mirror of
https://github.com/oxen-io/session-ios.git
synced 2023-12-13 21:30:14 +01:00
2.8 KiB
2.8 KiB
Loki Session Reset
Signal
Since Signal uses a centralised server, creating sessions is easy as the prekeys can be easily fetched.
The process is as follows:
A
deletes all their sessions and sendsEnd Session
toB
A
contacts the server and creates a new session
B
Gets this message and deletes all sessions.B
Sends a message with a newly created sessionB
contacted server and established this
A
andB
now have the same sessions so they can delete any archived ones.
Loki
Loki doesn't have a centralised server and thus we need to change the process above with something similar.
We have to introduce a session reset state sessionState
which can take the following states:
none
: No session reset is in progressinitiated
: We have initiated the session resetreceived
: We have received a session reset from the other user
The new process is as follows:
A
SendsEnd Session
with aPreKeyBundle
and archives its own session.sessionState = initiated
- The session is archived as we could get a message from
B
using the archived session, so we still want to be able to decrypt that. - We can show
Session reset in progress
B
Gets this message and saves thePreKeyBundle
and archives its own sessions.sessionState = received
B
sends an empty message, which will trigger a new session to be created.B
deletes thePreKeyBundle
once session is created.- We can show
Session reset in progress
A
andB
both do the routine below when receiving messages.
Upon receiving message (Only applies to PreKey and Cipher messages)
- Store the current active session
PS
- Decrypt the message
- Decrypting a message can cause the active session to change
- If
sessionState == none
then it means that we haven't started session reset and we can abort. - Get the current session
CS
- If
PS
isnil
then abort as we didn't have a session before. - If
CS != PS
then sessions were changed.- If
sessionState == received
then it means that the sender used an old session to contact us. We need to wait for them to use the new one.- Archive
CS
and set the session toPS
- Archive
- If
sessionState == initiated
then it means that the sender acknowledged our session reset and sent a message with a new session- Delete all session except
CS
sessionState = none
- Send an empty message to confirm session adoption
- We can show
Session reset done
- Delete all session except
- If
- If
CS == PS
then sessions were the same.- If
sessionState == received
then it means that the new session we created is the one the sender used for sending message. We have successfully adopted the new session. - Delete all sessions except
PS
sessionState = none
- We can show
Session reset done
- If