e2ee/qr: clarify that the device's Ed25519 signing key should be used

Source @uhoreg in #e2e:matrix.org: https://matrix.to/#/matrix.org/$J6UbQwsakEsHMbv5yH7RUpM-OlklZ4U3Ti3VqWp9p8E?via=matrix.org&via=privacytools.io&via=envs.net > It should be the ed25519 key. There was probably a bit of a > terminology mixup in the MSC. But all verification methods verify the > ed25519 key. In theory, devices should be able to change their > curve25519 key, as long as the ed25519 key stays the same, though I > don't think anyone has ever actually tried that, and I don't know what > would happen if someone did. (I suspect that we would see lots of > exciting errors) Signed-off-by: Sumner Evans <sumner.evans@automattic.com>
matrix-org · May 27, 2024 · 8c58177 · 8c58177
1 parent 041be54
commit 8c58177
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/content/client-server-api/modules/end_to_end_encryption.md b/content/client-server-api/modules/end_to_end_encryption.md
@@ -1197,11 +1197,12 @@ strings in the general form:
   - the ID as a UTF-8 string
 - the first key, as 32 bytes.  The key to use depends on the mode field:
   - if `0x00` or `0x01`, then the current user's own master cross-signing public key
-  - if `0x02`, then the current device's device key
+  - if `0x02`, then the current device's Ed25519 signing key
 - the second key, as 32 bytes.  The key to use depends on the mode field:
   - if `0x00`, then what the device thinks the other user's master
     cross-signing key is
-  - if `0x01`, then what the device thinks the other device's device key is
+  - if `0x01`, then what the device thinks the other device's Ed25519 signing
+    key is
   - if `0x02`, then what the device thinks the user's master cross-signing key
     is
 - a random shared secret, as a byte string.  It is suggested to use a secret