDevice = fromDevice,
-                        event = event
-                )
-            }
-        }
-    }
-
-    /**
-     * Should be called after a sync, ideally if no catchup sync needed (as keys might arrive in those)
-     */
-    fun requireProcessAllPendingKeyRequests() {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                internalProcessPendingKeyRequests()
-            }
-        }
-    }
-
-    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String, localKnownChainIndex: Int) {
-        // do we have known requests for that session??
-        Timber.tag(loggerTag.value).v("Cancel Key Request if needed for $sessionId")
-        val knownRequest = cryptoStore.getOutgoingRoomKeyRequest(
-                algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
-                roomId = roomId,
-                sessionId = sessionId,
-                senderKey = senderKey
-        )
-        if (knownRequest.isEmpty()) return Unit.also {
-            Timber.tag(loggerTag.value).v("Handle Cancel Key Request for $sessionId -- Was not currently requested")
-        }
-        if (knownRequest.size > 1) {
-            // It's worth logging, there should be only one
-            Timber.tag(loggerTag.value).w("Found multiple requests for same sessionId $sessionId")
-        }
-        knownRequest.forEach { request ->
-            when (request.state) {
-                OutgoingRoomKeyRequestState.UNSENT                               -> {
-                    if (request.fromIndex >= localKnownChainIndex) {
-                        // we have a good index we can cancel
-                        cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-                    }
-                }
-                OutgoingRoomKeyRequestState.SENT                                 -> {
-                    // It was already sent, and index satisfied we can cancel
-                    if (request.fromIndex >= localKnownChainIndex) {
-                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
-                    }
-                }
-                OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
-                    // It is already marked to be cancelled
-                }
-                OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
-                    if (request.fromIndex >= localKnownChainIndex) {
-                        // we just want to cancel now
-                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
-                    }
-                }
-                OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
-                    // was already canceled
-                    // if we need a better index, should we resend?
-                }
-            }
-        }
-    }
-
-    fun close() {
-        try {
-            outgoingRequestScope.cancel("User Terminate")
-            requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.clear()
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value).w("Failed to shutDown request manager")
-        }
-    }
-
-    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean) {
-        if (!cryptoStore.isKeyGossipingEnabled()) {
-            // we might want to try backup?
-            if (requestBody.roomId != null && requestBody.sessionId != null) {
-                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(requestBody.roomId to requestBody.sessionId)
-            }
-            Timber.tag(loggerTag.value).d("discarding request for ${requestBody.sessionId} as gossiping is disabled")
-            return
-        }
-
-        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId} force:$force")
-        val existing = cryptoStore.getOutgoingRoomKeyRequest(requestBody)
-        Timber.tag(loggerTag.value).v("Queueing key request exiting is ${existing?.state}")
-        when (existing?.state) {
-            null                                                             -> {
-                // create a new one
-                cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
-            }
-            OutgoingRoomKeyRequestState.UNSENT                               -> {
-                // nothing it's new or not yet handled
-            }
-            OutgoingRoomKeyRequestState.SENT                                 -> {
-                // it was already requested
-                Timber.tag(loggerTag.value).d("The session ${requestBody.sessionId} is already requested")
-                if (force) {
-                    // update to UNSENT
-                    Timber.tag(loggerTag.value).d(".. force to request  ${requestBody.sessionId}")
-                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
-                } else {
-                    if (existing.roomId != null && existing.sessionId != null) {
-                        requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.roomId to existing.sessionId)
-                    }
-                }
-            }
-            OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
-                // request is canceled only if I got the keys so what to do here...
-                if (force) {
-                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
-                }
-            }
-            OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
-                // It's already going to resend
-            }
-            OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
-                if (force) {
-                    cryptoStore.deleteOutgoingRoomKeyRequest(existing.requestId)
-                    cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
-                }
-            }
-        }
-
-        if (existing != null && existing.fromIndex >= fromIndex) {
-            // update the required index
-            cryptoStore.updateOutgoingRoomKeyRequiredIndex(existing.requestId, fromIndex)
-        }
-    }
-
-    private suspend fun internalProcessPendingKeyRequests() {
-        val toProcess = cryptoStore.getOutgoingRoomKeyRequests(OutgoingRoomKeyRequestState.pendingStates())
-        Timber.tag(loggerTag.value).v("Processing all pending key requests (found ${toProcess.size} pending)")
-
-        measureTimeMillis {
-            toProcess.forEach {
-                when (it.state) {
-                    OutgoingRoomKeyRequestState.UNSENT                               -> handleUnsentRequest(it)
-                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> handleRequestToCancel(it)
-                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> handleRequestToCancelWillResend(it)
-                    OutgoingRoomKeyRequestState.SENT_THEN_CANCELED,
-                    OutgoingRoomKeyRequestState.SENT                                 -> {
-                        // these are filtered out
-                    }
-                }
-            }
-        }.let {
-            Timber.tag(loggerTag.value).v("Finish processing pending key request in $it ms")
-        }
-
-        val maxBackupCallsBySync = 60
-        var currentCalls = 0
-        measureTimeMillis {
-            while (requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.isNotEmpty() && currentCalls < maxBackupCallsBySync) {
-                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let { (roomId, sessionId) ->
-                    // we want to rate limit that somehow :/
-                    perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)
-                }
-                currentCalls++
-            }
-        }.let {
-            Timber.tag(loggerTag.value).v("Finish querying backup in $it ms")
-        }
-    }
-
-    private suspend fun handleUnsentRequest(request: OutgoingKeyRequest) {
-        // In order to avoid generating to_device traffic, we can first check if the key is backed up
-        Timber.tag(loggerTag.value).v("Handling unsent request for megolm session ${request.sessionId} in ${request.roomId}")
-        val sessionId = request.sessionId ?: return
-        val roomId = request.roomId ?: return
-        if (perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)) {
-            // let's see what's the index
-            val knownIndex = tryOrNull {
-                inboundGroupSessionStore.getInboundGroupSession(sessionId, request.requestBody?.senderKey ?: "")?.wrapper?.firstKnownIndex
-            }
-            if (knownIndex != null && knownIndex <= request.fromIndex) {
-                // we found the key in backup with good enough index, so we can just mark as cancelled, no need to send request
-                Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
-                cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-                return
-            }
-        }
-
-        // we need to send the request
-        val toDeviceContent = RoomKeyShareRequest(
-                requestingDeviceId = cryptoStore.getDeviceId(),
-                requestId = request.requestId,
-                action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
-                body = request.requestBody
-        )
-        val contentMap = MXUsersDevicesMap<Any>()
-        request.recipients.forEach { userToDeviceMap ->
-            userToDeviceMap.value.forEach { deviceId ->
-                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-            }
-        }
-
-        val params = SendToDeviceTask.Params(
-                eventType = EventType.ROOM_KEY_REQUEST,
-                contentMap = contentMap,
-                transactionId = request.requestId
-        )
-        try {
-            withContext(coroutineDispatchers.io) {
-                sendToDeviceTask.executeRetry(params, 3)
-            }
-            Timber.tag(loggerTag.value).d("Key request sent for $sessionId in room $roomId to ${request.recipients}")
-            // The request was sent, so update state
-            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT)
-            // TODO update the audit trail
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value).v("Failed to request $sessionId targets:${request.recipients}")
-        }
-    }
-
-    private suspend fun handleRequestToCancel(request: OutgoingKeyRequest): Boolean {
-        Timber.tag(loggerTag.value).v("handleRequestToCancel for megolm session ${request.sessionId}")
-        // we have to cancel this
-        val toDeviceContent = RoomKeyShareRequest(
-                requestingDeviceId = cryptoStore.getDeviceId(),
-                requestId = request.requestId,
-                action = GossipingToDeviceObject.ACTION_SHARE_CANCELLATION
-        )
-        val contentMap = MXUsersDevicesMap<Any>()
-        request.recipients.forEach { userToDeviceMap ->
-            userToDeviceMap.value.forEach { deviceId ->
-                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-            }
-        }
-
-        val params = SendToDeviceTask.Params(
-                eventType = EventType.ROOM_KEY_REQUEST,
-                contentMap = contentMap,
-                transactionId = request.requestId
-        )
-        return try {
-            withContext(coroutineDispatchers.io) {
-                sendToDeviceTask.executeRetry(params, 3)
-            }
-            // The request cancellation was sent, we don't delete yet because we want
-            // to keep trace of the sent replies
-            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT_THEN_CANCELED)
-            true
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value).v("Failed to cancel request ${request.requestId} for session $sessionId targets:${request.recipients}")
-            false
-        }
-    }
-
-    private suspend fun handleRequestToCancelWillResend(request: OutgoingKeyRequest) {
-        if (handleRequestToCancel(request)) {
-            // this will create a new unsent request with no replies that will be process in the following call
-            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-            request.requestBody?.let { cryptoStore.getOrAddOutgoingRoomKeyRequest(it, request.recipients, request.fromIndex) }
-        }
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.asCoroutineDispatcher
+import kotlinx.coroutines.cancel
+import kotlinx.coroutines.delay
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCryptoConfig
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.util.fromBase64
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendToDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
+import org.matrix.android.sdk.internal.di.SessionId
+import org.matrix.android.sdk.internal.di.UserId
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
+import timber.log.Timber
+import java.util.Stack
+import java.util.concurrent.Executors
+import javax.inject.Inject
+import kotlin.system.measureTimeMillis
+
+private val loggerTag = LoggerTag("OutgoingKeyRequestManager", LoggerTag.CRYPTO)
+
+/**
+ * This class is responsible for sending key requests to other devices when a message failed to decrypt.
+ * It's lifecycle is based on the sync pulse:
+ *    - You can post queries for session, or report when you got a session
+ *    - At the end of the sync (onSyncComplete) it will then process all the posted request and send to devices
+ * If a request failed it will be retried at the end of the next sync
+ */
+@SessionScope
+internal class OutgoingKeyRequestManager @Inject constructor(
+        @SessionId private val sessionId: String,
+        @UserId private val myUserId: String,
+        private val cryptoStore: IMXCryptoStore,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val cryptoConfig: MXCryptoConfig,
+        private val inboundGroupSessionStore: InboundGroupSessionStore,
+        private val sendToDeviceTask: DefaultSendToDeviceTask,
+        private val deviceListManager: DeviceListManager,
+        private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
+
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
+    private val sequencer = SemaphoreCoroutineSequencer()
+
+    // We only have one active key request per session, so we don't request if it's already requested
+    // But it could make sense to check more the backup, as it's evolving.
+    // We keep a stack as we consider that the key requested last is more likely to be on screen?
+    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<Pair<String, String>>()
+
+    fun requestKeyForEvent(event: Event, force: Boolean) {
+        val (targets, body) = getRoomKeyRequestTargetForEvent(event) ?: return
+        val index = ratchetIndexForMessage(event) ?: 0
+        postRoomKeyRequest(body, targets, index, force)
+    }
+
+    private fun getRoomKeyRequestTargetForEvent(event: Event): Pair<Map<String, List<String>>, RoomKeyRequestBody>? {
+        val sender = event.senderId ?: return null
+        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return null.also {
+            Timber.tag(loggerTag.value).e("getRoomKeyRequestTargetForEvent Failed to re-request key, null content")
+        }
+        if (encryptedEventContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+
+        val senderDevice = encryptedEventContent.deviceId
+        val recipients = if (cryptoConfig.limitRoomKeyRequestsToMyDevices) {
+            mapOf(
+                    myUserId to listOf("*")
+            )
+        } else {
+            if (event.senderId == myUserId) {
+                mapOf(
+                        myUserId to listOf("*")
+                )
+            } else {
+                // for the case where you share the key with a device that has a broken olm session
+                // The other user might Re-shares a megolm session key with devices if the key has already been
+                // sent to them.
+                mapOf(
+                        myUserId to listOf("*"),
+
+                        // We might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
+                        // so in this case query to all
+                        sender to listOf(senderDevice ?: "*")
+                )
+            }
+        }
+
+        val requestBody = RoomKeyRequestBody(
+                roomId = event.roomId,
+                algorithm = encryptedEventContent.algorithm,
+                senderKey = encryptedEventContent.senderKey,
+                sessionId = encryptedEventContent.sessionId
+        )
+        return recipients to requestBody
+    }
+
+    private fun ratchetIndexForMessage(event: Event): Int? {
+        val encryptedContent = event.content.toModel<EncryptedEventContent>() ?: return null
+        if (encryptedContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+        return encryptedContent.ciphertext?.fromBase64()?.inputStream()?.reader()?.let {
+            tryOrNull {
+                val megolmVersion = it.read()
+                if (megolmVersion != 3) return@tryOrNull null
+                /** Int tag */
+                if (it.read() != 8) return@tryOrNull null
+                it.read()
+            }
+        }
+    }
+
+    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean = false) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalQueueRequest(requestBody, recipients, fromIndex, force)
+            }
+        }
+    }
+
+    /**
+     * Typically called when we the session as been imported or received meanwhile
+     */
+    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String, fromIndex: Int) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalQueueCancelRequest(sessionId, roomId, senderKey, fromIndex)
+            }
+        }
+    }
+
+    fun onSelfCrossSigningTrustChanged(newTrust: Boolean) {
+        if (newTrust) {
+            // we were previously not cross signed, but we are now
+            // so there is now more chances to get better replies for existing request
+            // Let's forget about sent request so that next time we try to decrypt we will resend requests
+            // We don't resend all because we don't want to generate a bulk of traffic
+            outgoingRequestScope.launch {
+                sequencer.post {
+                    cryptoStore.deleteOutgoingRoomKeyRequestInState(OutgoingRoomKeyRequestState.SENT)
+                }
+
+                sequencer.post {
+                    delay(1000)
+                    perSessionBackupQueryRateLimiter.refreshBackupInfoIfNeeded(true)
+                }
+            }
+        }
+    }
+
+    fun onRoomKeyForwarded(sessionId: String,
+                           algorithm: String,
+                           roomId: String,
+                           senderKey: String,
+                           fromDevice: String?,
+                           fromIndex: Int,
+                           event: Event) {
+        Timber.tag(loggerTag.value).d("Key forwarded for $sessionId from ${event.senderId}|$fromDevice at index $fromIndex")
+        outgoingRequestScope.launch {
+            sequencer.post {
+                cryptoStore.updateOutgoingRoomKeyReply(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = algorithm,
+                        senderKey = senderKey,
+                        fromDevice = fromDevice,
+                        // strip out encrypted stuff as it's just a trail?
+                        event = event.copy(
+                                type = event.getClearType(),
+                                content = mapOf(
+                                        "chain_index" to fromIndex
+                                )
+                        )
+                )
+            }
+        }
+    }
+
+    fun onRoomKeyWithHeld(sessionId: String,
+                          algorithm: String,
+                          roomId: String,
+                          senderKey: String,
+                          fromDevice: String?,
+                          event: Event) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
+                Timber.tag(loggerTag.value).v("Withheld content ${event.getClearContent()}")
+
+                // We want to store withheld code from the sender of the message (owner of the megolm session), not from
+                // other devices that might gossip the key. If not the initial reason might be overridden
+                // by a request to one of our session.
+                event.getClearContent().toModel<RoomKeyWithHeldContent>()?.let { withheld ->
+                    withContext(coroutineDispatchers.crypto) {
+                        tryOrNull {
+                            deviceListManager.downloadKeys(listOf(event.senderId ?: ""), false)
+                        }
+                        cryptoStore.getUserDeviceList(event.senderId ?: "")
+                                .also { devices ->
+                                    Timber.tag(loggerTag.value)
+                                            .v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
+                                }
+                                ?.firstOrNull {
+                                    it.identityKey() == senderKey
+                                }
+                    }.also {
+                        Timber.tag(loggerTag.value).v("Withheld device for sender key $senderKey is from ${it?.shortDebugString()}")
+                    }?.let {
+                        if (it.userId == event.senderId) {
+                            if (fromDevice != null) {
+                                if (it.deviceId == fromDevice) {
+                                    Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
+                                    cryptoStore.addWithHeldMegolmSession(withheld)
+                                }
+                            } else {
+                                Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
+                                cryptoStore.addWithHeldMegolmSession(withheld)
+                            }
+                        }
+                    }
+                }
+
+                // Here we store the replies from a given request
+                cryptoStore.updateOutgoingRoomKeyReply(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = algorithm,
+                        senderKey = senderKey,
+                        fromDevice = fromDevice,
+                        event = event
+                )
+            }
+        }
+    }
+
+    /**
+     * Should be called after a sync, ideally if no catchup sync needed (as keys might arrive in those)
+     */
+    fun requireProcessAllPendingKeyRequests() {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalProcessPendingKeyRequests()
+            }
+        }
+    }
+
+    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String, localKnownChainIndex: Int) {
+        // do we have known requests for that session??
+        Timber.tag(loggerTag.value).v("Cancel Key Request if needed for $sessionId")
+        val knownRequest = cryptoStore.getOutgoingRoomKeyRequest(
+                algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
+                roomId = roomId,
+                sessionId = sessionId,
+                senderKey = senderKey
+        )
+        if (knownRequest.isEmpty()) return Unit.also {
+            Timber.tag(loggerTag.value).v("Handle Cancel Key Request for $sessionId -- Was not currently requested")
+        }
+        if (knownRequest.size > 1) {
+            // It's worth logging, there should be only one
+            Timber.tag(loggerTag.value).w("Found multiple requests for same sessionId $sessionId")
+        }
+        knownRequest.forEach { request ->
+            when (request.state) {
+                OutgoingRoomKeyRequestState.UNSENT                               -> {
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        // we have a good index we can cancel
+                        cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                    }
+                }
+                OutgoingRoomKeyRequestState.SENT                                 -> {
+                    // It was already sent, and index satisfied we can cancel
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    }
+                }
+                OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
+                    // It is already marked to be cancelled
+                }
+                OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        // we just want to cancel now
+                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    }
+                }
+                OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
+                    // was already canceled
+                    // if we need a better index, should we resend?
+                }
+            }
+        }
+    }
+
+    fun close() {
+        try {
+            outgoingRequestScope.cancel("User Terminate")
+            requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.clear()
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).w("Failed to shutDown request manager")
+        }
+    }
+
+    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean) {
+        if (!cryptoStore.isKeyGossipingEnabled()) {
+            // we might want to try backup?
+            if (requestBody.roomId != null && requestBody.sessionId != null) {
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(requestBody.roomId to requestBody.sessionId)
+            }
+            Timber.tag(loggerTag.value).d("discarding request for ${requestBody.sessionId} as gossiping is disabled")
+            return
+        }
+
+        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId} force:$force")
+        val existing = cryptoStore.getOutgoingRoomKeyRequest(requestBody)
+        Timber.tag(loggerTag.value).v("Queueing key request exiting is ${existing?.state}")
+        when (existing?.state) {
+            null                                                             -> {
+                // create a new one
+                cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
+            }
+            OutgoingRoomKeyRequestState.UNSENT                               -> {
+                // nothing it's new or not yet handled
+            }
+            OutgoingRoomKeyRequestState.SENT                                 -> {
+                // it was already requested
+                Timber.tag(loggerTag.value).d("The session ${requestBody.sessionId} is already requested")
+                if (force) {
+                    // update to UNSENT
+                    Timber.tag(loggerTag.value).d(".. force to request  ${requestBody.sessionId}")
+                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
+                } else {
+                    if (existing.roomId != null && existing.sessionId != null) {
+                        requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.roomId to existing.sessionId)
+                    }
+                }
+            }
+            OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
+                // request is canceled only if I got the keys so what to do here...
+                if (force) {
+                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
+                }
+            }
+            OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
+                // It's already going to resend
+            }
+            OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
+                if (force) {
+                    cryptoStore.deleteOutgoingRoomKeyRequest(existing.requestId)
+                    cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
+                }
+            }
+        }
+
+        if (existing != null && existing.fromIndex >= fromIndex) {
+            // update the required index
+            cryptoStore.updateOutgoingRoomKeyRequiredIndex(existing.requestId, fromIndex)
+        }
+    }
+
+    private suspend fun internalProcessPendingKeyRequests() {
+        val toProcess = cryptoStore.getOutgoingRoomKeyRequests(OutgoingRoomKeyRequestState.pendingStates())
+        Timber.tag(loggerTag.value).v("Processing all pending key requests (found ${toProcess.size} pending)")
+
+        measureTimeMillis {
+            toProcess.forEach {
+                when (it.state) {
+                    OutgoingRoomKeyRequestState.UNSENT                               -> handleUnsentRequest(it)
+                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> handleRequestToCancel(it)
+                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> handleRequestToCancelWillResend(it)
+                    OutgoingRoomKeyRequestState.SENT_THEN_CANCELED,
+                    OutgoingRoomKeyRequestState.SENT                                 -> {
+                        // these are filtered out
+                    }
+                }
+            }
+        }.let {
+            Timber.tag(loggerTag.value).v("Finish processing pending key request in $it ms")
+        }
+
+        val maxBackupCallsBySync = 60
+        var currentCalls = 0
+        measureTimeMillis {
+            while (requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.isNotEmpty() && currentCalls < maxBackupCallsBySync) {
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let { (roomId, sessionId) ->
+                    // we want to rate limit that somehow :/
+                    perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)
+                }
+                currentCalls++
+            }
+        }.let {
+            Timber.tag(loggerTag.value).v("Finish querying backup in $it ms")
+        }
+    }
+
+    private suspend fun handleUnsentRequest(request: OutgoingKeyRequest) {
+        // In order to avoid generating to_device traffic, we can first check if the key is backed up
+        Timber.tag(loggerTag.value).v("Handling unsent request for megolm session ${request.sessionId} in ${request.roomId}")
+        val sessionId = request.sessionId ?: return
+        val roomId = request.roomId ?: return
+        if (perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)) {
+            // let's see what's the index
+            val knownIndex = tryOrNull {
+                inboundGroupSessionStore.getInboundGroupSession(sessionId, request.requestBody?.senderKey ?: "")?.wrapper?.firstKnownIndex
+            }
+            if (knownIndex != null && knownIndex <= request.fromIndex) {
+                // we found the key in backup with good enough index, so we can just mark as cancelled, no need to send request
+                Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
+                cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                return
+            }
+        }
+
+        // we need to send the request
+        val toDeviceContent = RoomKeyShareRequest(
+                requestingDeviceId = cryptoStore.getDeviceId(),
+                requestId = request.requestId,
+                action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
+                body = request.requestBody
+        )
+        val contentMap = MXUsersDevicesMap<Any>()
+        request.recipients.forEach { userToDeviceMap ->
+            userToDeviceMap.value.forEach { deviceId ->
+                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
+            }
+        }
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.ROOM_KEY_REQUEST,
+                contentMap = contentMap,
+                transactionId = request.requestId
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            Timber.tag(loggerTag.value).d("Key request sent for $sessionId in room $roomId to ${request.recipients}")
+            // The request was sent, so update state
+            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT)
+            // TODO update the audit trail
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).v("Failed to request $sessionId targets:${request.recipients}")
+        }
+    }
+
+    private suspend fun handleRequestToCancel(request: OutgoingKeyRequest): Boolean {
+        Timber.tag(loggerTag.value).v("handleRequestToCancel for megolm session ${request.sessionId}")
+        // we have to cancel this
+        val toDeviceContent = RoomKeyShareRequest(
+                requestingDeviceId = cryptoStore.getDeviceId(),
+                requestId = request.requestId,
+                action = GossipingToDeviceObject.ACTION_SHARE_CANCELLATION
+        )
+        val contentMap = MXUsersDevicesMap<Any>()
+        request.recipients.forEach { userToDeviceMap ->
+            userToDeviceMap.value.forEach { deviceId ->
+                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
+            }
+        }
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.ROOM_KEY_REQUEST,
+                contentMap = contentMap,
+                transactionId = request.requestId
+        )
+        return try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            // The request cancellation was sent, we don't delete yet because we want
+            // to keep trace of the sent replies
+            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT_THEN_CANCELED)
+            true
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).v("Failed to cancel request ${request.requestId} for session $sessionId targets:${request.recipients}")
+            false
+        }
+    }
+
+    private suspend fun handleRequestToCancelWillResend(request: OutgoingKeyRequest) {
+        if (handleRequestToCancel(request)) {
+            // this will create a new unsent request with no replies that will be process in the following call
+            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+            request.requestBody?.let { cryptoStore.getOrAddOutgoingRoomKeyRequest(it, request.recipients, request.fromIndex) }
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
index 1bdf18b272..b10c77dfd3 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
@@ -1,294 +1,298 @@
-/*
- * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.sync.Mutex
-import kotlinx.coroutines.sync.withLock
-import kotlinx.coroutines.withContext
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.auth.data.Credentials
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
-import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.util.toBase64NoPadding
-import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
-import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.session.SessionScope
-import timber.log.Timber
-import javax.inject.Inject
-
-private val loggerTag = LoggerTag("SecretShareManager", LoggerTag.CRYPTO)
-
-@SessionScope
-internal class SecretShareManager @Inject constructor(
-        private val credentials: Credentials,
-        private val cryptoStore: IMXCryptoStore,
-        private val cryptoCoroutineScope: CoroutineScope,
-        private val messageEncrypter: MessageEncrypter,
-        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
-        private val sendToDeviceTask: SendToDeviceTask,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers
-) {
-
-    companion object {
-        private const val SECRET_SHARE_WINDOW_DURATION = 5 * 60 * 1000 // 5 minutes
-    }
-
-    /**
-     * Secret gossiping only occurs during a limited window period after interactive verification.
-     * We keep track of recent verification in memory for that purpose (no need to persist)
-     */
-    private val recentlyVerifiedDevices = mutableMapOf<String, Long>()
-    private val verifMutex = Mutex()
-
-    /**
-     * Secrets are exchanged as part of interactive verification,
-     * so we can just store in memory.
-     */
-    private val outgoingSecretRequests = mutableListOf<SecretShareRequest>()
-
-    // the listeners
-    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
-
-    fun addListener(listener: GossipingRequestListener) {
-        synchronized(gossipingRequestListeners) {
-            gossipingRequestListeners.add(listener)
-        }
-    }
-
-    fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
-        synchronized(gossipingRequestListeners) {
-            gossipingRequestListeners.remove(listener)
-        }
-    }
-
-    /**
-     * Called when a session has been verified.
-     * This information can be used by the manager to decide whether or not to fullfill gossiping requests.
-     * This should be called as fast as possible after a successful self interactive verification
-     */
-    fun onVerificationCompleteForDevice(deviceId: String) {
-        // For now we just keep an in memory cache
-        cryptoCoroutineScope.launch {
-            verifMutex.withLock {
-                recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
-            }
-        }
-    }
-
-    suspend fun handleSecretRequest(toDevice: Event) {
-        val request = toDevice.getClearContent().toModel<SecretShareRequest>()
-                ?: return Unit.also {
-                    Timber.tag(loggerTag.value)
-                            .w("handleSecretRequest() : malformed request")
-                }
-
-//            val (action, requestingDeviceId, requestId, secretName) = it
-        val secretName = request.secretName ?: return Unit.also {
-            Timber.tag(loggerTag.value)
-                    .v("handleSecretRequest() : Missing secret name")
-        }
-
-        val userId = toDevice.senderId ?: return Unit.also {
-            Timber.tag(loggerTag.value)
-                    .v("handleSecretRequest() : Missing secret name")
-        }
-
-        if (userId != credentials.userId) {
-            // secrets are only shared between our own devices
-            Timber.e("Ignoring secret share request from other users $userId")
-            return
-        }
-
-        val deviceId = request.requestingDeviceId
-                ?: return Unit.also {
-                    Timber.tag(loggerTag.value)
-                            .w("handleSecretRequest() : malformed request norequestingDeviceId ")
-                }
-
-        val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
-                ?: return Unit.also {
-                    Timber.e("Received secret share request from unknown device $deviceId")
-                }
-
-        val isRequestingDeviceTrusted = device.isVerified
-        val isRecentInteractiveVerification = hasBeenVerifiedLessThanFiveMinutesFromNow(device.deviceId)
-        if (isRequestingDeviceTrusted && isRecentInteractiveVerification) {
-            // we can share the secret
-
-            val secretValue = when (secretName) {
-                MASTER_KEY_SSSS_NAME       -> cryptoStore.getCrossSigningPrivateKeys()?.master
-                SELF_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.selfSigned
-                USER_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.user
-                KEYBACKUP_SECRET_SSSS_NAME -> cryptoStore.getKeyBackupRecoveryKeyInfo()?.recoveryKey
-                        ?.let {
-                            extractCurveKeyFromRecoveryKey(it)?.toBase64NoPadding()
-                        }
-                else                       -> null
-            }
-            if (secretValue == null) {
-                Timber.i("The secret is unknown $secretName, passing to app layer")
-                val toList = synchronized(gossipingRequestListeners) { gossipingRequestListeners.toList() }
-                toList.onEach { listener ->
-                    listener.onSecretShareRequest(request)
-                }
-                return
-            }
-
-            val payloadJson = mapOf(
-                    "type" to EventType.SEND_SECRET,
-                    "content" to mapOf(
-                            "request_id" to request.requestId,
-                            "secret" to secretValue
-                    )
-            )
-
-            // Is it possible that we don't have an olm session?
-            val devicesByUser = mapOf(device.userId to listOf(device))
-            val usersDeviceMap = try {
-                ensureOlmSessionsForDevicesAction.handle(devicesByUser)
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value)
-                        .w("Can't share secret ${request.secretName}: Failed to establish olm session")
-                return
-            }
-
-            val olmSessionResult = usersDeviceMap.getObject(device.userId, device.deviceId)
-            if (olmSessionResult?.sessionId == null) {
-                Timber.tag(loggerTag.value)
-                        .w("secret share: no session with this device $deviceId, probably because there were no one-time keys")
-                return
-            }
-
-            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(device))
-            val sendToDeviceMap = MXUsersDevicesMap<Any>()
-            sendToDeviceMap.setObject(device.userId, device.deviceId, encodedPayload)
-            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
-            try {
-                // raise the retries for secret
-                sendToDeviceTask.executeRetry(sendToDeviceParams, 6)
-                Timber.tag(loggerTag.value)
-                        .i("successfully shared secret $secretName to ${device.shortDebugString()}")
-                // TODO add a trail for that in audit logs
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value)
-                        .e(failure, "failed to send shared secret $secretName to ${device.shortDebugString()}")
-            }
-        } else {
-            Timber.d(" Received secret share request from un-authorised device ${device.deviceId}")
-        }
-    }
-
-    private suspend fun hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId: String): Boolean {
-        val verifTimestamp = verifMutex.withLock {
-            recentlyVerifiedDevices[deviceId]
-        } ?: return false
-
-        val age = System.currentTimeMillis() - verifTimestamp
-
-        return age < SECRET_SHARE_WINDOW_DURATION
-    }
-
-    suspend fun requestSecretTo(deviceId: String, secretName: String) {
-        val cryptoDeviceInfo = cryptoStore.getUserDevice(credentials.userId, deviceId) ?: return Unit.also {
-            Timber.tag(loggerTag.value)
-                    .d("Can't request secret for $secretName unknown device $deviceId")
-        }
-        val toDeviceContent = SecretShareRequest(
-                requestingDeviceId = credentials.deviceId,
-                secretName = secretName,
-                requestId = createUniqueTxnId()
-        )
-
-        verifMutex.withLock {
-            outgoingSecretRequests.add(toDeviceContent)
-        }
-
-        val contentMap = MXUsersDevicesMap<Any>()
-        contentMap.setObject(cryptoDeviceInfo.userId, cryptoDeviceInfo.deviceId, toDeviceContent)
-
-        val params = SendToDeviceTask.Params(
-                eventType = EventType.REQUEST_SECRET,
-                contentMap = contentMap
-        )
-        try {
-            withContext(coroutineDispatchers.io) {
-                sendToDeviceTask.executeRetry(params, 3)
-            }
-            Timber.tag(loggerTag.value)
-                    .d("Secret request sent for $secretName to ${cryptoDeviceInfo.shortDebugString()}")
-            // TODO update the audit trail
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value)
-                    .w("Failed to request secret $secretName to ${cryptoDeviceInfo.shortDebugString()}")
-        }
-    }
-
-    suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
-        Timber.tag(loggerTag.value)
-                .i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
-        if (!toDevice.isEncrypted()) {
-            // secret send messages must be encrypted
-            Timber.tag(loggerTag.value).e("onSecretSend() :Received unencrypted secret send event")
-            return
-        }
-
-        // Was that sent by us?
-        if (toDevice.senderId != credentials.userId) {
-            Timber.tag(loggerTag.value).e("onSecretSend() : Ignore secret from other user ${toDevice.senderId}")
-            return
-        }
-
-        val secretContent = toDevice.getClearContent().toModel<SecretSendEventContent>() ?: return
-
-        val existingRequest = verifMutex.withLock {
-            outgoingSecretRequests.firstOrNull { it.requestId == secretContent.requestId }
-        }
-
-        // As per spec:
-        // Clients should ignore m.secret.send events received from devices that it did not send an m.secret.request event to.
-        if (existingRequest?.secretName == null) {
-            Timber.tag(loggerTag.value).i("onSecretSend() : Ignore secret that was not requested: ${secretContent.requestId}")
-            return
-        }
-        // we don't need to cancel the request as we only request to one device
-        // just forget about the request now
-        verifMutex.withLock {
-            outgoingSecretRequests.remove(existingRequest)
-        }
-
-        if (!handleGossip(existingRequest.secretName, secretContent.secretValue)) {
-            // TODO Ask to application layer?
-            Timber.tag(loggerTag.value).v("onSecretSend() : secret not handled by SDK")
-        }
-    }
-}
+/*
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.sync.Mutex
+import kotlinx.coroutines.sync.withLock
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.auth.data.Credentials
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
+import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.util.toBase64NoPadding
+import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
+import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
+import org.matrix.android.sdk.internal.session.SessionScope
+import timber.log.Timber
+import javax.inject.Inject
+
+private val loggerTag = LoggerTag("SecretShareManager", LoggerTag.CRYPTO)
+
+@SessionScope
+internal class SecretShareManager @Inject constructor(
+        private val credentials: Credentials,
+        private val cryptoStore: IMXCryptoStore,
+        private val cryptoCoroutineScope: CoroutineScope,
+        private val messageEncrypter: MessageEncrypter,
+        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
+        private val sendToDeviceTask: SendToDeviceTask,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers
+) {
+
+    companion object {
+        private const val SECRET_SHARE_WINDOW_DURATION = 5 * 60 * 1000 // 5 minutes
+    }
+
+    /**
+     * Secret gossiping only occurs during a limited window period after interactive verification.
+     * We keep track of recent verification in memory for that purpose (no need to persist)
+     */
+    private val recentlyVerifiedDevices = mutableMapOf<String, Long>()
+    private val verifMutex = Mutex()
+
+    /**
+     * Secrets are exchanged as part of interactive verification,
+     * so we can just store in memory.
+     */
+    private val outgoingSecretRequests = mutableListOf<SecretShareRequest>()
+
+    // the listeners
+    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
+
+    fun addListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            gossipingRequestListeners.add(listener)
+        }
+    }
+
+    fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            gossipingRequestListeners.remove(listener)
+        }
+    }
+
+    /**
+     * Called when a session has been verified.
+     * This information can be used by the manager to decide whether or not to fullfill gossiping requests.
+     * This should be called as fast as possible after a successful self interactive verification
+     */
+    fun onVerificationCompleteForDevice(deviceId: String) {
+        // For now we just keep an in memory cache
+        cryptoCoroutineScope.launch {
+            verifMutex.withLock {
+                recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
+            }
+        }
+    }
+
+    suspend fun handleSecretRequest(toDevice: Event) {
+        val request = toDevice.getClearContent().toModel<SecretShareRequest>()
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .w("handleSecretRequest() : malformed request")
+                }
+
+//            val (action, requestingDeviceId, requestId, secretName) = it
+        val secretName = request.secretName ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .v("handleSecretRequest() : Missing secret name")
+        }
+
+        val userId = toDevice.senderId ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .v("handleSecretRequest() : Missing secret name")
+        }
+
+        if (userId != credentials.userId) {
+            // secrets are only shared between our own devices
+            Timber.tag(loggerTag.value)
+                    .e("Ignoring secret share request from other users $userId")
+            return
+        }
+
+        val deviceId = request.requestingDeviceId
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .w("handleSecretRequest() : malformed request norequestingDeviceId ")
+                }
+
+        val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .e("Received secret share request from unknown device $deviceId")
+                }
+
+        val isRequestingDeviceTrusted = device.isVerified
+        val isRecentInteractiveVerification = hasBeenVerifiedLessThanFiveMinutesFromNow(device.deviceId)
+        if (isRequestingDeviceTrusted && isRecentInteractiveVerification) {
+            // we can share the secret
+
+            val secretValue = when (secretName) {
+                MASTER_KEY_SSSS_NAME       -> cryptoStore.getCrossSigningPrivateKeys()?.master
+                SELF_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.selfSigned
+                USER_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.user
+                KEYBACKUP_SECRET_SSSS_NAME -> cryptoStore.getKeyBackupRecoveryKeyInfo()?.recoveryKey
+                        ?.let {
+                            extractCurveKeyFromRecoveryKey(it)?.toBase64NoPadding()
+                        }
+                else                       -> null
+            }
+            if (secretValue == null) {
+                Timber.tag(loggerTag.value)
+                        .i("The secret is unknown $secretName, passing to app layer")
+                val toList = synchronized(gossipingRequestListeners) { gossipingRequestListeners.toList() }
+                toList.onEach { listener ->
+                    listener.onSecretShareRequest(request)
+                }
+                return
+            }
+
+            val payloadJson = mapOf(
+                    "type" to EventType.SEND_SECRET,
+                    "content" to mapOf(
+                            "request_id" to request.requestId,
+                            "secret" to secretValue
+                    )
+            )
+
+            // Is it possible that we don't have an olm session?
+            val devicesByUser = mapOf(device.userId to listOf(device))
+            val usersDeviceMap = try {
+                ensureOlmSessionsForDevicesAction.handle(devicesByUser)
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value)
+                        .w("Can't share secret ${request.secretName}: Failed to establish olm session")
+                return
+            }
+
+            val olmSessionResult = usersDeviceMap.getObject(device.userId, device.deviceId)
+            if (olmSessionResult?.sessionId == null) {
+                Timber.tag(loggerTag.value)
+                        .w("secret share: no session with this device $deviceId, probably because there were no one-time keys")
+                return
+            }
+
+            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(device))
+            val sendToDeviceMap = MXUsersDevicesMap<Any>()
+            sendToDeviceMap.setObject(device.userId, device.deviceId, encodedPayload)
+            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
+            try {
+                // raise the retries for secret
+                sendToDeviceTask.executeRetry(sendToDeviceParams, 6)
+                Timber.tag(loggerTag.value)
+                        .i("successfully shared secret $secretName to ${device.shortDebugString()}")
+                // TODO add a trail for that in audit logs
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value)
+                        .e(failure, "failed to send shared secret $secretName to ${device.shortDebugString()}")
+            }
+        } else {
+            Timber.tag(loggerTag.value)
+                    .d(" Received secret share request from un-authorised device ${device.deviceId}")
+        }
+    }
+
+    private suspend fun hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId: String): Boolean {
+        val verifTimestamp = verifMutex.withLock {
+            recentlyVerifiedDevices[deviceId]
+        } ?: return false
+
+        val age = System.currentTimeMillis() - verifTimestamp
+
+        return age < SECRET_SHARE_WINDOW_DURATION
+    }
+
+    suspend fun requestSecretTo(deviceId: String, secretName: String) {
+        val cryptoDeviceInfo = cryptoStore.getUserDevice(credentials.userId, deviceId) ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .d("Can't request secret for $secretName unknown device $deviceId")
+        }
+        val toDeviceContent = SecretShareRequest(
+                requestingDeviceId = credentials.deviceId,
+                secretName = secretName,
+                requestId = createUniqueTxnId()
+        )
+
+        verifMutex.withLock {
+            outgoingSecretRequests.add(toDeviceContent)
+        }
+
+        val contentMap = MXUsersDevicesMap<Any>()
+        contentMap.setObject(cryptoDeviceInfo.userId, cryptoDeviceInfo.deviceId, toDeviceContent)
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.REQUEST_SECRET,
+                contentMap = contentMap
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            Timber.tag(loggerTag.value)
+                    .d("Secret request sent for $secretName to ${cryptoDeviceInfo.shortDebugString()}")
+            // TODO update the audit trail
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value)
+                    .w("Failed to request secret $secretName to ${cryptoDeviceInfo.shortDebugString()}")
+        }
+    }
+
+    suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
+        Timber.tag(loggerTag.value)
+                .i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
+        if (!toDevice.isEncrypted()) {
+            // secret send messages must be encrypted
+            Timber.tag(loggerTag.value).e("onSecretSend() :Received unencrypted secret send event")
+            return
+        }
+
+        // Was that sent by us?
+        if (toDevice.senderId != credentials.userId) {
+            Timber.tag(loggerTag.value).e("onSecretSend() : Ignore secret from other user ${toDevice.senderId}")
+            return
+        }
+
+        val secretContent = toDevice.getClearContent().toModel<SecretSendEventContent>() ?: return
+
+        val existingRequest = verifMutex.withLock {
+            outgoingSecretRequests.firstOrNull { it.requestId == secretContent.requestId }
+        }
+
+        // As per spec:
+        // Clients should ignore m.secret.send events received from devices that it did not send an m.secret.request event to.
+        if (existingRequest?.secretName == null) {
+            Timber.tag(loggerTag.value).i("onSecretSend() : Ignore secret that was not requested: ${secretContent.requestId}")
+            return
+        }
+        // we don't need to cancel the request as we only request to one device
+        // just forget about the request now
+        verifMutex.withLock {
+            outgoingSecretRequests.remove(existingRequest)
+        }
+
+        if (!handleGossip(existingRequest.secretName, secretContent.secretValue)) {
+            // TODO Ask to application layer?
+            Timber.tag(loggerTag.value).v("onSecretSend() : secret not handled by SDK")
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
index cd3b21f7ba..1dd9cacb74 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
@@ -1,31 +1,31 @@
-// /*
-// * Copyright 2020 The Matrix.org Foundation C.I.C.
-// *
-// * Licensed under the Apache License, Version 2.0 (the "License");
-// * you may not use this file except in compliance with the License.
-// * You may obtain a copy of the License at
-// *
-// *     http://www.apache.org/licenses/LICENSE-2.0
-// *
-// * Unless required by applicable law or agreed to in writing, software
-// * distributed under the License is distributed on an "AS IS" BASIS,
-// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// * See the License for the specific language governing permissions and
-// * limitations under the License.
-// */
-
-package org.matrix.android.sdk.internal.crypto.store.db.model
-
-import io.realm.RealmObject
-import io.realm.annotations.Index
-
-// not used anymore, just here for db migration
-internal open class OutgoingGossipingRequestEntity(
-        @Index var requestId: String? = null,
-        var recipientsData: String? = null,
-        var requestedInfoStr: String? = null,
-        @Index var typeStr: String? = null
-) : RealmObject() {
-
-    private var requestStateStr: String = ""
-}
+ /*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto.store.db.model
+
+import io.realm.RealmObject
+import io.realm.annotations.Index
+
+// not used anymore, just here for db migration
+internal open class OutgoingGossipingRequestEntity(
+        @Index var requestId: String? = null,
+        var recipientsData: String? = null,
+        var requestedInfoStr: String? = null,
+        @Index var typeStr: String? = null
+) : RealmObject() {
+
+    private var requestStateStr: String = ""
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
index b6eba6b3b4..dfdda4f1d8 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
@@ -1,315 +1,316 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.matrix.android.sdk.internal.crypto.verification
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.SupervisorJob
-import kotlinx.coroutines.asCoroutineDispatcher
-import kotlinx.coroutines.launch
-import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
-import org.matrix.android.sdk.api.session.crypto.verification.ValidVerificationInfoRequest
-import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
-import org.matrix.android.sdk.api.session.events.model.Content
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.LocalEcho
-import org.matrix.android.sdk.api.session.events.model.RelationType
-import org.matrix.android.sdk.api.session.events.model.UnsignedData
-import org.matrix.android.sdk.api.session.events.model.toContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationAcceptContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationCancelContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationDoneContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationKeyContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationMacContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationReadyContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationRequestContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationStartContent
-import org.matrix.android.sdk.api.session.room.model.relation.RelationDefaultContent
-import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_RECIPROCATE
-import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_SAS
-import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
-import org.matrix.android.sdk.internal.session.room.send.LocalEchoEventFactory
-import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
-import timber.log.Timber
-import java.util.concurrent.Executors
-
-internal class VerificationTransportRoomMessage(
-        private val sendVerificationMessageTask: SendVerificationMessageTask,
-        private val userId: String,
-        private val userDeviceId: String?,
-        private val roomId: String,
-        private val localEchoEventFactory: LocalEchoEventFactory,
-        private val tx: DefaultVerificationTransaction?
-) : VerificationTransport {
-
-    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
-    private val verificationSenderScope = CoroutineScope(SupervisorJob() + dispatcher)
-    private val sequencer = SemaphoreCoroutineSequencer()
-
-    override fun <T> sendToOther(type: String,
-                                 verificationInfo: VerificationInfo<T>,
-                                 nextState: VerificationTxState,
-                                 onErrorReason: CancelCode,
-                                 onDone: (() -> Unit)?) {
-        Timber.d("## SAS sending msg type $type")
-        Timber.v("## SAS sending msg info $verificationInfo")
-        val event = createEventAndLocalEcho(
-                type = type,
-                roomId = roomId,
-                content = verificationInfo.toEventContent()!!
-        )
-
-        verificationSenderScope.launch {
-            sequencer.post {
-                try {
-                    val params = SendVerificationMessageTask.Params(event)
-                    sendVerificationMessageTask.executeRetry(params, 5)
-                    // Do I need to update local echo state to sent?
-                    if (onDone != null) {
-                        onDone()
-                    } else {
-                        tx?.state = nextState
-                    }
-                } catch (failure: Throwable) {
-                    tx?.cancel(onErrorReason)
-                }
-            }
-        }
-    }
-
-    override fun sendVerificationRequest(supportedMethods: List<String>,
-                                         localId: String,
-                                         otherUserId: String,
-                                         roomId: String?,
-                                         toDevices: List<String>?,
-                                         callback: (String?, ValidVerificationInfoRequest?) -> Unit) {
-        Timber.d("## SAS sending verification request with supported methods: $supportedMethods")
-        // This transport requires a room
-        requireNotNull(roomId)
-
-        val validInfo = ValidVerificationInfoRequest(
-                transactionId = "",
-                fromDevice = userDeviceId ?: "",
-                methods = supportedMethods,
-                timestamp = System.currentTimeMillis()
-        )
-
-        val info = MessageVerificationRequestContent(
-                body = "$userId is requesting to verify your key, but your client does not support in-chat key verification." +
-                        " You will need to use legacy key verification to verify keys.",
-                fromDevice = validInfo.fromDevice,
-                toUserId = otherUserId,
-                timestamp = validInfo.timestamp,
-                methods = validInfo.methods
-        )
-        val content = info.toContent()
-
-        val event = createEventAndLocalEcho(
-                localId = localId,
-                type = EventType.MESSAGE,
-                roomId = roomId,
-                content = content
-        )
-
-        verificationSenderScope.launch {
-            val params = SendVerificationMessageTask.Params(event)
-            sequencer.post {
-                try {
-                    val eventId = sendVerificationMessageTask.executeRetry(params, 5)
-                    // Do I need to update local echo state to sent?
-                    callback(eventId, validInfo)
-                } catch (failure: Throwable) {
-                    callback(null, null)
-                }
-            }
-        }
-    }
-
-    override fun cancelTransaction(transactionId: String, otherUserId: String, otherUserDeviceId: String?, code: CancelCode) {
-        Timber.d("## SAS canceling transaction $transactionId for reason $code")
-        val event = createEventAndLocalEcho(
-                type = EventType.KEY_VERIFICATION_CANCEL,
-                roomId = roomId,
-                content = MessageVerificationCancelContent.create(transactionId, code).toContent()
-        )
-
-        verificationSenderScope.launch {
-            sequencer.post {
-                try {
-                    val params = SendVerificationMessageTask.Params(event)
-                    sendVerificationMessageTask.executeRetry(params, 5)
-                } catch (failure: Throwable) {
-                    Timber.w("")
-                }
-            }
-        }
-    }
-
-    override fun done(transactionId: String,
-                      onDone: (() -> Unit)?) {
-        Timber.d("## SAS sending done for $transactionId")
-        val event = createEventAndLocalEcho(
-                type = EventType.KEY_VERIFICATION_DONE,
-                roomId = roomId,
-                content = MessageVerificationDoneContent(
-                        relatesTo = RelationDefaultContent(
-                                RelationType.REFERENCE,
-                                transactionId
-                        )
-                ).toContent()
-        )
-        verificationSenderScope.launch {
-            sequencer.post {
-                try {
-                    val params = SendVerificationMessageTask.Params(event)
-                    sendVerificationMessageTask.executeRetry(params, 5)
-                } catch (failure: Throwable) {
-                    Timber.w("")
-                } finally {
-                    onDone?.invoke()
-                }
-            }
-        }
-//        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
-//                sessionId = sessionId,
-//                eventId = event.eventId ?: ""
-//        ))
-//        val enqueueInfo = enqueueSendWork(workerParams)
-//
-//        val workLiveData = workManagerProvider.workManager
-//                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
-//        val observer = object : Observer<List<WorkInfo>> {
-//            override fun onChanged(workInfoList: List<WorkInfo>?) {
-//                workInfoList
-//                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
-//                        ?.firstOrNull { it.id == enqueueInfo.second }
-//                        ?.let { _ ->
-//                            onDone?.invoke()
-//                            workLiveData.removeObserver(this)
-//                        }
-//            }
-//        }
-//
-//        // TODO listen to DB to get synced info
-//        coroutineScope.launch(Dispatchers.Main) {
-//            workLiveData.observeForever(observer)
-//        }
-    }
-
-//    private fun enqueueSendWork(workerParams: Data): Pair<Operation, UUID> {
-//        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
-//                .setConstraints(WorkManagerProvider.workConstraints)
-//                .setInputData(workerParams)
-//                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
-//                .build()
-//        return workManagerProvider.workManager
-//                .beginUniqueWork(uniqueQueueName(), ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
-//                .enqueue() to workRequest.id
-//    }
-
-//    private fun uniqueQueueName() = "${roomId}_VerificationWork"
-
-    override fun createAccept(tid: String,
-                              keyAgreementProtocol: String,
-                              hash: String,
-                              commitment: String,
-                              messageAuthenticationCode: String,
-                              shortAuthenticationStrings: List<String>): VerificationInfoAccept =
-            MessageVerificationAcceptContent.create(
-                    tid,
-                    keyAgreementProtocol,
-                    hash,
-                    commitment,
-                    messageAuthenticationCode,
-                    shortAuthenticationStrings
-            )
-
-    override fun createKey(tid: String, pubKey: String): VerificationInfoKey = MessageVerificationKeyContent.create(tid, pubKey)
-
-    override fun createMac(tid: String, mac: Map<String, String>, keys: String) = MessageVerificationMacContent.create(tid, mac, keys)
-
-    override fun createStartForSas(fromDevice: String,
-                                   transactionId: String,
-                                   keyAgreementProtocols: List<String>,
-                                   hashes: List<String>,
-                                   messageAuthenticationCodes: List<String>,
-                                   shortAuthenticationStrings: List<String>): VerificationInfoStart {
-        return MessageVerificationStartContent(
-                fromDevice,
-                hashes,
-                keyAgreementProtocols,
-                messageAuthenticationCodes,
-                shortAuthenticationStrings,
-                VERIFICATION_METHOD_SAS,
-                RelationDefaultContent(
-                        type = RelationType.REFERENCE,
-                        eventId = transactionId
-                ),
-                null
-        )
-    }
-
-    override fun createStartForQrCode(fromDevice: String,
-                                      transactionId: String,
-                                      sharedSecret: String): VerificationInfoStart {
-        return MessageVerificationStartContent(
-                fromDevice,
-                null,
-                null,
-                null,
-                null,
-                VERIFICATION_METHOD_RECIPROCATE,
-                RelationDefaultContent(
-                        type = RelationType.REFERENCE,
-                        eventId = transactionId
-                ),
-                sharedSecret
-        )
-    }
-
-    override fun createReady(tid: String, fromDevice: String, methods: List<String>): VerificationInfoReady {
-        return MessageVerificationReadyContent(
-                fromDevice = fromDevice,
-                relatesTo = RelationDefaultContent(
-                        type = RelationType.REFERENCE,
-                        eventId = tid
-                ),
-                methods = methods
-        )
-    }
-
-    private fun createEventAndLocalEcho(localId: String = LocalEcho.createLocalEchoId(), type: String, roomId: String, content: Content): Event {
-        return Event(
-                roomId = roomId,
-                originServerTs = System.currentTimeMillis(),
-                senderId = userId,
-                eventId = localId,
-                type = type,
-                content = content,
-                unsignedData = UnsignedData(age = null, transactionId = localId)
-        ).also {
-            localEchoEventFactory.createLocalEcho(it)
-        }
-    }
-
-    override fun sendVerificationReady(keyReq: VerificationInfoReady,
-                                       otherUserId: String,
-                                       otherDeviceId: String?,
-                                       callback: (() -> Unit)?) {
-        // Not applicable (send event is called directly)
-        Timber.w("## SAS ignored verification ready with methods: ${keyReq.methods}")
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.matrix.android.sdk.internal.crypto.verification
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.asCoroutineDispatcher
+import kotlinx.coroutines.launch
+import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
+import org.matrix.android.sdk.api.session.crypto.verification.ValidVerificationInfoRequest
+import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
+import org.matrix.android.sdk.api.session.events.model.Content
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.LocalEcho
+import org.matrix.android.sdk.api.session.events.model.RelationType
+import org.matrix.android.sdk.api.session.events.model.UnsignedData
+import org.matrix.android.sdk.api.session.events.model.toContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationAcceptContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationCancelContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationDoneContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationKeyContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationMacContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationReadyContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationRequestContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationStartContent
+import org.matrix.android.sdk.api.session.room.model.relation.RelationDefaultContent
+import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_RECIPROCATE
+import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_SAS
+import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
+import org.matrix.android.sdk.internal.session.room.send.LocalEchoEventFactory
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
+import timber.log.Timber
+import java.util.concurrent.Executors
+
+internal class VerificationTransportRoomMessage(
+        private val sendVerificationMessageTask: SendVerificationMessageTask,
+        private val userId: String,
+        private val userDeviceId: String?,
+        private val roomId: String,
+        private val localEchoEventFactory: LocalEchoEventFactory,
+        private val tx: DefaultVerificationTransaction?
+) : VerificationTransport {
+
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val verificationSenderScope = CoroutineScope(SupervisorJob() + dispatcher)
+    private val sequencer = SemaphoreCoroutineSequencer()
+
+    override fun <T> sendToOther(type: String,
+                                 verificationInfo: VerificationInfo<T>,
+                                 nextState: VerificationTxState,
+                                 onErrorReason: CancelCode,
+                                 onDone: (() -> Unit)?) {
+        Timber.d("## SAS sending msg type $type")
+        Timber.v("## SAS sending msg info $verificationInfo")
+        val event = createEventAndLocalEcho(
+                type = type,
+                roomId = roomId,
+                content = verificationInfo.toEventContent()!!
+        )
+
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                    // Do I need to update local echo state to sent?
+                    if (onDone != null) {
+                        onDone()
+                    } else {
+                        tx?.state = nextState
+                    }
+                } catch (failure: Throwable) {
+                    tx?.cancel(onErrorReason)
+                }
+            }
+        }
+    }
+
+    override fun sendVerificationRequest(supportedMethods: List<String>,
+                                         localId: String,
+                                         otherUserId: String,
+                                         roomId: String?,
+                                         toDevices: List<String>?,
+                                         callback: (String?, ValidVerificationInfoRequest?) -> Unit) {
+        Timber.d("## SAS sending verification request with supported methods: $supportedMethods")
+        // This transport requires a room
+        requireNotNull(roomId)
+
+        val validInfo = ValidVerificationInfoRequest(
+                transactionId = "",
+                fromDevice = userDeviceId ?: "",
+                methods = supportedMethods,
+                timestamp = System.currentTimeMillis()
+        )
+
+        val info = MessageVerificationRequestContent(
+                body = "$userId is requesting to verify your key, but your client does not support in-chat key verification." +
+                        " You will need to use legacy key verification to verify keys.",
+                fromDevice = validInfo.fromDevice,
+                toUserId = otherUserId,
+                timestamp = validInfo.timestamp,
+                methods = validInfo.methods
+        )
+        val content = info.toContent()
+
+        val event = createEventAndLocalEcho(
+                localId = localId,
+                type = EventType.MESSAGE,
+                roomId = roomId,
+                content = content
+        )
+
+        verificationSenderScope.launch {
+            val params = SendVerificationMessageTask.Params(event)
+            sequencer.post {
+                try {
+                    val eventId = sendVerificationMessageTask.executeRetry(params, 5)
+                    // Do I need to update local echo state to sent?
+                    callback(eventId, validInfo)
+                } catch (failure: Throwable) {
+                    callback(null, null)
+                }
+            }
+        }
+    }
+
+    override fun cancelTransaction(transactionId: String, otherUserId: String, otherUserDeviceId: String?, code: CancelCode) {
+        Timber.d("## SAS canceling transaction $transactionId for reason $code")
+        val event = createEventAndLocalEcho(
+                type = EventType.KEY_VERIFICATION_CANCEL,
+                roomId = roomId,
+                content = MessageVerificationCancelContent.create(transactionId, code).toContent()
+        )
+
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                } catch (failure: Throwable) {
+                    Timber.w(failure, "Failed to cancel verification transaction")
+                }
+            }
+        }
+    }
+
+    override fun done(transactionId: String,
+                      onDone: (() -> Unit)?) {
+        Timber.d("## SAS sending done for $transactionId")
+        val event = createEventAndLocalEcho(
+                type = EventType.KEY_VERIFICATION_DONE,
+                roomId = roomId,
+                content = MessageVerificationDoneContent(
+                        relatesTo = RelationDefaultContent(
+                                RelationType.REFERENCE,
+                                transactionId
+                        )
+                ).toContent()
+        )
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                } catch (failure: Throwable) {
+                    Timber.w(failure, "Failed to complete (done) verification")
+                    // should we call onDone?
+                } finally {
+                    onDone?.invoke()
+                }
+            }
+        }
+//        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
+//                sessionId = sessionId,
+//                eventId = event.eventId ?: ""
+//        ))
+//        val enqueueInfo = enqueueSendWork(workerParams)
+//
+//        val workLiveData = workManagerProvider.workManager
+//                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
+//        val observer = object : Observer<List<WorkInfo>> {
+//            override fun onChanged(workInfoList: List<WorkInfo>?) {
+//                workInfoList
+//                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
+//                        ?.firstOrNull { it.id == enqueueInfo.second }
+//                        ?.let { _ ->
+//                            onDone?.invoke()
+//                            workLiveData.removeObserver(this)
+//                        }
+//            }
+//        }
+//
+//        // TODO listen to DB to get synced info
+//        coroutineScope.launch(Dispatchers.Main) {
+//            workLiveData.observeForever(observer)
+//        }
+    }
+
+//    private fun enqueueSendWork(workerParams: Data): Pair<Operation, UUID> {
+//        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
+//                .setConstraints(WorkManagerProvider.workConstraints)
+//                .setInputData(workerParams)
+//                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
+//                .build()
+//        return workManagerProvider.workManager
+//                .beginUniqueWork(uniqueQueueName(), ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
+//                .enqueue() to workRequest.id
+//    }
+
+//    private fun uniqueQueueName() = "${roomId}_VerificationWork"
+
+    override fun createAccept(tid: String,
+                              keyAgreementProtocol: String,
+                              hash: String,
+                              commitment: String,
+                              messageAuthenticationCode: String,
+                              shortAuthenticationStrings: List<String>): VerificationInfoAccept =
+            MessageVerificationAcceptContent.create(
+                    tid,
+                    keyAgreementProtocol,
+                    hash,
+                    commitment,
+                    messageAuthenticationCode,
+                    shortAuthenticationStrings
+            )
+
+    override fun createKey(tid: String, pubKey: String): VerificationInfoKey = MessageVerificationKeyContent.create(tid, pubKey)
+
+    override fun createMac(tid: String, mac: Map<String, String>, keys: String) = MessageVerificationMacContent.create(tid, mac, keys)
+
+    override fun createStartForSas(fromDevice: String,
+                                   transactionId: String,
+                                   keyAgreementProtocols: List<String>,
+                                   hashes: List<String>,
+                                   messageAuthenticationCodes: List<String>,
+                                   shortAuthenticationStrings: List<String>): VerificationInfoStart {
+        return MessageVerificationStartContent(
+                fromDevice,
+                hashes,
+                keyAgreementProtocols,
+                messageAuthenticationCodes,
+                shortAuthenticationStrings,
+                VERIFICATION_METHOD_SAS,
+                RelationDefaultContent(
+                        type = RelationType.REFERENCE,
+                        eventId = transactionId
+                ),
+                null
+        )
+    }
+
+    override fun createStartForQrCode(fromDevice: String,
+                                      transactionId: String,
+                                      sharedSecret: String): VerificationInfoStart {
+        return MessageVerificationStartContent(
+                fromDevice,
+                null,
+                null,
+                null,
+                null,
+                VERIFICATION_METHOD_RECIPROCATE,
+                RelationDefaultContent(
+                        type = RelationType.REFERENCE,
+                        eventId = transactionId
+                ),
+                sharedSecret
+        )
+    }
+
+    override fun createReady(tid: String, fromDevice: String, methods: List<String>): VerificationInfoReady {
+        return MessageVerificationReadyContent(
+                fromDevice = fromDevice,
+                relatesTo = RelationDefaultContent(
+                        type = RelationType.REFERENCE,
+                        eventId = tid
+                ),
+                methods = methods
+        )
+    }
+
+    private fun createEventAndLocalEcho(localId: String = LocalEcho.createLocalEchoId(), type: String, roomId: String, content: Content): Event {
+        return Event(
+                roomId = roomId,
+                originServerTs = System.currentTimeMillis(),
+                senderId = userId,
+                eventId = localId,
+                type = type,
+                content = content,
+                unsignedData = UnsignedData(age = null, transactionId = localId)
+        ).also {
+            localEchoEventFactory.createLocalEcho(it)
+        }
+    }
+
+    override fun sendVerificationReady(keyReq: VerificationInfoReady,
+                                       otherUserId: String,
+                                       otherDeviceId: String?,
+                                       callback: (() -> Unit)?) {
+        // Not applicable (send event is called directly)
+        Timber.w("## SAS ignored verification ready with methods: ${keyReq.methods}")
+    }
+}

From 058d2e6b72599bd16a97f536b79f93a07497616b Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 22 Apr 2022 11:38:29 +0200
Subject: [PATCH 17/27] Fix: ignore key request form self devices

---
 .../internal/crypto/DefaultCryptoService.kt   | 2677 +++++++++--------
 1 file changed, 1343 insertions(+), 1334 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index f89927f9c2..98b5235e14 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -1,1334 +1,1343 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import android.content.Context
-import androidx.annotation.VisibleForTesting
-import androidx.lifecycle.LiveData
-import androidx.paging.PagedList
-import com.squareup.moshi.Types
-import dagger.Lazy
-import kotlinx.coroutines.CancellationException
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.cancelChildren
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.runBlocking
-import kotlinx.coroutines.withContext
-import org.matrix.android.sdk.api.MatrixCallback
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.NoOpMatrixCallback
-import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_OLM
-import org.matrix.android.sdk.api.crypto.MXCryptoConfig
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.failure.Failure
-import org.matrix.android.sdk.api.listeners.ProgressListener
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.CryptoService
-import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.NewSessionListener
-import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
-import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
-import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
-import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.DevicesListResponse
-import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
-import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
-import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
-import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
-import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.crypto.model.TrailType
-import org.matrix.android.sdk.api.session.events.model.Content
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.session.room.model.Membership
-import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibility
-import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibilityContent
-import org.matrix.android.sdk.api.session.room.model.RoomMemberContent
-import org.matrix.android.sdk.api.session.sync.model.SyncResponse
-import org.matrix.android.sdk.internal.crypto.actions.MegolmSessionDataImporter
-import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
-import org.matrix.android.sdk.internal.crypto.algorithms.IMXGroupEncryption
-import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
-import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
-import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningService
-import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
-import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
-import org.matrix.android.sdk.internal.crypto.model.toRest
-import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.DeleteDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.GetDeviceInfoTask
-import org.matrix.android.sdk.internal.crypto.tasks.GetDevicesTask
-import org.matrix.android.sdk.internal.crypto.tasks.SetDeviceNameTask
-import org.matrix.android.sdk.internal.crypto.tasks.UploadKeysTask
-import org.matrix.android.sdk.internal.crypto.verification.DefaultVerificationService
-import org.matrix.android.sdk.internal.crypto.verification.VerificationMessageProcessor
-import org.matrix.android.sdk.internal.di.DeviceId
-import org.matrix.android.sdk.internal.di.MoshiProvider
-import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.android.sdk.internal.extensions.foldToCallback
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.session.StreamEventsManager
-import org.matrix.android.sdk.internal.session.room.membership.LoadRoomMembersTask
-import org.matrix.android.sdk.internal.task.TaskExecutor
-import org.matrix.android.sdk.internal.task.TaskThread
-import org.matrix.android.sdk.internal.task.configureWith
-import org.matrix.android.sdk.internal.task.launchToCallback
-import org.matrix.android.sdk.internal.util.JsonCanonicalizer
-import org.matrix.olm.OlmManager
-import timber.log.Timber
-import java.util.concurrent.atomic.AtomicBoolean
-import javax.inject.Inject
-import kotlin.math.max
-
-/**
- * A `CryptoService` class instance manages the end-to-end crypto for a session.
- *
- *
- * Messages posted by the user are automatically redirected to CryptoService in order to be encrypted
- * before sending.
- * In the other hand, received events goes through CryptoService for decrypting.
- * CryptoService maintains all necessary keys and their sharing with other devices required for the crypto.
- * Specially, it tracks all room membership changes events in order to do keys updates.
- */
-
-private val loggerTag = LoggerTag("DefaultCryptoService", LoggerTag.CRYPTO)
-
-@SessionScope
-internal class DefaultCryptoService @Inject constructor(
-        // Olm Manager
-        private val olmManager: OlmManager,
-        @UserId
-        private val userId: String,
-        @DeviceId
-        private val deviceId: String?,
-        private val myDeviceInfoHolder: Lazy<MyDeviceInfoHolder>,
-        // the crypto store
-        private val cryptoStore: IMXCryptoStore,
-        // Room encryptors store
-        private val roomEncryptorsStore: RoomEncryptorsStore,
-        // Olm device
-        private val olmDevice: MXOlmDevice,
-        // Set of parameters used to configure/customize the end-to-end crypto.
-        private val mxCryptoConfig: MXCryptoConfig,
-        // Device list manager
-        private val deviceListManager: DeviceListManager,
-        // The key backup service.
-        private val keysBackupService: DefaultKeysBackupService,
-        //
-        private val objectSigner: ObjectSigner,
-        //
-        private val oneTimeKeysUploader: OneTimeKeysUploader,
-        //
-        private val roomDecryptorProvider: RoomDecryptorProvider,
-        // The verification service.
-        private val verificationService: DefaultVerificationService,
-
-        private val crossSigningService: DefaultCrossSigningService,
-        //
-        private val incomingKeyRequestManager: IncomingKeyRequestManager,
-        private val secretShareManager: SecretShareManager,
-        //
-        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
-        // Actions
-        private val setDeviceVerificationAction: SetDeviceVerificationAction,
-        private val megolmSessionDataImporter: MegolmSessionDataImporter,
-        private val warnOnUnknownDevicesRepository: WarnOnUnknownDeviceRepository,
-        // Repository
-        private val megolmEncryptionFactory: MXMegolmEncryptionFactory,
-        private val olmEncryptionFactory: MXOlmEncryptionFactory,
-        // Tasks
-        private val deleteDeviceTask: DeleteDeviceTask,
-        private val getDevicesTask: GetDevicesTask,
-        private val getDeviceInfoTask: GetDeviceInfoTask,
-        private val setDeviceNameTask: SetDeviceNameTask,
-        private val uploadKeysTask: UploadKeysTask,
-        private val loadRoomMembersTask: LoadRoomMembersTask,
-        private val cryptoSessionInfoProvider: CryptoSessionInfoProvider,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val taskExecutor: TaskExecutor,
-        private val cryptoCoroutineScope: CoroutineScope,
-        private val eventDecryptor: EventDecryptor,
-        private val verificationMessageProcessor: VerificationMessageProcessor,
-        private val liveEventManager: Lazy<StreamEventsManager>
-) : CryptoService {
-
-    private val isStarting = AtomicBoolean(false)
-    private val isStarted = AtomicBoolean(false)
-
-    fun onStateEvent(roomId: String, event: Event) {
-        when (event.type) {
-            EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
-            EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
-            EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
-        }
-    }
-
-    fun onLiveEvent(roomId: String, event: Event, isInitialSync: Boolean) {
-        // handle state events
-        if (event.isStateEvent()) {
-            when (event.type) {
-                EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
-                EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
-                EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
-            }
-        }
-
-        // handle verification
-        if (!isInitialSync) {
-            if (event.type != null && verificationMessageProcessor.shouldProcess(event.type)) {
-                cryptoCoroutineScope.launch(coroutineDispatchers.dmVerif) {
-                    verificationMessageProcessor.process(event)
-                }
-            }
-        }
-    }
-
-//    val gossipingBuffer = mutableListOf<Event>()
-
-    override fun setDeviceName(deviceId: String, deviceName: String, callback: MatrixCallback<Unit>) {
-        setDeviceNameTask
-                .configureWith(SetDeviceNameTask.Params(deviceId, deviceName)) {
-                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = object : MatrixCallback<Unit> {
-                        override fun onSuccess(data: Unit) {
-                            // bg refresh of crypto device
-                            downloadKeys(listOf(userId), true, NoOpMatrixCallback())
-                            callback.onSuccess(data)
-                        }
-
-                        override fun onFailure(failure: Throwable) {
-                            callback.onFailure(failure)
-                        }
-                    }
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun deleteDevice(deviceId: String, userInteractiveAuthInterceptor: UserInteractiveAuthInterceptor, callback: MatrixCallback<Unit>) {
-        deleteDeviceTask
-                .configureWith(DeleteDeviceTask.Params(deviceId, userInteractiveAuthInterceptor, null)) {
-                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = callback
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun getCryptoVersion(context: Context, longFormat: Boolean): String {
-        return if (longFormat) olmManager.getDetailedVersion(context) else olmManager.version
-    }
-
-    override fun getMyDevice(): CryptoDeviceInfo {
-        return myDeviceInfoHolder.get().myDevice
-    }
-
-    override fun fetchDevicesList(callback: MatrixCallback<DevicesListResponse>) {
-        getDevicesTask
-                .configureWith {
-                    //                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = object : MatrixCallback<DevicesListResponse> {
-                        override fun onFailure(failure: Throwable) {
-                            callback.onFailure(failure)
-                        }
-
-                        override fun onSuccess(data: DevicesListResponse) {
-                            // Save in local DB
-                            cryptoStore.saveMyDevicesInfo(data.devices.orEmpty())
-                            callback.onSuccess(data)
-                        }
-                    }
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>> {
-        return cryptoStore.getLiveMyDevicesInfo()
-    }
-
-    override fun getMyDevicesInfo(): List<DeviceInfo> {
-        return cryptoStore.getMyDevicesInfo()
-    }
-
-    override fun getDeviceInfo(deviceId: String, callback: MatrixCallback<DeviceInfo>) {
-        getDeviceInfoTask
-                .configureWith(GetDeviceInfoTask.Params(deviceId)) {
-                    this.executionThread = TaskThread.CRYPTO
-                    this.callback = callback
-                }
-                .executeBy(taskExecutor)
-    }
-
-    override fun inboundGroupSessionsCount(onlyBackedUp: Boolean): Int {
-        return cryptoStore.inboundGroupSessionsCount(onlyBackedUp)
-    }
-
-    /**
-     * Provides the tracking status
-     *
-     * @param userId the user id
-     * @return the tracking status
-     */
-    override fun getDeviceTrackingStatus(userId: String): Int {
-        return cryptoStore.getDeviceTrackingStatus(userId, DeviceListManager.TRACKING_STATUS_NOT_TRACKED)
-    }
-
-    /**
-     * Tell if the MXCrypto is started
-     *
-     * @return true if the crypto is started
-     */
-    fun isStarted(): Boolean {
-        return isStarted.get()
-    }
-
-    /**
-     * Tells if the MXCrypto is starting.
-     *
-     * @return true if the crypto is starting
-     */
-    fun isStarting(): Boolean {
-        return isStarting.get()
-    }
-
-    /**
-     * Start the crypto module.
-     * Device keys will be uploaded, then one time keys if there are not enough on the homeserver
-     * and, then, if this is the first time, this new device will be announced to all other users
-     * devices.
-     *
-     */
-    fun start() {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            internalStart()
-        }
-        // Just update
-        fetchDevicesList(NoOpMatrixCallback())
-
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            cryptoStore.tidyUpDataBase()
-        }
-    }
-
-    fun ensureDevice() {
-        cryptoCoroutineScope.launchToCallback(coroutineDispatchers.crypto, NoOpMatrixCallback()) {
-            // Open the store
-            cryptoStore.open()
-
-            if (!cryptoStore.areDeviceKeysUploaded()) {
-                // Schedule upload of OTK
-                oneTimeKeysUploader.updateOneTimeKeyCount(0)
-            }
-
-            // this can throw if no network
-            tryOrNull {
-                uploadDeviceKeys()
-            }
-
-            oneTimeKeysUploader.maybeUploadOneTimeKeys()
-            // this can throw if no backup
-            tryOrNull {
-                keysBackupService.checkAndStartKeysBackup()
-            }
-        }
-    }
-
-    fun onSyncWillProcess(isInitialSync: Boolean) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            if (isInitialSync) {
-                try {
-                    // On initial sync, we start all our tracking from
-                    // scratch, so mark everything as untracked. onCryptoEvent will
-                    // be called for all e2e rooms during the processing of the sync,
-                    // at which point we'll start tracking all the users of that room.
-                    deviceListManager.invalidateAllDeviceLists()
-                    // always track my devices?
-                    deviceListManager.startTrackingDeviceList(listOf(userId))
-                    deviceListManager.refreshOutdatedDeviceLists()
-                } catch (failure: Throwable) {
-                    Timber.tag(loggerTag.value).e(failure, "onSyncWillProcess ")
-                }
-            }
-        }
-    }
-
-    private fun internalStart() {
-        if (isStarted.get() || isStarting.get()) {
-            return
-        }
-        isStarting.set(true)
-
-        // Open the store
-        cryptoStore.open()
-
-        isStarting.set(false)
-        isStarted.set(true)
-    }
-
-    /**
-     * Close the crypto
-     */
-    fun close() = runBlocking(coroutineDispatchers.crypto) {
-        cryptoCoroutineScope.coroutineContext.cancelChildren(CancellationException("Closing crypto module"))
-        incomingKeyRequestManager.close()
-        outgoingKeyRequestManager.close()
-        olmDevice.release()
-        cryptoStore.close()
-    }
-
-    // Always enabled on Matrix Android SDK2
-    override fun isCryptoEnabled() = true
-
-    /**
-     * @return the Keys backup Service
-     */
-    override fun keysBackupService() = keysBackupService
-
-    /**
-     * @return the VerificationService
-     */
-    override fun verificationService() = verificationService
-
-    override fun crossSigningService() = crossSigningService
-
-    /**
-     * A sync response has been received
-     *
-     * @param syncResponse the syncResponse
-     */
-    fun onSyncCompleted(syncResponse: SyncResponse) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            runCatching {
-                if (syncResponse.deviceLists != null) {
-                    deviceListManager.handleDeviceListsChanges(syncResponse.deviceLists.changed, syncResponse.deviceLists.left)
-                }
-                if (syncResponse.deviceOneTimeKeysCount != null) {
-                    val currentCount = syncResponse.deviceOneTimeKeysCount.signedCurve25519 ?: 0
-                    oneTimeKeysUploader.updateOneTimeKeyCount(currentCount)
-                }
-
-                // unwedge if needed
-                try {
-                    eventDecryptor.unwedgeDevicesIfNeeded()
-                } catch (failure: Throwable) {
-                    Timber.tag(loggerTag.value).w("unwedgeDevicesIfNeeded failed")
-                }
-
-                // There is a limit of to_device events returned per sync.
-                // If we are in a case of such limited to_device sync we can't try to generate/upload
-                // new otk now, because there might be some pending olm pre-key to_device messages that would fail if we rotate
-                // the old otk too early. In this case we want to wait for the pending to_device before doing anything
-                // As per spec:
-                // If there is a large queue of send-to-device messages, the server should limit the number sent in each /sync response.
-                // 100 messages is recommended as a reasonable limit.
-                // The limit is not part of the spec, so it's probably safer to handle that when there are no more to_device ( so we are sure
-                // that there are no pending to_device
-                val toDevices = syncResponse.toDevice?.events.orEmpty()
-                if (isStarted() && toDevices.isEmpty()) {
-                    // Make sure we process to-device messages before generating new one-time-keys #2782
-                    deviceListManager.refreshOutdatedDeviceLists()
-                    // The presence of device_unused_fallback_key_types indicates that the server supports fallback keys.
-                    // If there's no unused signed_curve25519 fallback key we need a new one.
-                    if (syncResponse.deviceUnusedFallbackKeyTypes != null &&
-                            // Generate a fallback key only if the server does not already have an unused fallback key.
-                            !syncResponse.deviceUnusedFallbackKeyTypes.contains(KEY_SIGNED_CURVE_25519_TYPE)) {
-                        oneTimeKeysUploader.needsNewFallback()
-                    }
-
-                    oneTimeKeysUploader.maybeUploadOneTimeKeys()
-                }
-
-                // Process pending key requests
-                try {
-                    if (toDevices.isEmpty()) {
-                        // this is not blocking
-                        outgoingKeyRequestManager.requireProcessAllPendingKeyRequests()
-                    } else {
-                        Timber.tag(loggerTag.value)
-                                .w("Don't process key requests yet as there might be more to_device to catchup")
-                    }
-                } catch (failure: Throwable) {
-                    // just for safety but should not throw
-                    Timber.tag(loggerTag.value).w("failed to process pending request")
-                }
-
-                try {
-                    incomingKeyRequestManager.processIncomingRequests()
-                } catch (failure: Throwable) {
-                    // just for safety but should not throw
-                    Timber.tag(loggerTag.value).w("failed to process incoming room key requests")
-                }
-            }
-        }
-    }
-
-    /**
-     * Find a device by curve25519 identity key
-     *
-     * @param senderKey the curve25519 key to match.
-     * @param algorithm the encryption algorithm.
-     * @return the device info, or null if not found / unsupported algorithm / crypto released
-     */
-    override fun deviceWithIdentityKey(senderKey: String, algorithm: String): CryptoDeviceInfo? {
-        return if (algorithm != MXCRYPTO_ALGORITHM_MEGOLM && algorithm != MXCRYPTO_ALGORITHM_OLM) {
-            // We only deal in olm keys
-            null
-        } else cryptoStore.deviceWithIdentityKey(senderKey)
-    }
-
-    /**
-     * Provides the device information for a user id and a device Id
-     *
-     * @param userId   the user id
-     * @param deviceId the device id
-     */
-    override fun getDeviceInfo(userId: String, deviceId: String?): CryptoDeviceInfo? {
-        return if (userId.isNotEmpty() && !deviceId.isNullOrEmpty()) {
-            cryptoStore.getUserDevice(userId, deviceId)
-        } else {
-            null
-        }
-    }
-
-    override fun getCryptoDeviceInfo(userId: String): List<CryptoDeviceInfo> {
-        return cryptoStore.getUserDeviceList(userId).orEmpty()
-    }
-
-    override fun getLiveCryptoDeviceInfo(): LiveData<List<CryptoDeviceInfo>> {
-        return cryptoStore.getLiveDeviceList()
-    }
-
-    override fun getLiveCryptoDeviceInfo(userId: String): LiveData<List<CryptoDeviceInfo>> {
-        return cryptoStore.getLiveDeviceList(userId)
-    }
-
-    override fun getLiveCryptoDeviceInfo(userIds: List<String>): LiveData<List<CryptoDeviceInfo>> {
-        return cryptoStore.getLiveDeviceList(userIds)
-    }
-
-    /**
-     * Set the devices as known
-     *
-     * @param devices  the devices. Note that the verified member of the devices in this list will not be updated by this method.
-     * @param callback the asynchronous callback
-     */
-    override fun setDevicesKnown(devices: List<MXDeviceInfo>, callback: MatrixCallback<Unit>?) {
-        // build a devices map
-        val devicesIdListByUserId = devices.groupBy({ it.userId }, { it.deviceId })
-
-        for ((userId, deviceIds) in devicesIdListByUserId) {
-            val storedDeviceIDs = cryptoStore.getUserDevices(userId)
-
-            // sanity checks
-            if (null != storedDeviceIDs) {
-                var isUpdated = false
-
-                deviceIds.forEach { deviceId ->
-                    val device = storedDeviceIDs[deviceId]
-
-                    // assume if the device is either verified or blocked
-                    // it means that the device is known
-                    if (device?.isUnknown == true) {
-                        device.trustLevel = DeviceTrustLevel(crossSigningVerified = false, locallyVerified = false)
-                        isUpdated = true
-                    }
-                }
-
-                if (isUpdated) {
-                    cryptoStore.storeUserDevices(userId, storedDeviceIDs)
-                }
-            }
-        }
-
-        callback?.onSuccess(Unit)
-    }
-
-    /**
-     * Update the blocked/verified state of the given device.
-     *
-     * @param trustLevel the new trust level
-     * @param userId     the owner of the device
-     * @param deviceId   the unique identifier for the device.
-     */
-    override fun setDeviceVerification(trustLevel: DeviceTrustLevel, userId: String, deviceId: String) {
-        setDeviceVerificationAction.handle(trustLevel, userId, deviceId)
-    }
-
-    /**
-     * Configure a room to use encryption.
-     *
-     * @param roomId             the room id to enable encryption in.
-     * @param algorithm          the encryption config for the room.
-     * @param inhibitDeviceQuery true to suppress device list query for users in the room (for now)
-     * @param membersId          list of members to start tracking their devices
-     * @return true if the operation succeeds.
-     */
-    private suspend fun setEncryptionInRoom(roomId: String,
-                                            algorithm: String?,
-                                            inhibitDeviceQuery: Boolean,
-                                            membersId: List<String>): Boolean {
-        // If we already have encryption in this room, we should ignore this event
-        // (for now at least. Maybe we should alert the user somehow?)
-        val existingAlgorithm = cryptoStore.getRoomAlgorithm(roomId)
-
-        if (existingAlgorithm == algorithm) {
-            // ignore
-            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Ignoring m.room.encryption for same alg ($algorithm) in  $roomId")
-            return false
-        }
-
-        val encryptingClass = MXCryptoAlgorithms.hasEncryptorClassForAlgorithm(algorithm)
-
-        // Always store even if not supported
-        cryptoStore.storeRoomAlgorithm(roomId, algorithm)
-
-        if (!encryptingClass) {
-            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Unable to encrypt room $roomId with $algorithm")
-            return false
-        }
-
-        val alg: IMXEncrypting? = when (algorithm) {
-            MXCRYPTO_ALGORITHM_MEGOLM -> megolmEncryptionFactory.create(roomId)
-            MXCRYPTO_ALGORITHM_OLM    -> olmEncryptionFactory.create(roomId)
-            else                      -> null
-        }
-
-        if (alg != null) {
-            roomEncryptorsStore.put(roomId, alg)
-        }
-
-        // if encryption was not previously enabled in this room, we will have been
-        // ignoring new device events for these users so far. We may well have
-        // up-to-date lists for some users, for instance if we were sharing other
-        // e2e rooms with them, so there is room for optimisation here, but for now
-        // we just invalidate everyone in the room.
-        if (null == existingAlgorithm) {
-            Timber.tag(loggerTag.value).d("Enabling encryption in $roomId for the first time; invalidating device lists for all users therein")
-
-            val userIds = ArrayList(membersId)
-
-            deviceListManager.startTrackingDeviceList(userIds)
-
-            if (!inhibitDeviceQuery) {
-                deviceListManager.refreshOutdatedDeviceLists()
-            }
-        }
-
-        return true
-    }
-
-    /**
-     * Tells if a room is encrypted with MXCRYPTO_ALGORITHM_MEGOLM
-     *
-     * @param roomId the room id
-     * @return true if the room is encrypted with algorithm MXCRYPTO_ALGORITHM_MEGOLM
-     */
-    override fun isRoomEncrypted(roomId: String): Boolean {
-        return cryptoSessionInfoProvider.isRoomEncrypted(roomId)
-    }
-
-    /**
-     * @return the stored device keys for a user.
-     */
-    override fun getUserDevices(userId: String): MutableList<CryptoDeviceInfo> {
-        return cryptoStore.getUserDevices(userId)?.values?.toMutableList() ?: ArrayList()
-    }
-
-    private fun isEncryptionEnabledForInvitedUser(): Boolean {
-        return mxCryptoConfig.enableEncryptionForInvitedMembers
-    }
-
-    override fun getEncryptionAlgorithm(roomId: String): String? {
-        return cryptoStore.getRoomAlgorithm(roomId)
-    }
-
-    /**
-     * Determine whether we should encrypt messages for invited users in this room.
-     * <p>
-     * Check here whether the invited members are allowed to read messages in the room history
-     * from the point they were invited onwards.
-     *
-     * @return true if we should encrypt messages for invited users.
-     */
-    override fun shouldEncryptForInvitedMembers(roomId: String): Boolean {
-        return cryptoStore.shouldEncryptForInvitedMembers(roomId)
-    }
-
-    /**
-     * Encrypt an event content according to the configuration of the room.
-     *
-     * @param eventContent the content of the event.
-     * @param eventType    the type of the event.
-     * @param roomId       the room identifier the event will be sent.
-     * @param callback     the asynchronous callback
-     */
-    override fun encryptEventContent(eventContent: Content,
-                                     eventType: String,
-                                     roomId: String,
-                                     callback: MatrixCallback<MXEncryptEventContentResult>) {
-        // moved to crypto scope to have uptodate values
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val userIds = getRoomUserIds(roomId)
-            var alg = roomEncryptorsStore.get(roomId)
-            if (alg == null) {
-                val algorithm = getEncryptionAlgorithm(roomId)
-                if (algorithm != null) {
-                    if (setEncryptionInRoom(roomId, algorithm, false, userIds)) {
-                        alg = roomEncryptorsStore.get(roomId)
-                    }
-                }
-            }
-            val safeAlgorithm = alg
-            if (safeAlgorithm != null) {
-                val t0 = System.currentTimeMillis()
-                Timber.tag(loggerTag.value).v("encryptEventContent() starts")
-                runCatching {
-                    val content = safeAlgorithm.encryptEventContent(eventContent, eventType, userIds)
-                    Timber.tag(loggerTag.value).v("## CRYPTO | encryptEventContent() : succeeds after ${System.currentTimeMillis() - t0} ms")
-                    MXEncryptEventContentResult(content, EventType.ENCRYPTED)
-                }.foldToCallback(callback)
-            } else {
-                val algorithm = getEncryptionAlgorithm(roomId)
-                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON,
-                        algorithm ?: MXCryptoError.NO_MORE_ALGORITHM_REASON)
-                Timber.tag(loggerTag.value).e("encryptEventContent() : failed $reason")
-                callback.onFailure(Failure.CryptoError(MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_ENCRYPT, reason)))
-            }
-        }
-    }
-
-    override fun discardOutboundSession(roomId: String) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val roomEncryptor = roomEncryptorsStore.get(roomId)
-            if (roomEncryptor is IMXGroupEncryption) {
-                roomEncryptor.discardSessionKey()
-            } else {
-                Timber.tag(loggerTag.value).e("discardOutboundSession() for:$roomId: Unable to handle IMXGroupEncryption")
-            }
-        }
-    }
-
-    /**
-     * Decrypt an event
-     *
-     * @param event    the raw event.
-     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @return the MXEventDecryptionResult data, or throw in case of error
-     */
-    @Throws(MXCryptoError::class)
-    override suspend fun decryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
-        return internalDecryptEvent(event, timeline)
-    }
-
-    /**
-     * Decrypt an event asynchronously
-     *
-     * @param event    the raw event.
-     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @param callback the callback to return data or null
-     */
-    override fun decryptEventAsync(event: Event, timeline: String, callback: MatrixCallback<MXEventDecryptionResult>) {
-        eventDecryptor.decryptEventAsync(event, timeline, callback)
-    }
-
-    /**
-     * Decrypt an event
-     *
-     * @param event    the raw event.
-     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @return the MXEventDecryptionResult data, or null in case of error
-     */
-    @Throws(MXCryptoError::class)
-    private suspend fun internalDecryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
-        return eventDecryptor.decryptEvent(event, timeline)
-    }
-
-    /**
-     * Reset replay attack data for the given timeline.
-     *
-     * @param timelineId the timeline id
-     */
-    fun resetReplayAttackCheckInTimeline(timelineId: String) {
-        olmDevice.resetReplayAttackCheckInTimeline(timelineId)
-    }
-
-    /**
-     * Handle the 'toDevice' event
-     *
-     * @param event the event
-     */
-    fun onToDeviceEvent(event: Event) {
-        // event have already been decrypted
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            when (event.getClearType()) {
-                EventType.ROOM_KEY, EventType.FORWARDED_ROOM_KEY -> {
-                    // Keys are imported directly, not waiting for end of sync
-                    onRoomKeyEvent(event)
-                }
-                EventType.REQUEST_SECRET                         -> {
-                    secretShareManager.handleSecretRequest(event)
-                }
-                EventType.ROOM_KEY_REQUEST                       -> {
-                    event.getClearContent().toModel<RoomKeyShareRequest>()?.let { req ->
-                        event.senderId?.let { incomingKeyRequestManager.addNewIncomingRequest(it, req) }
-                    }
-                }
-                EventType.SEND_SECRET                            -> {
-                    onSecretSendReceived(event)
-                }
-                EventType.ROOM_KEY_WITHHELD                      -> {
-                    onKeyWithHeldReceived(event)
-                }
-                else                                             -> {
-                    // ignore
-                }
-            }
-        }
-        liveEventManager.get().dispatchOnLiveToDevice(event)
-    }
-
-    /**
-     * Handle a key event.
-     *
-     * @param event the key event.
-     */
-    private fun onRoomKeyEvent(event: Event) {
-        val roomKeyContent = event.getClearContent().toModel<RoomKeyContent>() ?: return
-        Timber.tag(loggerTag.value).i("onRoomKeyEvent() from: ${event.senderId} type<${event.getClearType()}> , sessionId<${roomKeyContent.sessionId}>")
-        if (roomKeyContent.roomId.isNullOrEmpty() || roomKeyContent.algorithm.isNullOrEmpty()) {
-            Timber.tag(loggerTag.value).e("onRoomKeyEvent() : missing fields")
-            return
-        }
-        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(roomKeyContent.roomId, roomKeyContent.algorithm)
-        if (alg == null) {
-            Timber.tag(loggerTag.value).e("GOSSIP onRoomKeyEvent() : Unable to handle keys for ${roomKeyContent.algorithm}")
-            return
-        }
-        alg.onRoomKeyEvent(event, keysBackupService)
-    }
-
-    private fun onKeyWithHeldReceived(event: Event) {
-        val withHeldContent = event.getClearContent().toModel<RoomKeyWithHeldContent>() ?: return Unit.also {
-            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
-        }
-        val senderId = event.senderId ?: return Unit.also {
-            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
-        }
-        withHeldContent.sessionId ?: return
-        withHeldContent.algorithm ?: return
-        withHeldContent.roomId ?: return
-        withHeldContent.senderKey ?: return
-        outgoingKeyRequestManager.onRoomKeyWithHeld(
-                sessionId = withHeldContent.sessionId,
-                algorithm = withHeldContent.algorithm,
-                roomId = withHeldContent.roomId,
-                senderKey = withHeldContent.senderKey,
-                fromDevice = withHeldContent.fromDevice,
-                event = Event(
-                        type = EventType.ROOM_KEY_WITHHELD,
-                        senderId = senderId,
-                        content = event.getClearContent()
-                )
-        )
-    }
-
-    private suspend fun onSecretSendReceived(event: Event) {
-        secretShareManager.onSecretSendReceived(event) { secretName, secretValue ->
-            handleSDKLevelGossip(secretName, secretValue)
-        }
-    }
-
-    /**
-     * Returns true if handled by SDK, otherwise should be sent to application layer
-     */
-    private fun handleSDKLevelGossip(secretName: String?,
-                                     secretValue: String): Boolean {
-        return when (secretName) {
-            MASTER_KEY_SSSS_NAME       -> {
-                crossSigningService.onSecretMSKGossip(secretValue)
-                true
-            }
-            SELF_SIGNING_KEY_SSSS_NAME -> {
-                crossSigningService.onSecretSSKGossip(secretValue)
-                true
-            }
-            USER_SIGNING_KEY_SSSS_NAME -> {
-                crossSigningService.onSecretUSKGossip(secretValue)
-                true
-            }
-            KEYBACKUP_SECRET_SSSS_NAME -> {
-                keysBackupService.onSecretKeyGossip(secretValue)
-                true
-            }
-            else                       -> false
-        }
-    }
-
-    /**
-     * Handle an m.room.encryption event.
-     *
-     * @param event the encryption event.
-     */
-    private fun onRoomEncryptionEvent(roomId: String, event: Event) {
-        if (!event.isStateEvent()) {
-            // Ignore
-            Timber.tag(loggerTag.value).w("Invalid encryption event")
-            return
-        }
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            val userIds = getRoomUserIds(roomId)
-            setEncryptionInRoom(roomId, event.content?.get("algorithm")?.toString(), true, userIds)
-        }
-    }
-
-    private fun getRoomUserIds(roomId: String): List<String> {
-        val encryptForInvitedMembers = isEncryptionEnabledForInvitedUser() &&
-                shouldEncryptForInvitedMembers(roomId)
-        return cryptoSessionInfoProvider.getRoomUserIds(roomId, encryptForInvitedMembers)
-    }
-
-    /**
-     * Handle a change in the membership state of a member of a room.
-     *
-     * @param event the membership event causing the change
-     */
-    private fun onRoomMembershipEvent(roomId: String, event: Event) {
-        roomEncryptorsStore.get(roomId) ?: /* No encrypting in this room */ return
-
-        event.stateKey?.let { userId ->
-            val roomMember: RoomMemberContent? = event.content.toModel()
-            val membership = roomMember?.membership
-            if (membership == Membership.JOIN) {
-                // make sure we are tracking the deviceList for this user.
-                deviceListManager.startTrackingDeviceList(listOf(userId))
-            } else if (membership == Membership.INVITE &&
-                    shouldEncryptForInvitedMembers(roomId) &&
-                    isEncryptionEnabledForInvitedUser()) {
-                // track the deviceList for this invited user.
-                // Caution: there's a big edge case here in that federated servers do not
-                // know what other servers are in the room at the time they've been invited.
-                // They therefore will not send device updates if a user logs in whilst
-                // their state is invite.
-                deviceListManager.startTrackingDeviceList(listOf(userId))
-            }
-        }
-    }
-
-    private fun onRoomHistoryVisibilityEvent(roomId: String, event: Event) {
-        if (!event.isStateEvent()) return
-        val eventContent = event.content.toModel<RoomHistoryVisibilityContent>()
-        eventContent?.historyVisibility?.let {
-            cryptoStore.setShouldEncryptForInvitedMembers(roomId, it != RoomHistoryVisibility.JOINED)
-        }
-    }
-
-    /**
-     * Upload my user's device keys.
-     */
-    private suspend fun uploadDeviceKeys() {
-        if (cryptoStore.areDeviceKeysUploaded()) {
-            Timber.tag(loggerTag.value).d("Keys already uploaded, nothing to do")
-            return
-        }
-        // Prepare the device keys data to send
-        // Sign it
-        val canonicalJson = JsonCanonicalizer.getCanonicalJson(Map::class.java, getMyDevice().signalableJSONDictionary())
-        var rest = getMyDevice().toRest()
-
-        rest = rest.copy(
-                signatures = objectSigner.signObject(canonicalJson)
-        )
-
-        val uploadDeviceKeysParams = UploadKeysTask.Params(rest, null, null)
-        uploadKeysTask.execute(uploadDeviceKeysParams)
-
-        cryptoStore.setDeviceKeysUploaded(true)
-    }
-
-    /**
-     * Export the crypto keys
-     *
-     * @param password the password
-     * @return the exported keys
-     */
-    override suspend fun exportRoomKeys(password: String): ByteArray {
-        return exportRoomKeys(password, MXMegolmExportEncryption.DEFAULT_ITERATION_COUNT)
-    }
-
-    /**
-     * Export the crypto keys
-     *
-     * @param password         the password
-     * @param anIterationCount the encryption iteration count (0 means no encryption)
-     */
-    private suspend fun exportRoomKeys(password: String, anIterationCount: Int): ByteArray {
-        return withContext(coroutineDispatchers.crypto) {
-            val iterationCount = max(0, anIterationCount)
-
-            val exportedSessions = cryptoStore.getInboundGroupSessions().mapNotNull { it.exportKeys() }
-
-            val adapter = MoshiProvider.providesMoshi()
-                    .adapter(List::class.java)
-
-            MXMegolmExportEncryption.encryptMegolmKeyFile(adapter.toJson(exportedSessions), password, iterationCount)
-        }
-    }
-
-    /**
-     * Import the room keys
-     *
-     * @param roomKeysAsArray  the room keys as array.
-     * @param password         the password
-     * @param progressListener the progress listener
-     * @return the result ImportRoomKeysResult
-     */
-    override suspend fun importRoomKeys(roomKeysAsArray: ByteArray,
-                                        password: String,
-                                        progressListener: ProgressListener?): ImportRoomKeysResult {
-        return withContext(coroutineDispatchers.crypto) {
-            Timber.tag(loggerTag.value).v("importRoomKeys starts")
-
-            val t0 = System.currentTimeMillis()
-            val roomKeys = MXMegolmExportEncryption.decryptMegolmKeyFile(roomKeysAsArray, password)
-            val t1 = System.currentTimeMillis()
-
-            Timber.tag(loggerTag.value).v("importRoomKeys : decryptMegolmKeyFile done in ${t1 - t0} ms")
-
-            val importedSessions = MoshiProvider.providesMoshi()
-                    .adapter<List<MegolmSessionData>>(Types.newParameterizedType(List::class.java, MegolmSessionData::class.java))
-                    .fromJson(roomKeys)
-
-            val t2 = System.currentTimeMillis()
-
-            Timber.tag(loggerTag.value).v("importRoomKeys : JSON parsing ${t2 - t1} ms")
-
-            if (importedSessions == null) {
-                throw Exception("Error")
-            }
-
-            megolmSessionDataImporter.handle(
-                    megolmSessionsData = importedSessions,
-                    fromBackup = false,
-                    progressListener = progressListener
-            )
-        }
-    }
-
-    /**
-     * Update the warn status when some unknown devices are detected.
-     *
-     * @param warn true to warn when some unknown devices are detected.
-     */
-    override fun setWarnOnUnknownDevices(warn: Boolean) {
-        warnOnUnknownDevicesRepository.setWarnOnUnknownDevices(warn)
-    }
-
-    /**
-     * Check if the user ids list have some unknown devices.
-     * A success means there is no unknown devices.
-     * If there are some unknown devices, a MXCryptoError.UnknownDevice exception is triggered.
-     *
-     * @param userIds  the user ids list
-     * @param callback the asynchronous callback.
-     */
-    fun checkUnknownDevices(userIds: List<String>, callback: MatrixCallback<Unit>) {
-        // force the refresh to ensure that the devices list is up-to-date
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            runCatching {
-                val keys = deviceListManager.downloadKeys(userIds, true)
-                val unknownDevices = getUnknownDevices(keys)
-                if (unknownDevices.map.isNotEmpty()) {
-                    // trigger an an unknown devices exception
-                    throw Failure.CryptoError(MXCryptoError.UnknownDevice(unknownDevices))
-                }
-            }.foldToCallback(callback)
-        }
-    }
-
-    /**
-     * Set the global override for whether the client should ever send encrypted
-     * messages to unverified devices.
-     * If false, it can still be overridden per-room.
-     * If true, it overrides the per-room settings.
-     *
-     * @param block    true to unilaterally blacklist all
-     */
-    override fun setGlobalBlacklistUnverifiedDevices(block: Boolean) {
-        cryptoStore.setGlobalBlacklistUnverifiedDevices(block)
-    }
-
-    override fun enableKeyGossiping(enable: Boolean) {
-        cryptoStore.enableKeyGossiping(enable)
-    }
-
-    override fun isKeyGossipingEnabled() = cryptoStore.isKeyGossipingEnabled()
-
-    /**
-     * Tells whether the client should ever send encrypted messages to unverified devices.
-     * The default value is false.
-     * This function must be called in the getEncryptingThreadHandler() thread.
-     *
-     * @return true to unilaterally blacklist all unverified devices.
-     */
-    override fun getGlobalBlacklistUnverifiedDevices(): Boolean {
-        return cryptoStore.getGlobalBlacklistUnverifiedDevices()
-    }
-
-    /**
-     * Tells whether the client should encrypt messages only for the verified devices
-     * in this room.
-     * The default value is false.
-     *
-     * @param roomId the room id
-     * @return true if the client should encrypt messages only for the verified devices.
-     */
-// TODO add this info in CryptoRoomEntity?
-    override fun isRoomBlacklistUnverifiedDevices(roomId: String?): Boolean {
-        return roomId?.let { cryptoStore.getRoomsListBlacklistUnverifiedDevices().contains(it) }
-                ?: false
-    }
-
-    /**
-     * Manages the room black-listing for unverified devices.
-     *
-     * @param roomId   the room id
-     * @param add      true to add the room id to the list, false to remove it.
-     */
-    private fun setRoomBlacklistUnverifiedDevices(roomId: String, add: Boolean) {
-        val roomIds = cryptoStore.getRoomsListBlacklistUnverifiedDevices().toMutableList()
-
-        if (add) {
-            if (roomId !in roomIds) {
-                roomIds.add(roomId)
-            }
-        } else {
-            roomIds.remove(roomId)
-        }
-
-        cryptoStore.setRoomsListBlacklistUnverifiedDevices(roomIds)
-    }
-
-    /**
-     * Add this room to the ones which don't encrypt messages to unverified devices.
-     *
-     * @param roomId   the room id
-     */
-    override fun setRoomBlacklistUnverifiedDevices(roomId: String) {
-        setRoomBlacklistUnverifiedDevices(roomId, true)
-    }
-
-    /**
-     * Remove this room to the ones which don't encrypt messages to unverified devices.
-     *
-     * @param roomId   the room id
-     */
-    override fun setRoomUnBlacklistUnverifiedDevices(roomId: String) {
-        setRoomBlacklistUnverifiedDevices(roomId, false)
-    }
-
-    /**
-     * Re request the encryption keys required to decrypt an event.
-     *
-     * @param event the event to decrypt again.
-     */
-    override fun reRequestRoomKeyForEvent(event: Event) {
-        outgoingKeyRequestManager.requestKeyForEvent(event, true)
-    }
-
-    override fun requestRoomKeyForEvent(event: Event) {
-        outgoingKeyRequestManager.requestKeyForEvent(event, false)
-    }
-
-    /**
-     * Add a GossipingRequestListener listener.
-     *
-     * @param listener listener
-     */
-    override fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
-        incomingKeyRequestManager.addRoomKeysRequestListener(listener)
-        secretShareManager.addListener(listener)
-    }
-
-    /**
-     * Add a GossipingRequestListener listener.
-     *
-     * @param listener listener
-     */
-    override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
-        incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
-        secretShareManager.addListener(listener)
-    }
-
-    /**
-     * Provides the list of unknown devices
-     *
-     * @param devicesInRoom the devices map
-     * @return the unknown devices map
-     */
-    private fun getUnknownDevices(devicesInRoom: MXUsersDevicesMap<CryptoDeviceInfo>): MXUsersDevicesMap<CryptoDeviceInfo> {
-        val unknownDevices = MXUsersDevicesMap<CryptoDeviceInfo>()
-        val userIds = devicesInRoom.userIds
-        for (userId in userIds) {
-            devicesInRoom.getUserDeviceIds(userId)?.forEach { deviceId ->
-                devicesInRoom.getObject(userId, deviceId)
-                        ?.takeIf { it.isUnknown }
-                        ?.let {
-                            unknownDevices.setObject(userId, deviceId, it)
-                        }
-            }
-        }
-
-        return unknownDevices
-    }
-
-    override fun downloadKeys(userIds: List<String>, forceDownload: Boolean, callback: MatrixCallback<MXUsersDevicesMap<CryptoDeviceInfo>>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            runCatching {
-                deviceListManager.downloadKeys(userIds, forceDownload)
-            }.foldToCallback(callback)
-        }
-    }
-
-    override fun addNewSessionListener(newSessionListener: NewSessionListener) {
-        roomDecryptorProvider.addNewSessionListener(newSessionListener)
-    }
-
-    override fun removeSessionListener(listener: NewSessionListener) {
-        roomDecryptorProvider.removeSessionListener(listener)
-    }
-/* ==========================================================================================
- * DEBUG INFO
- * ========================================================================================== */
-
-    override fun toString(): String {
-        return "DefaultCryptoService of $userId ($deviceId)"
-    }
-
-    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
-        return cryptoStore.getOutgoingRoomKeyRequests()
-    }
-
-    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
-        return cryptoStore.getOutgoingRoomKeyRequestsPaged()
-    }
-
-    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
-        return cryptoStore.getGossipingEvents()
-                .mapNotNull {
-                    IncomingRoomKeyRequest.fromEvent(it)
-                }
-    }
-
-    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
-        return cryptoStore.getGossipingEventsTrail(TrailType.IncomingKeyRequest) {
-            IncomingRoomKeyRequest.fromEvent(it)
-                    ?: IncomingRoomKeyRequest(localCreationTimestamp = 0L)
-        }
-    }
-
-    /**
-     * If you registered a `GossipingRequestListener`, you will be notified of key request
-     * that was not accepted by the SDK. You can call back this manually to accept anyhow.
-     */
-    override suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest) {
-        incomingKeyRequestManager.manuallyAcceptRoomKeyRequest(request)
-    }
-
-    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
-        return cryptoStore.getGossipingEventsTrail()
-    }
-
-    override fun getGossipingEvents(): List<AuditTrail> {
-        return cryptoStore.getGossipingEvents()
-    }
-
-    override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
-        return cryptoStore.getSharedWithInfo(roomId, sessionId)
-    }
-
-    override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
-        return cryptoStore.getWithHeldMegolmSession(roomId, sessionId)
-    }
-
-    override fun logDbUsageInfo() {
-        cryptoStore.logDbUsageInfo()
-    }
-
-    override fun prepareToEncrypt(roomId: String, callback: MatrixCallback<Unit>) {
-        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
-            Timber.tag(loggerTag.value).d("prepareToEncrypt() roomId:$roomId Check room members up to date")
-            // Ensure to load all room members
-            try {
-                loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value).e("prepareToEncrypt() : Failed to load room members")
-                // we probably shouldn't block sending on that (but questionable)
-                // but some members won't be able to decrypt
-            }
-
-            val userIds = getRoomUserIds(roomId)
-            val alg = roomEncryptorsStore.get(roomId)
-                    ?: getEncryptionAlgorithm(roomId)
-                            ?.let { setEncryptionInRoom(roomId, it, false, userIds) }
-                            ?.let { roomEncryptorsStore.get(roomId) }
-
-            if (alg == null) {
-                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON, MXCryptoError.NO_MORE_ALGORITHM_REASON)
-                Timber.tag(loggerTag.value).e("prepareToEncrypt() : $reason")
-                callback.onFailure(IllegalArgumentException("Missing algorithm"))
-                return@launch
-            }
-
-            runCatching {
-                (alg as? IMXGroupEncryption)?.preshareKey(userIds)
-            }.fold(
-                    { callback.onSuccess(Unit) },
-                    {
-                        Timber.tag(loggerTag.value).e(it, "prepareToEncrypt() failed.")
-                        callback.onFailure(it)
-                    }
-            )
-        }
-    }
-
-    /* ==========================================================================================
-     * For test only
-     * ========================================================================================== */
-
-    @VisibleForTesting
-    val cryptoStoreForTesting = cryptoStore
-
-    @VisibleForTesting
-    val olmDeviceForTest = olmDevice
-
-    companion object {
-        const val CRYPTO_MIN_FORCE_SESSION_PERIOD_MILLIS = 3_600_000 // one hour
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import android.content.Context
+import androidx.annotation.VisibleForTesting
+import androidx.lifecycle.LiveData
+import androidx.paging.PagedList
+import com.squareup.moshi.Types
+import dagger.Lazy
+import kotlinx.coroutines.CancellationException
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.cancelChildren
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.runBlocking
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCallback
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.NoOpMatrixCallback
+import org.matrix.android.sdk.api.auth.UserInteractiveAuthInterceptor
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_OLM
+import org.matrix.android.sdk.api.crypto.MXCryptoConfig
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.failure.Failure
+import org.matrix.android.sdk.api.listeners.ProgressListener
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.CryptoService
+import org.matrix.android.sdk.api.session.crypto.MXCryptoError
+import org.matrix.android.sdk.api.session.crypto.NewSessionListener
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.crosssigning.DeviceTrustLevel
+import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
+import org.matrix.android.sdk.api.session.crypto.model.CryptoDeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.DeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.DevicesListResponse
+import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
+import org.matrix.android.sdk.api.session.crypto.model.IncomingRoomKeyRequest
+import org.matrix.android.sdk.api.session.crypto.model.MXDeviceInfo
+import org.matrix.android.sdk.api.session.crypto.model.MXEncryptEventContentResult
+import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.events.model.Content
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyContent
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.session.room.model.Membership
+import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibility
+import org.matrix.android.sdk.api.session.room.model.RoomHistoryVisibilityContent
+import org.matrix.android.sdk.api.session.room.model.RoomMemberContent
+import org.matrix.android.sdk.api.session.sync.model.SyncResponse
+import org.matrix.android.sdk.internal.crypto.actions.MegolmSessionDataImporter
+import org.matrix.android.sdk.internal.crypto.actions.SetDeviceVerificationAction
+import org.matrix.android.sdk.internal.crypto.algorithms.IMXEncrypting
+import org.matrix.android.sdk.internal.crypto.algorithms.IMXGroupEncryption
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXMegolmEncryptionFactory
+import org.matrix.android.sdk.internal.crypto.algorithms.olm.MXOlmEncryptionFactory
+import org.matrix.android.sdk.internal.crypto.crosssigning.DefaultCrossSigningService
+import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
+import org.matrix.android.sdk.internal.crypto.model.MXKey.Companion.KEY_SIGNED_CURVE_25519_TYPE
+import org.matrix.android.sdk.internal.crypto.model.toRest
+import org.matrix.android.sdk.internal.crypto.repository.WarnOnUnknownDeviceRepository
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.DeleteDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.GetDeviceInfoTask
+import org.matrix.android.sdk.internal.crypto.tasks.GetDevicesTask
+import org.matrix.android.sdk.internal.crypto.tasks.SetDeviceNameTask
+import org.matrix.android.sdk.internal.crypto.tasks.UploadKeysTask
+import org.matrix.android.sdk.internal.crypto.verification.DefaultVerificationService
+import org.matrix.android.sdk.internal.crypto.verification.VerificationMessageProcessor
+import org.matrix.android.sdk.internal.di.DeviceId
+import org.matrix.android.sdk.internal.di.MoshiProvider
+import org.matrix.android.sdk.internal.di.UserId
+import org.matrix.android.sdk.internal.extensions.foldToCallback
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.session.StreamEventsManager
+import org.matrix.android.sdk.internal.session.room.membership.LoadRoomMembersTask
+import org.matrix.android.sdk.internal.task.TaskExecutor
+import org.matrix.android.sdk.internal.task.TaskThread
+import org.matrix.android.sdk.internal.task.configureWith
+import org.matrix.android.sdk.internal.task.launchToCallback
+import org.matrix.android.sdk.internal.util.JsonCanonicalizer
+import org.matrix.olm.OlmManager
+import timber.log.Timber
+import java.util.concurrent.atomic.AtomicBoolean
+import javax.inject.Inject
+import kotlin.math.max
+
+/**
+ * A `CryptoService` class instance manages the end-to-end crypto for a session.
+ *
+ *
+ * Messages posted by the user are automatically redirected to CryptoService in order to be encrypted
+ * before sending.
+ * In the other hand, received events goes through CryptoService for decrypting.
+ * CryptoService maintains all necessary keys and their sharing with other devices required for the crypto.
+ * Specially, it tracks all room membership changes events in order to do keys updates.
+ */
+
+private val loggerTag = LoggerTag("DefaultCryptoService", LoggerTag.CRYPTO)
+
+@SessionScope
+internal class DefaultCryptoService @Inject constructor(
+        // Olm Manager
+        private val olmManager: OlmManager,
+        @UserId
+        private val userId: String,
+        @DeviceId
+        private val deviceId: String?,
+        private val myDeviceInfoHolder: Lazy<MyDeviceInfoHolder>,
+        // the crypto store
+        private val cryptoStore: IMXCryptoStore,
+        // Room encryptors store
+        private val roomEncryptorsStore: RoomEncryptorsStore,
+        // Olm device
+        private val olmDevice: MXOlmDevice,
+        // Set of parameters used to configure/customize the end-to-end crypto.
+        private val mxCryptoConfig: MXCryptoConfig,
+        // Device list manager
+        private val deviceListManager: DeviceListManager,
+        // The key backup service.
+        private val keysBackupService: DefaultKeysBackupService,
+        //
+        private val objectSigner: ObjectSigner,
+        //
+        private val oneTimeKeysUploader: OneTimeKeysUploader,
+        //
+        private val roomDecryptorProvider: RoomDecryptorProvider,
+        // The verification service.
+        private val verificationService: DefaultVerificationService,
+
+        private val crossSigningService: DefaultCrossSigningService,
+        //
+        private val incomingKeyRequestManager: IncomingKeyRequestManager,
+        private val secretShareManager: SecretShareManager,
+        //
+        private val outgoingKeyRequestManager: OutgoingKeyRequestManager,
+        // Actions
+        private val setDeviceVerificationAction: SetDeviceVerificationAction,
+        private val megolmSessionDataImporter: MegolmSessionDataImporter,
+        private val warnOnUnknownDevicesRepository: WarnOnUnknownDeviceRepository,
+        // Repository
+        private val megolmEncryptionFactory: MXMegolmEncryptionFactory,
+        private val olmEncryptionFactory: MXOlmEncryptionFactory,
+        // Tasks
+        private val deleteDeviceTask: DeleteDeviceTask,
+        private val getDevicesTask: GetDevicesTask,
+        private val getDeviceInfoTask: GetDeviceInfoTask,
+        private val setDeviceNameTask: SetDeviceNameTask,
+        private val uploadKeysTask: UploadKeysTask,
+        private val loadRoomMembersTask: LoadRoomMembersTask,
+        private val cryptoSessionInfoProvider: CryptoSessionInfoProvider,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val taskExecutor: TaskExecutor,
+        private val cryptoCoroutineScope: CoroutineScope,
+        private val eventDecryptor: EventDecryptor,
+        private val verificationMessageProcessor: VerificationMessageProcessor,
+        private val liveEventManager: Lazy<StreamEventsManager>
+) : CryptoService {
+
+    private val isStarting = AtomicBoolean(false)
+    private val isStarted = AtomicBoolean(false)
+
+    fun onStateEvent(roomId: String, event: Event) {
+        when (event.type) {
+            EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
+            EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
+            EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
+        }
+    }
+
+    fun onLiveEvent(roomId: String, event: Event, isInitialSync: Boolean) {
+        // handle state events
+        if (event.isStateEvent()) {
+            when (event.type) {
+                EventType.STATE_ROOM_ENCRYPTION         -> onRoomEncryptionEvent(roomId, event)
+                EventType.STATE_ROOM_MEMBER             -> onRoomMembershipEvent(roomId, event)
+                EventType.STATE_ROOM_HISTORY_VISIBILITY -> onRoomHistoryVisibilityEvent(roomId, event)
+            }
+        }
+
+        // handle verification
+        if (!isInitialSync) {
+            if (event.type != null && verificationMessageProcessor.shouldProcess(event.type)) {
+                cryptoCoroutineScope.launch(coroutineDispatchers.dmVerif) {
+                    verificationMessageProcessor.process(event)
+                }
+            }
+        }
+    }
+
+//    val gossipingBuffer = mutableListOf<Event>()
+
+    override fun setDeviceName(deviceId: String, deviceName: String, callback: MatrixCallback<Unit>) {
+        setDeviceNameTask
+                .configureWith(SetDeviceNameTask.Params(deviceId, deviceName)) {
+                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = object : MatrixCallback<Unit> {
+                        override fun onSuccess(data: Unit) {
+                            // bg refresh of crypto device
+                            downloadKeys(listOf(userId), true, NoOpMatrixCallback())
+                            callback.onSuccess(data)
+                        }
+
+                        override fun onFailure(failure: Throwable) {
+                            callback.onFailure(failure)
+                        }
+                    }
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun deleteDevice(deviceId: String, userInteractiveAuthInterceptor: UserInteractiveAuthInterceptor, callback: MatrixCallback<Unit>) {
+        deleteDeviceTask
+                .configureWith(DeleteDeviceTask.Params(deviceId, userInteractiveAuthInterceptor, null)) {
+                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = callback
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun getCryptoVersion(context: Context, longFormat: Boolean): String {
+        return if (longFormat) olmManager.getDetailedVersion(context) else olmManager.version
+    }
+
+    override fun getMyDevice(): CryptoDeviceInfo {
+        return myDeviceInfoHolder.get().myDevice
+    }
+
+    override fun fetchDevicesList(callback: MatrixCallback<DevicesListResponse>) {
+        getDevicesTask
+                .configureWith {
+                    //                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = object : MatrixCallback<DevicesListResponse> {
+                        override fun onFailure(failure: Throwable) {
+                            callback.onFailure(failure)
+                        }
+
+                        override fun onSuccess(data: DevicesListResponse) {
+                            // Save in local DB
+                            cryptoStore.saveMyDevicesInfo(data.devices.orEmpty())
+                            callback.onSuccess(data)
+                        }
+                    }
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun getLiveMyDevicesInfo(): LiveData<List<DeviceInfo>> {
+        return cryptoStore.getLiveMyDevicesInfo()
+    }
+
+    override fun getMyDevicesInfo(): List<DeviceInfo> {
+        return cryptoStore.getMyDevicesInfo()
+    }
+
+    override fun getDeviceInfo(deviceId: String, callback: MatrixCallback<DeviceInfo>) {
+        getDeviceInfoTask
+                .configureWith(GetDeviceInfoTask.Params(deviceId)) {
+                    this.executionThread = TaskThread.CRYPTO
+                    this.callback = callback
+                }
+                .executeBy(taskExecutor)
+    }
+
+    override fun inboundGroupSessionsCount(onlyBackedUp: Boolean): Int {
+        return cryptoStore.inboundGroupSessionsCount(onlyBackedUp)
+    }
+
+    /**
+     * Provides the tracking status
+     *
+     * @param userId the user id
+     * @return the tracking status
+     */
+    override fun getDeviceTrackingStatus(userId: String): Int {
+        return cryptoStore.getDeviceTrackingStatus(userId, DeviceListManager.TRACKING_STATUS_NOT_TRACKED)
+    }
+
+    /**
+     * Tell if the MXCrypto is started
+     *
+     * @return true if the crypto is started
+     */
+    fun isStarted(): Boolean {
+        return isStarted.get()
+    }
+
+    /**
+     * Tells if the MXCrypto is starting.
+     *
+     * @return true if the crypto is starting
+     */
+    fun isStarting(): Boolean {
+        return isStarting.get()
+    }
+
+    /**
+     * Start the crypto module.
+     * Device keys will be uploaded, then one time keys if there are not enough on the homeserver
+     * and, then, if this is the first time, this new device will be announced to all other users
+     * devices.
+     *
+     */
+    fun start() {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            internalStart()
+        }
+        // Just update
+        fetchDevicesList(NoOpMatrixCallback())
+
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            cryptoStore.tidyUpDataBase()
+        }
+    }
+
+    fun ensureDevice() {
+        cryptoCoroutineScope.launchToCallback(coroutineDispatchers.crypto, NoOpMatrixCallback()) {
+            // Open the store
+            cryptoStore.open()
+
+            if (!cryptoStore.areDeviceKeysUploaded()) {
+                // Schedule upload of OTK
+                oneTimeKeysUploader.updateOneTimeKeyCount(0)
+            }
+
+            // this can throw if no network
+            tryOrNull {
+                uploadDeviceKeys()
+            }
+
+            oneTimeKeysUploader.maybeUploadOneTimeKeys()
+            // this can throw if no backup
+            tryOrNull {
+                keysBackupService.checkAndStartKeysBackup()
+            }
+        }
+    }
+
+    fun onSyncWillProcess(isInitialSync: Boolean) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            if (isInitialSync) {
+                try {
+                    // On initial sync, we start all our tracking from
+                    // scratch, so mark everything as untracked. onCryptoEvent will
+                    // be called for all e2e rooms during the processing of the sync,
+                    // at which point we'll start tracking all the users of that room.
+                    deviceListManager.invalidateAllDeviceLists()
+                    // always track my devices?
+                    deviceListManager.startTrackingDeviceList(listOf(userId))
+                    deviceListManager.refreshOutdatedDeviceLists()
+                } catch (failure: Throwable) {
+                    Timber.tag(loggerTag.value).e(failure, "onSyncWillProcess ")
+                }
+            }
+        }
+    }
+
+    private fun internalStart() {
+        if (isStarted.get() || isStarting.get()) {
+            return
+        }
+        isStarting.set(true)
+
+        // Open the store
+        cryptoStore.open()
+
+        isStarting.set(false)
+        isStarted.set(true)
+    }
+
+    /**
+     * Close the crypto
+     */
+    fun close() = runBlocking(coroutineDispatchers.crypto) {
+        cryptoCoroutineScope.coroutineContext.cancelChildren(CancellationException("Closing crypto module"))
+        incomingKeyRequestManager.close()
+        outgoingKeyRequestManager.close()
+        olmDevice.release()
+        cryptoStore.close()
+    }
+
+    // Always enabled on Matrix Android SDK2
+    override fun isCryptoEnabled() = true
+
+    /**
+     * @return the Keys backup Service
+     */
+    override fun keysBackupService() = keysBackupService
+
+    /**
+     * @return the VerificationService
+     */
+    override fun verificationService() = verificationService
+
+    override fun crossSigningService() = crossSigningService
+
+    /**
+     * A sync response has been received
+     *
+     * @param syncResponse the syncResponse
+     */
+    fun onSyncCompleted(syncResponse: SyncResponse) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            runCatching {
+                if (syncResponse.deviceLists != null) {
+                    deviceListManager.handleDeviceListsChanges(syncResponse.deviceLists.changed, syncResponse.deviceLists.left)
+                }
+                if (syncResponse.deviceOneTimeKeysCount != null) {
+                    val currentCount = syncResponse.deviceOneTimeKeysCount.signedCurve25519 ?: 0
+                    oneTimeKeysUploader.updateOneTimeKeyCount(currentCount)
+                }
+
+                // unwedge if needed
+                try {
+                    eventDecryptor.unwedgeDevicesIfNeeded()
+                } catch (failure: Throwable) {
+                    Timber.tag(loggerTag.value).w("unwedgeDevicesIfNeeded failed")
+                }
+
+                // There is a limit of to_device events returned per sync.
+                // If we are in a case of such limited to_device sync we can't try to generate/upload
+                // new otk now, because there might be some pending olm pre-key to_device messages that would fail if we rotate
+                // the old otk too early. In this case we want to wait for the pending to_device before doing anything
+                // As per spec:
+                // If there is a large queue of send-to-device messages, the server should limit the number sent in each /sync response.
+                // 100 messages is recommended as a reasonable limit.
+                // The limit is not part of the spec, so it's probably safer to handle that when there are no more to_device ( so we are sure
+                // that there are no pending to_device
+                val toDevices = syncResponse.toDevice?.events.orEmpty()
+                if (isStarted() && toDevices.isEmpty()) {
+                    // Make sure we process to-device messages before generating new one-time-keys #2782
+                    deviceListManager.refreshOutdatedDeviceLists()
+                    // The presence of device_unused_fallback_key_types indicates that the server supports fallback keys.
+                    // If there's no unused signed_curve25519 fallback key we need a new one.
+                    if (syncResponse.deviceUnusedFallbackKeyTypes != null &&
+                            // Generate a fallback key only if the server does not already have an unused fallback key.
+                            !syncResponse.deviceUnusedFallbackKeyTypes.contains(KEY_SIGNED_CURVE_25519_TYPE)) {
+                        oneTimeKeysUploader.needsNewFallback()
+                    }
+
+                    oneTimeKeysUploader.maybeUploadOneTimeKeys()
+                }
+
+                // Process pending key requests
+                try {
+                    if (toDevices.isEmpty()) {
+                        // this is not blocking
+                        outgoingKeyRequestManager.requireProcessAllPendingKeyRequests()
+                    } else {
+                        Timber.tag(loggerTag.value)
+                                .w("Don't process key requests yet as there might be more to_device to catchup")
+                    }
+                } catch (failure: Throwable) {
+                    // just for safety but should not throw
+                    Timber.tag(loggerTag.value).w("failed to process pending request")
+                }
+
+                try {
+                    incomingKeyRequestManager.processIncomingRequests()
+                } catch (failure: Throwable) {
+                    // just for safety but should not throw
+                    Timber.tag(loggerTag.value).w("failed to process incoming room key requests")
+                }
+            }
+        }
+    }
+
+    /**
+     * Find a device by curve25519 identity key
+     *
+     * @param senderKey the curve25519 key to match.
+     * @param algorithm the encryption algorithm.
+     * @return the device info, or null if not found / unsupported algorithm / crypto released
+     */
+    override fun deviceWithIdentityKey(senderKey: String, algorithm: String): CryptoDeviceInfo? {
+        return if (algorithm != MXCRYPTO_ALGORITHM_MEGOLM && algorithm != MXCRYPTO_ALGORITHM_OLM) {
+            // We only deal in olm keys
+            null
+        } else cryptoStore.deviceWithIdentityKey(senderKey)
+    }
+
+    /**
+     * Provides the device information for a user id and a device Id
+     *
+     * @param userId   the user id
+     * @param deviceId the device id
+     */
+    override fun getDeviceInfo(userId: String, deviceId: String?): CryptoDeviceInfo? {
+        return if (userId.isNotEmpty() && !deviceId.isNullOrEmpty()) {
+            cryptoStore.getUserDevice(userId, deviceId)
+        } else {
+            null
+        }
+    }
+
+    override fun getCryptoDeviceInfo(userId: String): List<CryptoDeviceInfo> {
+        return cryptoStore.getUserDeviceList(userId).orEmpty()
+    }
+
+    override fun getLiveCryptoDeviceInfo(): LiveData<List<CryptoDeviceInfo>> {
+        return cryptoStore.getLiveDeviceList()
+    }
+
+    override fun getLiveCryptoDeviceInfo(userId: String): LiveData<List<CryptoDeviceInfo>> {
+        return cryptoStore.getLiveDeviceList(userId)
+    }
+
+    override fun getLiveCryptoDeviceInfo(userIds: List<String>): LiveData<List<CryptoDeviceInfo>> {
+        return cryptoStore.getLiveDeviceList(userIds)
+    }
+
+    /**
+     * Set the devices as known
+     *
+     * @param devices  the devices. Note that the verified member of the devices in this list will not be updated by this method.
+     * @param callback the asynchronous callback
+     */
+    override fun setDevicesKnown(devices: List<MXDeviceInfo>, callback: MatrixCallback<Unit>?) {
+        // build a devices map
+        val devicesIdListByUserId = devices.groupBy({ it.userId }, { it.deviceId })
+
+        for ((userId, deviceIds) in devicesIdListByUserId) {
+            val storedDeviceIDs = cryptoStore.getUserDevices(userId)
+
+            // sanity checks
+            if (null != storedDeviceIDs) {
+                var isUpdated = false
+
+                deviceIds.forEach { deviceId ->
+                    val device = storedDeviceIDs[deviceId]
+
+                    // assume if the device is either verified or blocked
+                    // it means that the device is known
+                    if (device?.isUnknown == true) {
+                        device.trustLevel = DeviceTrustLevel(crossSigningVerified = false, locallyVerified = false)
+                        isUpdated = true
+                    }
+                }
+
+                if (isUpdated) {
+                    cryptoStore.storeUserDevices(userId, storedDeviceIDs)
+                }
+            }
+        }
+
+        callback?.onSuccess(Unit)
+    }
+
+    /**
+     * Update the blocked/verified state of the given device.
+     *
+     * @param trustLevel the new trust level
+     * @param userId     the owner of the device
+     * @param deviceId   the unique identifier for the device.
+     */
+    override fun setDeviceVerification(trustLevel: DeviceTrustLevel, userId: String, deviceId: String) {
+        setDeviceVerificationAction.handle(trustLevel, userId, deviceId)
+    }
+
+    /**
+     * Configure a room to use encryption.
+     *
+     * @param roomId             the room id to enable encryption in.
+     * @param algorithm          the encryption config for the room.
+     * @param inhibitDeviceQuery true to suppress device list query for users in the room (for now)
+     * @param membersId          list of members to start tracking their devices
+     * @return true if the operation succeeds.
+     */
+    private suspend fun setEncryptionInRoom(roomId: String,
+                                            algorithm: String?,
+                                            inhibitDeviceQuery: Boolean,
+                                            membersId: List<String>): Boolean {
+        // If we already have encryption in this room, we should ignore this event
+        // (for now at least. Maybe we should alert the user somehow?)
+        val existingAlgorithm = cryptoStore.getRoomAlgorithm(roomId)
+
+        if (existingAlgorithm == algorithm) {
+            // ignore
+            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Ignoring m.room.encryption for same alg ($algorithm) in  $roomId")
+            return false
+        }
+
+        val encryptingClass = MXCryptoAlgorithms.hasEncryptorClassForAlgorithm(algorithm)
+
+        // Always store even if not supported
+        cryptoStore.storeRoomAlgorithm(roomId, algorithm)
+
+        if (!encryptingClass) {
+            Timber.tag(loggerTag.value).e("setEncryptionInRoom() : Unable to encrypt room $roomId with $algorithm")
+            return false
+        }
+
+        val alg: IMXEncrypting? = when (algorithm) {
+            MXCRYPTO_ALGORITHM_MEGOLM -> megolmEncryptionFactory.create(roomId)
+            MXCRYPTO_ALGORITHM_OLM    -> olmEncryptionFactory.create(roomId)
+            else                      -> null
+        }
+
+        if (alg != null) {
+            roomEncryptorsStore.put(roomId, alg)
+        }
+
+        // if encryption was not previously enabled in this room, we will have been
+        // ignoring new device events for these users so far. We may well have
+        // up-to-date lists for some users, for instance if we were sharing other
+        // e2e rooms with them, so there is room for optimisation here, but for now
+        // we just invalidate everyone in the room.
+        if (null == existingAlgorithm) {
+            Timber.tag(loggerTag.value).d("Enabling encryption in $roomId for the first time; invalidating device lists for all users therein")
+
+            val userIds = ArrayList(membersId)
+
+            deviceListManager.startTrackingDeviceList(userIds)
+
+            if (!inhibitDeviceQuery) {
+                deviceListManager.refreshOutdatedDeviceLists()
+            }
+        }
+
+        return true
+    }
+
+    /**
+     * Tells if a room is encrypted with MXCRYPTO_ALGORITHM_MEGOLM
+     *
+     * @param roomId the room id
+     * @return true if the room is encrypted with algorithm MXCRYPTO_ALGORITHM_MEGOLM
+     */
+    override fun isRoomEncrypted(roomId: String): Boolean {
+        return cryptoSessionInfoProvider.isRoomEncrypted(roomId)
+    }
+
+    /**
+     * @return the stored device keys for a user.
+     */
+    override fun getUserDevices(userId: String): MutableList<CryptoDeviceInfo> {
+        return cryptoStore.getUserDevices(userId)?.values?.toMutableList() ?: ArrayList()
+    }
+
+    private fun isEncryptionEnabledForInvitedUser(): Boolean {
+        return mxCryptoConfig.enableEncryptionForInvitedMembers
+    }
+
+    override fun getEncryptionAlgorithm(roomId: String): String? {
+        return cryptoStore.getRoomAlgorithm(roomId)
+    }
+
+    /**
+     * Determine whether we should encrypt messages for invited users in this room.
+     * <p>
+     * Check here whether the invited members are allowed to read messages in the room history
+     * from the point they were invited onwards.
+     *
+     * @return true if we should encrypt messages for invited users.
+     */
+    override fun shouldEncryptForInvitedMembers(roomId: String): Boolean {
+        return cryptoStore.shouldEncryptForInvitedMembers(roomId)
+    }
+
+    /**
+     * Encrypt an event content according to the configuration of the room.
+     *
+     * @param eventContent the content of the event.
+     * @param eventType    the type of the event.
+     * @param roomId       the room identifier the event will be sent.
+     * @param callback     the asynchronous callback
+     */
+    override fun encryptEventContent(eventContent: Content,
+                                     eventType: String,
+                                     roomId: String,
+                                     callback: MatrixCallback<MXEncryptEventContentResult>) {
+        // moved to crypto scope to have uptodate values
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            val userIds = getRoomUserIds(roomId)
+            var alg = roomEncryptorsStore.get(roomId)
+            if (alg == null) {
+                val algorithm = getEncryptionAlgorithm(roomId)
+                if (algorithm != null) {
+                    if (setEncryptionInRoom(roomId, algorithm, false, userIds)) {
+                        alg = roomEncryptorsStore.get(roomId)
+                    }
+                }
+            }
+            val safeAlgorithm = alg
+            if (safeAlgorithm != null) {
+                val t0 = System.currentTimeMillis()
+                Timber.tag(loggerTag.value).v("encryptEventContent() starts")
+                runCatching {
+                    val content = safeAlgorithm.encryptEventContent(eventContent, eventType, userIds)
+                    Timber.tag(loggerTag.value).v("## CRYPTO | encryptEventContent() : succeeds after ${System.currentTimeMillis() - t0} ms")
+                    MXEncryptEventContentResult(content, EventType.ENCRYPTED)
+                }.foldToCallback(callback)
+            } else {
+                val algorithm = getEncryptionAlgorithm(roomId)
+                val reason = String.format(
+                        MXCryptoError.UNABLE_TO_ENCRYPT_REASON,
+                        algorithm ?: MXCryptoError.NO_MORE_ALGORITHM_REASON
+                )
+                Timber.tag(loggerTag.value).e("encryptEventContent() : failed $reason")
+                callback.onFailure(Failure.CryptoError(MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_ENCRYPT, reason)))
+            }
+        }
+    }
+
+    override fun discardOutboundSession(roomId: String) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            val roomEncryptor = roomEncryptorsStore.get(roomId)
+            if (roomEncryptor is IMXGroupEncryption) {
+                roomEncryptor.discardSessionKey()
+            } else {
+                Timber.tag(loggerTag.value).e("discardOutboundSession() for:$roomId: Unable to handle IMXGroupEncryption")
+            }
+        }
+    }
+
+    /**
+     * Decrypt an event
+     *
+     * @param event    the raw event.
+     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @return the MXEventDecryptionResult data, or throw in case of error
+     */
+    @Throws(MXCryptoError::class)
+    override suspend fun decryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
+        return internalDecryptEvent(event, timeline)
+    }
+
+    /**
+     * Decrypt an event asynchronously
+     *
+     * @param event    the raw event.
+     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @param callback the callback to return data or null
+     */
+    override fun decryptEventAsync(event: Event, timeline: String, callback: MatrixCallback<MXEventDecryptionResult>) {
+        eventDecryptor.decryptEventAsync(event, timeline, callback)
+    }
+
+    /**
+     * Decrypt an event
+     *
+     * @param event    the raw event.
+     * @param timeline the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @return the MXEventDecryptionResult data, or null in case of error
+     */
+    @Throws(MXCryptoError::class)
+    private suspend fun internalDecryptEvent(event: Event, timeline: String): MXEventDecryptionResult {
+        return eventDecryptor.decryptEvent(event, timeline)
+    }
+
+    /**
+     * Reset replay attack data for the given timeline.
+     *
+     * @param timelineId the timeline id
+     */
+    fun resetReplayAttackCheckInTimeline(timelineId: String) {
+        olmDevice.resetReplayAttackCheckInTimeline(timelineId)
+    }
+
+    /**
+     * Handle the 'toDevice' event
+     *
+     * @param event the event
+     */
+    fun onToDeviceEvent(event: Event) {
+        // event have already been decrypted
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            when (event.getClearType()) {
+                EventType.ROOM_KEY, EventType.FORWARDED_ROOM_KEY -> {
+                    // Keys are imported directly, not waiting for end of sync
+                    onRoomKeyEvent(event)
+                }
+                EventType.REQUEST_SECRET                         -> {
+                    secretShareManager.handleSecretRequest(event)
+                }
+                EventType.ROOM_KEY_REQUEST                       -> {
+                    event.getClearContent().toModel<RoomKeyShareRequest>()?.let { req ->
+                        // We'll always get these because we send room key requests to
+                        // '*' (ie. 'all devices') which includes the sending device,
+                        // so ignore requests from ourself because apart from it being
+                        // very silly, it won't work because an Olm session cannot send
+                        // messages to itself.
+                        if (req.requestingDeviceId != deviceId) { // ignore self requests
+                            event.senderId?.let { incomingKeyRequestManager.addNewIncomingRequest(it, req) }
+                        }
+                    }
+                }
+                EventType.SEND_SECRET                            -> {
+                    onSecretSendReceived(event)
+                }
+                EventType.ROOM_KEY_WITHHELD                      -> {
+                    onKeyWithHeldReceived(event)
+                }
+                else                                             -> {
+                    // ignore
+                }
+            }
+        }
+        liveEventManager.get().dispatchOnLiveToDevice(event)
+    }
+
+    /**
+     * Handle a key event.
+     *
+     * @param event the key event.
+     */
+    private fun onRoomKeyEvent(event: Event) {
+        val roomKeyContent = event.getClearContent().toModel<RoomKeyContent>() ?: return
+        Timber.tag(loggerTag.value).i("onRoomKeyEvent() from: ${event.senderId} type<${event.getClearType()}> , sessionId<${roomKeyContent.sessionId}>")
+        if (roomKeyContent.roomId.isNullOrEmpty() || roomKeyContent.algorithm.isNullOrEmpty()) {
+            Timber.tag(loggerTag.value).e("onRoomKeyEvent() : missing fields")
+            return
+        }
+        val alg = roomDecryptorProvider.getOrCreateRoomDecryptor(roomKeyContent.roomId, roomKeyContent.algorithm)
+        if (alg == null) {
+            Timber.tag(loggerTag.value).e("GOSSIP onRoomKeyEvent() : Unable to handle keys for ${roomKeyContent.algorithm}")
+            return
+        }
+        alg.onRoomKeyEvent(event, keysBackupService)
+    }
+
+    private fun onKeyWithHeldReceived(event: Event) {
+        val withHeldContent = event.getClearContent().toModel<RoomKeyWithHeldContent>() ?: return Unit.also {
+            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
+        }
+        val senderId = event.senderId ?: return Unit.also {
+            Timber.tag(loggerTag.value).i("Malformed onKeyWithHeldReceived() : missing fields")
+        }
+        withHeldContent.sessionId ?: return
+        withHeldContent.algorithm ?: return
+        withHeldContent.roomId ?: return
+        withHeldContent.senderKey ?: return
+        outgoingKeyRequestManager.onRoomKeyWithHeld(
+                sessionId = withHeldContent.sessionId,
+                algorithm = withHeldContent.algorithm,
+                roomId = withHeldContent.roomId,
+                senderKey = withHeldContent.senderKey,
+                fromDevice = withHeldContent.fromDevice,
+                event = Event(
+                        type = EventType.ROOM_KEY_WITHHELD,
+                        senderId = senderId,
+                        content = event.getClearContent()
+                )
+        )
+    }
+
+    private suspend fun onSecretSendReceived(event: Event) {
+        secretShareManager.onSecretSendReceived(event) { secretName, secretValue ->
+            handleSDKLevelGossip(secretName, secretValue)
+        }
+    }
+
+    /**
+     * Returns true if handled by SDK, otherwise should be sent to application layer
+     */
+    private fun handleSDKLevelGossip(secretName: String?,
+                                     secretValue: String): Boolean {
+        return when (secretName) {
+            MASTER_KEY_SSSS_NAME       -> {
+                crossSigningService.onSecretMSKGossip(secretValue)
+                true
+            }
+            SELF_SIGNING_KEY_SSSS_NAME -> {
+                crossSigningService.onSecretSSKGossip(secretValue)
+                true
+            }
+            USER_SIGNING_KEY_SSSS_NAME -> {
+                crossSigningService.onSecretUSKGossip(secretValue)
+                true
+            }
+            KEYBACKUP_SECRET_SSSS_NAME -> {
+                keysBackupService.onSecretKeyGossip(secretValue)
+                true
+            }
+            else                       -> false
+        }
+    }
+
+    /**
+     * Handle an m.room.encryption event.
+     *
+     * @param event the encryption event.
+     */
+    private fun onRoomEncryptionEvent(roomId: String, event: Event) {
+        if (!event.isStateEvent()) {
+            // Ignore
+            Timber.tag(loggerTag.value).w("Invalid encryption event")
+            return
+        }
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            val userIds = getRoomUserIds(roomId)
+            setEncryptionInRoom(roomId, event.content?.get("algorithm")?.toString(), true, userIds)
+        }
+    }
+
+    private fun getRoomUserIds(roomId: String): List<String> {
+        val encryptForInvitedMembers = isEncryptionEnabledForInvitedUser() &&
+                shouldEncryptForInvitedMembers(roomId)
+        return cryptoSessionInfoProvider.getRoomUserIds(roomId, encryptForInvitedMembers)
+    }
+
+    /**
+     * Handle a change in the membership state of a member of a room.
+     *
+     * @param event the membership event causing the change
+     */
+    private fun onRoomMembershipEvent(roomId: String, event: Event) {
+        roomEncryptorsStore.get(roomId) ?: /* No encrypting in this room */ return
+
+        event.stateKey?.let { userId ->
+            val roomMember: RoomMemberContent? = event.content.toModel()
+            val membership = roomMember?.membership
+            if (membership == Membership.JOIN) {
+                // make sure we are tracking the deviceList for this user.
+                deviceListManager.startTrackingDeviceList(listOf(userId))
+            } else if (membership == Membership.INVITE &&
+                    shouldEncryptForInvitedMembers(roomId) &&
+                    isEncryptionEnabledForInvitedUser()) {
+                // track the deviceList for this invited user.
+                // Caution: there's a big edge case here in that federated servers do not
+                // know what other servers are in the room at the time they've been invited.
+                // They therefore will not send device updates if a user logs in whilst
+                // their state is invite.
+                deviceListManager.startTrackingDeviceList(listOf(userId))
+            }
+        }
+    }
+
+    private fun onRoomHistoryVisibilityEvent(roomId: String, event: Event) {
+        if (!event.isStateEvent()) return
+        val eventContent = event.content.toModel<RoomHistoryVisibilityContent>()
+        eventContent?.historyVisibility?.let {
+            cryptoStore.setShouldEncryptForInvitedMembers(roomId, it != RoomHistoryVisibility.JOINED)
+        }
+    }
+
+    /**
+     * Upload my user's device keys.
+     */
+    private suspend fun uploadDeviceKeys() {
+        if (cryptoStore.areDeviceKeysUploaded()) {
+            Timber.tag(loggerTag.value).d("Keys already uploaded, nothing to do")
+            return
+        }
+        // Prepare the device keys data to send
+        // Sign it
+        val canonicalJson = JsonCanonicalizer.getCanonicalJson(Map::class.java, getMyDevice().signalableJSONDictionary())
+        var rest = getMyDevice().toRest()
+
+        rest = rest.copy(
+                signatures = objectSigner.signObject(canonicalJson)
+        )
+
+        val uploadDeviceKeysParams = UploadKeysTask.Params(rest, null, null)
+        uploadKeysTask.execute(uploadDeviceKeysParams)
+
+        cryptoStore.setDeviceKeysUploaded(true)
+    }
+
+    /**
+     * Export the crypto keys
+     *
+     * @param password the password
+     * @return the exported keys
+     */
+    override suspend fun exportRoomKeys(password: String): ByteArray {
+        return exportRoomKeys(password, MXMegolmExportEncryption.DEFAULT_ITERATION_COUNT)
+    }
+
+    /**
+     * Export the crypto keys
+     *
+     * @param password         the password
+     * @param anIterationCount the encryption iteration count (0 means no encryption)
+     */
+    private suspend fun exportRoomKeys(password: String, anIterationCount: Int): ByteArray {
+        return withContext(coroutineDispatchers.crypto) {
+            val iterationCount = max(0, anIterationCount)
+
+            val exportedSessions = cryptoStore.getInboundGroupSessions().mapNotNull { it.exportKeys() }
+
+            val adapter = MoshiProvider.providesMoshi()
+                    .adapter(List::class.java)
+
+            MXMegolmExportEncryption.encryptMegolmKeyFile(adapter.toJson(exportedSessions), password, iterationCount)
+        }
+    }
+
+    /**
+     * Import the room keys
+     *
+     * @param roomKeysAsArray  the room keys as array.
+     * @param password         the password
+     * @param progressListener the progress listener
+     * @return the result ImportRoomKeysResult
+     */
+    override suspend fun importRoomKeys(roomKeysAsArray: ByteArray,
+                                        password: String,
+                                        progressListener: ProgressListener?): ImportRoomKeysResult {
+        return withContext(coroutineDispatchers.crypto) {
+            Timber.tag(loggerTag.value).v("importRoomKeys starts")
+
+            val t0 = System.currentTimeMillis()
+            val roomKeys = MXMegolmExportEncryption.decryptMegolmKeyFile(roomKeysAsArray, password)
+            val t1 = System.currentTimeMillis()
+
+            Timber.tag(loggerTag.value).v("importRoomKeys : decryptMegolmKeyFile done in ${t1 - t0} ms")
+
+            val importedSessions = MoshiProvider.providesMoshi()
+                    .adapter<List<MegolmSessionData>>(Types.newParameterizedType(List::class.java, MegolmSessionData::class.java))
+                    .fromJson(roomKeys)
+
+            val t2 = System.currentTimeMillis()
+
+            Timber.tag(loggerTag.value).v("importRoomKeys : JSON parsing ${t2 - t1} ms")
+
+            if (importedSessions == null) {
+                throw Exception("Error")
+            }
+
+            megolmSessionDataImporter.handle(
+                    megolmSessionsData = importedSessions,
+                    fromBackup = false,
+                    progressListener = progressListener
+            )
+        }
+    }
+
+    /**
+     * Update the warn status when some unknown devices are detected.
+     *
+     * @param warn true to warn when some unknown devices are detected.
+     */
+    override fun setWarnOnUnknownDevices(warn: Boolean) {
+        warnOnUnknownDevicesRepository.setWarnOnUnknownDevices(warn)
+    }
+
+    /**
+     * Check if the user ids list have some unknown devices.
+     * A success means there is no unknown devices.
+     * If there are some unknown devices, a MXCryptoError.UnknownDevice exception is triggered.
+     *
+     * @param userIds  the user ids list
+     * @param callback the asynchronous callback.
+     */
+    fun checkUnknownDevices(userIds: List<String>, callback: MatrixCallback<Unit>) {
+        // force the refresh to ensure that the devices list is up-to-date
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            runCatching {
+                val keys = deviceListManager.downloadKeys(userIds, true)
+                val unknownDevices = getUnknownDevices(keys)
+                if (unknownDevices.map.isNotEmpty()) {
+                    // trigger an an unknown devices exception
+                    throw Failure.CryptoError(MXCryptoError.UnknownDevice(unknownDevices))
+                }
+            }.foldToCallback(callback)
+        }
+    }
+
+    /**
+     * Set the global override for whether the client should ever send encrypted
+     * messages to unverified devices.
+     * If false, it can still be overridden per-room.
+     * If true, it overrides the per-room settings.
+     *
+     * @param block    true to unilaterally blacklist all
+     */
+    override fun setGlobalBlacklistUnverifiedDevices(block: Boolean) {
+        cryptoStore.setGlobalBlacklistUnverifiedDevices(block)
+    }
+
+    override fun enableKeyGossiping(enable: Boolean) {
+        cryptoStore.enableKeyGossiping(enable)
+    }
+
+    override fun isKeyGossipingEnabled() = cryptoStore.isKeyGossipingEnabled()
+
+    /**
+     * Tells whether the client should ever send encrypted messages to unverified devices.
+     * The default value is false.
+     * This function must be called in the getEncryptingThreadHandler() thread.
+     *
+     * @return true to unilaterally blacklist all unverified devices.
+     */
+    override fun getGlobalBlacklistUnverifiedDevices(): Boolean {
+        return cryptoStore.getGlobalBlacklistUnverifiedDevices()
+    }
+
+    /**
+     * Tells whether the client should encrypt messages only for the verified devices
+     * in this room.
+     * The default value is false.
+     *
+     * @param roomId the room id
+     * @return true if the client should encrypt messages only for the verified devices.
+     */
+// TODO add this info in CryptoRoomEntity?
+    override fun isRoomBlacklistUnverifiedDevices(roomId: String?): Boolean {
+        return roomId?.let { cryptoStore.getRoomsListBlacklistUnverifiedDevices().contains(it) }
+                ?: false
+    }
+
+    /**
+     * Manages the room black-listing for unverified devices.
+     *
+     * @param roomId   the room id
+     * @param add      true to add the room id to the list, false to remove it.
+     */
+    private fun setRoomBlacklistUnverifiedDevices(roomId: String, add: Boolean) {
+        val roomIds = cryptoStore.getRoomsListBlacklistUnverifiedDevices().toMutableList()
+
+        if (add) {
+            if (roomId !in roomIds) {
+                roomIds.add(roomId)
+            }
+        } else {
+            roomIds.remove(roomId)
+        }
+
+        cryptoStore.setRoomsListBlacklistUnverifiedDevices(roomIds)
+    }
+
+    /**
+     * Add this room to the ones which don't encrypt messages to unverified devices.
+     *
+     * @param roomId   the room id
+     */
+    override fun setRoomBlacklistUnverifiedDevices(roomId: String) {
+        setRoomBlacklistUnverifiedDevices(roomId, true)
+    }
+
+    /**
+     * Remove this room to the ones which don't encrypt messages to unverified devices.
+     *
+     * @param roomId   the room id
+     */
+    override fun setRoomUnBlacklistUnverifiedDevices(roomId: String) {
+        setRoomBlacklistUnverifiedDevices(roomId, false)
+    }
+
+    /**
+     * Re request the encryption keys required to decrypt an event.
+     *
+     * @param event the event to decrypt again.
+     */
+    override fun reRequestRoomKeyForEvent(event: Event) {
+        outgoingKeyRequestManager.requestKeyForEvent(event, true)
+    }
+
+    override fun requestRoomKeyForEvent(event: Event) {
+        outgoingKeyRequestManager.requestKeyForEvent(event, false)
+    }
+
+    /**
+     * Add a GossipingRequestListener listener.
+     *
+     * @param listener listener
+     */
+    override fun addRoomKeysRequestListener(listener: GossipingRequestListener) {
+        incomingKeyRequestManager.addRoomKeysRequestListener(listener)
+        secretShareManager.addListener(listener)
+    }
+
+    /**
+     * Add a GossipingRequestListener listener.
+     *
+     * @param listener listener
+     */
+    override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
+        incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
+        secretShareManager.addListener(listener)
+    }
+
+    /**
+     * Provides the list of unknown devices
+     *
+     * @param devicesInRoom the devices map
+     * @return the unknown devices map
+     */
+    private fun getUnknownDevices(devicesInRoom: MXUsersDevicesMap<CryptoDeviceInfo>): MXUsersDevicesMap<CryptoDeviceInfo> {
+        val unknownDevices = MXUsersDevicesMap<CryptoDeviceInfo>()
+        val userIds = devicesInRoom.userIds
+        for (userId in userIds) {
+            devicesInRoom.getUserDeviceIds(userId)?.forEach { deviceId ->
+                devicesInRoom.getObject(userId, deviceId)
+                        ?.takeIf { it.isUnknown }
+                        ?.let {
+                            unknownDevices.setObject(userId, deviceId, it)
+                        }
+            }
+        }
+
+        return unknownDevices
+    }
+
+    override fun downloadKeys(userIds: List<String>, forceDownload: Boolean, callback: MatrixCallback<MXUsersDevicesMap<CryptoDeviceInfo>>) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            runCatching {
+                deviceListManager.downloadKeys(userIds, forceDownload)
+            }.foldToCallback(callback)
+        }
+    }
+
+    override fun addNewSessionListener(newSessionListener: NewSessionListener) {
+        roomDecryptorProvider.addNewSessionListener(newSessionListener)
+    }
+
+    override fun removeSessionListener(listener: NewSessionListener) {
+        roomDecryptorProvider.removeSessionListener(listener)
+    }
+/* ==========================================================================================
+ * DEBUG INFO
+ * ========================================================================================== */
+
+    override fun toString(): String {
+        return "DefaultCryptoService of $userId ($deviceId)"
+    }
+
+    override fun getOutgoingRoomKeyRequests(): List<OutgoingKeyRequest> {
+        return cryptoStore.getOutgoingRoomKeyRequests()
+    }
+
+    override fun getOutgoingRoomKeyRequestsPaged(): LiveData<PagedList<OutgoingKeyRequest>> {
+        return cryptoStore.getOutgoingRoomKeyRequestsPaged()
+    }
+
+    override fun getIncomingRoomKeyRequests(): List<IncomingRoomKeyRequest> {
+        return cryptoStore.getGossipingEvents()
+                .mapNotNull {
+                    IncomingRoomKeyRequest.fromEvent(it)
+                }
+    }
+
+    override fun getIncomingRoomKeyRequestsPaged(): LiveData<PagedList<IncomingRoomKeyRequest>> {
+        return cryptoStore.getGossipingEventsTrail(TrailType.IncomingKeyRequest) {
+            IncomingRoomKeyRequest.fromEvent(it)
+                    ?: IncomingRoomKeyRequest(localCreationTimestamp = 0L)
+        }
+    }
+
+    /**
+     * If you registered a `GossipingRequestListener`, you will be notified of key request
+     * that was not accepted by the SDK. You can call back this manually to accept anyhow.
+     */
+    override suspend fun manuallyAcceptRoomKeyRequest(request: IncomingRoomKeyRequest) {
+        incomingKeyRequestManager.manuallyAcceptRoomKeyRequest(request)
+    }
+
+    override fun getGossipingEventsTrail(): LiveData<PagedList<AuditTrail>> {
+        return cryptoStore.getGossipingEventsTrail()
+    }
+
+    override fun getGossipingEvents(): List<AuditTrail> {
+        return cryptoStore.getGossipingEvents()
+    }
+
+    override fun getSharedWithInfo(roomId: String?, sessionId: String): MXUsersDevicesMap<Int> {
+        return cryptoStore.getSharedWithInfo(roomId, sessionId)
+    }
+
+    override fun getWithHeldMegolmSession(roomId: String, sessionId: String): RoomKeyWithHeldContent? {
+        return cryptoStore.getWithHeldMegolmSession(roomId, sessionId)
+    }
+
+    override fun logDbUsageInfo() {
+        cryptoStore.logDbUsageInfo()
+    }
+
+    override fun prepareToEncrypt(roomId: String, callback: MatrixCallback<Unit>) {
+        cryptoCoroutineScope.launch(coroutineDispatchers.crypto) {
+            Timber.tag(loggerTag.value).d("prepareToEncrypt() roomId:$roomId Check room members up to date")
+            // Ensure to load all room members
+            try {
+                loadRoomMembersTask.execute(LoadRoomMembersTask.Params(roomId))
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value).e("prepareToEncrypt() : Failed to load room members")
+                // we probably shouldn't block sending on that (but questionable)
+                // but some members won't be able to decrypt
+            }
+
+            val userIds = getRoomUserIds(roomId)
+            val alg = roomEncryptorsStore.get(roomId)
+                    ?: getEncryptionAlgorithm(roomId)
+                            ?.let { setEncryptionInRoom(roomId, it, false, userIds) }
+                            ?.let { roomEncryptorsStore.get(roomId) }
+
+            if (alg == null) {
+                val reason = String.format(MXCryptoError.UNABLE_TO_ENCRYPT_REASON, MXCryptoError.NO_MORE_ALGORITHM_REASON)
+                Timber.tag(loggerTag.value).e("prepareToEncrypt() : $reason")
+                callback.onFailure(IllegalArgumentException("Missing algorithm"))
+                return@launch
+            }
+
+            runCatching {
+                (alg as? IMXGroupEncryption)?.preshareKey(userIds)
+            }.fold(
+                    { callback.onSuccess(Unit) },
+                    {
+                        Timber.tag(loggerTag.value).e(it, "prepareToEncrypt() failed.")
+                        callback.onFailure(it)
+                    }
+            )
+        }
+    }
+
+    /* ==========================================================================================
+     * For test only
+     * ========================================================================================== */
+
+    @VisibleForTesting
+    val cryptoStoreForTesting = cryptoStore
+
+    @VisibleForTesting
+    val olmDeviceForTest = olmDevice
+
+    companion object {
+        const val CRYPTO_MIN_FORCE_SESSION_PERIOD_MILLIS = 3_600_000 // one hour
+    }
+}

From 9385d19ad0c2f128baf9beb15eae3063048ee708 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 22 Apr 2022 11:38:50 +0200
Subject: [PATCH 18/27] Fix trail display (from instead of to for incoming
 types)

---
 .../devtools/GossipingTrailPagedEpoxyController.kt   | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
index b6e7a3c88b..6a45968916 100644
--- a/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
+++ b/vector/src/main/java/im/vector/app/features/settings/devtools/GossipingTrailPagedEpoxyController.kt
@@ -55,7 +55,7 @@ class GossipingTrailPagedEpoxyController @Inject constructor(
             description(
                     span {
                         +host.vectorDateFormatter.format(event.ageLocalTs, DateFormatKind.DEFAULT_DATE_AND_TIME)
-                        span("\nfrom: ") {
+                        span("\n${host.senderFromTo(event.type)}: ") {
                             textStyle = "bold"
                         }
                         +"${event.info.userId}|${event.info.deviceId}"
@@ -101,4 +101,14 @@ class GossipingTrailPagedEpoxyController @Inject constructor(
             )
         }
     }
+
+    private fun senderFromTo(type: TrailType): String {
+        return when (type) {
+            TrailType.OutgoingKeyWithheld,
+            TrailType.OutgoingKeyForward -> "to"
+            TrailType.IncomingKeyRequest,
+            TrailType.IncomingKeyForward -> "from"
+            TrailType.Unknown            -> ""
+        }
+    }
 }

From eaf104495db24c0d6bd5f9ebb2c3f685eb3e8b60 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Mon, 25 Apr 2022 10:44:38 +0200
Subject: [PATCH 19/27] Cleaning, code review

---
 .../sdk/internal/crypto/E2eeSanityTests.kt    |  9 +-
 .../crypto/gossiping/WithHeldTests.kt         | 24 +++--
 .../store/db/migration/MigrateCryptoTo005.kt  | 58 ++++++------
 .../store/db/migration/MigrateCryptoTo016.kt  |  2 +-
 .../store/db/model/GossipingEventEntity.kt    | 90 -------------------
 .../model/IncomingGossipingRequestEntity.kt   | 34 -------
 .../model/OutgoingGossipingRequestEntity.kt   | 31 -------
 .../VerificationBottomSheetViewModel.kt       |  2 +-
 8 files changed, 51 insertions(+), 199 deletions(-)
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
index 6fdcf53478..9274a09044 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/E2eeSanityTests.kt
@@ -322,11 +322,13 @@ class E2eeSanityTests : InstrumentedTest {
             }
 
             val importedResult = testHelper.doSync<ImportRoomKeysResult> {
-                kbs.restoreKeyBackupWithPassword(keyVersionResult!!,
+                kbs.restoreKeyBackupWithPassword(
+                        keyVersionResult!!,
                         keyBackupPassword,
                         null,
                         null,
-                        null, it)
+                        null, it
+                )
             }
 
             assertEquals(3, importedResult.totalNumberOfKeys)
@@ -724,7 +726,8 @@ class E2eeSanityTests : InstrumentedTest {
         assertEquals(
                 "USK Private parts should be the same",
                 aliceSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.user,
-                aliceNewSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.user)
+                aliceNewSession.cryptoService().crossSigningService().getCrossSigningPrivateKeys()!!.user
+        )
 
         assertEquals(
                 "SSK Private parts should be the same",
diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
index 63c856d0f1..0e4dea8d91 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/WithHeldTests.kt
@@ -113,7 +113,7 @@ class WithHeldTests : InstrumentedTest {
                         ?.firstOrNull { it.fromDevice == bobSession.sessionParams.deviceId }
                         ?.result
                         ?.let {
-                           it as? RequestResult.Failure
+                            it as? RequestResult.Failure
                         }
                         ?.code == WithHeldCode.UNVERIFIED
             }
@@ -161,13 +161,15 @@ class WithHeldTests : InstrumentedTest {
         val aliceInterceptor = testHelper.getTestInterceptor(aliceSession)
 
         // Simulate no OTK
-        aliceInterceptor!!.addRule(MockOkHttpInterceptor.SimpleRule(
-                "/keys/claim",
-                200,
-                """
+        aliceInterceptor!!.addRule(
+                MockOkHttpInterceptor.SimpleRule(
+                        "/keys/claim",
+                        200,
+                        """
                    { "one_time_keys" : {} } 
                 """
-        ))
+                )
+        )
         Log.d("#TEST", "Recovery :${aliceSession.sessionParams.credentials.accessToken}")
 
         val roomAlicePov = aliceSession.getRoom(testData.roomId)!!
@@ -198,7 +200,10 @@ class WithHeldTests : InstrumentedTest {
 
         // Ensure that alice has marked the session to be shared with bob
         val sessionId = eventBobPOV!!.root.content.toModel<EncryptedEventContent>()!!.sessionId!!
-        val chainIndex = aliceSession.cryptoService().getSharedWithInfo(testData.roomId, sessionId).getObject(bobSession.myUserId, bobSession.sessionParams.credentials.deviceId)
+        val chainIndex = aliceSession.cryptoService().getSharedWithInfo(testData.roomId, sessionId).getObject(
+                bobSession.myUserId,
+                bobSession.sessionParams.credentials.deviceId
+        )
 
         Assert.assertEquals("Alice should have marked bob's device for this session", 0, chainIndex)
         // Add a new device for bob
@@ -216,7 +221,10 @@ class WithHeldTests : InstrumentedTest {
             }
         }
 
-        val chainIndex2 = aliceSession.cryptoService().getSharedWithInfo(testData.roomId, sessionId).getObject(bobSecondSession.myUserId, bobSecondSession.sessionParams.credentials.deviceId)
+        val chainIndex2 = aliceSession.cryptoService().getSharedWithInfo(testData.roomId, sessionId).getObject(
+                bobSecondSession.myUserId,
+                bobSecondSession.sessionParams.credentials.deviceId
+        )
 
         Assert.assertEquals("Alice should have marked bob's device for this session", 1, chainIndex2)
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo005.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo005.kt
index e1d7598767..8ec2932a8f 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo005.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo005.kt
@@ -17,9 +17,6 @@
 package org.matrix.android.sdk.internal.crypto.store.db.migration
 
 import io.realm.DynamicRealm
-import org.matrix.android.sdk.internal.crypto.store.db.model.GossipingEventEntityFields
-import org.matrix.android.sdk.internal.crypto.store.db.model.IncomingGossipingRequestEntityFields
-import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingGossipingRequestEntityFields
 import org.matrix.android.sdk.internal.util.database.RealmMigrator
 
 internal class MigrateCryptoTo005(realm: DynamicRealm) : RealmMigrator(realm, 5) {
@@ -29,38 +26,37 @@ internal class MigrateCryptoTo005(realm: DynamicRealm) : RealmMigrator(realm, 5)
         realm.schema.remove("IncomingRoomKeyRequestEntity")
 
         // Not need to migrate existing request, just start fresh?
-
         realm.schema.create("GossipingEventEntity")
-                .addField(GossipingEventEntityFields.TYPE, String::class.java)
-                .addIndex(GossipingEventEntityFields.TYPE)
-                .addField(GossipingEventEntityFields.CONTENT, String::class.java)
-                .addField(GossipingEventEntityFields.SENDER, String::class.java)
-                .addIndex(GossipingEventEntityFields.SENDER)
-                .addField(GossipingEventEntityFields.DECRYPTION_RESULT_JSON, String::class.java)
-                .addField(GossipingEventEntityFields.DECRYPTION_ERROR_CODE, String::class.java)
-                .addField(GossipingEventEntityFields.AGE_LOCAL_TS, Long::class.java)
-                .setNullable(GossipingEventEntityFields.AGE_LOCAL_TS, true)
-                .addField(GossipingEventEntityFields.SEND_STATE_STR, String::class.java)
+                .addField("type", String::class.java)
+                .addIndex("type")
+                .addField("content", String::class.java)
+                .addField("sender", String::class.java)
+                .addIndex("sender")
+                .addField("decryptionResultJson", String::class.java)
+                .addField("decryptionErrorCode", String::class.java)
+                .addField("ageLocalTs", Long::class.java)
+                .setNullable("ageLocalTs", true)
+                .addField("sendStateStr", String::class.java)
 
         realm.schema.create("IncomingGossipingRequestEntity")
-                .addField(IncomingGossipingRequestEntityFields.REQUEST_ID, String::class.java)
-                .addIndex(IncomingGossipingRequestEntityFields.REQUEST_ID)
-                .addField(IncomingGossipingRequestEntityFields.TYPE_STR, String::class.java)
-                .addIndex(IncomingGossipingRequestEntityFields.TYPE_STR)
-                .addField(IncomingGossipingRequestEntityFields.OTHER_USER_ID, String::class.java)
-                .addField(IncomingGossipingRequestEntityFields.REQUESTED_INFO_STR, String::class.java)
-                .addField(IncomingGossipingRequestEntityFields.OTHER_DEVICE_ID, String::class.java)
-                .addField(IncomingGossipingRequestEntityFields.REQUEST_STATE_STR, String::class.java)
-                .addField(IncomingGossipingRequestEntityFields.LOCAL_CREATION_TIMESTAMP, Long::class.java)
-                .setNullable(IncomingGossipingRequestEntityFields.LOCAL_CREATION_TIMESTAMP, true)
+                .addField("requestId", String::class.java)
+                .addIndex("requestId")
+                .addField("typeStr", String::class.java)
+                .addIndex("typeStr")
+                .addField("otherUserId", String::class.java)
+                .addField("requestedInfoStr", String::class.java)
+                .addField("otherDeviceId", String::class.java)
+                .addField("requestStateStr", String::class.java)
+                .addField("localCreationTimestamp", Long::class.java)
+                .setNullable("localCreationTimestamp", true)
 
         realm.schema.create("OutgoingGossipingRequestEntity")
-                .addField(OutgoingGossipingRequestEntityFields.REQUEST_ID, String::class.java)
-                .addIndex(OutgoingGossipingRequestEntityFields.REQUEST_ID)
-                .addField(OutgoingGossipingRequestEntityFields.RECIPIENTS_DATA, String::class.java)
-                .addField(OutgoingGossipingRequestEntityFields.REQUESTED_INFO_STR, String::class.java)
-                .addField(OutgoingGossipingRequestEntityFields.TYPE_STR, String::class.java)
-                .addIndex(OutgoingGossipingRequestEntityFields.TYPE_STR)
-                .addField(OutgoingGossipingRequestEntityFields.REQUEST_STATE_STR, String::class.java)
+                .addField("requestId", String::class.java)
+                .addIndex("requestId")
+                .addField("recipientsData", String::class.java)
+                .addField("requestedInfoStr", String::class.java)
+                .addField("typeStr", String::class.java)
+                .addIndex("typeStr")
+                .addField("requestStateStr", String::class.java)
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index 8d79ba3075..edc8b566ad 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -23,7 +23,7 @@ import org.matrix.android.sdk.internal.crypto.store.db.model.KeyRequestReplyEnti
 import org.matrix.android.sdk.internal.crypto.store.db.model.OutgoingKeyRequestEntityFields
 import org.matrix.android.sdk.internal.util.database.RealmMigrator
 
-internal class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 15) {
+internal class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 16) {
 
     override fun doMigrate(realm: DynamicRealm) {
         realm.schema.remove("OutgoingGossipingRequestEntity")
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
deleted file mode 100644
index 31b141014b..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/GossipingEventEntity.kt
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto.store.db.model
-
-import com.squareup.moshi.JsonDataException
-import io.realm.RealmObject
-import io.realm.annotations.Index
-import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.model.MXEventDecryptionResult
-import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.room.send.SendState
-import org.matrix.android.sdk.internal.database.mapper.ContentMapper
-import org.matrix.android.sdk.internal.di.MoshiProvider
-import timber.log.Timber
-
-/**
- * Keep track of gossiping event received in toDevice messages
- * (room key request, or sss secret sharing, as well as cancellations)
- *
- */
-
-// not used anymore, just here for db migration
-internal open class GossipingEventEntity(@Index var type: String? = "",
-                                         var content: String? = null,
-                                         @Index var sender: String? = null,
-                                         var decryptionResultJson: String? = null,
-                                         var decryptionErrorCode: String? = null,
-                                         var ageLocalTs: Long? = null) : RealmObject() {
-
-    private var sendStateStr: String = SendState.UNKNOWN.name
-
-    var sendState: SendState
-        get() {
-            return SendState.valueOf(sendStateStr)
-        }
-        set(value) {
-            sendStateStr = value.name
-        }
-
-    companion object
-
-    fun setDecryptionResult(result: MXEventDecryptionResult) {
-        val decryptionResult = OlmDecryptionResult(
-                payload = result.clearEvent,
-                senderKey = result.senderCurve25519Key,
-                keysClaimed = result.claimedEd25519Key?.let { mapOf("ed25519" to it) },
-                forwardingCurve25519KeyChain = result.forwardingCurve25519KeyChain
-        )
-        val adapter = MoshiProvider.providesMoshi().adapter<OlmDecryptionResult>(OlmDecryptionResult::class.java)
-        decryptionResultJson = adapter.toJson(decryptionResult)
-        decryptionErrorCode = null
-    }
-
-    fun toModel(): Event {
-        return Event(
-                type = this.type ?: "",
-                content = ContentMapper.map(this.content),
-                senderId = this.sender
-        ).also {
-            it.ageLocalTs = this.ageLocalTs
-            it.sendState = this.sendState
-            this.decryptionResultJson?.let { json ->
-                try {
-                    it.mxDecryptionResult = MoshiProvider.providesMoshi().adapter(OlmDecryptionResult::class.java).fromJson(json)
-                } catch (t: JsonDataException) {
-                    Timber.e(t, "Failed to parse decryption result")
-                }
-            }
-            // TODO get the full crypto error object
-            it.mCryptoError = this.decryptionErrorCode?.let { errorCode ->
-                MXCryptoError.ErrorType.valueOf(errorCode)
-            }
-        }
-    }
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
deleted file mode 100644
index 5ac659d327..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/IncomingGossipingRequestEntity.kt
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto.store.db.model
-
-import io.realm.RealmObject
-import io.realm.annotations.Index
-
-// not used anymore, just here for db migration
-internal open class IncomingGossipingRequestEntity(@Index var requestId: String? = "",
-                                                   @Index var typeStr: String? = null,
-                                                   var otherUserId: String? = null,
-                                                   var requestedInfoStr: String? = null,
-                                                   var otherDeviceId: String? = null,
-                                                   var localCreationTimestamp: Long? = null
-) : RealmObject() {
-
-    private var requestStateStr: String = ""
-
-    companion object
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
deleted file mode 100644
index 1dd9cacb74..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingGossipingRequestEntity.kt
+++ /dev/null
@@ -1,31 +0,0 @@
- /*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto.store.db.model
-
-import io.realm.RealmObject
-import io.realm.annotations.Index
-
-// not used anymore, just here for db migration
-internal open class OutgoingGossipingRequestEntity(
-        @Index var requestId: String? = null,
-        var recipientsData: String? = null,
-        var requestedInfoStr: String? = null,
-        @Index var typeStr: String? = null
-) : RealmObject() {
-
-    private var requestStateStr: String = ""
-}
diff --git a/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt b/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
index 1e14d0a2ed..4c144d2e9f 100644
--- a/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
+++ b/vector/src/main/java/im/vector/app/features/crypto/verification/VerificationBottomSheetViewModel.kt
@@ -423,7 +423,7 @@ class VerificationBottomSheetViewModel @AssistedInject constructor(
     private fun tentativeRestoreBackup(res: Map<String, String>?) {
         // It's not a good idea to download the full backup, it might take very long
         // and use a lot of resources
-        // Just check that the ey is valid and store it, the backup will be used megolm session per
+        // Just check that the key is valid and store it, the backup will be used megolm session per
         // megolm session when an UISI is encountered
 
         viewModelScope.launch(Dispatchers.IO) {

From 012dfeb715f34015dd2ef6addf61c97b26643c4f Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Mon, 25 Apr 2022 18:04:24 +0200
Subject: [PATCH 20/27] Change log for SDK apis

---
 changelog.d/5559.sdk | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 changelog.d/5559.sdk

diff --git a/changelog.d/5559.sdk b/changelog.d/5559.sdk
new file mode 100644
index 0000000000..2466fcef48
--- /dev/null
+++ b/changelog.d/5559.sdk
@@ -0,0 +1,4 @@
+- New API to enable/disable key forwarding CryptoService#enableKeyGossiping()
+- New API to limit room key request only to own devices MXCryptoConfig#limitRoomKeyRequestsToMyDevices
+- Event Trail API has changed, now using AuditTrail events
+- New API to manually accept an incoming key request CryptoService#manuallyAcceptRoomKeyRequest()

From 728faaee19511e1575cc383fd1c2e182ed9b45ff Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Tue, 26 Apr 2022 14:46:52 +0200
Subject: [PATCH 21/27] Fix missing mapper for incoming key forward trail

---
 .../crypto/store/db/model/AuditTrailMapper.kt      | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
index 465837bc81..16d08784eb 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
@@ -30,7 +30,7 @@ internal object AuditTrailMapper {
     fun map(entity: AuditTrailEntity): AuditTrail? {
         val contentJson = entity.contentJson ?: return null
         return when (entity.type) {
-            TrailType.OutgoingKeyForward.name  -> {
+            TrailType.OutgoingKeyForward.name -> {
                 val info = tryOrNull {
                     MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).fromJson(contentJson)
                 } ?: return null
@@ -60,7 +60,17 @@ internal object AuditTrailMapper {
                         info = info
                 )
             }
-            else                              ->  {
+            TrailType.IncomingKeyForward.name -> {
+                val info = tryOrNull {
+                    MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).fromJson(contentJson)
+                } ?: return null
+                AuditTrail(
+                        ageLocalTs = entity.ageLocalTs ?: 0,
+                        type = TrailType.IncomingKeyForward,
+                        info = info
+                )
+            }
+            else -> {
                 AuditTrail(
                         ageLocalTs = entity.ageLocalTs ?: 0,
                         type = TrailType.Unknown,

From 8920ed3de813d93d13a2d573d29dc61d17bf3f4c Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 27 Apr 2022 09:45:26 +0200
Subject: [PATCH 22/27] Code review

---
 .../crypto/gossiping/KeyShareTests.kt         |    3 +
 .../android/sdk/api/crypto/MXCryptoConfig.kt  |    2 +-
 .../internal/crypto/DefaultCryptoService.kt   |    2 +-
 .../sdk/internal/crypto/MXOlmDevice.kt        | 1836 ++++++++---------
 .../crypto/OutgoingGossipingRequest.kt        |   27 -
 .../crypto/OutgoingKeyRequestManager.kt       | 1037 +++++-----
 .../internal/crypto/OutgoingSecretRequest.kt  |   39 -
 .../PerSessionBackupQueryRateLimiter.kt       |    2 +-
 .../internal/crypto/RoomEncryptorsStore.kt    |    1 -
 .../sdk/internal/crypto/SecretShareManager.kt |  596 +++---
 .../algorithms/megolm/MXMegolmDecryption.kt   |   10 +-
 .../crypto/store/db/RealmCryptoStore.kt       |   90 +-
 .../db/model/OutgoingKeyRequestEntity.kt      |    4 +-
 .../room/membership/joining/JoinRoomTask.kt   |   13 +-
 14 files changed, 1797 insertions(+), 1865 deletions(-)
 delete mode 100644 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
 delete mode 100755 matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
index bc286a75be..1e2aa8621d 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/internal/crypto/gossiping/KeyShareTests.kt
@@ -432,6 +432,7 @@ class KeyShareTests : InstrumentedTest {
                 .markedLocallyAsManuallyVerified(aliceNewSession.myUserId, aliceNewSession.sessionParams.deviceId!!)
 
         // /!\ Stop initial alice session syncing so that it can't reply
+        aliceSession.cryptoService().enableKeyGossiping(false)
         aliceSession.stopSync()
 
         // Let's now try to request
@@ -440,6 +441,7 @@ class KeyShareTests : InstrumentedTest {
         // Should get a reply from bob and not from alice
         commonTestHelper.waitWithLatch { latch ->
             commonTestHelper.retryPeriodicallyWithLatch(latch) {
+              //  Log.d("#TEST", "outgoing key requests :${aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().joinToString { it.sessionId ?: "?" }}")
                 val outgoing = aliceNewSession.cryptoService().getOutgoingRoomKeyRequests().firstOrNull { it.sessionId == sentEventMegolmSession }
                 val bobReply = outgoing?.results?.firstOrNull { it.userId == bobSession.myUserId }
                 val result = bobReply?.result
@@ -453,6 +455,7 @@ class KeyShareTests : InstrumentedTest {
         assertEquals("The request should not be canceled", OutgoingRoomKeyRequestState.SENT, outgoingReq.state)
 
         // let's wake up alice
+        aliceSession.cryptoService().enableKeyGossiping(true)
         aliceSession.startSync(true)
 
         // We should now get a reply from first session
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
index a0e1011aba..9507ddda65 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/crypto/MXCryptoConfig.kt
@@ -37,5 +37,5 @@ data class MXCryptoConfig constructor(
          * Currently megolm keys are requested to the sender device and to all of our devices.
          * You can limit request only to your sessions by turning this setting to `true`
          */
-        val limitRoomKeyRequestsToMyDevices: Boolean = false
+        val limitRoomKeyRequestsToMyDevices: Boolean = false,
 )
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
index 98b5235e14..4418b18c73 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DefaultCryptoService.kt
@@ -1192,7 +1192,7 @@ internal class DefaultCryptoService @Inject constructor(
      */
     override fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
         incomingKeyRequestManager.removeRoomKeysRequestListener(listener)
-        secretShareManager.addListener(listener)
+        secretShareManager.removeListener(listener)
     }
 
     /**
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
index b91a970fc1..79c5c0bd41 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/MXOlmDevice.kt
@@ -1,918 +1,918 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import androidx.annotation.VisibleForTesting
-import kotlinx.coroutines.sync.Mutex
-import kotlinx.coroutines.sync.withLock
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.MXCryptoError
-import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
-import org.matrix.android.sdk.api.util.JSON_DICT_PARAMETERIZED_TYPE
-import org.matrix.android.sdk.api.util.JsonDict
-import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXOutboundSessionInfo
-import org.matrix.android.sdk.internal.crypto.algorithms.megolm.SharedWithHelper
-import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
-import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.di.MoshiProvider
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.util.JsonCanonicalizer
-import org.matrix.android.sdk.internal.util.convertFromUTF8
-import org.matrix.android.sdk.internal.util.convertToUTF8
-import org.matrix.olm.OlmAccount
-import org.matrix.olm.OlmException
-import org.matrix.olm.OlmMessage
-import org.matrix.olm.OlmOutboundGroupSession
-import org.matrix.olm.OlmSession
-import org.matrix.olm.OlmUtility
-import timber.log.Timber
-import javax.inject.Inject
-
-private val loggerTag = LoggerTag("MXOlmDevice", LoggerTag.CRYPTO)
-
-// The libolm wrapper.
-@SessionScope
-internal class MXOlmDevice @Inject constructor(
-        /**
-         * The store where crypto data is saved.
-         */
-        private val store: IMXCryptoStore,
-        private val olmSessionStore: OlmSessionStore,
-        private val inboundGroupSessionStore: InboundGroupSessionStore
-) {
-
-    val mutex = Mutex()
-
-    /**
-     * @return the Curve25519 key for the account.
-     */
-    var deviceCurve25519Key: String? = null
-        private set
-
-    /**
-     * @return the Ed25519 key for the account.
-     */
-    var deviceEd25519Key: String? = null
-        private set
-
-    // The OLM lib utility instance.
-    private var olmUtility: OlmUtility? = null
-
-    private data class GroupSessionCacheItem(
-            val groupId: String,
-            val groupSession: OlmOutboundGroupSession
-    )
-
-    // The outbound group session.
-    // Caches active outbound session to avoid to sync with DB before read
-    // The key is the session id, the value the <roomID,outbound group session>.
-    private val outboundGroupSessionCache: MutableMap<String, GroupSessionCacheItem> = HashMap()
-
-    // Store a set of decrypted message indexes for each group session.
-    // This partially mitigates a replay attack where a MITM resends a group
-    // message into the room.
-    //
-    // The Matrix SDK exposes events through MXEventTimelines. A developer can open several
-    // timelines from a same room so that a message can be decrypted several times but from
-    // a different timeline.
-    // So, store these message indexes per timeline id.
-    //
-    // The first level keys are timeline ids.
-    // The second level keys are strings of form "<senderKey>|<session_id>|<message_index>"
-    private val inboundGroupSessionMessageIndexes: MutableMap<String, MutableSet<String>> = HashMap()
-
-    init {
-        // Retrieve the account from the store
-        try {
-            store.getOrCreateOlmAccount()
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "MXOlmDevice : cannot initialize olmAccount")
-        }
-
-        try {
-            olmUtility = OlmUtility()
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : OlmUtility failed with error")
-            olmUtility = null
-        }
-
-        try {
-            deviceCurve25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_IDENTITY_KEY] }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_IDENTITY_KEY} with error")
-        }
-
-        try {
-            deviceEd25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_FINGER_PRINT_KEY] }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_FINGER_PRINT_KEY} with error")
-        }
-    }
-
-    /**
-     * @return The current (unused, unpublished) one-time keys for this account.
-     */
-    fun getOneTimeKeys(): Map<String, Map<String, String>>? {
-        try {
-            return store.doWithOlmAccount { it.oneTimeKeys() }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## getOneTimeKeys() : failed")
-        }
-
-        return null
-    }
-
-    /**
-     * @return The maximum number of one-time keys the olm account can store.
-     */
-    fun getMaxNumberOfOneTimeKeys(): Long {
-        return store.doWithOlmAccount { it.maxOneTimeKeys() }
-    }
-
-    /**
-     * Returns an unpublished fallback key
-     * A call to markKeysAsPublished will mark it as published and this
-     * call will return null (until a call to generateFallbackKey is made)
-     */
-    fun getFallbackKey(): MutableMap<String, MutableMap<String, String>>? {
-        try {
-            return store.doWithOlmAccount { it.fallbackKey() }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e("## getFallbackKey() : failed")
-        }
-        return null
-    }
-
-    /**
-     * Generates a new fallback key if there is not already
-     * an unpublished one.
-     * @return true if a new key was generated
-     */
-    fun generateFallbackKeyIfNeeded(): Boolean {
-        try {
-            if (!hasUnpublishedFallbackKey()) {
-                store.doWithOlmAccount {
-                    it.generateFallbackKey()
-                    store.saveOlmAccount()
-                }
-                return true
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e("## generateFallbackKey() : failed")
-        }
-        return false
-    }
-
-    internal fun hasUnpublishedFallbackKey(): Boolean {
-        return getFallbackKey()?.get(OlmAccount.JSON_KEY_ONE_TIME_KEY).orEmpty().isNotEmpty()
-    }
-
-    fun forgetFallbackKey() {
-        try {
-            store.doWithOlmAccount {
-                it.forgetFallbackKey()
-                store.saveOlmAccount()
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e("## forgetFallbackKey() : failed")
-        }
-    }
-
-    /**
-     * Release the instance
-     */
-    fun release() {
-        olmUtility?.releaseUtility()
-        outboundGroupSessionCache.values.forEach {
-            it.groupSession.releaseSession()
-        }
-        outboundGroupSessionCache.clear()
-        inboundGroupSessionStore.clear()
-        olmSessionStore.clear()
-    }
-
-    /**
-     * Signs a message with the ed25519 key for this account.
-     *
-     * @param message the message to be signed.
-     * @return the base64-encoded signature.
-     */
-    fun signMessage(message: String): String? {
-        try {
-            return store.doWithOlmAccount { it.signMessage(message) }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## signMessage() : failed")
-        }
-
-        return null
-    }
-
-    /**
-     * Marks all of the one-time keys as published.
-     */
-    fun markKeysAsPublished() {
-        try {
-            store.doWithOlmAccount {
-                it.markOneTimeKeysAsPublished()
-                store.saveOlmAccount()
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## markKeysAsPublished() : failed")
-        }
-    }
-
-    /**
-     * Generate some new one-time keys
-     *
-     * @param numKeys number of keys to generate
-     */
-    fun generateOneTimeKeys(numKeys: Int) {
-        try {
-            store.doWithOlmAccount {
-                it.generateOneTimeKeys(numKeys)
-                store.saveOlmAccount()
-            }
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## generateOneTimeKeys() : failed")
-        }
-    }
-
-    /**
-     * Generate a new outbound session.
-     * The new session will be stored in the MXStore.
-     *
-     * @param theirIdentityKey the remote user's Curve25519 identity key
-     * @param theirOneTimeKey  the remote user's one-time Curve25519 key
-     * @return the session id for the outbound session.
-     */
-    fun createOutboundSession(theirIdentityKey: String, theirOneTimeKey: String): String? {
-        Timber.tag(loggerTag.value).d("## createOutboundSession() ; theirIdentityKey $theirIdentityKey theirOneTimeKey $theirOneTimeKey")
-        var olmSession: OlmSession? = null
-
-        try {
-            olmSession = OlmSession()
-            store.doWithOlmAccount { olmAccount ->
-                olmSession.initOutboundSession(olmAccount, theirIdentityKey, theirOneTimeKey)
-            }
-
-            val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
-
-            // Pretend we've received a message at this point, otherwise
-            // if we try to send a message to the device, it won't use
-            // this session
-            olmSessionWrapper.onMessageReceived()
-
-            olmSessionStore.storeSession(olmSessionWrapper, theirIdentityKey)
-
-            val sessionIdentifier = olmSession.sessionIdentifier()
-
-            Timber.tag(loggerTag.value).v("## createOutboundSession() ;  olmSession.sessionIdentifier: $sessionIdentifier")
-            return sessionIdentifier
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## createOutboundSession() failed")
-
-            olmSession?.releaseSession()
-        }
-
-        return null
-    }
-
-    /**
-     * Generate a new inbound session, given an incoming message.
-     *
-     * @param theirDeviceIdentityKey the remote user's Curve25519 identity key.
-     * @param messageType            the message_type field from the received message (must be 0).
-     * @param ciphertext             base64-encoded body from the received message.
-     * @return {{payload: string, session_id: string}} decrypted payload, and session id of new session.
-     */
-    fun createInboundSession(theirDeviceIdentityKey: String, messageType: Int, ciphertext: String): Map<String, String>? {
-        Timber.tag(loggerTag.value).d("## createInboundSession() : theirIdentityKey: $theirDeviceIdentityKey")
-
-        var olmSession: OlmSession? = null
-
-        try {
-            try {
-                olmSession = OlmSession()
-                store.doWithOlmAccount { olmAccount ->
-                    olmSession.initInboundSessionFrom(olmAccount, theirDeviceIdentityKey, ciphertext)
-                }
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : the session creation failed")
-                return null
-            }
-
-            Timber.tag(loggerTag.value).v("## createInboundSession() : sessionId: ${olmSession.sessionIdentifier()}")
-
-            try {
-                store.doWithOlmAccount { olmAccount ->
-                    olmAccount.removeOneTimeKeys(olmSession)
-                    store.saveOlmAccount()
-                }
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : removeOneTimeKeys failed")
-            }
-
-            val olmMessage = OlmMessage()
-            olmMessage.mCipherText = ciphertext
-            olmMessage.mType = messageType.toLong()
-
-            var payloadString: String? = null
-
-            try {
-                payloadString = olmSession.decryptMessage(olmMessage)
-
-                val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
-                // This counts as a received message: set last received message time to now
-                olmSessionWrapper.onMessageReceived()
-
-                olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : decryptMessage failed")
-            }
-
-            val res = HashMap<String, String>()
-
-            if (!payloadString.isNullOrEmpty()) {
-                res["payload"] = payloadString
-            }
-
-            val sessionIdentifier = olmSession.sessionIdentifier()
-
-            if (!sessionIdentifier.isNullOrEmpty()) {
-                res["session_id"] = sessionIdentifier
-            }
-
-            return res
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "## createInboundSession() : OlmSession creation failed")
-
-            olmSession?.releaseSession()
-        }
-
-        return null
-    }
-
-    /**
-     * Get a list of known session IDs for the given device.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @return a list of known session ids for the device.
-     */
-    fun getSessionIds(theirDeviceIdentityKey: String): List<String> {
-        return olmSessionStore.getDeviceSessionIds(theirDeviceIdentityKey)
-    }
-
-    /**
-     * Get the right olm session id for encrypting messages to the given identity key.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @return the session id, or null if no established session.
-     */
-    fun getSessionId(theirDeviceIdentityKey: String): String? {
-        return olmSessionStore.getLastUsedSessionId(theirDeviceIdentityKey)
-    }
-
-    /**
-     * Encrypt an outgoing message using an existing session.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @param sessionId              the id of the active session
-     * @param payloadString          the payload to be encrypted and sent
-     * @return the cipher text
-     */
-    suspend fun encryptMessage(theirDeviceIdentityKey: String, sessionId: String, payloadString: String): Map<String, Any>? {
-        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
-
-        if (olmSessionWrapper != null) {
-            try {
-                Timber.tag(loggerTag.value).v("## encryptMessage() : olmSession.sessionIdentifier: $sessionId")
-
-                val olmMessage = olmSessionWrapper.mutex.withLock {
-                    olmSessionWrapper.olmSession.encryptMessage(payloadString)
-                }
-                return mapOf(
-                        "body" to olmMessage.mCipherText,
-                        "type" to olmMessage.mType,
-                ).also {
-                    olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
-                }
-            } catch (e: Throwable) {
-                Timber.tag(loggerTag.value).e(e, "## encryptMessage() : failed to encrypt olm with device|session:$theirDeviceIdentityKey|$sessionId")
-                return null
-            }
-        } else {
-            Timber.tag(loggerTag.value).e("## encryptMessage() : Failed to encrypt unknown session $sessionId")
-            return null
-        }
-    }
-
-    /**
-     * Decrypt an incoming message using an existing session.
-     *
-     * @param ciphertext             the base64-encoded body from the received message.
-     * @param messageType            message_type field from the received message.
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @param sessionId              the id of the active session.
-     * @return the decrypted payload.
-     */
-    @kotlin.jvm.Throws
-    suspend fun decryptMessage(ciphertext: String, messageType: Int, sessionId: String, theirDeviceIdentityKey: String): String? {
-        var payloadString: String? = null
-
-        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
-
-        if (null != olmSessionWrapper) {
-            val olmMessage = OlmMessage()
-            olmMessage.mCipherText = ciphertext
-            olmMessage.mType = messageType.toLong()
-
-            payloadString =
-                    olmSessionWrapper.mutex.withLock {
-                        olmSessionWrapper.olmSession.decryptMessage(olmMessage).also {
-                            olmSessionWrapper.onMessageReceived()
-                        }
-                    }
-            olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
-        }
-
-        return payloadString
-    }
-
-    /**
-     * Determine if an incoming messages is a prekey message matching an existing session.
-     *
-     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
-     * @param sessionId              the id of the active session.
-     * @param messageType            message_type field from the received message.
-     * @param ciphertext             the base64-encoded body from the received message.
-     * @return YES if the received message is a prekey message which matchesthe given session.
-     */
-    fun matchesSession(theirDeviceIdentityKey: String, sessionId: String, messageType: Int, ciphertext: String): Boolean {
-        if (messageType != 0) {
-            return false
-        }
-
-        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
-        return null != olmSessionWrapper && olmSessionWrapper.olmSession.matchesInboundSession(ciphertext)
-    }
-
-    // Outbound group session
-
-    /**
-     * Generate a new outbound group session.
-     *
-     * @return the session id for the outbound session.
-     */
-    fun createOutboundGroupSessionForRoom(roomId: String): String? {
-        var session: OlmOutboundGroupSession? = null
-        try {
-            session = OlmOutboundGroupSession()
-            outboundGroupSessionCache[session.sessionIdentifier()] = GroupSessionCacheItem(roomId, session)
-            store.storeCurrentOutboundGroupSessionForRoom(roomId, session)
-            return session.sessionIdentifier()
-        } catch (e: Exception) {
-            Timber.tag(loggerTag.value).e(e, "createOutboundGroupSession")
-
-            session?.releaseSession()
-        }
-
-        return null
-    }
-
-    fun storeOutboundGroupSessionForRoom(roomId: String, sessionId: String) {
-        outboundGroupSessionCache[sessionId]?.let {
-            store.storeCurrentOutboundGroupSessionForRoom(roomId, it.groupSession)
-        }
-    }
-
-    fun restoreOutboundGroupSessionForRoom(roomId: String): MXOutboundSessionInfo? {
-        val restoredOutboundGroupSession = store.getCurrentOutboundGroupSessionForRoom(roomId)
-        if (restoredOutboundGroupSession != null) {
-            val sessionId = restoredOutboundGroupSession.outboundGroupSession.sessionIdentifier()
-            // cache it
-            outboundGroupSessionCache[sessionId] = GroupSessionCacheItem(roomId, restoredOutboundGroupSession.outboundGroupSession)
-
-            return MXOutboundSessionInfo(
-                    sessionId = sessionId,
-                    sharedWithHelper = SharedWithHelper(roomId, sessionId, store),
-                    restoredOutboundGroupSession.creationTime
-            )
-        }
-        return null
-    }
-
-    fun discardOutboundGroupSessionForRoom(roomId: String) {
-        val toDiscard = outboundGroupSessionCache.filter {
-            it.value.groupId == roomId
-        }
-        toDiscard.forEach { (sessionId, cacheItem) ->
-            cacheItem.groupSession.releaseSession()
-            outboundGroupSessionCache.remove(sessionId)
-        }
-        store.storeCurrentOutboundGroupSessionForRoom(roomId, null)
-    }
-
-    /**
-     * Get the current session key of  an outbound group session.
-     *
-     * @param sessionId the id of the outbound group session.
-     * @return the base64-encoded secret key.
-     */
-    fun getSessionKey(sessionId: String): String? {
-        if (sessionId.isNotEmpty()) {
-            try {
-                return outboundGroupSessionCache[sessionId]!!.groupSession.sessionKey()
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## getSessionKey() : failed")
-            }
-        }
-        return null
-    }
-
-    /**
-     * Get the current message index of an outbound group session.
-     *
-     * @param sessionId the id of the outbound group session.
-     * @return the current chain index.
-     */
-    fun getMessageIndex(sessionId: String): Int {
-        return if (sessionId.isNotEmpty()) {
-            outboundGroupSessionCache[sessionId]!!.groupSession.messageIndex()
-        } else 0
-    }
-
-    /**
-     * Encrypt an outgoing message with an outbound group session.
-     *
-     * @param sessionId     the id of the outbound group session.
-     * @param payloadString the payload to be encrypted and sent.
-     * @return ciphertext
-     */
-    fun encryptGroupMessage(sessionId: String, payloadString: String): String? {
-        if (sessionId.isNotEmpty() && payloadString.isNotEmpty()) {
-            try {
-                return outboundGroupSessionCache[sessionId]!!.groupSession.encryptMessage(payloadString)
-            } catch (e: Throwable) {
-                Timber.tag(loggerTag.value).e(e, "## encryptGroupMessage() : failed")
-            }
-        }
-        return null
-    }
-
-    //  Inbound group session
-
-    sealed class AddSessionResult {
-        data class Imported(val ratchetIndex: Int) : AddSessionResult()
-        abstract class Failure : AddSessionResult()
-        object NotImported : Failure()
-        data class NotImportedHigherIndex(val newIndex: Int) : AddSessionResult()
-    }
-
-    /**
-     * Add an inbound group session to the session store.
-     *
-     * @param sessionId                    the session identifier.
-     * @param sessionKey                   base64-encoded secret key.
-     * @param roomId                       the id of the room in which this session will be used.
-     * @param senderKey                    the base64-encoded curve25519 key of the sender.
-     * @param forwardingCurve25519KeyChain Devices involved in forwarding this session to us.
-     * @param keysClaimed                  Other keys the sender claims.
-     * @param exportFormat                 true if the megolm keys are in export format
-     * @return true if the operation succeeds.
-     */
-    fun addInboundGroupSession(sessionId: String,
-                               sessionKey: String,
-                               roomId: String,
-                               senderKey: String,
-                               forwardingCurve25519KeyChain: List<String>,
-                               keysClaimed: Map<String, String>,
-                               exportFormat: Boolean): AddSessionResult {
-        val candidateSession = OlmInboundGroupSessionWrapper2(sessionKey, exportFormat)
-        val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
-        val existingSession = existingSessionHolder?.wrapper
-        // If we have an existing one we should check if the new one is not better
-        if (existingSession != null) {
-            Timber.tag(loggerTag.value).d("## addInboundGroupSession() check if known session is better than candidate session")
-            try {
-                val existingFirstKnown = existingSession.firstKnownIndex ?: return AddSessionResult.NotImported.also {
-                    // This is quite unexpected, could throw if native was released?
-                    Timber.tag(loggerTag.value).e("## addInboundGroupSession() null firstKnownIndex on existing session")
-                    candidateSession.olmInboundGroupSession?.releaseSession()
-                    // Probably should discard it?
-                }
-                val newKnownFirstIndex = candidateSession.firstKnownIndex
-                // If our existing session is better we keep it
-                if (newKnownFirstIndex != null && existingFirstKnown <= newKnownFirstIndex) {
-                    Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
-                    candidateSession.olmInboundGroupSession?.releaseSession()
-                    return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
-                }
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value).e("## addInboundGroupSession() Failed to add inbound: ${failure.localizedMessage}")
-                candidateSession.olmInboundGroupSession?.releaseSession()
-                return AddSessionResult.NotImported
-            }
-        }
-
-        Timber.tag(loggerTag.value).d("## addInboundGroupSession() : Candidate session should be added $senderKey/$sessionId")
-
-        // sanity check on the new session
-        val candidateOlmInboundSession = candidateSession.olmInboundGroupSession
-        if (null == candidateOlmInboundSession) {
-            Timber.tag(loggerTag.value).e("## addInboundGroupSession : invalid session <null>")
-            return AddSessionResult.NotImported
-        }
-
-        try {
-            if (candidateOlmInboundSession.sessionIdentifier() != sessionId) {
-                Timber.tag(loggerTag.value).e("## addInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
-                candidateOlmInboundSession.releaseSession()
-                return AddSessionResult.NotImported
-            }
-        } catch (e: Throwable) {
-            candidateOlmInboundSession.releaseSession()
-            Timber.tag(loggerTag.value).e(e, "## addInboundGroupSession : sessionIdentifier() failed")
-            return AddSessionResult.NotImported
-        }
-
-        candidateSession.senderKey = senderKey
-        candidateSession.roomId = roomId
-        candidateSession.keysClaimed = keysClaimed
-        candidateSession.forwardingCurve25519KeyChain = forwardingCurve25519KeyChain
-
-        if (existingSession != null) {
-            inboundGroupSessionStore.replaceGroupSession(existingSessionHolder, InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
-        } else {
-            inboundGroupSessionStore.storeInBoundGroupSession(InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
-        }
-
-        return AddSessionResult.Imported(candidateSession.firstKnownIndex?.toInt() ?: 0)
-    }
-
-    /**
-     * Import an inbound group sessions to the session store.
-     *
-     * @param megolmSessionsData the megolm sessions data
-     * @return the successfully imported sessions.
-     */
-    fun importInboundGroupSessions(megolmSessionsData: List<MegolmSessionData>): List<OlmInboundGroupSessionWrapper2> {
-        val sessions = ArrayList<OlmInboundGroupSessionWrapper2>(megolmSessionsData.size)
-
-        for (megolmSessionData in megolmSessionsData) {
-            val sessionId = megolmSessionData.sessionId ?: continue
-            val senderKey = megolmSessionData.senderKey ?: continue
-            val roomId = megolmSessionData.roomId
-
-            var candidateSessionToImport: OlmInboundGroupSessionWrapper2? = null
-
-            try {
-                candidateSessionToImport = OlmInboundGroupSessionWrapper2(megolmSessionData)
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
-            }
-
-            // sanity check
-            if (candidateSessionToImport?.olmInboundGroupSession == null) {
-                Timber.tag(loggerTag.value).e("## importInboundGroupSession : invalid session")
-                continue
-            }
-
-            val candidateOlmInboundGroupSession = candidateSessionToImport.olmInboundGroupSession
-            try {
-                if (candidateOlmInboundGroupSession?.sessionIdentifier() != sessionId) {
-                    Timber.tag(loggerTag.value).e("## importInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
-                    candidateOlmInboundGroupSession?.releaseSession()
-                    continue
-                }
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession : sessionIdentifier() failed")
-                candidateOlmInboundGroupSession?.releaseSession()
-                continue
-            }
-
-            val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
-            val existingSession = existingSessionHolder?.wrapper
-
-            if (existingSession == null) {
-                // Session does not already exist, add it
-                Timber.tag(loggerTag.value).d("## importInboundGroupSession() : importing new megolm session $senderKey/$sessionId")
-                sessions.add(candidateSessionToImport)
-            } else {
-                Timber.tag(loggerTag.value).e("## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
-                val existingFirstKnown = tryOrNull { existingSession.firstKnownIndex }
-                val candidateFirstKnownIndex = tryOrNull { candidateSessionToImport.firstKnownIndex }
-
-                if (existingFirstKnown == null || candidateFirstKnownIndex == null) {
-                    // should not happen?
-                    candidateSessionToImport.olmInboundGroupSession?.releaseSession()
-                    Timber.tag(loggerTag.value)
-                            .w("## importInboundGroupSession() : Can't check session null index $existingFirstKnown/$candidateFirstKnownIndex")
-                } else {
-                    if (existingFirstKnown <= candidateSessionToImport.firstKnownIndex!!) {
-                        // Ignore this, keep existing
-                        candidateOlmInboundGroupSession.releaseSession()
-                    } else {
-                        // update cache with better session
-                        inboundGroupSessionStore.replaceGroupSession(
-                                existingSessionHolder,
-                                InboundGroupSessionHolder(candidateSessionToImport),
-                                sessionId,
-                                senderKey
-                        )
-                        sessions.add(candidateSessionToImport)
-                    }
-                }
-            }
-        }
-
-        store.storeInboundGroupSessions(sessions)
-
-        return sessions
-    }
-
-    /**
-     * Decrypt a received message with an inbound group session.
-     *
-     * @param body      the base64-encoded body of the encrypted message.
-     * @param roomId    the room in which the message was received.
-     * @param timeline  the id of the timeline where the event is decrypted. It is used to prevent replay attack.
-     * @param sessionId the session identifier.
-     * @param senderKey the base64-encoded curve25519 key of the sender.
-     * @return the decrypting result. Nil if the sessionId is unknown.
-     */
-    @Throws(MXCryptoError::class)
-    suspend fun decryptGroupMessage(body: String,
-                                    roomId: String,
-                                    timeline: String?,
-                                    sessionId: String,
-                                    senderKey: String): OlmDecryptionResult {
-        val sessionHolder = getInboundGroupSession(sessionId, senderKey, roomId)
-        val wrapper = sessionHolder.wrapper
-        val inboundGroupSession = wrapper.olmInboundGroupSession
-                ?: throw MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_DECRYPT, "Session is null")
-        // Check that the room id matches the original one for the session. This stops
-        // the HS pretending a message was targeting a different room.
-        if (roomId == wrapper.roomId) {
-            val decryptResult = try {
-                sessionHolder.mutex.withLock {
-                    inboundGroupSession.decryptMessage(body)
-                }
-            } catch (e: OlmException) {
-                Timber.tag(loggerTag.value).e(e, "## decryptGroupMessage () : decryptMessage failed")
-                throw MXCryptoError.OlmError(e)
-            }
-
-            if (timeline?.isNotBlank() == true) {
-                val timelineSet = inboundGroupSessionMessageIndexes.getOrPut(timeline) { mutableSetOf() }
-
-                val messageIndexKey = senderKey + "|" + sessionId + "|" + decryptResult.mIndex
-
-                if (timelineSet.contains(messageIndexKey)) {
-                    val reason = String.format(MXCryptoError.DUPLICATE_MESSAGE_INDEX_REASON, decryptResult.mIndex)
-                    Timber.tag(loggerTag.value).e("## decryptGroupMessage() timelineId=$timeline: $reason")
-                    throw MXCryptoError.Base(MXCryptoError.ErrorType.DUPLICATED_MESSAGE_INDEX, reason)
-                }
-
-                timelineSet.add(messageIndexKey)
-            }
-
-            inboundGroupSessionStore.storeInBoundGroupSession(sessionHolder, sessionId, senderKey)
-            val payload = try {
-                val adapter = MoshiProvider.providesMoshi().adapter<JsonDict>(JSON_DICT_PARAMETERIZED_TYPE)
-                val payloadString = convertFromUTF8(decryptResult.mDecryptedMessage)
-                adapter.fromJson(payloadString)
-            } catch (e: Exception) {
-                Timber.tag(loggerTag.value).e("## decryptGroupMessage() : fails to parse the payload")
-                throw MXCryptoError.Base(MXCryptoError.ErrorType.BAD_DECRYPTED_FORMAT, MXCryptoError.BAD_DECRYPTED_FORMAT_TEXT_REASON)
-            }
-
-            return OlmDecryptionResult(
-                    payload,
-                    wrapper.keysClaimed,
-                    senderKey,
-                    wrapper.forwardingCurve25519KeyChain
-            )
-        } else {
-            val reason = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, wrapper.roomId)
-            Timber.tag(loggerTag.value).e("## decryptGroupMessage() : $reason")
-            throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, reason)
-        }
-    }
-
-    /**
-     * Reset replay attack data for the given timeline.
-     *
-     * @param timeline the id of the timeline.
-     */
-    fun resetReplayAttackCheckInTimeline(timeline: String?) {
-        if (null != timeline) {
-            inboundGroupSessionMessageIndexes.remove(timeline)
-        }
-    }
-
-//  Utilities
-
-    /**
-     * Verify an ed25519 signature on a JSON object.
-     *
-     * @param key            the ed25519 key.
-     * @param jsonDictionary the JSON object which was signed.
-     * @param signature      the base64-encoded signature to be checked.
-     * @throws Exception the exception
-     */
-    @Throws(Exception::class)
-    fun verifySignature(key: String, jsonDictionary: Map<String, Any>, signature: String) {
-        // Check signature on the canonical version of the JSON
-        olmUtility!!.verifyEd25519Signature(signature, key, JsonCanonicalizer.getCanonicalJson(Map::class.java, jsonDictionary))
-    }
-
-    /**
-     * Calculate the SHA-256 hash of the input and encodes it as base64.
-     *
-     * @param message the message to hash.
-     * @return the base64-encoded hash value.
-     */
-    fun sha256(message: String): String {
-        return olmUtility!!.sha256(convertToUTF8(message))
-    }
-
-    /**
-     * Search an OlmSession
-     *
-     * @param theirDeviceIdentityKey the device key
-     * @param sessionId              the session Id
-     * @return the olm session
-     */
-    private fun getSessionForDevice(theirDeviceIdentityKey: String, sessionId: String): OlmSessionWrapper? {
-        // sanity check
-        return if (theirDeviceIdentityKey.isEmpty() || sessionId.isEmpty()) null else {
-            olmSessionStore.getDeviceSession(sessionId, theirDeviceIdentityKey)
-        }
-    }
-
-    /**
-     * Extract an InboundGroupSession from the session store and do some check.
-     * inboundGroupSessionWithIdError describes the failure reason.
-     *
-     * @param roomId    the room where the session is used.
-     * @param sessionId the session identifier.
-     * @param senderKey the base64-encoded curve25519 key of the sender.
-     * @return the inbound group session.
-     */
-    fun getInboundGroupSession(sessionId: String?, senderKey: String?, roomId: String?): InboundGroupSessionHolder {
-        if (sessionId.isNullOrBlank() || senderKey.isNullOrBlank()) {
-            throw MXCryptoError.Base(MXCryptoError.ErrorType.MISSING_SENDER_KEY, MXCryptoError.ERROR_MISSING_PROPERTY_REASON)
-        }
-
-        val holder = inboundGroupSessionStore.getInboundGroupSession(sessionId, senderKey)
-        val session = holder?.wrapper
-
-        if (session != null) {
-            // Check that the room id matches the original one for the session. This stops
-            // the HS pretending a message was targeting a different room.
-            if (roomId != session.roomId) {
-                val errorDescription = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, session.roomId)
-                Timber.tag(loggerTag.value).e("## getInboundGroupSession() : $errorDescription")
-                throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, errorDescription)
-            } else {
-                return holder
-            }
-        } else {
-            Timber.tag(loggerTag.value).w("## getInboundGroupSession() : UISI $sessionId")
-            throw MXCryptoError.Base(MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID, MXCryptoError.UNKNOWN_INBOUND_SESSION_ID_REASON)
-        }
-    }
-
-    /**
-     * Determine if we have the keys for a given megolm session.
-     *
-     * @param roomId    room in which the message was received
-     * @param senderKey base64-encoded curve25519 key of the sender
-     * @param sessionId session identifier
-     * @return true if the unbound session keys are known.
-     */
-    fun hasInboundSessionKeys(roomId: String, senderKey: String, sessionId: String): Boolean {
-        return runCatching { getInboundGroupSession(sessionId, senderKey, roomId) }.isSuccess
-    }
-
-    @VisibleForTesting
-    fun clearOlmSessionCache() {
-        olmSessionStore.clear()
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import androidx.annotation.VisibleForTesting
+import kotlinx.coroutines.sync.Mutex
+import kotlinx.coroutines.sync.withLock
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.MXCryptoError
+import org.matrix.android.sdk.api.session.crypto.model.OlmDecryptionResult
+import org.matrix.android.sdk.api.util.JSON_DICT_PARAMETERIZED_TYPE
+import org.matrix.android.sdk.api.util.JsonDict
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.MXOutboundSessionInfo
+import org.matrix.android.sdk.internal.crypto.algorithms.megolm.SharedWithHelper
+import org.matrix.android.sdk.internal.crypto.model.OlmInboundGroupSessionWrapper2
+import org.matrix.android.sdk.internal.crypto.model.OlmSessionWrapper
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.di.MoshiProvider
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.util.JsonCanonicalizer
+import org.matrix.android.sdk.internal.util.convertFromUTF8
+import org.matrix.android.sdk.internal.util.convertToUTF8
+import org.matrix.olm.OlmAccount
+import org.matrix.olm.OlmException
+import org.matrix.olm.OlmMessage
+import org.matrix.olm.OlmOutboundGroupSession
+import org.matrix.olm.OlmSession
+import org.matrix.olm.OlmUtility
+import timber.log.Timber
+import javax.inject.Inject
+
+private val loggerTag = LoggerTag("MXOlmDevice", LoggerTag.CRYPTO)
+
+// The libolm wrapper.
+@SessionScope
+internal class MXOlmDevice @Inject constructor(
+        /**
+         * The store where crypto data is saved.
+         */
+        private val store: IMXCryptoStore,
+        private val olmSessionStore: OlmSessionStore,
+        private val inboundGroupSessionStore: InboundGroupSessionStore
+) {
+
+    val mutex = Mutex()
+
+    /**
+     * @return the Curve25519 key for the account.
+     */
+    var deviceCurve25519Key: String? = null
+        private set
+
+    /**
+     * @return the Ed25519 key for the account.
+     */
+    var deviceEd25519Key: String? = null
+        private set
+
+    // The OLM lib utility instance.
+    private var olmUtility: OlmUtility? = null
+
+    private data class GroupSessionCacheItem(
+            val groupId: String,
+            val groupSession: OlmOutboundGroupSession
+    )
+
+    // The outbound group session.
+    // Caches active outbound session to avoid to sync with DB before read
+    // The key is the session id, the value the <roomID,outbound group session>.
+    private val outboundGroupSessionCache: MutableMap<String, GroupSessionCacheItem> = HashMap()
+
+    // Store a set of decrypted message indexes for each group session.
+    // This partially mitigates a replay attack where a MITM resends a group
+    // message into the room.
+    //
+    // The Matrix SDK exposes events through MXEventTimelines. A developer can open several
+    // timelines from a same room so that a message can be decrypted several times but from
+    // a different timeline.
+    // So, store these message indexes per timeline id.
+    //
+    // The first level keys are timeline ids.
+    // The second level keys are strings of form "<senderKey>|<session_id>|<message_index>"
+    private val inboundGroupSessionMessageIndexes: MutableMap<String, MutableSet<String>> = HashMap()
+
+    init {
+        // Retrieve the account from the store
+        try {
+            store.getOrCreateOlmAccount()
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "MXOlmDevice : cannot initialize olmAccount")
+        }
+
+        try {
+            olmUtility = OlmUtility()
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : OlmUtility failed with error")
+            olmUtility = null
+        }
+
+        try {
+            deviceCurve25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_IDENTITY_KEY] }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_IDENTITY_KEY} with error")
+        }
+
+        try {
+            deviceEd25519Key = store.doWithOlmAccount { it.identityKeys()[OlmAccount.JSON_KEY_FINGER_PRINT_KEY] }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## MXOlmDevice : cannot find ${OlmAccount.JSON_KEY_FINGER_PRINT_KEY} with error")
+        }
+    }
+
+    /**
+     * @return The current (unused, unpublished) one-time keys for this account.
+     */
+    fun getOneTimeKeys(): Map<String, Map<String, String>>? {
+        try {
+            return store.doWithOlmAccount { it.oneTimeKeys() }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## getOneTimeKeys() : failed")
+        }
+
+        return null
+    }
+
+    /**
+     * @return The maximum number of one-time keys the olm account can store.
+     */
+    fun getMaxNumberOfOneTimeKeys(): Long {
+        return store.doWithOlmAccount { it.maxOneTimeKeys() }
+    }
+
+    /**
+     * Returns an unpublished fallback key
+     * A call to markKeysAsPublished will mark it as published and this
+     * call will return null (until a call to generateFallbackKey is made)
+     */
+    fun getFallbackKey(): MutableMap<String, MutableMap<String, String>>? {
+        try {
+            return store.doWithOlmAccount { it.fallbackKey() }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e("## getFallbackKey() : failed")
+        }
+        return null
+    }
+
+    /**
+     * Generates a new fallback key if there is not already
+     * an unpublished one.
+     * @return true if a new key was generated
+     */
+    fun generateFallbackKeyIfNeeded(): Boolean {
+        try {
+            if (!hasUnpublishedFallbackKey()) {
+                store.doWithOlmAccount {
+                    it.generateFallbackKey()
+                    store.saveOlmAccount()
+                }
+                return true
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e("## generateFallbackKey() : failed")
+        }
+        return false
+    }
+
+    internal fun hasUnpublishedFallbackKey(): Boolean {
+        return getFallbackKey()?.get(OlmAccount.JSON_KEY_ONE_TIME_KEY).orEmpty().isNotEmpty()
+    }
+
+    fun forgetFallbackKey() {
+        try {
+            store.doWithOlmAccount {
+                it.forgetFallbackKey()
+                store.saveOlmAccount()
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e("## forgetFallbackKey() : failed")
+        }
+    }
+
+    /**
+     * Release the instance
+     */
+    fun release() {
+        olmUtility?.releaseUtility()
+        outboundGroupSessionCache.values.forEach {
+            it.groupSession.releaseSession()
+        }
+        outboundGroupSessionCache.clear()
+        inboundGroupSessionStore.clear()
+        olmSessionStore.clear()
+    }
+
+    /**
+     * Signs a message with the ed25519 key for this account.
+     *
+     * @param message the message to be signed.
+     * @return the base64-encoded signature.
+     */
+    fun signMessage(message: String): String? {
+        try {
+            return store.doWithOlmAccount { it.signMessage(message) }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## signMessage() : failed")
+        }
+
+        return null
+    }
+
+    /**
+     * Marks all of the one-time keys as published.
+     */
+    fun markKeysAsPublished() {
+        try {
+            store.doWithOlmAccount {
+                it.markOneTimeKeysAsPublished()
+                store.saveOlmAccount()
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## markKeysAsPublished() : failed")
+        }
+    }
+
+    /**
+     * Generate some new one-time keys
+     *
+     * @param numKeys number of keys to generate
+     */
+    fun generateOneTimeKeys(numKeys: Int) {
+        try {
+            store.doWithOlmAccount {
+                it.generateOneTimeKeys(numKeys)
+                store.saveOlmAccount()
+            }
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## generateOneTimeKeys() : failed")
+        }
+    }
+
+    /**
+     * Generate a new outbound session.
+     * The new session will be stored in the MXStore.
+     *
+     * @param theirIdentityKey the remote user's Curve25519 identity key
+     * @param theirOneTimeKey  the remote user's one-time Curve25519 key
+     * @return the session id for the outbound session.
+     */
+    fun createOutboundSession(theirIdentityKey: String, theirOneTimeKey: String): String? {
+        Timber.tag(loggerTag.value).d("## createOutboundSession() ; theirIdentityKey $theirIdentityKey theirOneTimeKey $theirOneTimeKey")
+        var olmSession: OlmSession? = null
+
+        try {
+            olmSession = OlmSession()
+            store.doWithOlmAccount { olmAccount ->
+                olmSession.initOutboundSession(olmAccount, theirIdentityKey, theirOneTimeKey)
+            }
+
+            val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
+
+            // Pretend we've received a message at this point, otherwise
+            // if we try to send a message to the device, it won't use
+            // this session
+            olmSessionWrapper.onMessageReceived()
+
+            olmSessionStore.storeSession(olmSessionWrapper, theirIdentityKey)
+
+            val sessionIdentifier = olmSession.sessionIdentifier()
+
+            Timber.tag(loggerTag.value).v("## createOutboundSession() ;  olmSession.sessionIdentifier: $sessionIdentifier")
+            return sessionIdentifier
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## createOutboundSession() failed")
+
+            olmSession?.releaseSession()
+        }
+
+        return null
+    }
+
+    /**
+     * Generate a new inbound session, given an incoming message.
+     *
+     * @param theirDeviceIdentityKey the remote user's Curve25519 identity key.
+     * @param messageType            the message_type field from the received message (must be 0).
+     * @param ciphertext             base64-encoded body from the received message.
+     * @return {{payload: string, session_id: string}} decrypted payload, and session id of new session.
+     */
+    fun createInboundSession(theirDeviceIdentityKey: String, messageType: Int, ciphertext: String): Map<String, String>? {
+        Timber.tag(loggerTag.value).d("## createInboundSession() : theirIdentityKey: $theirDeviceIdentityKey")
+
+        var olmSession: OlmSession? = null
+
+        try {
+            try {
+                olmSession = OlmSession()
+                store.doWithOlmAccount { olmAccount ->
+                    olmSession.initInboundSessionFrom(olmAccount, theirDeviceIdentityKey, ciphertext)
+                }
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : the session creation failed")
+                return null
+            }
+
+            Timber.tag(loggerTag.value).v("## createInboundSession() : sessionId: ${olmSession.sessionIdentifier()}")
+
+            try {
+                store.doWithOlmAccount { olmAccount ->
+                    olmAccount.removeOneTimeKeys(olmSession)
+                    store.saveOlmAccount()
+                }
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : removeOneTimeKeys failed")
+            }
+
+            val olmMessage = OlmMessage()
+            olmMessage.mCipherText = ciphertext
+            olmMessage.mType = messageType.toLong()
+
+            var payloadString: String? = null
+
+            try {
+                payloadString = olmSession.decryptMessage(olmMessage)
+
+                val olmSessionWrapper = OlmSessionWrapper(olmSession, 0)
+                // This counts as a received message: set last received message time to now
+                olmSessionWrapper.onMessageReceived()
+
+                olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## createInboundSession() : decryptMessage failed")
+            }
+
+            val res = HashMap<String, String>()
+
+            if (!payloadString.isNullOrEmpty()) {
+                res["payload"] = payloadString
+            }
+
+            val sessionIdentifier = olmSession.sessionIdentifier()
+
+            if (!sessionIdentifier.isNullOrEmpty()) {
+                res["session_id"] = sessionIdentifier
+            }
+
+            return res
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "## createInboundSession() : OlmSession creation failed")
+
+            olmSession?.releaseSession()
+        }
+
+        return null
+    }
+
+    /**
+     * Get a list of known session IDs for the given device.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @return a list of known session ids for the device.
+     */
+    fun getSessionIds(theirDeviceIdentityKey: String): List<String> {
+        return olmSessionStore.getDeviceSessionIds(theirDeviceIdentityKey)
+    }
+
+    /**
+     * Get the right olm session id for encrypting messages to the given identity key.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @return the session id, or null if no established session.
+     */
+    fun getSessionId(theirDeviceIdentityKey: String): String? {
+        return olmSessionStore.getLastUsedSessionId(theirDeviceIdentityKey)
+    }
+
+    /**
+     * Encrypt an outgoing message using an existing session.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @param sessionId              the id of the active session
+     * @param payloadString          the payload to be encrypted and sent
+     * @return the cipher text
+     */
+    suspend fun encryptMessage(theirDeviceIdentityKey: String, sessionId: String, payloadString: String): Map<String, Any>? {
+        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
+
+        if (olmSessionWrapper != null) {
+            try {
+                Timber.tag(loggerTag.value).v("## encryptMessage() : olmSession.sessionIdentifier: $sessionId")
+
+                val olmMessage = olmSessionWrapper.mutex.withLock {
+                    olmSessionWrapper.olmSession.encryptMessage(payloadString)
+                }
+                return mapOf(
+                        "body" to olmMessage.mCipherText,
+                        "type" to olmMessage.mType,
+                ).also {
+                    olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
+                }
+            } catch (e: Throwable) {
+                Timber.tag(loggerTag.value).e(e, "## encryptMessage() : failed to encrypt olm with device|session:$theirDeviceIdentityKey|$sessionId")
+                return null
+            }
+        } else {
+            Timber.tag(loggerTag.value).e("## encryptMessage() : Failed to encrypt unknown session $sessionId")
+            return null
+        }
+    }
+
+    /**
+     * Decrypt an incoming message using an existing session.
+     *
+     * @param ciphertext             the base64-encoded body from the received message.
+     * @param messageType            message_type field from the received message.
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @param sessionId              the id of the active session.
+     * @return the decrypted payload.
+     */
+    @kotlin.jvm.Throws
+    suspend fun decryptMessage(ciphertext: String, messageType: Int, sessionId: String, theirDeviceIdentityKey: String): String? {
+        var payloadString: String? = null
+
+        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
+
+        if (null != olmSessionWrapper) {
+            val olmMessage = OlmMessage()
+            olmMessage.mCipherText = ciphertext
+            olmMessage.mType = messageType.toLong()
+
+            payloadString =
+                    olmSessionWrapper.mutex.withLock {
+                        olmSessionWrapper.olmSession.decryptMessage(olmMessage).also {
+                            olmSessionWrapper.onMessageReceived()
+                        }
+                    }
+            olmSessionStore.storeSession(olmSessionWrapper, theirDeviceIdentityKey)
+        }
+
+        return payloadString
+    }
+
+    /**
+     * Determine if an incoming messages is a prekey message matching an existing session.
+     *
+     * @param theirDeviceIdentityKey the Curve25519 identity key for the remote device.
+     * @param sessionId              the id of the active session.
+     * @param messageType            message_type field from the received message.
+     * @param ciphertext             the base64-encoded body from the received message.
+     * @return YES if the received message is a prekey message which matchesthe given session.
+     */
+    fun matchesSession(theirDeviceIdentityKey: String, sessionId: String, messageType: Int, ciphertext: String): Boolean {
+        if (messageType != 0) {
+            return false
+        }
+
+        val olmSessionWrapper = getSessionForDevice(theirDeviceIdentityKey, sessionId)
+        return null != olmSessionWrapper && olmSessionWrapper.olmSession.matchesInboundSession(ciphertext)
+    }
+
+    // Outbound group session
+
+    /**
+     * Generate a new outbound group session.
+     *
+     * @return the session id for the outbound session.
+     */
+    fun createOutboundGroupSessionForRoom(roomId: String): String? {
+        var session: OlmOutboundGroupSession? = null
+        try {
+            session = OlmOutboundGroupSession()
+            outboundGroupSessionCache[session.sessionIdentifier()] = GroupSessionCacheItem(roomId, session)
+            store.storeCurrentOutboundGroupSessionForRoom(roomId, session)
+            return session.sessionIdentifier()
+        } catch (e: Exception) {
+            Timber.tag(loggerTag.value).e(e, "createOutboundGroupSession")
+
+            session?.releaseSession()
+        }
+
+        return null
+    }
+
+    fun storeOutboundGroupSessionForRoom(roomId: String, sessionId: String) {
+        outboundGroupSessionCache[sessionId]?.let {
+            store.storeCurrentOutboundGroupSessionForRoom(roomId, it.groupSession)
+        }
+    }
+
+    fun restoreOutboundGroupSessionForRoom(roomId: String): MXOutboundSessionInfo? {
+        val restoredOutboundGroupSession = store.getCurrentOutboundGroupSessionForRoom(roomId)
+        if (restoredOutboundGroupSession != null) {
+            val sessionId = restoredOutboundGroupSession.outboundGroupSession.sessionIdentifier()
+            // cache it
+            outboundGroupSessionCache[sessionId] = GroupSessionCacheItem(roomId, restoredOutboundGroupSession.outboundGroupSession)
+
+            return MXOutboundSessionInfo(
+                    sessionId = sessionId,
+                    sharedWithHelper = SharedWithHelper(roomId, sessionId, store),
+                    restoredOutboundGroupSession.creationTime
+            )
+        }
+        return null
+    }
+
+    fun discardOutboundGroupSessionForRoom(roomId: String) {
+        val toDiscard = outboundGroupSessionCache.filter {
+            it.value.groupId == roomId
+        }
+        toDiscard.forEach { (sessionId, cacheItem) ->
+            cacheItem.groupSession.releaseSession()
+            outboundGroupSessionCache.remove(sessionId)
+        }
+        store.storeCurrentOutboundGroupSessionForRoom(roomId, null)
+    }
+
+    /**
+     * Get the current session key of  an outbound group session.
+     *
+     * @param sessionId the id of the outbound group session.
+     * @return the base64-encoded secret key.
+     */
+    fun getSessionKey(sessionId: String): String? {
+        if (sessionId.isNotEmpty()) {
+            try {
+                return outboundGroupSessionCache[sessionId]!!.groupSession.sessionKey()
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## getSessionKey() : failed")
+            }
+        }
+        return null
+    }
+
+    /**
+     * Get the current message index of an outbound group session.
+     *
+     * @param sessionId the id of the outbound group session.
+     * @return the current chain index.
+     */
+    fun getMessageIndex(sessionId: String): Int {
+        return if (sessionId.isNotEmpty()) {
+            outboundGroupSessionCache[sessionId]!!.groupSession.messageIndex()
+        } else 0
+    }
+
+    /**
+     * Encrypt an outgoing message with an outbound group session.
+     *
+     * @param sessionId     the id of the outbound group session.
+     * @param payloadString the payload to be encrypted and sent.
+     * @return ciphertext
+     */
+    fun encryptGroupMessage(sessionId: String, payloadString: String): String? {
+        if (sessionId.isNotEmpty() && payloadString.isNotEmpty()) {
+            try {
+                return outboundGroupSessionCache[sessionId]!!.groupSession.encryptMessage(payloadString)
+            } catch (e: Throwable) {
+                Timber.tag(loggerTag.value).e(e, "## encryptGroupMessage() : failed")
+            }
+        }
+        return null
+    }
+
+    //  Inbound group session
+
+    sealed interface AddSessionResult {
+        data class Imported(val ratchetIndex: Int) : AddSessionResult
+        abstract class Failure : AddSessionResult
+        object NotImported : Failure()
+        data class NotImportedHigherIndex(val newIndex: Int) : Failure()
+    }
+
+    /**
+     * Add an inbound group session to the session store.
+     *
+     * @param sessionId                    the session identifier.
+     * @param sessionKey                   base64-encoded secret key.
+     * @param roomId                       the id of the room in which this session will be used.
+     * @param senderKey                    the base64-encoded curve25519 key of the sender.
+     * @param forwardingCurve25519KeyChain Devices involved in forwarding this session to us.
+     * @param keysClaimed                  Other keys the sender claims.
+     * @param exportFormat                 true if the megolm keys are in export format
+     * @return true if the operation succeeds.
+     */
+    fun addInboundGroupSession(sessionId: String,
+                               sessionKey: String,
+                               roomId: String,
+                               senderKey: String,
+                               forwardingCurve25519KeyChain: List<String>,
+                               keysClaimed: Map<String, String>,
+                               exportFormat: Boolean): AddSessionResult {
+        val candidateSession = OlmInboundGroupSessionWrapper2(sessionKey, exportFormat)
+        val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
+        val existingSession = existingSessionHolder?.wrapper
+        // If we have an existing one we should check if the new one is not better
+        if (existingSession != null) {
+            Timber.tag(loggerTag.value).d("## addInboundGroupSession() check if known session is better than candidate session")
+            try {
+                val existingFirstKnown = existingSession.firstKnownIndex ?: return AddSessionResult.NotImported.also {
+                    // This is quite unexpected, could throw if native was released?
+                    Timber.tag(loggerTag.value).e("## addInboundGroupSession() null firstKnownIndex on existing session")
+                    candidateSession.olmInboundGroupSession?.releaseSession()
+                    // Probably should discard it?
+                }
+                val newKnownFirstIndex = candidateSession.firstKnownIndex
+                // If our existing session is better we keep it
+                if (newKnownFirstIndex != null && existingFirstKnown <= newKnownFirstIndex) {
+                    Timber.tag(loggerTag.value).d("## addInboundGroupSession() : ignore session our is better $senderKey/$sessionId")
+                    candidateSession.olmInboundGroupSession?.releaseSession()
+                    return AddSessionResult.NotImportedHigherIndex(newKnownFirstIndex.toInt())
+                }
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value).e("## addInboundGroupSession() Failed to add inbound: ${failure.localizedMessage}")
+                candidateSession.olmInboundGroupSession?.releaseSession()
+                return AddSessionResult.NotImported
+            }
+        }
+
+        Timber.tag(loggerTag.value).d("## addInboundGroupSession() : Candidate session should be added $senderKey/$sessionId")
+
+        // sanity check on the new session
+        val candidateOlmInboundSession = candidateSession.olmInboundGroupSession
+        if (null == candidateOlmInboundSession) {
+            Timber.tag(loggerTag.value).e("## addInboundGroupSession : invalid session <null>")
+            return AddSessionResult.NotImported
+        }
+
+        try {
+            if (candidateOlmInboundSession.sessionIdentifier() != sessionId) {
+                Timber.tag(loggerTag.value).e("## addInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
+                candidateOlmInboundSession.releaseSession()
+                return AddSessionResult.NotImported
+            }
+        } catch (e: Throwable) {
+            candidateOlmInboundSession.releaseSession()
+            Timber.tag(loggerTag.value).e(e, "## addInboundGroupSession : sessionIdentifier() failed")
+            return AddSessionResult.NotImported
+        }
+
+        candidateSession.senderKey = senderKey
+        candidateSession.roomId = roomId
+        candidateSession.keysClaimed = keysClaimed
+        candidateSession.forwardingCurve25519KeyChain = forwardingCurve25519KeyChain
+
+        if (existingSession != null) {
+            inboundGroupSessionStore.replaceGroupSession(existingSessionHolder, InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
+        } else {
+            inboundGroupSessionStore.storeInBoundGroupSession(InboundGroupSessionHolder(candidateSession), sessionId, senderKey)
+        }
+
+        return AddSessionResult.Imported(candidateSession.firstKnownIndex?.toInt() ?: 0)
+    }
+
+    /**
+     * Import an inbound group sessions to the session store.
+     *
+     * @param megolmSessionsData the megolm sessions data
+     * @return the successfully imported sessions.
+     */
+    fun importInboundGroupSessions(megolmSessionsData: List<MegolmSessionData>): List<OlmInboundGroupSessionWrapper2> {
+        val sessions = ArrayList<OlmInboundGroupSessionWrapper2>(megolmSessionsData.size)
+
+        for (megolmSessionData in megolmSessionsData) {
+            val sessionId = megolmSessionData.sessionId ?: continue
+            val senderKey = megolmSessionData.senderKey ?: continue
+            val roomId = megolmSessionData.roomId
+
+            var candidateSessionToImport: OlmInboundGroupSessionWrapper2? = null
+
+            try {
+                candidateSessionToImport = OlmInboundGroupSessionWrapper2(megolmSessionData)
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
+            }
+
+            // sanity check
+            if (candidateSessionToImport?.olmInboundGroupSession == null) {
+                Timber.tag(loggerTag.value).e("## importInboundGroupSession : invalid session")
+                continue
+            }
+
+            val candidateOlmInboundGroupSession = candidateSessionToImport.olmInboundGroupSession
+            try {
+                if (candidateOlmInboundGroupSession?.sessionIdentifier() != sessionId) {
+                    Timber.tag(loggerTag.value).e("## importInboundGroupSession : ERROR: Mismatched group session ID from senderKey: $senderKey")
+                    candidateOlmInboundGroupSession?.releaseSession()
+                    continue
+                }
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e(e, "## importInboundGroupSession : sessionIdentifier() failed")
+                candidateOlmInboundGroupSession?.releaseSession()
+                continue
+            }
+
+            val existingSessionHolder = tryOrNull { getInboundGroupSession(sessionId, senderKey, roomId) }
+            val existingSession = existingSessionHolder?.wrapper
+
+            if (existingSession == null) {
+                // Session does not already exist, add it
+                Timber.tag(loggerTag.value).d("## importInboundGroupSession() : importing new megolm session $senderKey/$sessionId")
+                sessions.add(candidateSessionToImport)
+            } else {
+                Timber.tag(loggerTag.value).e("## importInboundGroupSession() : Update for megolm session $senderKey/$sessionId")
+                val existingFirstKnown = tryOrNull { existingSession.firstKnownIndex }
+                val candidateFirstKnownIndex = tryOrNull { candidateSessionToImport.firstKnownIndex }
+
+                if (existingFirstKnown == null || candidateFirstKnownIndex == null) {
+                    // should not happen?
+                    candidateSessionToImport.olmInboundGroupSession?.releaseSession()
+                    Timber.tag(loggerTag.value)
+                            .w("## importInboundGroupSession() : Can't check session null index $existingFirstKnown/$candidateFirstKnownIndex")
+                } else {
+                    if (existingFirstKnown <= candidateSessionToImport.firstKnownIndex!!) {
+                        // Ignore this, keep existing
+                        candidateOlmInboundGroupSession.releaseSession()
+                    } else {
+                        // update cache with better session
+                        inboundGroupSessionStore.replaceGroupSession(
+                                existingSessionHolder,
+                                InboundGroupSessionHolder(candidateSessionToImport),
+                                sessionId,
+                                senderKey
+                        )
+                        sessions.add(candidateSessionToImport)
+                    }
+                }
+            }
+        }
+
+        store.storeInboundGroupSessions(sessions)
+
+        return sessions
+    }
+
+    /**
+     * Decrypt a received message with an inbound group session.
+     *
+     * @param body      the base64-encoded body of the encrypted message.
+     * @param roomId    the room in which the message was received.
+     * @param timeline  the id of the timeline where the event is decrypted. It is used to prevent replay attack.
+     * @param sessionId the session identifier.
+     * @param senderKey the base64-encoded curve25519 key of the sender.
+     * @return the decrypting result. Nil if the sessionId is unknown.
+     */
+    @Throws(MXCryptoError::class)
+    suspend fun decryptGroupMessage(body: String,
+                                    roomId: String,
+                                    timeline: String?,
+                                    sessionId: String,
+                                    senderKey: String): OlmDecryptionResult {
+        val sessionHolder = getInboundGroupSession(sessionId, senderKey, roomId)
+        val wrapper = sessionHolder.wrapper
+        val inboundGroupSession = wrapper.olmInboundGroupSession
+                ?: throw MXCryptoError.Base(MXCryptoError.ErrorType.UNABLE_TO_DECRYPT, "Session is null")
+        // Check that the room id matches the original one for the session. This stops
+        // the HS pretending a message was targeting a different room.
+        if (roomId == wrapper.roomId) {
+            val decryptResult = try {
+                sessionHolder.mutex.withLock {
+                    inboundGroupSession.decryptMessage(body)
+                }
+            } catch (e: OlmException) {
+                Timber.tag(loggerTag.value).e(e, "## decryptGroupMessage () : decryptMessage failed")
+                throw MXCryptoError.OlmError(e)
+            }
+
+            if (timeline?.isNotBlank() == true) {
+                val timelineSet = inboundGroupSessionMessageIndexes.getOrPut(timeline) { mutableSetOf() }
+
+                val messageIndexKey = senderKey + "|" + sessionId + "|" + decryptResult.mIndex
+
+                if (timelineSet.contains(messageIndexKey)) {
+                    val reason = String.format(MXCryptoError.DUPLICATE_MESSAGE_INDEX_REASON, decryptResult.mIndex)
+                    Timber.tag(loggerTag.value).e("## decryptGroupMessage() timelineId=$timeline: $reason")
+                    throw MXCryptoError.Base(MXCryptoError.ErrorType.DUPLICATED_MESSAGE_INDEX, reason)
+                }
+
+                timelineSet.add(messageIndexKey)
+            }
+
+            inboundGroupSessionStore.storeInBoundGroupSession(sessionHolder, sessionId, senderKey)
+            val payload = try {
+                val adapter = MoshiProvider.providesMoshi().adapter<JsonDict>(JSON_DICT_PARAMETERIZED_TYPE)
+                val payloadString = convertFromUTF8(decryptResult.mDecryptedMessage)
+                adapter.fromJson(payloadString)
+            } catch (e: Exception) {
+                Timber.tag(loggerTag.value).e("## decryptGroupMessage() : fails to parse the payload")
+                throw MXCryptoError.Base(MXCryptoError.ErrorType.BAD_DECRYPTED_FORMAT, MXCryptoError.BAD_DECRYPTED_FORMAT_TEXT_REASON)
+            }
+
+            return OlmDecryptionResult(
+                    payload,
+                    wrapper.keysClaimed,
+                    senderKey,
+                    wrapper.forwardingCurve25519KeyChain
+            )
+        } else {
+            val reason = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, wrapper.roomId)
+            Timber.tag(loggerTag.value).e("## decryptGroupMessage() : $reason")
+            throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, reason)
+        }
+    }
+
+    /**
+     * Reset replay attack data for the given timeline.
+     *
+     * @param timeline the id of the timeline.
+     */
+    fun resetReplayAttackCheckInTimeline(timeline: String?) {
+        if (null != timeline) {
+            inboundGroupSessionMessageIndexes.remove(timeline)
+        }
+    }
+
+//  Utilities
+
+    /**
+     * Verify an ed25519 signature on a JSON object.
+     *
+     * @param key            the ed25519 key.
+     * @param jsonDictionary the JSON object which was signed.
+     * @param signature      the base64-encoded signature to be checked.
+     * @throws Exception the exception
+     */
+    @Throws(Exception::class)
+    fun verifySignature(key: String, jsonDictionary: Map<String, Any>, signature: String) {
+        // Check signature on the canonical version of the JSON
+        olmUtility!!.verifyEd25519Signature(signature, key, JsonCanonicalizer.getCanonicalJson(Map::class.java, jsonDictionary))
+    }
+
+    /**
+     * Calculate the SHA-256 hash of the input and encodes it as base64.
+     *
+     * @param message the message to hash.
+     * @return the base64-encoded hash value.
+     */
+    fun sha256(message: String): String {
+        return olmUtility!!.sha256(convertToUTF8(message))
+    }
+
+    /**
+     * Search an OlmSession
+     *
+     * @param theirDeviceIdentityKey the device key
+     * @param sessionId              the session Id
+     * @return the olm session
+     */
+    private fun getSessionForDevice(theirDeviceIdentityKey: String, sessionId: String): OlmSessionWrapper? {
+        // sanity check
+        return if (theirDeviceIdentityKey.isEmpty() || sessionId.isEmpty()) null else {
+            olmSessionStore.getDeviceSession(sessionId, theirDeviceIdentityKey)
+        }
+    }
+
+    /**
+     * Extract an InboundGroupSession from the session store and do some check.
+     * inboundGroupSessionWithIdError describes the failure reason.
+     *
+     * @param roomId    the room where the session is used.
+     * @param sessionId the session identifier.
+     * @param senderKey the base64-encoded curve25519 key of the sender.
+     * @return the inbound group session.
+     */
+    fun getInboundGroupSession(sessionId: String?, senderKey: String?, roomId: String?): InboundGroupSessionHolder {
+        if (sessionId.isNullOrBlank() || senderKey.isNullOrBlank()) {
+            throw MXCryptoError.Base(MXCryptoError.ErrorType.MISSING_SENDER_KEY, MXCryptoError.ERROR_MISSING_PROPERTY_REASON)
+        }
+
+        val holder = inboundGroupSessionStore.getInboundGroupSession(sessionId, senderKey)
+        val session = holder?.wrapper
+
+        if (session != null) {
+            // Check that the room id matches the original one for the session. This stops
+            // the HS pretending a message was targeting a different room.
+            if (roomId != session.roomId) {
+                val errorDescription = String.format(MXCryptoError.INBOUND_SESSION_MISMATCH_ROOM_ID_REASON, roomId, session.roomId)
+                Timber.tag(loggerTag.value).e("## getInboundGroupSession() : $errorDescription")
+                throw MXCryptoError.Base(MXCryptoError.ErrorType.INBOUND_SESSION_MISMATCH_ROOM_ID, errorDescription)
+            } else {
+                return holder
+            }
+        } else {
+            Timber.tag(loggerTag.value).w("## getInboundGroupSession() : UISI $sessionId")
+            throw MXCryptoError.Base(MXCryptoError.ErrorType.UNKNOWN_INBOUND_SESSION_ID, MXCryptoError.UNKNOWN_INBOUND_SESSION_ID_REASON)
+        }
+    }
+
+    /**
+     * Determine if we have the keys for a given megolm session.
+     *
+     * @param roomId    room in which the message was received
+     * @param senderKey base64-encoded curve25519 key of the sender
+     * @param sessionId session identifier
+     * @return true if the unbound session keys are known.
+     */
+    fun hasInboundSessionKeys(roomId: String, senderKey: String, sessionId: String): Boolean {
+        return runCatching { getInboundGroupSession(sessionId, senderKey, roomId) }.isSuccess
+    }
+
+    @VisibleForTesting
+    fun clearOlmSessionCache() {
+        olmSessionStore.clear()
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
deleted file mode 100644
index 16e520c668..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingGossipingRequest.kt
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
-
-interface OutgoingGossipingRequest {
-    var recipients: Map<String, List<String>>
-    var requestId: String
-    var state: OutgoingRoomKeyRequestState
-    // transaction id for the cancellation, if any
-    // var cancellationTxnId: String?
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
index 1e192393a2..09a9868428 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingKeyRequestManager.kt
@@ -1,519 +1,518 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.SupervisorJob
-import kotlinx.coroutines.asCoroutineDispatcher
-import kotlinx.coroutines.cancel
-import kotlinx.coroutines.delay
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.withContext
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
-import org.matrix.android.sdk.api.crypto.MXCryptoConfig
-import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
-import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
-import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
-import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
-import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.util.fromBase64
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.DefaultSendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.di.SessionId
-import org.matrix.android.sdk.internal.di.UserId
-import org.matrix.android.sdk.internal.session.SessionScope
-import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
-import timber.log.Timber
-import java.util.Stack
-import java.util.concurrent.Executors
-import javax.inject.Inject
-import kotlin.system.measureTimeMillis
-
-private val loggerTag = LoggerTag("OutgoingKeyRequestManager", LoggerTag.CRYPTO)
-
-/**
- * This class is responsible for sending key requests to other devices when a message failed to decrypt.
- * It's lifecycle is based on the sync pulse:
- *    - You can post queries for session, or report when you got a session
- *    - At the end of the sync (onSyncComplete) it will then process all the posted request and send to devices
- * If a request failed it will be retried at the end of the next sync
- */
-@SessionScope
-internal class OutgoingKeyRequestManager @Inject constructor(
-        @SessionId private val sessionId: String,
-        @UserId private val myUserId: String,
-        private val cryptoStore: IMXCryptoStore,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val cryptoConfig: MXCryptoConfig,
-        private val inboundGroupSessionStore: InboundGroupSessionStore,
-        private val sendToDeviceTask: DefaultSendToDeviceTask,
-        private val deviceListManager: DeviceListManager,
-        private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
-
-    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
-    private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
-    private val sequencer = SemaphoreCoroutineSequencer()
-
-    // We only have one active key request per session, so we don't request if it's already requested
-    // But it could make sense to check more the backup, as it's evolving.
-    // We keep a stack as we consider that the key requested last is more likely to be on screen?
-    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<Pair<String, String>>()
-
-    fun requestKeyForEvent(event: Event, force: Boolean) {
-        val (targets, body) = getRoomKeyRequestTargetForEvent(event) ?: return
-        val index = ratchetIndexForMessage(event) ?: 0
-        postRoomKeyRequest(body, targets, index, force)
-    }
-
-    private fun getRoomKeyRequestTargetForEvent(event: Event): Pair<Map<String, List<String>>, RoomKeyRequestBody>? {
-        val sender = event.senderId ?: return null
-        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return null.also {
-            Timber.tag(loggerTag.value).e("getRoomKeyRequestTargetForEvent Failed to re-request key, null content")
-        }
-        if (encryptedEventContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
-
-        val senderDevice = encryptedEventContent.deviceId
-        val recipients = if (cryptoConfig.limitRoomKeyRequestsToMyDevices) {
-            mapOf(
-                    myUserId to listOf("*")
-            )
-        } else {
-            if (event.senderId == myUserId) {
-                mapOf(
-                        myUserId to listOf("*")
-                )
-            } else {
-                // for the case where you share the key with a device that has a broken olm session
-                // The other user might Re-shares a megolm session key with devices if the key has already been
-                // sent to them.
-                mapOf(
-                        myUserId to listOf("*"),
-
-                        // We might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
-                        // so in this case query to all
-                        sender to listOf(senderDevice ?: "*")
-                )
-            }
-        }
-
-        val requestBody = RoomKeyRequestBody(
-                roomId = event.roomId,
-                algorithm = encryptedEventContent.algorithm,
-                senderKey = encryptedEventContent.senderKey,
-                sessionId = encryptedEventContent.sessionId
-        )
-        return recipients to requestBody
-    }
-
-    private fun ratchetIndexForMessage(event: Event): Int? {
-        val encryptedContent = event.content.toModel<EncryptedEventContent>() ?: return null
-        if (encryptedContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
-        return encryptedContent.ciphertext?.fromBase64()?.inputStream()?.reader()?.let {
-            tryOrNull {
-                val megolmVersion = it.read()
-                if (megolmVersion != 3) return@tryOrNull null
-                /** Int tag */
-                if (it.read() != 8) return@tryOrNull null
-                it.read()
-            }
-        }
-    }
-
-    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean = false) {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                internalQueueRequest(requestBody, recipients, fromIndex, force)
-            }
-        }
-    }
-
-    /**
-     * Typically called when we the session as been imported or received meanwhile
-     */
-    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String, fromIndex: Int) {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                internalQueueCancelRequest(sessionId, roomId, senderKey, fromIndex)
-            }
-        }
-    }
-
-    fun onSelfCrossSigningTrustChanged(newTrust: Boolean) {
-        if (newTrust) {
-            // we were previously not cross signed, but we are now
-            // so there is now more chances to get better replies for existing request
-            // Let's forget about sent request so that next time we try to decrypt we will resend requests
-            // We don't resend all because we don't want to generate a bulk of traffic
-            outgoingRequestScope.launch {
-                sequencer.post {
-                    cryptoStore.deleteOutgoingRoomKeyRequestInState(OutgoingRoomKeyRequestState.SENT)
-                }
-
-                sequencer.post {
-                    delay(1000)
-                    perSessionBackupQueryRateLimiter.refreshBackupInfoIfNeeded(true)
-                }
-            }
-        }
-    }
-
-    fun onRoomKeyForwarded(sessionId: String,
-                           algorithm: String,
-                           roomId: String,
-                           senderKey: String,
-                           fromDevice: String?,
-                           fromIndex: Int,
-                           event: Event) {
-        Timber.tag(loggerTag.value).d("Key forwarded for $sessionId from ${event.senderId}|$fromDevice at index $fromIndex")
-        outgoingRequestScope.launch {
-            sequencer.post {
-                cryptoStore.updateOutgoingRoomKeyReply(
-                        roomId = roomId,
-                        sessionId = sessionId,
-                        algorithm = algorithm,
-                        senderKey = senderKey,
-                        fromDevice = fromDevice,
-                        // strip out encrypted stuff as it's just a trail?
-                        event = event.copy(
-                                type = event.getClearType(),
-                                content = mapOf(
-                                        "chain_index" to fromIndex
-                                )
-                        )
-                )
-            }
-        }
-    }
-
-    fun onRoomKeyWithHeld(sessionId: String,
-                          algorithm: String,
-                          roomId: String,
-                          senderKey: String,
-                          fromDevice: String?,
-                          event: Event) {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
-                Timber.tag(loggerTag.value).v("Withheld content ${event.getClearContent()}")
-
-                // We want to store withheld code from the sender of the message (owner of the megolm session), not from
-                // other devices that might gossip the key. If not the initial reason might be overridden
-                // by a request to one of our session.
-                event.getClearContent().toModel<RoomKeyWithHeldContent>()?.let { withheld ->
-                    withContext(coroutineDispatchers.crypto) {
-                        tryOrNull {
-                            deviceListManager.downloadKeys(listOf(event.senderId ?: ""), false)
-                        }
-                        cryptoStore.getUserDeviceList(event.senderId ?: "")
-                                .also { devices ->
-                                    Timber.tag(loggerTag.value)
-                                            .v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
-                                }
-                                ?.firstOrNull {
-                                    it.identityKey() == senderKey
-                                }
-                    }.also {
-                        Timber.tag(loggerTag.value).v("Withheld device for sender key $senderKey is from ${it?.shortDebugString()}")
-                    }?.let {
-                        if (it.userId == event.senderId) {
-                            if (fromDevice != null) {
-                                if (it.deviceId == fromDevice) {
-                                    Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
-                                    cryptoStore.addWithHeldMegolmSession(withheld)
-                                }
-                            } else {
-                                Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
-                                cryptoStore.addWithHeldMegolmSession(withheld)
-                            }
-                        }
-                    }
-                }
-
-                // Here we store the replies from a given request
-                cryptoStore.updateOutgoingRoomKeyReply(
-                        roomId = roomId,
-                        sessionId = sessionId,
-                        algorithm = algorithm,
-                        senderKey = senderKey,
-                        fromDevice = fromDevice,
-                        event = event
-                )
-            }
-        }
-    }
-
-    /**
-     * Should be called after a sync, ideally if no catchup sync needed (as keys might arrive in those)
-     */
-    fun requireProcessAllPendingKeyRequests() {
-        outgoingRequestScope.launch {
-            sequencer.post {
-                internalProcessPendingKeyRequests()
-            }
-        }
-    }
-
-    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String, localKnownChainIndex: Int) {
-        // do we have known requests for that session??
-        Timber.tag(loggerTag.value).v("Cancel Key Request if needed for $sessionId")
-        val knownRequest = cryptoStore.getOutgoingRoomKeyRequest(
-                algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
-                roomId = roomId,
-                sessionId = sessionId,
-                senderKey = senderKey
-        )
-        if (knownRequest.isEmpty()) return Unit.also {
-            Timber.tag(loggerTag.value).v("Handle Cancel Key Request for $sessionId -- Was not currently requested")
-        }
-        if (knownRequest.size > 1) {
-            // It's worth logging, there should be only one
-            Timber.tag(loggerTag.value).w("Found multiple requests for same sessionId $sessionId")
-        }
-        knownRequest.forEach { request ->
-            when (request.state) {
-                OutgoingRoomKeyRequestState.UNSENT                               -> {
-                    if (request.fromIndex >= localKnownChainIndex) {
-                        // we have a good index we can cancel
-                        cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-                    }
-                }
-                OutgoingRoomKeyRequestState.SENT                                 -> {
-                    // It was already sent, and index satisfied we can cancel
-                    if (request.fromIndex >= localKnownChainIndex) {
-                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
-                    }
-                }
-                OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
-                    // It is already marked to be cancelled
-                }
-                OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
-                    if (request.fromIndex >= localKnownChainIndex) {
-                        // we just want to cancel now
-                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
-                    }
-                }
-                OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
-                    // was already canceled
-                    // if we need a better index, should we resend?
-                }
-            }
-        }
-    }
-
-    fun close() {
-        try {
-            outgoingRequestScope.cancel("User Terminate")
-            requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.clear()
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value).w("Failed to shutDown request manager")
-        }
-    }
-
-    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean) {
-        if (!cryptoStore.isKeyGossipingEnabled()) {
-            // we might want to try backup?
-            if (requestBody.roomId != null && requestBody.sessionId != null) {
-                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(requestBody.roomId to requestBody.sessionId)
-            }
-            Timber.tag(loggerTag.value).d("discarding request for ${requestBody.sessionId} as gossiping is disabled")
-            return
-        }
-
-        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId} force:$force")
-        val existing = cryptoStore.getOutgoingRoomKeyRequest(requestBody)
-        Timber.tag(loggerTag.value).v("Queueing key request exiting is ${existing?.state}")
-        when (existing?.state) {
-            null                                                             -> {
-                // create a new one
-                cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
-            }
-            OutgoingRoomKeyRequestState.UNSENT                               -> {
-                // nothing it's new or not yet handled
-            }
-            OutgoingRoomKeyRequestState.SENT                                 -> {
-                // it was already requested
-                Timber.tag(loggerTag.value).d("The session ${requestBody.sessionId} is already requested")
-                if (force) {
-                    // update to UNSENT
-                    Timber.tag(loggerTag.value).d(".. force to request  ${requestBody.sessionId}")
-                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
-                } else {
-                    if (existing.roomId != null && existing.sessionId != null) {
-                        requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.roomId to existing.sessionId)
-                    }
-                }
-            }
-            OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
-                // request is canceled only if I got the keys so what to do here...
-                if (force) {
-                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
-                }
-            }
-            OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
-                // It's already going to resend
-            }
-            OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
-                if (force) {
-                    cryptoStore.deleteOutgoingRoomKeyRequest(existing.requestId)
-                    cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
-                }
-            }
-        }
-
-        if (existing != null && existing.fromIndex >= fromIndex) {
-            // update the required index
-            cryptoStore.updateOutgoingRoomKeyRequiredIndex(existing.requestId, fromIndex)
-        }
-    }
-
-    private suspend fun internalProcessPendingKeyRequests() {
-        val toProcess = cryptoStore.getOutgoingRoomKeyRequests(OutgoingRoomKeyRequestState.pendingStates())
-        Timber.tag(loggerTag.value).v("Processing all pending key requests (found ${toProcess.size} pending)")
-
-        measureTimeMillis {
-            toProcess.forEach {
-                when (it.state) {
-                    OutgoingRoomKeyRequestState.UNSENT                               -> handleUnsentRequest(it)
-                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> handleRequestToCancel(it)
-                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> handleRequestToCancelWillResend(it)
-                    OutgoingRoomKeyRequestState.SENT_THEN_CANCELED,
-                    OutgoingRoomKeyRequestState.SENT                                 -> {
-                        // these are filtered out
-                    }
-                }
-            }
-        }.let {
-            Timber.tag(loggerTag.value).v("Finish processing pending key request in $it ms")
-        }
-
-        val maxBackupCallsBySync = 60
-        var currentCalls = 0
-        measureTimeMillis {
-            while (requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.isNotEmpty() && currentCalls < maxBackupCallsBySync) {
-                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let { (roomId, sessionId) ->
-                    // we want to rate limit that somehow :/
-                    perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)
-                }
-                currentCalls++
-            }
-        }.let {
-            Timber.tag(loggerTag.value).v("Finish querying backup in $it ms")
-        }
-    }
-
-    private suspend fun handleUnsentRequest(request: OutgoingKeyRequest) {
-        // In order to avoid generating to_device traffic, we can first check if the key is backed up
-        Timber.tag(loggerTag.value).v("Handling unsent request for megolm session ${request.sessionId} in ${request.roomId}")
-        val sessionId = request.sessionId ?: return
-        val roomId = request.roomId ?: return
-        if (perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)) {
-            // let's see what's the index
-            val knownIndex = tryOrNull {
-                inboundGroupSessionStore.getInboundGroupSession(sessionId, request.requestBody?.senderKey ?: "")?.wrapper?.firstKnownIndex
-            }
-            if (knownIndex != null && knownIndex <= request.fromIndex) {
-                // we found the key in backup with good enough index, so we can just mark as cancelled, no need to send request
-                Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
-                cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-                return
-            }
-        }
-
-        // we need to send the request
-        val toDeviceContent = RoomKeyShareRequest(
-                requestingDeviceId = cryptoStore.getDeviceId(),
-                requestId = request.requestId,
-                action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
-                body = request.requestBody
-        )
-        val contentMap = MXUsersDevicesMap<Any>()
-        request.recipients.forEach { userToDeviceMap ->
-            userToDeviceMap.value.forEach { deviceId ->
-                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-            }
-        }
-
-        val params = SendToDeviceTask.Params(
-                eventType = EventType.ROOM_KEY_REQUEST,
-                contentMap = contentMap,
-                transactionId = request.requestId
-        )
-        try {
-            withContext(coroutineDispatchers.io) {
-                sendToDeviceTask.executeRetry(params, 3)
-            }
-            Timber.tag(loggerTag.value).d("Key request sent for $sessionId in room $roomId to ${request.recipients}")
-            // The request was sent, so update state
-            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT)
-            // TODO update the audit trail
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value).v("Failed to request $sessionId targets:${request.recipients}")
-        }
-    }
-
-    private suspend fun handleRequestToCancel(request: OutgoingKeyRequest): Boolean {
-        Timber.tag(loggerTag.value).v("handleRequestToCancel for megolm session ${request.sessionId}")
-        // we have to cancel this
-        val toDeviceContent = RoomKeyShareRequest(
-                requestingDeviceId = cryptoStore.getDeviceId(),
-                requestId = request.requestId,
-                action = GossipingToDeviceObject.ACTION_SHARE_CANCELLATION
-        )
-        val contentMap = MXUsersDevicesMap<Any>()
-        request.recipients.forEach { userToDeviceMap ->
-            userToDeviceMap.value.forEach { deviceId ->
-                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
-            }
-        }
-
-        val params = SendToDeviceTask.Params(
-                eventType = EventType.ROOM_KEY_REQUEST,
-                contentMap = contentMap,
-                transactionId = request.requestId
-        )
-        return try {
-            withContext(coroutineDispatchers.io) {
-                sendToDeviceTask.executeRetry(params, 3)
-            }
-            // The request cancellation was sent, we don't delete yet because we want
-            // to keep trace of the sent replies
-            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT_THEN_CANCELED)
-            true
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value).v("Failed to cancel request ${request.requestId} for session $sessionId targets:${request.recipients}")
-            false
-        }
-    }
-
-    private suspend fun handleRequestToCancelWillResend(request: OutgoingKeyRequest) {
-        if (handleRequestToCancel(request)) {
-            // this will create a new unsent request with no replies that will be process in the following call
-            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
-            request.requestBody?.let { cryptoStore.getOrAddOutgoingRoomKeyRequest(it, request.recipients, request.fromIndex) }
-        }
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.SupervisorJob
+import kotlinx.coroutines.asCoroutineDispatcher
+import kotlinx.coroutines.cancel
+import kotlinx.coroutines.delay
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.crypto.MXCRYPTO_ALGORITHM_MEGOLM
+import org.matrix.android.sdk.api.crypto.MXCryptoConfig
+import org.matrix.android.sdk.api.extensions.tryOrNull
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.OutgoingKeyRequest
+import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
+import org.matrix.android.sdk.api.session.crypto.model.GossipingToDeviceObject
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyRequestBody
+import org.matrix.android.sdk.api.session.crypto.model.RoomKeyShareRequest
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.EncryptedEventContent
+import org.matrix.android.sdk.api.session.events.model.content.RoomKeyWithHeldContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.util.fromBase64
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
+import org.matrix.android.sdk.internal.di.SessionId
+import org.matrix.android.sdk.internal.di.UserId
+import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
+import timber.log.Timber
+import java.util.Stack
+import java.util.concurrent.Executors
+import javax.inject.Inject
+import kotlin.system.measureTimeMillis
+
+private val loggerTag = LoggerTag("OutgoingKeyRequestManager", LoggerTag.CRYPTO)
+
+/**
+ * This class is responsible for sending key requests to other devices when a message failed to decrypt.
+ * It's lifecycle is based on the sync pulse:
+ *    - You can post queries for session, or report when you got a session
+ *    - At the end of the sync (onSyncComplete) it will then process all the posted request and send to devices
+ * If a request failed it will be retried at the end of the next sync
+ */
+@SessionScope
+internal class OutgoingKeyRequestManager @Inject constructor(
+        @SessionId private val sessionId: String,
+        @UserId private val myUserId: String,
+        private val cryptoStore: IMXCryptoStore,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val cryptoConfig: MXCryptoConfig,
+        private val inboundGroupSessionStore: InboundGroupSessionStore,
+        private val sendToDeviceTask: SendToDeviceTask,
+        private val deviceListManager: DeviceListManager,
+        private val perSessionBackupQueryRateLimiter: PerSessionBackupQueryRateLimiter) {
+
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
+    private val sequencer = SemaphoreCoroutineSequencer()
+
+    // We only have one active key request per session, so we don't request if it's already requested
+    // But it could make sense to check more the backup, as it's evolving.
+    // We keep a stack as we consider that the key requested last is more likely to be on screen?
+    private val requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup = Stack<Pair<String, String>>()
+
+    fun requestKeyForEvent(event: Event, force: Boolean) {
+        val (targets, body) = getRoomKeyRequestTargetForEvent(event) ?: return
+        val index = ratchetIndexForMessage(event) ?: 0
+        postRoomKeyRequest(body, targets, index, force)
+    }
+
+    private fun getRoomKeyRequestTargetForEvent(event: Event): Pair<Map<String, List<String>>, RoomKeyRequestBody>? {
+        val sender = event.senderId ?: return null
+        val encryptedEventContent = event.content.toModel<EncryptedEventContent>() ?: return null.also {
+            Timber.tag(loggerTag.value).e("getRoomKeyRequestTargetForEvent Failed to re-request key, null content")
+        }
+        if (encryptedEventContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+
+        val senderDevice = encryptedEventContent.deviceId
+        val recipients = if (cryptoConfig.limitRoomKeyRequestsToMyDevices) {
+            mapOf(
+                    myUserId to listOf("*")
+            )
+        } else {
+            if (event.senderId == myUserId) {
+                mapOf(
+                        myUserId to listOf("*")
+                )
+            } else {
+                // for the case where you share the key with a device that has a broken olm session
+                // The other user might Re-shares a megolm session key with devices if the key has already been
+                // sent to them.
+                mapOf(
+                        myUserId to listOf("*"),
+
+                        // We might not have deviceId in the future due to https://github.com/matrix-org/matrix-spec-proposals/pull/3700
+                        // so in this case query to all
+                        sender to listOf(senderDevice ?: "*")
+                )
+            }
+        }
+
+        val requestBody = RoomKeyRequestBody(
+                roomId = event.roomId,
+                algorithm = encryptedEventContent.algorithm,
+                senderKey = encryptedEventContent.senderKey,
+                sessionId = encryptedEventContent.sessionId
+        )
+        return recipients to requestBody
+    }
+
+    private fun ratchetIndexForMessage(event: Event): Int? {
+        val encryptedContent = event.content.toModel<EncryptedEventContent>() ?: return null
+        if (encryptedContent.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
+        return encryptedContent.ciphertext?.fromBase64()?.inputStream()?.reader()?.let {
+            tryOrNull {
+                val megolmVersion = it.read()
+                if (megolmVersion != 3) return@tryOrNull null
+                /** Int tag */
+                if (it.read() != 8) return@tryOrNull null
+                it.read()
+            }
+        }
+    }
+
+    fun postRoomKeyRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean = false) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalQueueRequest(requestBody, recipients, fromIndex, force)
+            }
+        }
+    }
+
+    /**
+     * Typically called when we the session as been imported or received meanwhile
+     */
+    fun postCancelRequestForSessionIfNeeded(sessionId: String, roomId: String, senderKey: String, fromIndex: Int) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalQueueCancelRequest(sessionId, roomId, senderKey, fromIndex)
+            }
+        }
+    }
+
+    fun onSelfCrossSigningTrustChanged(newTrust: Boolean) {
+        if (newTrust) {
+            // we were previously not cross signed, but we are now
+            // so there is now more chances to get better replies for existing request
+            // Let's forget about sent request so that next time we try to decrypt we will resend requests
+            // We don't resend all because we don't want to generate a bulk of traffic
+            outgoingRequestScope.launch {
+                sequencer.post {
+                    cryptoStore.deleteOutgoingRoomKeyRequestInState(OutgoingRoomKeyRequestState.SENT)
+                }
+
+                sequencer.post {
+                    delay(1000)
+                    perSessionBackupQueryRateLimiter.refreshBackupInfoIfNeeded(true)
+                }
+            }
+        }
+    }
+
+    fun onRoomKeyForwarded(sessionId: String,
+                           algorithm: String,
+                           roomId: String,
+                           senderKey: String,
+                           fromDevice: String?,
+                           fromIndex: Int,
+                           event: Event) {
+        Timber.tag(loggerTag.value).d("Key forwarded for $sessionId from ${event.senderId}|$fromDevice at index $fromIndex")
+        outgoingRequestScope.launch {
+            sequencer.post {
+                cryptoStore.updateOutgoingRoomKeyReply(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = algorithm,
+                        senderKey = senderKey,
+                        fromDevice = fromDevice,
+                        // strip out encrypted stuff as it's just a trail?
+                        event = event.copy(
+                                type = event.getClearType(),
+                                content = mapOf(
+                                        "chain_index" to fromIndex
+                                )
+                        )
+                )
+            }
+        }
+    }
+
+    fun onRoomKeyWithHeld(sessionId: String,
+                          algorithm: String,
+                          roomId: String,
+                          senderKey: String,
+                          fromDevice: String?,
+                          event: Event) {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                Timber.tag(loggerTag.value).d("Withheld received for $sessionId from ${event.senderId}|$fromDevice")
+                Timber.tag(loggerTag.value).v("Withheld content ${event.getClearContent()}")
+
+                // We want to store withheld code from the sender of the message (owner of the megolm session), not from
+                // other devices that might gossip the key. If not the initial reason might be overridden
+                // by a request to one of our session.
+                event.getClearContent().toModel<RoomKeyWithHeldContent>()?.let { withheld ->
+                    withContext(coroutineDispatchers.crypto) {
+                        tryOrNull {
+                            deviceListManager.downloadKeys(listOf(event.senderId ?: ""), false)
+                        }
+                        cryptoStore.getUserDeviceList(event.senderId ?: "")
+                                .also { devices ->
+                                    Timber.tag(loggerTag.value)
+                                            .v("Withheld Devices for ${event.senderId} are ${devices.orEmpty().joinToString { it.identityKey() ?: "" }}")
+                                }
+                                ?.firstOrNull {
+                                    it.identityKey() == senderKey
+                                }
+                    }.also {
+                        Timber.tag(loggerTag.value).v("Withheld device for sender key $senderKey is from ${it?.shortDebugString()}")
+                    }?.let {
+                        if (it.userId == event.senderId) {
+                            if (fromDevice != null) {
+                                if (it.deviceId == fromDevice) {
+                                    Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
+                                    cryptoStore.addWithHeldMegolmSession(withheld)
+                                }
+                            } else {
+                                Timber.tag(loggerTag.value).v("Storing sender Withheld code ${withheld.code} for ${withheld.sessionId}")
+                                cryptoStore.addWithHeldMegolmSession(withheld)
+                            }
+                        }
+                    }
+                }
+
+                // Here we store the replies from a given request
+                cryptoStore.updateOutgoingRoomKeyReply(
+                        roomId = roomId,
+                        sessionId = sessionId,
+                        algorithm = algorithm,
+                        senderKey = senderKey,
+                        fromDevice = fromDevice,
+                        event = event
+                )
+            }
+        }
+    }
+
+    /**
+     * Should be called after a sync, ideally if no catchup sync needed (as keys might arrive in those)
+     */
+    fun requireProcessAllPendingKeyRequests() {
+        outgoingRequestScope.launch {
+            sequencer.post {
+                internalProcessPendingKeyRequests()
+            }
+        }
+    }
+
+    private fun internalQueueCancelRequest(sessionId: String, roomId: String, senderKey: String, localKnownChainIndex: Int) {
+        // do we have known requests for that session??
+        Timber.tag(loggerTag.value).v("Cancel Key Request if needed for $sessionId")
+        val knownRequest = cryptoStore.getOutgoingRoomKeyRequest(
+                algorithm = MXCRYPTO_ALGORITHM_MEGOLM,
+                roomId = roomId,
+                sessionId = sessionId,
+                senderKey = senderKey
+        )
+        if (knownRequest.isEmpty()) return Unit.also {
+            Timber.tag(loggerTag.value).v("Handle Cancel Key Request for $sessionId -- Was not currently requested")
+        }
+        if (knownRequest.size > 1) {
+            // It's worth logging, there should be only one
+            Timber.tag(loggerTag.value).w("Found multiple requests for same sessionId $sessionId")
+        }
+        knownRequest.forEach { request ->
+            when (request.state) {
+                OutgoingRoomKeyRequestState.UNSENT                               -> {
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        // we have a good index we can cancel
+                        cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                    }
+                }
+                OutgoingRoomKeyRequestState.SENT                                 -> {
+                    // It was already sent, and index satisfied we can cancel
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    }
+                }
+                OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
+                    // It is already marked to be cancelled
+                }
+                OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
+                    if (request.fromIndex >= localKnownChainIndex) {
+                        // we just want to cancel now
+                        cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING)
+                    }
+                }
+                OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
+                    // was already canceled
+                    // if we need a better index, should we resend?
+                }
+            }
+        }
+    }
+
+    fun close() {
+        try {
+            outgoingRequestScope.cancel("User Terminate")
+            requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.clear()
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).w("Failed to shutDown request manager")
+        }
+    }
+
+    private fun internalQueueRequest(requestBody: RoomKeyRequestBody, recipients: Map<String, List<String>>, fromIndex: Int, force: Boolean) {
+        if (!cryptoStore.isKeyGossipingEnabled()) {
+            // we might want to try backup?
+            if (requestBody.roomId != null && requestBody.sessionId != null) {
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(requestBody.roomId to requestBody.sessionId)
+            }
+            Timber.tag(loggerTag.value).d("discarding request for ${requestBody.sessionId} as gossiping is disabled")
+            return
+        }
+
+        Timber.tag(loggerTag.value).d("Queueing key request for ${requestBody.sessionId} force:$force")
+        val existing = cryptoStore.getOutgoingRoomKeyRequest(requestBody)
+        Timber.tag(loggerTag.value).v("Queueing key request exiting is ${existing?.state}")
+        when (existing?.state) {
+            null                                                             -> {
+                // create a new one
+                cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
+            }
+            OutgoingRoomKeyRequestState.UNSENT                               -> {
+                // nothing it's new or not yet handled
+            }
+            OutgoingRoomKeyRequestState.SENT                                 -> {
+                // it was already requested
+                Timber.tag(loggerTag.value).d("The session ${requestBody.sessionId} is already requested")
+                if (force) {
+                    // update to UNSENT
+                    Timber.tag(loggerTag.value).d(".. force to request  ${requestBody.sessionId}")
+                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
+                } else {
+                    if (existing.roomId != null && existing.sessionId != null) {
+                        requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.push(existing.roomId to existing.sessionId)
+                    }
+                }
+            }
+            OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> {
+                // request is canceled only if I got the keys so what to do here...
+                if (force) {
+                    cryptoStore.updateOutgoingRoomKeyRequestState(existing.requestId, OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND)
+                }
+            }
+            OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> {
+                // It's already going to resend
+            }
+            OutgoingRoomKeyRequestState.SENT_THEN_CANCELED                   -> {
+                if (force) {
+                    cryptoStore.deleteOutgoingRoomKeyRequest(existing.requestId)
+                    cryptoStore.getOrAddOutgoingRoomKeyRequest(requestBody, recipients, fromIndex)
+                }
+            }
+        }
+
+        if (existing != null && existing.fromIndex >= fromIndex) {
+            // update the required index
+            cryptoStore.updateOutgoingRoomKeyRequiredIndex(existing.requestId, fromIndex)
+        }
+    }
+
+    private suspend fun internalProcessPendingKeyRequests() {
+        val toProcess = cryptoStore.getOutgoingRoomKeyRequests(OutgoingRoomKeyRequestState.pendingStates())
+        Timber.tag(loggerTag.value).v("Processing all pending key requests (found ${toProcess.size} pending)")
+
+        measureTimeMillis {
+            toProcess.forEach {
+                when (it.state) {
+                    OutgoingRoomKeyRequestState.UNSENT                               -> handleUnsentRequest(it)
+                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING                 -> handleRequestToCancel(it)
+                    OutgoingRoomKeyRequestState.CANCELLATION_PENDING_AND_WILL_RESEND -> handleRequestToCancelWillResend(it)
+                    OutgoingRoomKeyRequestState.SENT_THEN_CANCELED,
+                    OutgoingRoomKeyRequestState.SENT                                 -> {
+                        // these are filtered out
+                    }
+                }
+            }
+        }.let {
+            Timber.tag(loggerTag.value).v("Finish processing pending key request in $it ms")
+        }
+
+        val maxBackupCallsBySync = 60
+        var currentCalls = 0
+        measureTimeMillis {
+            while (requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.isNotEmpty() && currentCalls < maxBackupCallsBySync) {
+                requestDiscardedBecauseAlreadySentThatCouldBeTriedWithBackup.pop().let { (roomId, sessionId) ->
+                    // we want to rate limit that somehow :/
+                    perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)
+                }
+                currentCalls++
+            }
+        }.let {
+            Timber.tag(loggerTag.value).v("Finish querying backup in $it ms")
+        }
+    }
+
+    private suspend fun handleUnsentRequest(request: OutgoingKeyRequest) {
+        // In order to avoid generating to_device traffic, we can first check if the key is backed up
+        Timber.tag(loggerTag.value).v("Handling unsent request for megolm session ${request.sessionId} in ${request.roomId}")
+        val sessionId = request.sessionId ?: return
+        val roomId = request.roomId ?: return
+        if (perSessionBackupQueryRateLimiter.tryFromBackupIfPossible(sessionId, roomId)) {
+            // let's see what's the index
+            val knownIndex = tryOrNull {
+                inboundGroupSessionStore.getInboundGroupSession(sessionId, request.requestBody?.senderKey ?: "")?.wrapper?.firstKnownIndex
+            }
+            if (knownIndex != null && knownIndex <= request.fromIndex) {
+                // we found the key in backup with good enough index, so we can just mark as cancelled, no need to send request
+                Timber.tag(loggerTag.value).v("Megolm session $sessionId successfully restored from backup, do not send request")
+                cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+                return
+            }
+        }
+
+        // we need to send the request
+        val toDeviceContent = RoomKeyShareRequest(
+                requestingDeviceId = cryptoStore.getDeviceId(),
+                requestId = request.requestId,
+                action = GossipingToDeviceObject.ACTION_SHARE_REQUEST,
+                body = request.requestBody
+        )
+        val contentMap = MXUsersDevicesMap<Any>()
+        request.recipients.forEach { userToDeviceMap ->
+            userToDeviceMap.value.forEach { deviceId ->
+                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
+            }
+        }
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.ROOM_KEY_REQUEST,
+                contentMap = contentMap,
+                transactionId = request.requestId
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            Timber.tag(loggerTag.value).d("Key request sent for $sessionId in room $roomId to ${request.recipients}")
+            // The request was sent, so update state
+            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT)
+            // TODO update the audit trail
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).v("Failed to request $sessionId targets:${request.recipients}")
+        }
+    }
+
+    private suspend fun handleRequestToCancel(request: OutgoingKeyRequest): Boolean {
+        Timber.tag(loggerTag.value).v("handleRequestToCancel for megolm session ${request.sessionId}")
+        // we have to cancel this
+        val toDeviceContent = RoomKeyShareRequest(
+                requestingDeviceId = cryptoStore.getDeviceId(),
+                requestId = request.requestId,
+                action = GossipingToDeviceObject.ACTION_SHARE_CANCELLATION
+        )
+        val contentMap = MXUsersDevicesMap<Any>()
+        request.recipients.forEach { userToDeviceMap ->
+            userToDeviceMap.value.forEach { deviceId ->
+                contentMap.setObject(userToDeviceMap.key, deviceId, toDeviceContent)
+            }
+        }
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.ROOM_KEY_REQUEST,
+                contentMap = contentMap,
+                transactionId = request.requestId
+        )
+        return try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            // The request cancellation was sent, we don't delete yet because we want
+            // to keep trace of the sent replies
+            cryptoStore.updateOutgoingRoomKeyRequestState(request.requestId, OutgoingRoomKeyRequestState.SENT_THEN_CANCELED)
+            true
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value).v("Failed to cancel request ${request.requestId} for session $sessionId targets:${request.recipients}")
+            false
+        }
+    }
+
+    private suspend fun handleRequestToCancelWillResend(request: OutgoingKeyRequest) {
+        if (handleRequestToCancel(request)) {
+            // this will create a new unsent request with no replies that will be process in the following call
+            cryptoStore.deleteOutgoingRoomKeyRequest(request.requestId)
+            request.requestBody?.let { cryptoStore.getOrAddOutgoingRoomKeyRequest(it, request.recipients, request.fromIndex) }
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
deleted file mode 100755
index fae7a2f1c4..0000000000
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/OutgoingSecretRequest.kt
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.session.crypto.OutgoingRoomKeyRequestState
-
-/**
- * Represents an outgoing room key request
- */
-@JsonClass(generateAdapter = true)
-internal class OutgoingSecretRequest(
-        // Secret Name
-        val secretName: String?,
-        // list of recipients for the request
-        override var recipients: Map<String, List<String>>,
-        // Unique id for this request. Used for both
-        // an id within the request for later pairing with a cancellation, and for
-        // the transaction id when sending the to_device messages to our local
-        override var requestId: String,
-        // current state of this request
-        override var state: OutgoingRoomKeyRequestState) : OutgoingGossipingRequest {
-
-    // transaction id for the cancellation, if any
-}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
index 8e0def5b76..292ba02ecd 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
@@ -66,7 +66,7 @@ internal class PerSessionBackupQueryRateLimiter @Inject constructor(
     private var backupVersion: KeysVersionResult? = null
     private var savedKeyBackupKeyInfo: SavedKeyBackupKeyInfo? = null
     var backupWasCheckedFromServer: Boolean = false
-    var now = System.currentTimeMillis()
+    val now = System.currentTimeMillis()
 
     fun refreshBackupInfoIfNeeded(force: Boolean = false) {
         if (backupWasCheckedFromServer && !force) return
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
index 58378e556a..1a8c160d9c 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/RoomEncryptorsStore.kt
@@ -28,7 +28,6 @@ import javax.inject.Inject
 @SessionScope
 internal class RoomEncryptorsStore @Inject constructor(
         private val cryptoStore: IMXCryptoStore,
-        // Repository
         private val megolmEncryptionFactory: MXMegolmEncryptionFactory,
         private val olmEncryptionFactory: MXOlmEncryptionFactory,
 ) {
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
index b10c77dfd3..dca4b07416 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
@@ -1,298 +1,298 @@
-/*
- * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.internal.crypto
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.launch
-import kotlinx.coroutines.sync.Mutex
-import kotlinx.coroutines.sync.withLock
-import kotlinx.coroutines.withContext
-import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
-import org.matrix.android.sdk.api.auth.data.Credentials
-import org.matrix.android.sdk.api.logger.LoggerTag
-import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
-import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
-import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
-import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
-import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
-import org.matrix.android.sdk.api.session.events.model.toModel
-import org.matrix.android.sdk.api.util.toBase64NoPadding
-import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
-import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
-import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
-import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
-import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
-import org.matrix.android.sdk.internal.session.SessionScope
-import timber.log.Timber
-import javax.inject.Inject
-
-private val loggerTag = LoggerTag("SecretShareManager", LoggerTag.CRYPTO)
-
-@SessionScope
-internal class SecretShareManager @Inject constructor(
-        private val credentials: Credentials,
-        private val cryptoStore: IMXCryptoStore,
-        private val cryptoCoroutineScope: CoroutineScope,
-        private val messageEncrypter: MessageEncrypter,
-        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
-        private val sendToDeviceTask: SendToDeviceTask,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers
-) {
-
-    companion object {
-        private const val SECRET_SHARE_WINDOW_DURATION = 5 * 60 * 1000 // 5 minutes
-    }
-
-    /**
-     * Secret gossiping only occurs during a limited window period after interactive verification.
-     * We keep track of recent verification in memory for that purpose (no need to persist)
-     */
-    private val recentlyVerifiedDevices = mutableMapOf<String, Long>()
-    private val verifMutex = Mutex()
-
-    /**
-     * Secrets are exchanged as part of interactive verification,
-     * so we can just store in memory.
-     */
-    private val outgoingSecretRequests = mutableListOf<SecretShareRequest>()
-
-    // the listeners
-    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
-
-    fun addListener(listener: GossipingRequestListener) {
-        synchronized(gossipingRequestListeners) {
-            gossipingRequestListeners.add(listener)
-        }
-    }
-
-    fun removeRoomKeysRequestListener(listener: GossipingRequestListener) {
-        synchronized(gossipingRequestListeners) {
-            gossipingRequestListeners.remove(listener)
-        }
-    }
-
-    /**
-     * Called when a session has been verified.
-     * This information can be used by the manager to decide whether or not to fullfill gossiping requests.
-     * This should be called as fast as possible after a successful self interactive verification
-     */
-    fun onVerificationCompleteForDevice(deviceId: String) {
-        // For now we just keep an in memory cache
-        cryptoCoroutineScope.launch {
-            verifMutex.withLock {
-                recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
-            }
-        }
-    }
-
-    suspend fun handleSecretRequest(toDevice: Event) {
-        val request = toDevice.getClearContent().toModel<SecretShareRequest>()
-                ?: return Unit.also {
-                    Timber.tag(loggerTag.value)
-                            .w("handleSecretRequest() : malformed request")
-                }
-
-//            val (action, requestingDeviceId, requestId, secretName) = it
-        val secretName = request.secretName ?: return Unit.also {
-            Timber.tag(loggerTag.value)
-                    .v("handleSecretRequest() : Missing secret name")
-        }
-
-        val userId = toDevice.senderId ?: return Unit.also {
-            Timber.tag(loggerTag.value)
-                    .v("handleSecretRequest() : Missing secret name")
-        }
-
-        if (userId != credentials.userId) {
-            // secrets are only shared between our own devices
-            Timber.tag(loggerTag.value)
-                    .e("Ignoring secret share request from other users $userId")
-            return
-        }
-
-        val deviceId = request.requestingDeviceId
-                ?: return Unit.also {
-                    Timber.tag(loggerTag.value)
-                            .w("handleSecretRequest() : malformed request norequestingDeviceId ")
-                }
-
-        val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
-                ?: return Unit.also {
-                    Timber.tag(loggerTag.value)
-                            .e("Received secret share request from unknown device $deviceId")
-                }
-
-        val isRequestingDeviceTrusted = device.isVerified
-        val isRecentInteractiveVerification = hasBeenVerifiedLessThanFiveMinutesFromNow(device.deviceId)
-        if (isRequestingDeviceTrusted && isRecentInteractiveVerification) {
-            // we can share the secret
-
-            val secretValue = when (secretName) {
-                MASTER_KEY_SSSS_NAME       -> cryptoStore.getCrossSigningPrivateKeys()?.master
-                SELF_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.selfSigned
-                USER_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.user
-                KEYBACKUP_SECRET_SSSS_NAME -> cryptoStore.getKeyBackupRecoveryKeyInfo()?.recoveryKey
-                        ?.let {
-                            extractCurveKeyFromRecoveryKey(it)?.toBase64NoPadding()
-                        }
-                else                       -> null
-            }
-            if (secretValue == null) {
-                Timber.tag(loggerTag.value)
-                        .i("The secret is unknown $secretName, passing to app layer")
-                val toList = synchronized(gossipingRequestListeners) { gossipingRequestListeners.toList() }
-                toList.onEach { listener ->
-                    listener.onSecretShareRequest(request)
-                }
-                return
-            }
-
-            val payloadJson = mapOf(
-                    "type" to EventType.SEND_SECRET,
-                    "content" to mapOf(
-                            "request_id" to request.requestId,
-                            "secret" to secretValue
-                    )
-            )
-
-            // Is it possible that we don't have an olm session?
-            val devicesByUser = mapOf(device.userId to listOf(device))
-            val usersDeviceMap = try {
-                ensureOlmSessionsForDevicesAction.handle(devicesByUser)
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value)
-                        .w("Can't share secret ${request.secretName}: Failed to establish olm session")
-                return
-            }
-
-            val olmSessionResult = usersDeviceMap.getObject(device.userId, device.deviceId)
-            if (olmSessionResult?.sessionId == null) {
-                Timber.tag(loggerTag.value)
-                        .w("secret share: no session with this device $deviceId, probably because there were no one-time keys")
-                return
-            }
-
-            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(device))
-            val sendToDeviceMap = MXUsersDevicesMap<Any>()
-            sendToDeviceMap.setObject(device.userId, device.deviceId, encodedPayload)
-            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
-            try {
-                // raise the retries for secret
-                sendToDeviceTask.executeRetry(sendToDeviceParams, 6)
-                Timber.tag(loggerTag.value)
-                        .i("successfully shared secret $secretName to ${device.shortDebugString()}")
-                // TODO add a trail for that in audit logs
-            } catch (failure: Throwable) {
-                Timber.tag(loggerTag.value)
-                        .e(failure, "failed to send shared secret $secretName to ${device.shortDebugString()}")
-            }
-        } else {
-            Timber.tag(loggerTag.value)
-                    .d(" Received secret share request from un-authorised device ${device.deviceId}")
-        }
-    }
-
-    private suspend fun hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId: String): Boolean {
-        val verifTimestamp = verifMutex.withLock {
-            recentlyVerifiedDevices[deviceId]
-        } ?: return false
-
-        val age = System.currentTimeMillis() - verifTimestamp
-
-        return age < SECRET_SHARE_WINDOW_DURATION
-    }
-
-    suspend fun requestSecretTo(deviceId: String, secretName: String) {
-        val cryptoDeviceInfo = cryptoStore.getUserDevice(credentials.userId, deviceId) ?: return Unit.also {
-            Timber.tag(loggerTag.value)
-                    .d("Can't request secret for $secretName unknown device $deviceId")
-        }
-        val toDeviceContent = SecretShareRequest(
-                requestingDeviceId = credentials.deviceId,
-                secretName = secretName,
-                requestId = createUniqueTxnId()
-        )
-
-        verifMutex.withLock {
-            outgoingSecretRequests.add(toDeviceContent)
-        }
-
-        val contentMap = MXUsersDevicesMap<Any>()
-        contentMap.setObject(cryptoDeviceInfo.userId, cryptoDeviceInfo.deviceId, toDeviceContent)
-
-        val params = SendToDeviceTask.Params(
-                eventType = EventType.REQUEST_SECRET,
-                contentMap = contentMap
-        )
-        try {
-            withContext(coroutineDispatchers.io) {
-                sendToDeviceTask.executeRetry(params, 3)
-            }
-            Timber.tag(loggerTag.value)
-                    .d("Secret request sent for $secretName to ${cryptoDeviceInfo.shortDebugString()}")
-            // TODO update the audit trail
-        } catch (failure: Throwable) {
-            Timber.tag(loggerTag.value)
-                    .w("Failed to request secret $secretName to ${cryptoDeviceInfo.shortDebugString()}")
-        }
-    }
-
-    suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
-        Timber.tag(loggerTag.value)
-                .i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
-        if (!toDevice.isEncrypted()) {
-            // secret send messages must be encrypted
-            Timber.tag(loggerTag.value).e("onSecretSend() :Received unencrypted secret send event")
-            return
-        }
-
-        // Was that sent by us?
-        if (toDevice.senderId != credentials.userId) {
-            Timber.tag(loggerTag.value).e("onSecretSend() : Ignore secret from other user ${toDevice.senderId}")
-            return
-        }
-
-        val secretContent = toDevice.getClearContent().toModel<SecretSendEventContent>() ?: return
-
-        val existingRequest = verifMutex.withLock {
-            outgoingSecretRequests.firstOrNull { it.requestId == secretContent.requestId }
-        }
-
-        // As per spec:
-        // Clients should ignore m.secret.send events received from devices that it did not send an m.secret.request event to.
-        if (existingRequest?.secretName == null) {
-            Timber.tag(loggerTag.value).i("onSecretSend() : Ignore secret that was not requested: ${secretContent.requestId}")
-            return
-        }
-        // we don't need to cancel the request as we only request to one device
-        // just forget about the request now
-        verifMutex.withLock {
-            outgoingSecretRequests.remove(existingRequest)
-        }
-
-        if (!handleGossip(existingRequest.secretName, secretContent.secretValue)) {
-            // TODO Ask to application layer?
-            Timber.tag(loggerTag.value).v("onSecretSend() : secret not handled by SDK")
-        }
-    }
-}
+/*
+ * Copyright (c) 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.internal.crypto
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.launch
+import kotlinx.coroutines.sync.Mutex
+import kotlinx.coroutines.sync.withLock
+import kotlinx.coroutines.withContext
+import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
+import org.matrix.android.sdk.api.auth.data.Credentials
+import org.matrix.android.sdk.api.logger.LoggerTag
+import org.matrix.android.sdk.api.session.crypto.crosssigning.KEYBACKUP_SECRET_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.MASTER_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.SELF_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.crosssigning.USER_SIGNING_KEY_SSSS_NAME
+import org.matrix.android.sdk.api.session.crypto.keysbackup.extractCurveKeyFromRecoveryKey
+import org.matrix.android.sdk.api.session.crypto.keyshare.GossipingRequestListener
+import org.matrix.android.sdk.api.session.crypto.model.MXUsersDevicesMap
+import org.matrix.android.sdk.api.session.crypto.model.SecretShareRequest
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.content.SecretSendEventContent
+import org.matrix.android.sdk.api.session.events.model.toModel
+import org.matrix.android.sdk.api.util.toBase64NoPadding
+import org.matrix.android.sdk.internal.crypto.actions.EnsureOlmSessionsForDevicesAction
+import org.matrix.android.sdk.internal.crypto.actions.MessageEncrypter
+import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
+import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
+import org.matrix.android.sdk.internal.session.SessionScope
+import timber.log.Timber
+import javax.inject.Inject
+
+private val loggerTag = LoggerTag("SecretShareManager", LoggerTag.CRYPTO)
+
+@SessionScope
+internal class SecretShareManager @Inject constructor(
+        private val credentials: Credentials,
+        private val cryptoStore: IMXCryptoStore,
+        private val cryptoCoroutineScope: CoroutineScope,
+        private val messageEncrypter: MessageEncrypter,
+        private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
+        private val sendToDeviceTask: SendToDeviceTask,
+        private val coroutineDispatchers: MatrixCoroutineDispatchers
+) {
+
+    companion object {
+        private const val SECRET_SHARE_WINDOW_DURATION = 5 * 60 * 1000 // 5 minutes
+    }
+
+    /**
+     * Secret gossiping only occurs during a limited window period after interactive verification.
+     * We keep track of recent verification in memory for that purpose (no need to persist)
+     */
+    private val recentlyVerifiedDevices = mutableMapOf<String, Long>()
+    private val verifMutex = Mutex()
+
+    /**
+     * Secrets are exchanged as part of interactive verification,
+     * so we can just store in memory.
+     */
+    private val outgoingSecretRequests = mutableListOf<SecretShareRequest>()
+
+    // the listeners
+    private val gossipingRequestListeners: MutableSet<GossipingRequestListener> = HashSet()
+
+    fun addListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            gossipingRequestListeners.add(listener)
+        }
+    }
+
+    fun removeListener(listener: GossipingRequestListener) {
+        synchronized(gossipingRequestListeners) {
+            gossipingRequestListeners.remove(listener)
+        }
+    }
+
+    /**
+     * Called when a session has been verified.
+     * This information can be used by the manager to decide whether or not to fullfill gossiping requests.
+     * This should be called as fast as possible after a successful self interactive verification
+     */
+    fun onVerificationCompleteForDevice(deviceId: String) {
+        // For now we just keep an in memory cache
+        cryptoCoroutineScope.launch {
+            verifMutex.withLock {
+                recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
+            }
+        }
+    }
+
+    suspend fun handleSecretRequest(toDevice: Event) {
+        val request = toDevice.getClearContent().toModel<SecretShareRequest>()
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .w("handleSecretRequest() : malformed request")
+                }
+
+//            val (action, requestingDeviceId, requestId, secretName) = it
+        val secretName = request.secretName ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .v("handleSecretRequest() : Missing secret name")
+        }
+
+        val userId = toDevice.senderId ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .v("handleSecretRequest() : Missing senderId")
+        }
+
+        if (userId != credentials.userId) {
+            // secrets are only shared between our own devices
+            Timber.tag(loggerTag.value)
+                    .e("Ignoring secret share request from other users $userId")
+            return
+        }
+
+        val deviceId = request.requestingDeviceId
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .w("handleSecretRequest() : malformed request norequestingDeviceId ")
+                }
+
+        val device = cryptoStore.getUserDevice(credentials.userId, deviceId)
+                ?: return Unit.also {
+                    Timber.tag(loggerTag.value)
+                            .e("Received secret share request from unknown device $deviceId")
+                }
+
+        val isRequestingDeviceTrusted = device.isVerified
+        val isRecentInteractiveVerification = hasBeenVerifiedLessThanFiveMinutesFromNow(device.deviceId)
+        if (isRequestingDeviceTrusted && isRecentInteractiveVerification) {
+            // we can share the secret
+
+            val secretValue = when (secretName) {
+                MASTER_KEY_SSSS_NAME       -> cryptoStore.getCrossSigningPrivateKeys()?.master
+                SELF_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.selfSigned
+                USER_SIGNING_KEY_SSSS_NAME -> cryptoStore.getCrossSigningPrivateKeys()?.user
+                KEYBACKUP_SECRET_SSSS_NAME -> cryptoStore.getKeyBackupRecoveryKeyInfo()?.recoveryKey
+                        ?.let {
+                            extractCurveKeyFromRecoveryKey(it)?.toBase64NoPadding()
+                        }
+                else                       -> null
+            }
+            if (secretValue == null) {
+                Timber.tag(loggerTag.value)
+                        .i("The secret is unknown $secretName, passing to app layer")
+                val toList = synchronized(gossipingRequestListeners) { gossipingRequestListeners.toList() }
+                toList.onEach { listener ->
+                    listener.onSecretShareRequest(request)
+                }
+                return
+            }
+
+            val payloadJson = mapOf(
+                    "type" to EventType.SEND_SECRET,
+                    "content" to mapOf(
+                            "request_id" to request.requestId,
+                            "secret" to secretValue
+                    )
+            )
+
+            // Is it possible that we don't have an olm session?
+            val devicesByUser = mapOf(device.userId to listOf(device))
+            val usersDeviceMap = try {
+                ensureOlmSessionsForDevicesAction.handle(devicesByUser)
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value)
+                        .w("Can't share secret ${request.secretName}: Failed to establish olm session")
+                return
+            }
+
+            val olmSessionResult = usersDeviceMap.getObject(device.userId, device.deviceId)
+            if (olmSessionResult?.sessionId == null) {
+                Timber.tag(loggerTag.value)
+                        .w("secret share: no session with this device $deviceId, probably because there were no one-time keys")
+                return
+            }
+
+            val encodedPayload = messageEncrypter.encryptMessage(payloadJson, listOf(device))
+            val sendToDeviceMap = MXUsersDevicesMap<Any>()
+            sendToDeviceMap.setObject(device.userId, device.deviceId, encodedPayload)
+            val sendToDeviceParams = SendToDeviceTask.Params(EventType.ENCRYPTED, sendToDeviceMap)
+            try {
+                // raise the retries for secret
+                sendToDeviceTask.executeRetry(sendToDeviceParams, 6)
+                Timber.tag(loggerTag.value)
+                        .i("successfully shared secret $secretName to ${device.shortDebugString()}")
+                // TODO add a trail for that in audit logs
+            } catch (failure: Throwable) {
+                Timber.tag(loggerTag.value)
+                        .e(failure, "failed to send shared secret $secretName to ${device.shortDebugString()}")
+            }
+        } else {
+            Timber.tag(loggerTag.value)
+                    .d(" Received secret share request from un-authorised device ${device.deviceId}")
+        }
+    }
+
+    private suspend fun hasBeenVerifiedLessThanFiveMinutesFromNow(deviceId: String): Boolean {
+        val verifTimestamp = verifMutex.withLock {
+            recentlyVerifiedDevices[deviceId]
+        } ?: return false
+
+        val age = System.currentTimeMillis() - verifTimestamp
+
+        return age < SECRET_SHARE_WINDOW_DURATION
+    }
+
+    suspend fun requestSecretTo(deviceId: String, secretName: String) {
+        val cryptoDeviceInfo = cryptoStore.getUserDevice(credentials.userId, deviceId) ?: return Unit.also {
+            Timber.tag(loggerTag.value)
+                    .d("Can't request secret for $secretName unknown device $deviceId")
+        }
+        val toDeviceContent = SecretShareRequest(
+                requestingDeviceId = credentials.deviceId,
+                secretName = secretName,
+                requestId = createUniqueTxnId()
+        )
+
+        verifMutex.withLock {
+            outgoingSecretRequests.add(toDeviceContent)
+        }
+
+        val contentMap = MXUsersDevicesMap<Any>()
+        contentMap.setObject(cryptoDeviceInfo.userId, cryptoDeviceInfo.deviceId, toDeviceContent)
+
+        val params = SendToDeviceTask.Params(
+                eventType = EventType.REQUEST_SECRET,
+                contentMap = contentMap
+        )
+        try {
+            withContext(coroutineDispatchers.io) {
+                sendToDeviceTask.executeRetry(params, 3)
+            }
+            Timber.tag(loggerTag.value)
+                    .d("Secret request sent for $secretName to ${cryptoDeviceInfo.shortDebugString()}")
+            // TODO update the audit trail
+        } catch (failure: Throwable) {
+            Timber.tag(loggerTag.value)
+                    .w("Failed to request secret $secretName to ${cryptoDeviceInfo.shortDebugString()}")
+        }
+    }
+
+    suspend fun onSecretSendReceived(toDevice: Event, handleGossip: ((name: String, value: String) -> Boolean)) {
+        Timber.tag(loggerTag.value)
+                .i("onSecretSend() from ${toDevice.senderId} : onSecretSendReceived ${toDevice.content?.get("sender_key")}")
+        if (!toDevice.isEncrypted()) {
+            // secret send messages must be encrypted
+            Timber.tag(loggerTag.value).e("onSecretSend() :Received unencrypted secret send event")
+            return
+        }
+
+        // Was that sent by us?
+        if (toDevice.senderId != credentials.userId) {
+            Timber.tag(loggerTag.value).e("onSecretSend() : Ignore secret from other user ${toDevice.senderId}")
+            return
+        }
+
+        val secretContent = toDevice.getClearContent().toModel<SecretSendEventContent>() ?: return
+
+        val existingRequest = verifMutex.withLock {
+            outgoingSecretRequests.firstOrNull { it.requestId == secretContent.requestId }
+        }
+
+        // As per spec:
+        // Clients should ignore m.secret.send events received from devices that it did not send an m.secret.request event to.
+        if (existingRequest?.secretName == null) {
+            Timber.tag(loggerTag.value).i("onSecretSend() : Ignore secret that was not requested: ${secretContent.requestId}")
+            return
+        }
+        // we don't need to cancel the request as we only request to one device
+        // just forget about the request now
+        verifMutex.withLock {
+            outgoingSecretRequests.remove(existingRequest)
+        }
+
+        if (!handleGossip(existingRequest.secretName, secretContent.secretValue)) {
+            // TODO Ask to application layer?
+            Timber.tag(loggerTag.value).v("onSecretSend() : secret not handled by SDK")
+        }
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 37fb8ba0f9..1daf2d2617 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -229,7 +229,7 @@ internal class MXMegolmDecryption(
         }
 
         Timber.tag(loggerTag.value).i("onRoomKeyEvent addInboundGroupSession ${roomKeyContent.sessionId}")
-        val added = olmDevice.addInboundGroupSession(roomKeyContent.sessionId,
+        val addSessionResult = olmDevice.addInboundGroupSession(roomKeyContent.sessionId,
                 roomKeyContent.sessionKey,
                 roomKeyContent.roomId,
                 senderKey,
@@ -237,9 +237,9 @@ internal class MXMegolmDecryption(
                 keysClaimed,
                 exportFormat)
 
-        when (added) {
-            is MXOlmDevice.AddSessionResult.Imported               -> added.ratchetIndex
-            is MXOlmDevice.AddSessionResult.NotImportedHigherIndex -> added.newIndex
+        when (addSessionResult) {
+            is MXOlmDevice.AddSessionResult.Imported               -> addSessionResult.ratchetIndex
+            is MXOlmDevice.AddSessionResult.NotImportedHigherIndex -> addSessionResult.newIndex
             else                                                   -> null
         }?.let { index ->
             if (event.getClearType() == EventType.FORWARDED_ROOM_KEY) {
@@ -273,7 +273,7 @@ internal class MXMegolmDecryption(
             }
         }
 
-        if (added is MXOlmDevice.AddSessionResult.Imported) {
+        if (addSessionResult is MXOlmDevice.AddSessionResult.Imported) {
             Timber.tag(loggerTag.value)
                     .d("onRoomKeyEvent(${event.getClearType()}) : Added megolm session ${roomKeyContent.sessionId} in ${roomKeyContent.roomId}")
             defaultKeysBackupService.maybeBackupKeys()
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index 2db3dba50d..7e69c2114a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -892,7 +892,8 @@ internal class RealmCryptoStore @Inject constructor(
                     val sessionIdentifier = olmInboundGroupSessionWrapper.olmInboundGroupSession?.sessionIdentifier()
                     val key = OlmInboundGroupSessionEntity.createPrimaryKey(
                             sessionIdentifier,
-                            olmInboundGroupSessionWrapper.senderKey)
+                            olmInboundGroupSessionWrapper.senderKey
+                    )
 
                     val existing = realm.where<OlmInboundGroupSessionEntity>()
                             .equalTo(OlmInboundGroupSessionEntityFields.PRIMARY_KEY, key)
@@ -1049,7 +1050,7 @@ internal class RealmCryptoStore @Inject constructor(
                     .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
                     .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, requestBody.sessionId)
         }.map {
-            it.toOutgoingGossipingRequest()
+            it.toOutgoingKeyRequest()
         }.firstOrNull {
             it.requestBody?.algorithm == requestBody.algorithm &&
                     it.requestBody?.roomId == requestBody.roomId &&
@@ -1063,7 +1064,7 @@ internal class RealmCryptoStore @Inject constructor(
             realm.where<OutgoingKeyRequestEntity>()
                     .equalTo(OutgoingKeyRequestEntityFields.REQUEST_ID, requestId)
         }.map {
-            it.toOutgoingGossipingRequest()
+            it.toOutgoingKeyRequest()
         }.firstOrNull()
     }
 
@@ -1074,7 +1075,7 @@ internal class RealmCryptoStore @Inject constructor(
                     .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
                     .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
         }.map {
-            it.toOutgoingGossipingRequest()
+            it.toOutgoingKeyRequest()
         }.filter {
             it.requestBody?.algorithm == algorithm &&
                     it.requestBody?.senderKey == senderKey
@@ -1088,30 +1089,35 @@ internal class RealmCryptoStore @Inject constructor(
         val dataSourceFactory = realmDataSourceFactory.map {
             AuditTrailMapper.map(it)
             // mm we can't map not null...
-                    ?: AuditTrail(
-                            System.currentTimeMillis(),
-                            TrailType.Unknown,
-                            IncomingKeyRequestInfo(
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                            )
-                    )
+                    ?: createUnknownTrail()
         }
-        return monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                LivePagedListBuilder(dataSourceFactory,
+        return monarchy.findAllPagedWithChanges(
+                realmDataSourceFactory,
+                LivePagedListBuilder(
+                        dataSourceFactory,
                         PagedList.Config.Builder()
                                 .setPageSize(20)
                                 .setEnablePlaceholders(false)
                                 .setPrefetchDistance(1)
-                                .build())
+                                .build()
+                )
         )
     }
 
+    private fun createUnknownTrail() = AuditTrail(
+            System.currentTimeMillis(),
+            TrailType.Unknown,
+            IncomingKeyRequestInfo(
+                    "",
+                    "",
+                    "",
+                    "",
+                    "",
+                    "",
+                    "",
+            )
+    )
+
     override fun <T> getGossipingEventsTrail(type: TrailType, mapper: ((AuditTrail) -> T)): LiveData<PagedList<T>> {
         val realmDataSourceFactory = monarchy.createDataSourceFactory { realm ->
             realm.where<AuditTrailEntity>()
@@ -1121,28 +1127,19 @@ internal class RealmCryptoStore @Inject constructor(
         val dataSourceFactory = realmDataSourceFactory.map { entity ->
             (AuditTrailMapper.map(entity)
             // mm we can't map not null...
-                    ?: AuditTrail(
-                            System.currentTimeMillis(),
-                            type,
-                            IncomingKeyRequestInfo(
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                                    "",
-                            )
-                    )
+                    ?: createUnknownTrail()
                     ).let { mapper.invoke(it) }
         }
-        return monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                LivePagedListBuilder(dataSourceFactory,
+        return monarchy.findAllPagedWithChanges(
+                realmDataSourceFactory,
+                LivePagedListBuilder(
+                        dataSourceFactory,
                         PagedList.Config.Builder()
                                 .setPageSize(20)
                                 .setEnablePlaceholders(false)
                                 .setPrefetchDistance(1)
-                                .build())
+                                .build()
+                )
         )
     }
 
@@ -1166,7 +1163,7 @@ internal class RealmCryptoStore @Inject constructor(
                     .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, requestBody.roomId)
                     .findAll()
                     .map {
-                        it.toOutgoingGossipingRequest()
+                        it.toOutgoingKeyRequest()
                     }.also {
                         if (it.size > 1) {
                             // there should be one or zero but not more, worth warning
@@ -1188,7 +1185,7 @@ internal class RealmCryptoStore @Inject constructor(
                     this.requestState = OutgoingRoomKeyRequestState.UNSENT
                     this.setRequestBody(requestBody)
                     this.creationTimeStamp = System.currentTimeMillis()
-                }.toOutgoingGossipingRequest()
+                }.toOutgoingKeyRequest()
             } else {
                 request = existing
             }
@@ -1231,7 +1228,7 @@ internal class RealmCryptoStore @Inject constructor(
                     .equalTo(OutgoingKeyRequestEntityFields.ROOM_ID, roomId)
                     .equalTo(OutgoingKeyRequestEntityFields.MEGOLM_SESSION_ID, sessionId)
                     .findAll().firstOrNull { entity ->
-                        entity.toOutgoingGossipingRequest().let {
+                        entity.toOutgoingKeyRequest().let {
                             it.requestBody?.senderKey == senderKey &&
                                     it.requestBody?.algorithm == algorithm
                         }
@@ -1473,7 +1470,7 @@ internal class RealmCryptoStore @Inject constructor(
             realm
                     .where(OutgoingKeyRequestEntity::class.java)
         }, { entity ->
-            entity.toOutgoingGossipingRequest()
+            entity.toOutgoingKeyRequest()
         })
                 .filterNotNull()
     }
@@ -1484,7 +1481,7 @@ internal class RealmCryptoStore @Inject constructor(
                     .where(OutgoingKeyRequestEntity::class.java)
                     .`in`(OutgoingKeyRequestEntityFields.REQUEST_STATE_STR, inStates.map { it.name }.toTypedArray())
         }, { entity ->
-            entity.toOutgoingGossipingRequest()
+            entity.toOutgoingKeyRequest()
         })
                 .filterNotNull()
     }
@@ -1495,15 +1492,18 @@ internal class RealmCryptoStore @Inject constructor(
                     .where(OutgoingKeyRequestEntity::class.java)
         }
         val dataSourceFactory = realmDataSourceFactory.map {
-            it.toOutgoingGossipingRequest()
+            it.toOutgoingKeyRequest()
         }
-        val trail = monarchy.findAllPagedWithChanges(realmDataSourceFactory,
-                LivePagedListBuilder(dataSourceFactory,
+        val trail = monarchy.findAllPagedWithChanges(
+                realmDataSourceFactory,
+                LivePagedListBuilder(
+                        dataSourceFactory,
                         PagedList.Config.Builder()
                                 .setPageSize(20)
                                 .setEnablePlaceholders(false)
                                 .setPrefetchDistance(1)
-                                .build())
+                                .build()
+                )
         )
         return trail
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
index 11c2514845..7a8ba18809 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/OutgoingKeyRequestEntity.kt
@@ -58,7 +58,7 @@ internal open class OutgoingKeyRequestEntity(
                         )
     }
 
-    fun getRequestedKeyInfo(): RoomKeyRequestBody? = RoomKeyRequestBody.fromJson(requestedInfoStr)
+    private fun getRequestedKeyInfo(): RoomKeyRequestBody? = RoomKeyRequestBody.fromJson(requestedInfoStr)
 
     fun setRequestBody(body: RoomKeyRequestBody) {
         requestedInfoStr = body.toJson()
@@ -92,7 +92,7 @@ internal open class OutgoingKeyRequestEntity(
         replies.add(newReply)
     }
 
-    fun toOutgoingGossipingRequest(): OutgoingKeyRequest {
+    fun toOutgoingKeyRequest(): OutgoingKeyRequest {
         return OutgoingKeyRequest(
                 requestBody = getRequestedKeyInfo(),
                 recipients = getRecipients().orEmpty(),
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
index fa7dfd8726..c9f86baa29 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/session/room/membership/joining/JoinRoomTask.kt
@@ -18,7 +18,6 @@ package org.matrix.android.sdk.internal.session.room.membership.joining
 
 import io.realm.RealmConfiguration
 import kotlinx.coroutines.TimeoutCancellationException
-import kotlinx.coroutines.withContext
 import org.matrix.android.sdk.api.MatrixCoroutineDispatchers
 import org.matrix.android.sdk.api.session.events.model.toContent
 import org.matrix.android.sdk.api.session.identity.model.SignInvitationResult
@@ -71,13 +70,11 @@ internal class DefaultJoinRoomTask @Inject constructor(
         }
         val joinRoomResponse = try {
             executeRequest(globalErrorReceiver) {
-                withContext(coroutineDispatcher.io) {
-                    roomAPI.join(
-                            roomIdOrAlias = params.roomIdOrAlias,
-                            viaServers = params.viaServers.take(3),
-                            params = extraParams
-                    )
-                }
+                roomAPI.join(
+                        roomIdOrAlias = params.roomIdOrAlias,
+                        viaServers = params.viaServers.take(3),
+                        params = extraParams
+                )
             }
         } catch (failure: Throwable) {
             roomChangeMembershipStateDataSource.updateState(params.roomIdOrAlias, ChangeMembershipState.FailedJoining(failure))

From 0f06368027f0910a3e05d1b80dd977492ab545b1 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Thu, 28 Apr 2022 09:09:38 +0200
Subject: [PATCH 23/27] Code review

---
 .../api/session/crypto/model/AuditTrail.kt    | 161 +++++++++---------
 .../crypto/IncomingKeyRequestManager.kt       |  12 +-
 .../crypto/store/db/RealmCryptoStore.kt       |   4 +-
 .../store/db/migration/MigrateCryptoTo016.kt  |   4 +-
 .../crypto/store/db/model/AuditTrailMapper.kt |  25 +--
 .../store/db/model/CryptoMetadataEntity.kt    |   2 +-
 6 files changed, 105 insertions(+), 103 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
index c479ee8146..861f3bd30b 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/AuditTrail.kt
@@ -1,76 +1,85 @@
-/*
- * Copyright 2022 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.matrix.android.sdk.api.session.crypto.model
-
-import com.squareup.moshi.JsonClass
-import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
-
-enum class TrailType {
-    OutgoingKeyForward,
-    IncomingKeyForward,
-    OutgoingKeyWithheld,
-    IncomingKeyRequest,
-    Unknown
-}
-
-interface AuditInfo {
-    val roomId: String
-    val sessionId: String
-    val senderKey: String
-    val alg: String
-    val userId: String
-    val deviceId: String
-}
-
-@JsonClass(generateAdapter = true)
-data class ForwardInfo(
-        override val roomId: String,
-        override val sessionId: String,
-        override val senderKey: String,
-        override val alg: String,
-        override val userId: String,
-        override val deviceId: String,
-        val chainIndex: Long?
-) : AuditInfo
-
-@JsonClass(generateAdapter = true)
-data class WithheldInfo(
-        override val roomId: String,
-        override val sessionId: String,
-        override val senderKey: String,
-        override val alg: String,
-        val code: WithHeldCode,
-        override val userId: String,
-        override val deviceId: String
-) : AuditInfo
-
-@JsonClass(generateAdapter = true)
-data class IncomingKeyRequestInfo(
-        override val roomId: String,
-        override val sessionId: String,
-        override val senderKey: String,
-        override val alg: String,
-        override val userId: String,
-        override val deviceId: String,
-        val requestId: String
-) : AuditInfo
-
-data class AuditTrail(
-        val ageLocalTs: Long,
-        val type: TrailType,
-        val info: AuditInfo
-)
+/*
+ * Copyright 2022 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.matrix.android.sdk.api.session.crypto.model
+
+import com.squareup.moshi.JsonClass
+import org.matrix.android.sdk.api.session.events.model.content.WithHeldCode
+
+enum class TrailType {
+    OutgoingKeyForward,
+    IncomingKeyForward,
+    OutgoingKeyWithheld,
+    IncomingKeyRequest,
+    Unknown
+}
+
+interface AuditInfo {
+    val roomId: String
+    val sessionId: String
+    val senderKey: String
+    val alg: String
+    val userId: String
+    val deviceId: String
+}
+
+@JsonClass(generateAdapter = true)
+data class ForwardInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        override val userId: String,
+        override val deviceId: String,
+        val chainIndex: Long?
+) : AuditInfo
+
+object UnknownInfo : AuditInfo {
+    override val roomId: String = ""
+    override val sessionId: String = ""
+    override val senderKey: String = ""
+    override val alg: String = ""
+    override val userId: String = ""
+    override val deviceId: String = ""
+}
+
+@JsonClass(generateAdapter = true)
+data class WithheldInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        val code: WithHeldCode,
+        override val userId: String,
+        override val deviceId: String
+) : AuditInfo
+
+@JsonClass(generateAdapter = true)
+data class IncomingKeyRequestInfo(
+        override val roomId: String,
+        override val sessionId: String,
+        override val senderKey: String,
+        override val alg: String,
+        override val userId: String,
+        override val deviceId: String,
+        val requestId: String
+) : AuditInfo
+
+data class AuditTrail(
+        val ageLocalTs: Long,
+        val type: TrailType,
+        val info: AuditInfo
+)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
index 3766e5f5a3..19965f0ba2 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
@@ -96,9 +96,9 @@ internal class IncomingKeyRequestManager @Inject constructor(
         val requestId = this.requestId ?: return null
         if (body.algorithm != MXCRYPTO_ALGORITHM_MEGOLM) return null
         val action = when (this.action) {
-            "request"              -> MegolmRequestAction.Request
+            "request" -> MegolmRequestAction.Request
             "request_cancellation" -> MegolmRequestAction.Cancel
-            else                   -> null
+            else -> null
         } ?: return null
         return ValidMegolmRequestBody(
                 requestId = requestId,
@@ -112,6 +112,11 @@ internal class IncomingKeyRequestManager @Inject constructor(
     }
 
     fun addNewIncomingRequest(senderId: String, request: RoomKeyShareRequest) {
+        if (!cryptoStore.isKeyGossipingEnabled()) {
+            Timber.tag(loggerTag.value)
+                    .i("Ignore incoming key request as per crypto config in room ${request.body?.roomId}")
+            return
+        }
         outgoingRequestScope.launch {
             // It is important to handle requests in order
             sequencer.post {
@@ -422,7 +427,8 @@ internal class IncomingKeyRequestManager @Inject constructor(
                     MXCRYPTO_ALGORITHM_MEGOLM,
                     requestingDevice.userId,
                     requestingDevice.deviceId,
-                    chainIndex)
+                    chainIndex
+            )
             true
         } catch (failure: Throwable) {
             Timber.tag(loggerTag.value)
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index 7e69c2114a..c545c59413 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -953,13 +953,13 @@ internal class RealmCryptoStore @Inject constructor(
 
     override fun enableKeyGossiping(enable: Boolean) {
         doRealmTransaction(realmConfiguration) {
-            it.where<CryptoMetadataEntity>().findFirst()?.globalEnableKeyRequestingAndSharing = enable
+            it.where<CryptoMetadataEntity>().findFirst()?.globalEnableKeyGossiping = enable
         }
     }
 
     override fun isKeyGossipingEnabled(): Boolean {
         return doWithRealm(realmConfiguration) {
-            it.where<CryptoMetadataEntity>().findFirst()?.globalEnableKeyRequestingAndSharing
+            it.where<CryptoMetadataEntity>().findFirst()?.globalEnableKeyGossiping
         } ?: true
     }
 
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
index edc8b566ad..5a14ebf85a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/migration/MigrateCryptoTo016.kt
@@ -61,10 +61,10 @@ internal class MigrateCryptoTo016(realm: DynamicRealm) : RealmMigrator(realm, 16
                 .addIndex(AuditTrailEntityFields.TYPE)
 
         realm.schema.get("CryptoMetadataEntity")
-                ?.addField(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_REQUESTING_AND_SHARING, Boolean::class.java)
+                ?.addField(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_GOSSIPING, Boolean::class.java)
                 ?.transform {
                     // set the default value to true
-                    it.setBoolean(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_REQUESTING_AND_SHARING, true)
+                    it.setBoolean(CryptoMetadataEntityFields.GLOBAL_ENABLE_KEY_GOSSIPING, true)
                 }
     }
 }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
index 16d08784eb..80ae4a8d0d 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/AuditTrailMapper.kt
@@ -17,11 +17,11 @@
 package org.matrix.android.sdk.internal.crypto.store.db.model
 
 import org.matrix.android.sdk.api.extensions.tryOrNull
-import org.matrix.android.sdk.api.session.crypto.model.AuditInfo
 import org.matrix.android.sdk.api.session.crypto.model.AuditTrail
 import org.matrix.android.sdk.api.session.crypto.model.ForwardInfo
 import org.matrix.android.sdk.api.session.crypto.model.IncomingKeyRequestInfo
 import org.matrix.android.sdk.api.session.crypto.model.TrailType
+import org.matrix.android.sdk.api.session.crypto.model.UnknownInfo
 import org.matrix.android.sdk.api.session.crypto.model.WithheldInfo
 import org.matrix.android.sdk.internal.di.MoshiProvider
 
@@ -30,7 +30,7 @@ internal object AuditTrailMapper {
     fun map(entity: AuditTrailEntity): AuditTrail? {
         val contentJson = entity.contentJson ?: return null
         return when (entity.type) {
-            TrailType.OutgoingKeyForward.name -> {
+            TrailType.OutgoingKeyForward.name  -> {
                 val info = tryOrNull {
                     MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).fromJson(contentJson)
                 } ?: return null
@@ -50,7 +50,7 @@ internal object AuditTrailMapper {
                         info = info
                 )
             }
-            TrailType.IncomingKeyRequest.name -> {
+            TrailType.IncomingKeyRequest.name  -> {
                 val info = tryOrNull {
                     MoshiProvider.providesMoshi().adapter(IncomingKeyRequestInfo::class.java).fromJson(contentJson)
                 } ?: return null
@@ -60,7 +60,7 @@ internal object AuditTrailMapper {
                         info = info
                 )
             }
-            TrailType.IncomingKeyForward.name -> {
+            TrailType.IncomingKeyForward.name  -> {
                 val info = tryOrNull {
                     MoshiProvider.providesMoshi().adapter(ForwardInfo::class.java).fromJson(contentJson)
                 } ?: return null
@@ -70,24 +70,11 @@ internal object AuditTrailMapper {
                         info = info
                 )
             }
-            else -> {
+            else                               -> {
                 AuditTrail(
                         ageLocalTs = entity.ageLocalTs ?: 0,
                         type = TrailType.Unknown,
-                        info = object : AuditInfo {
-                            override val roomId: String
-                                get() = ""
-                            override val sessionId: String
-                                get() = ""
-                            override val senderKey: String
-                                get() = ""
-                            override val alg: String
-                                get() = ""
-                            override val userId: String
-                                get() = ""
-                            override val deviceId: String
-                                get() = ""
-                        }
+                        info = UnknownInfo
                 )
             }
         }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt
index 9776d2073a..63ed0e537e 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/model/CryptoMetadataEntity.kt
@@ -34,7 +34,7 @@ internal open class CryptoMetadataEntity(
         // Settings for blacklisting unverified devices.
         var globalBlacklistUnverifiedDevices: Boolean = false,
         // setting to enable or disable key gossiping
-        var globalEnableKeyRequestingAndSharing: Boolean = true,
+        var globalEnableKeyGossiping: Boolean = true,
         // The keys backup version currently used. Null means no backup.
         var backupVersion: String? = null,
 

From de580cc997faf25b82e3fb0e4841bb2a8031034d Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Fri, 29 Apr 2022 09:42:56 +0200
Subject: [PATCH 24/27] Fix make verif scope as a child of crypto scope

---
 .../VerificationTransportRoomMessage.kt       | 632 +++++++++---------
 ...VerificationTransportRoomMessageFactory.kt |   8 +-
 2 files changed, 322 insertions(+), 318 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
index dfdda4f1d8..69ad3dd1b7 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessage.kt
@@ -1,316 +1,316 @@
-/*
- * Copyright 2020 The Matrix.org Foundation C.I.C.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.matrix.android.sdk.internal.crypto.verification
-
-import kotlinx.coroutines.CoroutineScope
-import kotlinx.coroutines.SupervisorJob
-import kotlinx.coroutines.asCoroutineDispatcher
-import kotlinx.coroutines.launch
-import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
-import org.matrix.android.sdk.api.session.crypto.verification.ValidVerificationInfoRequest
-import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
-import org.matrix.android.sdk.api.session.events.model.Content
-import org.matrix.android.sdk.api.session.events.model.Event
-import org.matrix.android.sdk.api.session.events.model.EventType
-import org.matrix.android.sdk.api.session.events.model.LocalEcho
-import org.matrix.android.sdk.api.session.events.model.RelationType
-import org.matrix.android.sdk.api.session.events.model.UnsignedData
-import org.matrix.android.sdk.api.session.events.model.toContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationAcceptContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationCancelContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationDoneContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationKeyContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationMacContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationReadyContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationRequestContent
-import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationStartContent
-import org.matrix.android.sdk.api.session.room.model.relation.RelationDefaultContent
-import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_RECIPROCATE
-import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_SAS
-import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
-import org.matrix.android.sdk.internal.session.room.send.LocalEchoEventFactory
-import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
-import timber.log.Timber
-import java.util.concurrent.Executors
-
-internal class VerificationTransportRoomMessage(
-        private val sendVerificationMessageTask: SendVerificationMessageTask,
-        private val userId: String,
-        private val userDeviceId: String?,
-        private val roomId: String,
-        private val localEchoEventFactory: LocalEchoEventFactory,
-        private val tx: DefaultVerificationTransaction?
-) : VerificationTransport {
-
-    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
-    private val verificationSenderScope = CoroutineScope(SupervisorJob() + dispatcher)
-    private val sequencer = SemaphoreCoroutineSequencer()
-
-    override fun <T> sendToOther(type: String,
-                                 verificationInfo: VerificationInfo<T>,
-                                 nextState: VerificationTxState,
-                                 onErrorReason: CancelCode,
-                                 onDone: (() -> Unit)?) {
-        Timber.d("## SAS sending msg type $type")
-        Timber.v("## SAS sending msg info $verificationInfo")
-        val event = createEventAndLocalEcho(
-                type = type,
-                roomId = roomId,
-                content = verificationInfo.toEventContent()!!
-        )
-
-        verificationSenderScope.launch {
-            sequencer.post {
-                try {
-                    val params = SendVerificationMessageTask.Params(event)
-                    sendVerificationMessageTask.executeRetry(params, 5)
-                    // Do I need to update local echo state to sent?
-                    if (onDone != null) {
-                        onDone()
-                    } else {
-                        tx?.state = nextState
-                    }
-                } catch (failure: Throwable) {
-                    tx?.cancel(onErrorReason)
-                }
-            }
-        }
-    }
-
-    override fun sendVerificationRequest(supportedMethods: List<String>,
-                                         localId: String,
-                                         otherUserId: String,
-                                         roomId: String?,
-                                         toDevices: List<String>?,
-                                         callback: (String?, ValidVerificationInfoRequest?) -> Unit) {
-        Timber.d("## SAS sending verification request with supported methods: $supportedMethods")
-        // This transport requires a room
-        requireNotNull(roomId)
-
-        val validInfo = ValidVerificationInfoRequest(
-                transactionId = "",
-                fromDevice = userDeviceId ?: "",
-                methods = supportedMethods,
-                timestamp = System.currentTimeMillis()
-        )
-
-        val info = MessageVerificationRequestContent(
-                body = "$userId is requesting to verify your key, but your client does not support in-chat key verification." +
-                        " You will need to use legacy key verification to verify keys.",
-                fromDevice = validInfo.fromDevice,
-                toUserId = otherUserId,
-                timestamp = validInfo.timestamp,
-                methods = validInfo.methods
-        )
-        val content = info.toContent()
-
-        val event = createEventAndLocalEcho(
-                localId = localId,
-                type = EventType.MESSAGE,
-                roomId = roomId,
-                content = content
-        )
-
-        verificationSenderScope.launch {
-            val params = SendVerificationMessageTask.Params(event)
-            sequencer.post {
-                try {
-                    val eventId = sendVerificationMessageTask.executeRetry(params, 5)
-                    // Do I need to update local echo state to sent?
-                    callback(eventId, validInfo)
-                } catch (failure: Throwable) {
-                    callback(null, null)
-                }
-            }
-        }
-    }
-
-    override fun cancelTransaction(transactionId: String, otherUserId: String, otherUserDeviceId: String?, code: CancelCode) {
-        Timber.d("## SAS canceling transaction $transactionId for reason $code")
-        val event = createEventAndLocalEcho(
-                type = EventType.KEY_VERIFICATION_CANCEL,
-                roomId = roomId,
-                content = MessageVerificationCancelContent.create(transactionId, code).toContent()
-        )
-
-        verificationSenderScope.launch {
-            sequencer.post {
-                try {
-                    val params = SendVerificationMessageTask.Params(event)
-                    sendVerificationMessageTask.executeRetry(params, 5)
-                } catch (failure: Throwable) {
-                    Timber.w(failure, "Failed to cancel verification transaction")
-                }
-            }
-        }
-    }
-
-    override fun done(transactionId: String,
-                      onDone: (() -> Unit)?) {
-        Timber.d("## SAS sending done for $transactionId")
-        val event = createEventAndLocalEcho(
-                type = EventType.KEY_VERIFICATION_DONE,
-                roomId = roomId,
-                content = MessageVerificationDoneContent(
-                        relatesTo = RelationDefaultContent(
-                                RelationType.REFERENCE,
-                                transactionId
-                        )
-                ).toContent()
-        )
-        verificationSenderScope.launch {
-            sequencer.post {
-                try {
-                    val params = SendVerificationMessageTask.Params(event)
-                    sendVerificationMessageTask.executeRetry(params, 5)
-                } catch (failure: Throwable) {
-                    Timber.w(failure, "Failed to complete (done) verification")
-                    // should we call onDone?
-                } finally {
-                    onDone?.invoke()
-                }
-            }
-        }
-//        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
-//                sessionId = sessionId,
-//                eventId = event.eventId ?: ""
-//        ))
-//        val enqueueInfo = enqueueSendWork(workerParams)
-//
-//        val workLiveData = workManagerProvider.workManager
-//                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
-//        val observer = object : Observer<List<WorkInfo>> {
-//            override fun onChanged(workInfoList: List<WorkInfo>?) {
-//                workInfoList
-//                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
-//                        ?.firstOrNull { it.id == enqueueInfo.second }
-//                        ?.let { _ ->
-//                            onDone?.invoke()
-//                            workLiveData.removeObserver(this)
-//                        }
-//            }
-//        }
-//
-//        // TODO listen to DB to get synced info
-//        coroutineScope.launch(Dispatchers.Main) {
-//            workLiveData.observeForever(observer)
-//        }
-    }
-
-//    private fun enqueueSendWork(workerParams: Data): Pair<Operation, UUID> {
-//        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
-//                .setConstraints(WorkManagerProvider.workConstraints)
-//                .setInputData(workerParams)
-//                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
-//                .build()
-//        return workManagerProvider.workManager
-//                .beginUniqueWork(uniqueQueueName(), ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
-//                .enqueue() to workRequest.id
-//    }
-
-//    private fun uniqueQueueName() = "${roomId}_VerificationWork"
-
-    override fun createAccept(tid: String,
-                              keyAgreementProtocol: String,
-                              hash: String,
-                              commitment: String,
-                              messageAuthenticationCode: String,
-                              shortAuthenticationStrings: List<String>): VerificationInfoAccept =
-            MessageVerificationAcceptContent.create(
-                    tid,
-                    keyAgreementProtocol,
-                    hash,
-                    commitment,
-                    messageAuthenticationCode,
-                    shortAuthenticationStrings
-            )
-
-    override fun createKey(tid: String, pubKey: String): VerificationInfoKey = MessageVerificationKeyContent.create(tid, pubKey)
-
-    override fun createMac(tid: String, mac: Map<String, String>, keys: String) = MessageVerificationMacContent.create(tid, mac, keys)
-
-    override fun createStartForSas(fromDevice: String,
-                                   transactionId: String,
-                                   keyAgreementProtocols: List<String>,
-                                   hashes: List<String>,
-                                   messageAuthenticationCodes: List<String>,
-                                   shortAuthenticationStrings: List<String>): VerificationInfoStart {
-        return MessageVerificationStartContent(
-                fromDevice,
-                hashes,
-                keyAgreementProtocols,
-                messageAuthenticationCodes,
-                shortAuthenticationStrings,
-                VERIFICATION_METHOD_SAS,
-                RelationDefaultContent(
-                        type = RelationType.REFERENCE,
-                        eventId = transactionId
-                ),
-                null
-        )
-    }
-
-    override fun createStartForQrCode(fromDevice: String,
-                                      transactionId: String,
-                                      sharedSecret: String): VerificationInfoStart {
-        return MessageVerificationStartContent(
-                fromDevice,
-                null,
-                null,
-                null,
-                null,
-                VERIFICATION_METHOD_RECIPROCATE,
-                RelationDefaultContent(
-                        type = RelationType.REFERENCE,
-                        eventId = transactionId
-                ),
-                sharedSecret
-        )
-    }
-
-    override fun createReady(tid: String, fromDevice: String, methods: List<String>): VerificationInfoReady {
-        return MessageVerificationReadyContent(
-                fromDevice = fromDevice,
-                relatesTo = RelationDefaultContent(
-                        type = RelationType.REFERENCE,
-                        eventId = tid
-                ),
-                methods = methods
-        )
-    }
-
-    private fun createEventAndLocalEcho(localId: String = LocalEcho.createLocalEchoId(), type: String, roomId: String, content: Content): Event {
-        return Event(
-                roomId = roomId,
-                originServerTs = System.currentTimeMillis(),
-                senderId = userId,
-                eventId = localId,
-                type = type,
-                content = content,
-                unsignedData = UnsignedData(age = null, transactionId = localId)
-        ).also {
-            localEchoEventFactory.createLocalEcho(it)
-        }
-    }
-
-    override fun sendVerificationReady(keyReq: VerificationInfoReady,
-                                       otherUserId: String,
-                                       otherDeviceId: String?,
-                                       callback: (() -> Unit)?) {
-        // Not applicable (send event is called directly)
-        Timber.w("## SAS ignored verification ready with methods: ${keyReq.methods}")
-    }
-}
+/*
+ * Copyright 2020 The Matrix.org Foundation C.I.C.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.matrix.android.sdk.internal.crypto.verification
+
+import kotlinx.coroutines.CoroutineScope
+import kotlinx.coroutines.asCoroutineDispatcher
+import kotlinx.coroutines.launch
+import org.matrix.android.sdk.api.session.crypto.verification.CancelCode
+import org.matrix.android.sdk.api.session.crypto.verification.ValidVerificationInfoRequest
+import org.matrix.android.sdk.api.session.crypto.verification.VerificationTxState
+import org.matrix.android.sdk.api.session.events.model.Content
+import org.matrix.android.sdk.api.session.events.model.Event
+import org.matrix.android.sdk.api.session.events.model.EventType
+import org.matrix.android.sdk.api.session.events.model.LocalEcho
+import org.matrix.android.sdk.api.session.events.model.RelationType
+import org.matrix.android.sdk.api.session.events.model.UnsignedData
+import org.matrix.android.sdk.api.session.events.model.toContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationAcceptContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationCancelContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationDoneContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationKeyContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationMacContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationReadyContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationRequestContent
+import org.matrix.android.sdk.api.session.room.model.message.MessageVerificationStartContent
+import org.matrix.android.sdk.api.session.room.model.relation.RelationDefaultContent
+import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_RECIPROCATE
+import org.matrix.android.sdk.internal.crypto.model.rest.VERIFICATION_METHOD_SAS
+import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
+import org.matrix.android.sdk.internal.session.room.send.LocalEchoEventFactory
+import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
+import timber.log.Timber
+import java.util.concurrent.Executors
+
+internal class VerificationTransportRoomMessage(
+        private val sendVerificationMessageTask: SendVerificationMessageTask,
+        private val userId: String,
+        private val userDeviceId: String?,
+        private val roomId: String,
+        private val localEchoEventFactory: LocalEchoEventFactory,
+        private val tx: DefaultVerificationTransaction?,
+        cryptoCoroutineScope: CoroutineScope,
+) : VerificationTransport {
+
+    private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
+    private val verificationSenderScope = CoroutineScope(cryptoCoroutineScope.coroutineContext + dispatcher)
+    private val sequencer = SemaphoreCoroutineSequencer()
+
+    override fun <T> sendToOther(type: String,
+                                 verificationInfo: VerificationInfo<T>,
+                                 nextState: VerificationTxState,
+                                 onErrorReason: CancelCode,
+                                 onDone: (() -> Unit)?) {
+        Timber.d("## SAS sending msg type $type")
+        Timber.v("## SAS sending msg info $verificationInfo")
+        val event = createEventAndLocalEcho(
+                type = type,
+                roomId = roomId,
+                content = verificationInfo.toEventContent()!!
+        )
+
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                    // Do I need to update local echo state to sent?
+                    if (onDone != null) {
+                        onDone()
+                    } else {
+                        tx?.state = nextState
+                    }
+                } catch (failure: Throwable) {
+                    tx?.cancel(onErrorReason)
+                }
+            }
+        }
+    }
+
+    override fun sendVerificationRequest(supportedMethods: List<String>,
+                                         localId: String,
+                                         otherUserId: String,
+                                         roomId: String?,
+                                         toDevices: List<String>?,
+                                         callback: (String?, ValidVerificationInfoRequest?) -> Unit) {
+        Timber.d("## SAS sending verification request with supported methods: $supportedMethods")
+        // This transport requires a room
+        requireNotNull(roomId)
+
+        val validInfo = ValidVerificationInfoRequest(
+                transactionId = "",
+                fromDevice = userDeviceId ?: "",
+                methods = supportedMethods,
+                timestamp = System.currentTimeMillis()
+        )
+
+        val info = MessageVerificationRequestContent(
+                body = "$userId is requesting to verify your key, but your client does not support in-chat key verification." +
+                        " You will need to use legacy key verification to verify keys.",
+                fromDevice = validInfo.fromDevice,
+                toUserId = otherUserId,
+                timestamp = validInfo.timestamp,
+                methods = validInfo.methods
+        )
+        val content = info.toContent()
+
+        val event = createEventAndLocalEcho(
+                localId = localId,
+                type = EventType.MESSAGE,
+                roomId = roomId,
+                content = content
+        )
+
+        verificationSenderScope.launch {
+            val params = SendVerificationMessageTask.Params(event)
+            sequencer.post {
+                try {
+                    val eventId = sendVerificationMessageTask.executeRetry(params, 5)
+                    // Do I need to update local echo state to sent?
+                    callback(eventId, validInfo)
+                } catch (failure: Throwable) {
+                    callback(null, null)
+                }
+            }
+        }
+    }
+
+    override fun cancelTransaction(transactionId: String, otherUserId: String, otherUserDeviceId: String?, code: CancelCode) {
+        Timber.d("## SAS canceling transaction $transactionId for reason $code")
+        val event = createEventAndLocalEcho(
+                type = EventType.KEY_VERIFICATION_CANCEL,
+                roomId = roomId,
+                content = MessageVerificationCancelContent.create(transactionId, code).toContent()
+        )
+
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                } catch (failure: Throwable) {
+                    Timber.w(failure, "Failed to cancel verification transaction")
+                }
+            }
+        }
+    }
+
+    override fun done(transactionId: String,
+                      onDone: (() -> Unit)?) {
+        Timber.d("## SAS sending done for $transactionId")
+        val event = createEventAndLocalEcho(
+                type = EventType.KEY_VERIFICATION_DONE,
+                roomId = roomId,
+                content = MessageVerificationDoneContent(
+                        relatesTo = RelationDefaultContent(
+                                RelationType.REFERENCE,
+                                transactionId
+                        )
+                ).toContent()
+        )
+        verificationSenderScope.launch {
+            sequencer.post {
+                try {
+                    val params = SendVerificationMessageTask.Params(event)
+                    sendVerificationMessageTask.executeRetry(params, 5)
+                } catch (failure: Throwable) {
+                    Timber.w(failure, "Failed to complete (done) verification")
+                    // should we call onDone?
+                } finally {
+                    onDone?.invoke()
+                }
+            }
+        }
+//        val workerParams = WorkerParamsFactory.toData(SendVerificationMessageWorker.Params(
+//                sessionId = sessionId,
+//                eventId = event.eventId ?: ""
+//        ))
+//        val enqueueInfo = enqueueSendWork(workerParams)
+//
+//        val workLiveData = workManagerProvider.workManager
+//                .getWorkInfosForUniqueWorkLiveData(uniqueQueueName())
+//        val observer = object : Observer<List<WorkInfo>> {
+//            override fun onChanged(workInfoList: List<WorkInfo>?) {
+//                workInfoList
+//                        ?.filter { it.state == WorkInfo.State.SUCCEEDED }
+//                        ?.firstOrNull { it.id == enqueueInfo.second }
+//                        ?.let { _ ->
+//                            onDone?.invoke()
+//                            workLiveData.removeObserver(this)
+//                        }
+//            }
+//        }
+//
+//        // TODO listen to DB to get synced info
+//        coroutineScope.launch(Dispatchers.Main) {
+//            workLiveData.observeForever(observer)
+//        }
+    }
+
+//    private fun enqueueSendWork(workerParams: Data): Pair<Operation, UUID> {
+//        val workRequest = workManagerProvider.matrixOneTimeWorkRequestBuilder<SendVerificationMessageWorker>()
+//                .setConstraints(WorkManagerProvider.workConstraints)
+//                .setInputData(workerParams)
+//                .setBackoffCriteria(BackoffPolicy.LINEAR, WorkManagerProvider.BACKOFF_DELAY_MILLIS, TimeUnit.MILLISECONDS)
+//                .build()
+//        return workManagerProvider.workManager
+//                .beginUniqueWork(uniqueQueueName(), ExistingWorkPolicy.APPEND_OR_REPLACE, workRequest)
+//                .enqueue() to workRequest.id
+//    }
+
+//    private fun uniqueQueueName() = "${roomId}_VerificationWork"
+
+    override fun createAccept(tid: String,
+                              keyAgreementProtocol: String,
+                              hash: String,
+                              commitment: String,
+                              messageAuthenticationCode: String,
+                              shortAuthenticationStrings: List<String>): VerificationInfoAccept =
+            MessageVerificationAcceptContent.create(
+                    tid,
+                    keyAgreementProtocol,
+                    hash,
+                    commitment,
+                    messageAuthenticationCode,
+                    shortAuthenticationStrings
+            )
+
+    override fun createKey(tid: String, pubKey: String): VerificationInfoKey = MessageVerificationKeyContent.create(tid, pubKey)
+
+    override fun createMac(tid: String, mac: Map<String, String>, keys: String) = MessageVerificationMacContent.create(tid, mac, keys)
+
+    override fun createStartForSas(fromDevice: String,
+                                   transactionId: String,
+                                   keyAgreementProtocols: List<String>,
+                                   hashes: List<String>,
+                                   messageAuthenticationCodes: List<String>,
+                                   shortAuthenticationStrings: List<String>): VerificationInfoStart {
+        return MessageVerificationStartContent(
+                fromDevice,
+                hashes,
+                keyAgreementProtocols,
+                messageAuthenticationCodes,
+                shortAuthenticationStrings,
+                VERIFICATION_METHOD_SAS,
+                RelationDefaultContent(
+                        type = RelationType.REFERENCE,
+                        eventId = transactionId
+                ),
+                null
+        )
+    }
+
+    override fun createStartForQrCode(fromDevice: String,
+                                      transactionId: String,
+                                      sharedSecret: String): VerificationInfoStart {
+        return MessageVerificationStartContent(
+                fromDevice,
+                null,
+                null,
+                null,
+                null,
+                VERIFICATION_METHOD_RECIPROCATE,
+                RelationDefaultContent(
+                        type = RelationType.REFERENCE,
+                        eventId = transactionId
+                ),
+                sharedSecret
+        )
+    }
+
+    override fun createReady(tid: String, fromDevice: String, methods: List<String>): VerificationInfoReady {
+        return MessageVerificationReadyContent(
+                fromDevice = fromDevice,
+                relatesTo = RelationDefaultContent(
+                        type = RelationType.REFERENCE,
+                        eventId = tid
+                ),
+                methods = methods
+        )
+    }
+
+    private fun createEventAndLocalEcho(localId: String = LocalEcho.createLocalEchoId(), type: String, roomId: String, content: Content): Event {
+        return Event(
+                roomId = roomId,
+                originServerTs = System.currentTimeMillis(),
+                senderId = userId,
+                eventId = localId,
+                type = type,
+                content = content,
+                unsignedData = UnsignedData(age = null, transactionId = localId)
+        ).also {
+            localEchoEventFactory.createLocalEcho(it)
+        }
+    }
+
+    override fun sendVerificationReady(keyReq: VerificationInfoReady,
+                                       otherUserId: String,
+                                       otherDeviceId: String?,
+                                       callback: (() -> Unit)?) {
+        // Not applicable (send event is called directly)
+        Timber.w("## SAS ignored verification ready with methods: ${keyReq.methods}")
+    }
+}
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt
index efbdd9c175..37e6a56715 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/verification/VerificationTransportRoomMessageFactory.kt
@@ -16,6 +16,7 @@
 
 package org.matrix.android.sdk.internal.crypto.verification
 
+import kotlinx.coroutines.CoroutineScope
 import org.matrix.android.sdk.internal.crypto.tasks.SendVerificationMessageTask
 import org.matrix.android.sdk.internal.di.DeviceId
 import org.matrix.android.sdk.internal.di.UserId
@@ -28,7 +29,8 @@ internal class VerificationTransportRoomMessageFactory @Inject constructor(
         private val userId: String,
         @DeviceId
         private val deviceId: String?,
-        private val localEchoEventFactory: LocalEchoEventFactory
+        private val localEchoEventFactory: LocalEchoEventFactory,
+        private val cryptoCoroutineScope: CoroutineScope,
 ) {
 
     fun createTransport(roomId: String, tx: DefaultVerificationTransaction?): VerificationTransportRoomMessage {
@@ -38,6 +40,8 @@ internal class VerificationTransportRoomMessageFactory @Inject constructor(
                 userDeviceId = deviceId,
                 roomId = roomId,
                 localEchoEventFactory = localEchoEventFactory,
-                tx = tx)
+                tx = tx,
+                cryptoCoroutineScope
+        )
     }
 }

From 546d6fe56dc1e888f7716ece6adea2938accd9ae Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 11 May 2022 10:42:02 +0200
Subject: [PATCH 25/27] post merge fix

---
 .../android/sdk/common/CryptoTestHelper.kt     | 18 +++++++++---------
 .../algorithms/megolm/MXMegolmDecryption.kt    |  2 +-
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
index 9b41a63d46..dfb4863d5b 100644
--- a/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
+++ b/matrix-sdk-android/src/androidTest/java/org/matrix/android/sdk/common/CryptoTestHelper.kt
@@ -371,13 +371,13 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
         val aliceVerificationService = alice.cryptoService().verificationService()
         val bobVerificationService = bob.cryptoService().verificationService()
 
-        aliceVerificationService.beginKeyVerificationInDMs(
-                VerificationMethod.SAS,
-                requestID,
-                roomId,
-                bob.myUserId,
-                bob.sessionParams.credentials.deviceId!!
-        )
+        val localId = UUID.randomUUID().toString()
+        aliceVerificationService.requestKeyVerificationInDMs(
+                localId = localId,
+                methods = listOf(VerificationMethod.SAS, VerificationMethod.QR_CODE_SCAN, VerificationMethod.QR_CODE_SHOW),
+                otherUserId = bob.myUserId,
+                roomId = roomId
+        ).transactionId
 
         testHelper.waitWithLatch {
             testHelper.retryPeriodicallyWithLatch(it) {
@@ -484,7 +484,7 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
         sentEventIds.forEachIndexed { index, sentEventId ->
             testHelper.waitWithLatch { latch ->
                 testHelper.retryPeriodicallyWithLatch(latch) {
-                    val event = session.getRoom(e2eRoomID)!!.getTimelineEvent(sentEventId)!!.root
+                    val event = session.getRoom(e2eRoomID)!!.timelineService().getTimelineEvent(sentEventId)!!.root
                     testHelper.runBlockingTest {
                         try {
                             session.cryptoService().decryptEvent(event, "").let { result ->
@@ -509,7 +509,7 @@ class CryptoTestHelper(private val testHelper: CommonTestHelper) {
 
     fun ensureCannotDecrypt(sentEventIds: List<String>, session: Session, e2eRoomID: String, expectedError: MXCryptoError.ErrorType? = null) {
         sentEventIds.forEach { sentEventId ->
-            val event = session.getRoom(e2eRoomID)!!.getTimelineEvent(sentEventId)!!.root
+            val event = session.getRoom(e2eRoomID)!!.timelineService().getTimelineEvent(sentEventId)!!.root
             testHelper.runBlockingTest {
                 try {
                     session.cryptoService().decryptEvent(event, "")
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
index 1a7c5c57f3..d65b05f655 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/algorithms/megolm/MXMegolmDecryption.kt
@@ -236,7 +236,7 @@ internal class MXMegolmDecryption(
         }
 
         Timber.tag(loggerTag.value).i("onRoomKeyEvent addInboundGroupSession ${roomKeyContent.sessionId}")
-        val added = olmDevice.addInboundGroupSession(
+        val addSessionResult = olmDevice.addInboundGroupSession(
                 roomKeyContent.sessionId,
                 roomKeyContent.sessionKey,
                 roomKeyContent.roomId,

From 992f477ab1eb064b1f4bc69e0857dba5017cf231 Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 11 May 2022 10:58:13 +0200
Subject: [PATCH 26/27] use clock time instead of system

---
 .../session/crypto/model/IncomingRoomKeyRequest.kt   |  6 ++++--
 .../android/sdk/internal/crypto/DeviceListManager.kt |  4 ++--
 .../sdk/internal/crypto/IncomingKeyRequestManager.kt | 11 +++++++----
 .../crypto/PerSessionBackupQueryRateLimiter.kt       | 10 ++++++----
 .../sdk/internal/crypto/SecretShareManager.kt        |  8 +++++---
 .../sdk/internal/crypto/store/db/RealmCryptoStore.kt | 12 ++++++------
 6 files changed, 30 insertions(+), 21 deletions(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
index d125505f27..3c7b7c6b5d 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
@@ -16,6 +16,8 @@
 
 package org.matrix.android.sdk.api.session.crypto.model
 
+import org.matrix.android.sdk.internal.util.time.Clock
+
 /**
  * IncomingRoomKeyRequest class defines the incoming room keys request.
  */
@@ -71,13 +73,13 @@ data class IncomingRoomKeyRequest(
                     }
         }
 
-        fun fromRestRequest(senderId: String, request: RoomKeyShareRequest): IncomingRoomKeyRequest? {
+        fun fromRestRequest(senderId: String, request: RoomKeyShareRequest, clock: Clock): IncomingRoomKeyRequest? {
             return IncomingRoomKeyRequest(
                     userId = senderId,
                     deviceId = request.requestingDeviceId,
                     requestId = request.requestId,
                     requestBody = request.body,
-                    localCreationTimestamp = System.currentTimeMillis()
+                    localCreationTimestamp = clock.epochMillis()
             )
         }
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
index cc1827d0f7..f546b35fcf 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/DeviceListManager.kt
@@ -317,12 +317,12 @@ internal class DeviceListManager @Inject constructor(
             val t0 = clock.epochMillis()
             try {
                 val result = doKeyDownloadForUsers(downloadUsers)
-                Timber.v("## CRYPTO | downloadKeys() : doKeyDownloadForUsers succeeds after ${System.currentTimeMillis() - t0} ms")
+                Timber.v("## CRYPTO | downloadKeys() : doKeyDownloadForUsers succeeds after ${clock.epochMillis() - t0} ms")
                 result.also {
                     it.addEntriesFromMap(stored)
                 }
             } catch (failure: Throwable) {
-                Timber.w(failure, "## CRYPTO | downloadKeys() : doKeyDownloadForUsers failed after ${System.currentTimeMillis() - t0} ms")
+                Timber.w(failure, "## CRYPTO | downloadKeys() : doKeyDownloadForUsers failed after ${clock.epochMillis() - t0} ms")
                 if (forceDownload) {
                     throw failure
                 } else {
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
index 19965f0ba2..13f2fb861a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/IncomingKeyRequestManager.kt
@@ -44,6 +44,7 @@ import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
 import org.matrix.android.sdk.internal.session.SessionScope
 import org.matrix.android.sdk.internal.task.SemaphoreCoroutineSequencer
+import org.matrix.android.sdk.internal.util.time.Clock
 import timber.log.Timber
 import java.util.concurrent.Executors
 import javax.inject.Inject
@@ -60,7 +61,9 @@ internal class IncomingKeyRequestManager @Inject constructor(
         private val cryptoConfig: MXCryptoConfig,
         private val messageEncrypter: MessageEncrypter,
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
-        private val sendToDeviceTask: SendToDeviceTask) {
+        private val sendToDeviceTask: SendToDeviceTask,
+        private val clock: Clock,
+) {
 
     private val dispatcher = Executors.newSingleThreadExecutor().asCoroutineDispatcher()
     private val outgoingRequestScope = CoroutineScope(SupervisorJob() + dispatcher)
@@ -135,7 +138,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
                         MegolmRequestAction.Cancel  -> {
                             // ignore, we can't cancel as it's not known (probably already processed)
                             // still notify app layer if it was passed up previously
-                            IncomingRoomKeyRequest.fromRestRequest(senderId, request)?.let { iReq ->
+                            IncomingRoomKeyRequest.fromRestRequest(senderId, request, clock)?.let { iReq ->
                                 outgoingRequestScope.launch(coroutineDispatchers.computation) {
                                     val listenersCopy = synchronized(gossipingRequestListeners) {
                                         gossipingRequestListeners.toList()
@@ -164,7 +167,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
                                     gossipingRequestListeners.toList()
                                 }
                                 listenersCopy.onEach {
-                                    IncomingRoomKeyRequest.fromRestRequest(senderId, request)?.let { iReq ->
+                                    IncomingRoomKeyRequest.fromRestRequest(senderId, request, clock)?.let { iReq ->
                                         withContext(coroutineDispatchers.main) {
                                             tryOrNull { it.onRequestCancelled(iReq) }
                                         }
@@ -287,7 +290,7 @@ internal class IncomingKeyRequestManager @Inject constructor(
                                     sessionId = request.sessionId,
                                     roomId = request.roomId
                             ),
-                            localCreationTimestamp = System.currentTimeMillis()
+                            localCreationTimestamp = clock.epochMillis()
                     )
                     listenersCopy.onEach {
                         withContext(coroutineDispatchers.main) {
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
index 292ba02ecd..0c059e7ca9 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/PerSessionBackupQueryRateLimiter.kt
@@ -26,6 +26,7 @@ import org.matrix.android.sdk.api.session.crypto.model.ImportRoomKeysResult
 import org.matrix.android.sdk.api.util.awaitCallback
 import org.matrix.android.sdk.internal.crypto.keysbackup.DefaultKeysBackupService
 import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
+import org.matrix.android.sdk.internal.util.time.Clock
 import timber.log.Timber
 import javax.inject.Inject
 
@@ -40,7 +41,8 @@ private val loggerTag = LoggerTag("OutgoingGossipingRequestManager", LoggerTag.C
 internal class PerSessionBackupQueryRateLimiter @Inject constructor(
         private val coroutineDispatchers: MatrixCoroutineDispatchers,
         private val keysBackupService: Lazy<DefaultKeysBackupService>,
-        private val cryptoStore: IMXCryptoStore
+        private val cryptoStore: IMXCryptoStore,
+        private val clock: Clock,
 ) {
 
     companion object {
@@ -54,7 +56,7 @@ internal class PerSessionBackupQueryRateLimiter @Inject constructor(
 
     data class LastTry(
             val backupVersion: String,
-            val timestamp: Long = System.currentTimeMillis()
+            val timestamp: Long
     )
 
     /**
@@ -66,7 +68,7 @@ internal class PerSessionBackupQueryRateLimiter @Inject constructor(
     private var backupVersion: KeysVersionResult? = null
     private var savedKeyBackupKeyInfo: SavedKeyBackupKeyInfo? = null
     var backupWasCheckedFromServer: Boolean = false
-    val now = System.currentTimeMillis()
+    val now = clock.epochMillis()
 
     fun refreshBackupInfoIfNeeded(force: Boolean = false) {
         if (backupWasCheckedFromServer && !force) return
@@ -124,7 +126,7 @@ internal class PerSessionBackupQueryRateLimiter @Inject constructor(
             return true
         } else {
             Timber.tag(loggerTag.value).v("Failed to find key in backup session:$sessionId in $roomId")
-            lastFailureMap[cacheKey] = LastTry(currentVersion.version)
+            lastFailureMap[cacheKey] = LastTry(currentVersion.version, clock.epochMillis())
             return false
         }
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
index dca4b07416..6fb6914206 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/SecretShareManager.kt
@@ -43,6 +43,7 @@ import org.matrix.android.sdk.internal.crypto.store.IMXCryptoStore
 import org.matrix.android.sdk.internal.crypto.tasks.SendToDeviceTask
 import org.matrix.android.sdk.internal.crypto.tasks.createUniqueTxnId
 import org.matrix.android.sdk.internal.session.SessionScope
+import org.matrix.android.sdk.internal.util.time.Clock
 import timber.log.Timber
 import javax.inject.Inject
 
@@ -56,7 +57,8 @@ internal class SecretShareManager @Inject constructor(
         private val messageEncrypter: MessageEncrypter,
         private val ensureOlmSessionsForDevicesAction: EnsureOlmSessionsForDevicesAction,
         private val sendToDeviceTask: SendToDeviceTask,
-        private val coroutineDispatchers: MatrixCoroutineDispatchers
+        private val coroutineDispatchers: MatrixCoroutineDispatchers,
+        private val clock: Clock,
 ) {
 
     companion object {
@@ -100,7 +102,7 @@ internal class SecretShareManager @Inject constructor(
         // For now we just keep an in memory cache
         cryptoCoroutineScope.launch {
             verifMutex.withLock {
-                recentlyVerifiedDevices[deviceId] = System.currentTimeMillis()
+                recentlyVerifiedDevices[deviceId] = clock.epochMillis()
             }
         }
     }
@@ -217,7 +219,7 @@ internal class SecretShareManager @Inject constructor(
             recentlyVerifiedDevices[deviceId]
         } ?: return false
 
-        val age = System.currentTimeMillis() - verifTimestamp
+        val age = clock.epochMillis() - verifTimestamp
 
         return age < SECRET_SHARE_WINDOW_DURATION
     }
diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
index d030eefbc2..d5750a2e2a 100644
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/internal/crypto/store/db/RealmCryptoStore.kt
@@ -1108,7 +1108,7 @@ internal class RealmCryptoStore @Inject constructor(
     }
 
     private fun createUnknownTrail() = AuditTrail(
-            System.currentTimeMillis(),
+            clock.epochMillis(),
             TrailType.Unknown,
             IncomingKeyRequestInfo(
                     "",
@@ -1187,7 +1187,7 @@ internal class RealmCryptoStore @Inject constructor(
                     this.requestedIndex = fromIndex
                     this.requestState = OutgoingRoomKeyRequestState.UNSENT
                     this.setRequestBody(requestBody)
-                    this.creationTimeStamp = System.currentTimeMillis()
+                    this.creationTimeStamp = clock.epochMillis()
                 }.toOutgoingKeyRequest()
             } else {
                 request = existing
@@ -1268,7 +1268,7 @@ internal class RealmCryptoStore @Inject constructor(
             fromUser: String,
             fromDevice: String) {
         monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
+            val now = clock.epochMillis()
             realm.createObject<AuditTrailEntity>().apply {
                 this.ageLocalTs = now
                 this.type = TrailType.IncomingKeyRequest.name
@@ -1296,7 +1296,7 @@ internal class RealmCryptoStore @Inject constructor(
                                         userId: String,
                                         deviceId: String) {
         monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
+            val now = clock.epochMillis()
             realm.createObject<AuditTrailEntity>().apply {
                 this.ageLocalTs = now
                 this.type = TrailType.OutgoingKeyWithheld.name
@@ -1346,7 +1346,7 @@ internal class RealmCryptoStore @Inject constructor(
                                     incoming: Boolean
     ) {
         monarchy.writeAsync { realm ->
-            val now = System.currentTimeMillis()
+            val now = clock.epochMillis()
             realm.createObject<AuditTrailEntity>().apply {
                 this.ageLocalTs = now
                 this.type = if (incoming) TrailType.IncomingKeyForward.name else TrailType.OutgoingKeyForward.name
@@ -1683,7 +1683,7 @@ internal class RealmCryptoStore @Inject constructor(
 
             // Only keep one month history
 
-            val prevMonthTs = System.currentTimeMillis() - 4 * 7 * 24 * 60 * 60 * 1_000L
+            val prevMonthTs = clock.epochMillis() - 4 * 7 * 24 * 60 * 60 * 1_000L
             realm.where<AuditTrailEntity>()
                     .lessThan(AuditTrailEntityFields.AGE_LOCAL_TS, prevMonthTs)
                     .findAll()

From 3948f263df7dbec2b5443cef82aa7f57e2a57c9f Mon Sep 17 00:00:00 2001
From: Valere <valeref@matrix.org>
Date: Wed, 11 May 2022 11:16:00 +0200
Subject: [PATCH 27/27] fix method visibility

---
 .../sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
index 3c7b7c6b5d..0a28478a10 100755
--- a/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
+++ b/matrix-sdk-android/src/main/java/org/matrix/android/sdk/api/session/crypto/model/IncomingRoomKeyRequest.kt
@@ -73,7 +73,7 @@ data class IncomingRoomKeyRequest(
                     }
         }
 
-        fun fromRestRequest(senderId: String, request: RoomKeyShareRequest, clock: Clock): IncomingRoomKeyRequest? {
+        internal fun fromRestRequest(senderId: String, request: RoomKeyShareRequest, clock: Clock): IncomingRoomKeyRequest? {
             return IncomingRoomKeyRequest(
                     userId = senderId,
                     deviceId = request.requestingDeviceId,