v11.2.0

Prepare changelog for v11.2.0
v11.2.0-rc.1
2021-06-07 16:57:42 +01:00 · 2021-06-07 16:57:42 +01:00 · 2021-06-01 16:09:49 +01:00 · 2021-06-01 16:09:48 +01:00 · 2021-06-01 12:07:25 +01:00 · 2021-06-01 11:01:10 +01:00
139 changed files with 11908 additions and 6655 deletions
@@ -1,71 +1,16 @@
 module.exports = {
-    parser: "babel-eslint", // now needed for class properties
-    parserOptions: {
-        sourceType: "module",
-        ecmaFeatures: {
-        }
-    },
+    plugins: [
+        "matrix-org",
+    ],
+    extends: [
+        "plugin:matrix-org/babel",
+    ],
    env: {
        browser: true,
        node: true,
-
-        // babel's transform-runtime converts references to ES6 globals such as
-        // Promise and Map to core-js polyfills, so we can use ES6 globals.
-        es6: true,
-        jest: true,
    },
-    extends: ["eslint:recommended", "google"],
-    plugins: [
-        "babel",
-        "jest",
-    ],
    rules: {
-        // rules we've always adhered to or now do
-        "max-len": ["error", {
-            code: 90,
-            ignoreComments: true,
-        }],
-        curly: ["error", "multi-line"],
-        "prefer-const": ["error"],
-        "comma-dangle": ["error", {
-            arrays: "always-multiline",
-            objects: "always-multiline",
-            imports: "always-multiline",
-            exports: "always-multiline",
-            functions: "always-multiline",
-        }],
-
-        // loosen jsdoc requirements a little
-        "require-jsdoc": ["error", {
-            require: {
-                FunctionDeclaration: false,
-            }
-        }],
-        "valid-jsdoc": ["error", {
-            requireParamDescription: false,
-            requireReturn: false,
-            requireReturnDescription: false,
-        }],
-
-        // rules we do not want from eslint-recommended
-        "no-console": ["off"],
-        "no-constant-condition": ["off"],
-        "no-empty": ["error", { "allowEmptyCatch": true }],
-
-        // rules we do not want from the google styleguide
-        "object-curly-spacing": ["off"],
-        "spaced-comment": ["off"],
-        "guard-for-in": ["off"],
-
-        // in principle we prefer single quotes, but life is too short
-        quotes: ["off"],
-
-        // rules we'd ideally like to adhere to, but the current
-        // code does not (in most cases because it's still ES5)
-        // we set these to warnings, and assert that the number
-        // of warnings doesn't exceed a given threshold
        "no-var": ["warn"],
-        "brace-style": ["warn", "1tbs", {"allowSingleLine": true}],
        "prefer-rest-params": ["warn"],
        "prefer-spread": ["warn"],
        "one-var": ["warn"],
@@ -79,10 +24,35 @@ module.exports = {
            "asyncArrow": "always",
        }],
        "arrow-parens": "off",
+        "prefer-promise-reject-errors": "off",
+        "quotes": "off",
+        "indent": "off",
+        "no-constant-condition": "off",
+        "no-async-promise-executor": "off",
+        // We use a `logger` intermediary module
+        "no-console": "error",
+    },
+    overrides: [{
+        files: [
+            "**/*.ts",
+        ],
+        extends: [
+            "plugin:matrix-org/typescript",
+        ],
+        rules: {
+            // TypeScript has its own version of this
+            "@babel/no-invalid-this": "off",

-        // eslint's built in no-invalid-this rule breaks with class properties
-        "no-invalid-this": "off",
-        // so we replace it with a version that is class property aware
-        "babel/no-invalid-this": "error",
-    }
-}
+            // We're okay being explicit at the moment
+            "@typescript-eslint/no-empty-interface": "off",
+            // We disable this while we're transitioning
+            "@typescript-eslint/no-explicit-any": "off",
+            // We'd rather not do this but we do
+            "@typescript-eslint/ban-ts-comment": "off",
+
+            "quotes": "off",
+            // We use a `logger` intermediary module
+            "no-console": "error",
+        },
+    }],
+};
@@ -12,7 +12,6 @@ lib-cov
 out
 /dist
 /lib
-/specbuild

 # version file and tarball created by `npm pack` / `yarn pack`
 /git-revision.txt
@@ -1,3 +1,831 @@
+Changes in [11.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v11.2.0) (2021-06-07)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v11.2.0-rc.1...v11.2.0)
+
+ * No changes since rc.1
+
+Changes in [11.2.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v11.2.0-rc.1) (2021-06-01)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v11.1.0...v11.2.0-rc.1)
+
+ * Switch to stable endpoint/fields for MSC2858
+   [\#1720](https://github.com/matrix-org/matrix-js-sdk/pull/1720)
+ * Bump ws from 7.4.2 to 7.4.6
+   [\#1715](https://github.com/matrix-org/matrix-js-sdk/pull/1715)
+ * Make consistent call event type checks
+   [\#1712](https://github.com/matrix-org/matrix-js-sdk/pull/1712)
+ * Apply new Babel linting config
+   [\#1714](https://github.com/matrix-org/matrix-js-sdk/pull/1714)
+ * Bump browserslist from 4.16.1 to 4.16.6
+   [\#1709](https://github.com/matrix-org/matrix-js-sdk/pull/1709)
+ * Add user_busy call hangup reason
+   [\#1713](https://github.com/matrix-org/matrix-js-sdk/pull/1713)
+ * 👕 New linting rules
+   [\#1688](https://github.com/matrix-org/matrix-js-sdk/pull/1688)
+ * Emit relations created when target event added later
+   [\#1710](https://github.com/matrix-org/matrix-js-sdk/pull/1710)
+ * Bump libolm version and update package name.
+   [\#1705](https://github.com/matrix-org/matrix-js-sdk/pull/1705)
+ * Fix uploadContent not rejecting promise when http status code >= 400
+   [\#1703](https://github.com/matrix-org/matrix-js-sdk/pull/1703)
+ * Reduce noise in tests
+   [\#1702](https://github.com/matrix-org/matrix-js-sdk/pull/1702)
+ * Only log once if a Room lacks an m.room.create event
+   [\#1700](https://github.com/matrix-org/matrix-js-sdk/pull/1700)
+ * Cache normalized room name
+   [\#1701](https://github.com/matrix-org/matrix-js-sdk/pull/1701)
+ * Change call event handlers to adapt to undecrypted events
+   [\#1698](https://github.com/matrix-org/matrix-js-sdk/pull/1698)
+
+Changes in [11.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v11.1.0) (2021-05-24)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v11.1.0-rc.1...v11.1.0)
+
+ * [Release] Bump libolm version and update package name
+   [\#1707](https://github.com/matrix-org/matrix-js-sdk/pull/1707)
+ * [Release] Change call event handlers to adapt to undecrypted events
+   [\#1699](https://github.com/matrix-org/matrix-js-sdk/pull/1699)
+
+Changes in [11.1.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v11.1.0-rc.1) (2021-05-19)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v11.0.0...v11.1.0-rc.1)
+
+ * Fix regressed glare
+   [\#1690](https://github.com/matrix-org/matrix-js-sdk/pull/1690)
+ * Add m.reaction to EventType enum
+   [\#1692](https://github.com/matrix-org/matrix-js-sdk/pull/1692)
+ * Prioritise and reduce the amount of events decrypted on application startup
+   [\#1684](https://github.com/matrix-org/matrix-js-sdk/pull/1684)
+ * Decrypt relations before applying them to target event
+   [\#1696](https://github.com/matrix-org/matrix-js-sdk/pull/1696)
+ * Guard against duplicates in `Relations` model
+
+Changes in [11.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v11.0.0) (2021-05-17)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v11.0.0-rc.1...v11.0.0)
+
+ * [Release] Fix regressed glare
+   [\#1695](https://github.com/matrix-org/matrix-js-sdk/pull/1695)
+
+Changes in [11.0.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v11.0.0-rc.1) (2021-05-11)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v10.1.0...v11.0.0-rc.1)
+
+BREAKING CHANGES
+---
+
+ * `MatrixCall` and related APIs have been redesigned to support multiple streams 
+   (see [\#1660](https://github.com/matrix-org/matrix-js-sdk/pull/1660) for more details)
+
+All changes
+---
+
+ * Switch from MSC1772 unstable prefixes to stable
+   [\#1679](https://github.com/matrix-org/matrix-js-sdk/pull/1679)
+ * Update the VoIP example to work with the new changes
+   [\#1680](https://github.com/matrix-org/matrix-js-sdk/pull/1680)
+ * Bump hosted-git-info from 2.8.8 to 2.8.9
+   [\#1687](https://github.com/matrix-org/matrix-js-sdk/pull/1687)
+ * Support for multiple streams (not MSC3077)
+   [\#1660](https://github.com/matrix-org/matrix-js-sdk/pull/1660)
+ * Tweak missing m.room.create errors to describe their source
+   [\#1683](https://github.com/matrix-org/matrix-js-sdk/pull/1683)
+
+Changes in [10.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v10.1.0) (2021-05-10)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v10.1.0-rc.1...v10.1.0)
+
+ * No changes since rc.1
+
+Changes in [10.1.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v10.1.0-rc.1) (2021-05-04)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v10.0.0...v10.1.0-rc.1)
+
+ * Revert "Raise logging dramatically to chase pending event errors"
+   [\#1681](https://github.com/matrix-org/matrix-js-sdk/pull/1681)
+ * Add test coverage collection script
+   [\#1677](https://github.com/matrix-org/matrix-js-sdk/pull/1677)
+ * Raise logging dramatically to chase pending event errors
+   [\#1678](https://github.com/matrix-org/matrix-js-sdk/pull/1678)
+ * Support MSC3086 asserted identity
+   [\#1674](https://github.com/matrix-org/matrix-js-sdk/pull/1674)
+ * Fix `/search` with no results field work again
+   [\#1670](https://github.com/matrix-org/matrix-js-sdk/pull/1670)
+ * Add room.getMembers method
+   [\#1672](https://github.com/matrix-org/matrix-js-sdk/pull/1672)
+
+Changes in [10.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v10.0.0) (2021-04-26)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v10.0.0-rc.1...v10.0.0)
+
+ * No changes since rc.1
+
+Changes in [10.0.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v10.0.0-rc.1) (2021-04-21)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.11.0...v10.0.0-rc.1)
+
+BREAKING CHANGES
+---
+
+ * The `RoomState.members` event is now only emitted when the room member's power level or the room's normal power level actually changes
+
+All changes
+---
+
+ * Restrict event emit for room members that had power levels changed
+   [\#1675](https://github.com/matrix-org/matrix-js-sdk/pull/1675)
+ * Fix sync with misconfigured push rules
+   [\#1669](https://github.com/matrix-org/matrix-js-sdk/pull/1669)
+ * Add missing await
+   [\#1665](https://github.com/matrix-org/matrix-js-sdk/pull/1665)
+ * Migrate to `eslint-plugin-matrix-org`
+   [\#1642](https://github.com/matrix-org/matrix-js-sdk/pull/1642)
+ * Add missing event type enum for key verification done
+   [\#1664](https://github.com/matrix-org/matrix-js-sdk/pull/1664)
+ * Fix timeline jumpiness by setting correct txnId
+   [\#1663](https://github.com/matrix-org/matrix-js-sdk/pull/1663)
+ * Fix calling addEventListener if it does not exist
+   [\#1661](https://github.com/matrix-org/matrix-js-sdk/pull/1661)
+ * Persist unsent messages for subsequent sessions
+   [\#1655](https://github.com/matrix-org/matrix-js-sdk/pull/1655)
+
+Changes in [9.11.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.11.0) (2021-04-12)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.11.0-rc.1...v9.11.0)
+
+ * No changes since rc.1
+
+Changes in [9.11.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.11.0-rc.1) (2021-04-07)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.10.0...v9.11.0-rc.1)
+
+ * Only try to cache private keys we know exist
+   [\#1657](https://github.com/matrix-org/matrix-js-sdk/pull/1657)
+ * Properly terminate screen-share calls if NoUserMedia
+   [\#1654](https://github.com/matrix-org/matrix-js-sdk/pull/1654)
+ * Attended transfer
+   [\#1652](https://github.com/matrix-org/matrix-js-sdk/pull/1652)
+ * Remove catch handlers in private key retrieval
+   [\#1653](https://github.com/matrix-org/matrix-js-sdk/pull/1653)
+ * Fixed the media fail error on caller's side
+   [\#1651](https://github.com/matrix-org/matrix-js-sdk/pull/1651)
+ * Add function to share megolm keys for historical messages, take 2
+   [\#1640](https://github.com/matrix-org/matrix-js-sdk/pull/1640)
+ * Cache cross-signing private keys if needed on bootstrap
+   [\#1649](https://github.com/matrix-org/matrix-js-sdk/pull/1649)
+
+Changes in [9.10.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.10.0) (2021-03-29)
+==================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.10.0-rc.1...v9.10.0)
+
+ * No changes since rc.1
+
+Changes in [9.10.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.10.0-rc.1) (2021-03-25)
+============================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.9.0...v9.10.0-rc.1)
+
+ * Don't send m.call.hangup if m.call.invite wasn't sent either
+   [\#1647](https://github.com/matrix-org/matrix-js-sdk/pull/1647)
+ * docs: registerGuest()
+   [\#1641](https://github.com/matrix-org/matrix-js-sdk/pull/1641)
+ * Download device keys in chunks of 250
+   [\#1639](https://github.com/matrix-org/matrix-js-sdk/pull/1639)
+ * More VoIP connectivity fixes
+   [\#1646](https://github.com/matrix-org/matrix-js-sdk/pull/1646)
+ * Make selectDesktopCapturerSource param optional
+   [\#1644](https://github.com/matrix-org/matrix-js-sdk/pull/1644)
+ * Expose APIs needed for reworked cross-signing login flow
+   [\#1632](https://github.com/matrix-org/matrix-js-sdk/pull/1632)
+
+Changes in [9.9.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.9.0) (2021-03-15)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.9.0-rc.1...v9.9.0)
+
+ * No changes since rc.1
+
+Changes in [9.9.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.9.0-rc.1) (2021-03-10)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.8.0...v9.9.0-rc.1)
+
+ * Remove detailed Olm session logging
+   [\#1638](https://github.com/matrix-org/matrix-js-sdk/pull/1638)
+ * Add space summary suggested only param
+   [\#1637](https://github.com/matrix-org/matrix-js-sdk/pull/1637)
+ * Check TURN servers periodically, and at start of calls
+   [\#1634](https://github.com/matrix-org/matrix-js-sdk/pull/1634)
+ * Support sending invite reasons
+   [\#1624](https://github.com/matrix-org/matrix-js-sdk/pull/1624)
+ * Bump elliptic from 6.5.3 to 6.5.4
+   [\#1636](https://github.com/matrix-org/matrix-js-sdk/pull/1636)
+ * Add a function to get a room's MXC URI
+   [\#1635](https://github.com/matrix-org/matrix-js-sdk/pull/1635)
+ * Stop streams if the call has ended
+   [\#1633](https://github.com/matrix-org/matrix-js-sdk/pull/1633)
+ * Remove export keyword from global.d.ts
+   [\#1631](https://github.com/matrix-org/matrix-js-sdk/pull/1631)
+ * Fix IndexedDB store creation example
+   [\#1445](https://github.com/matrix-org/matrix-js-sdk/pull/1445)
+ * An attempt to  cleanup how constraints are handled in calls
+   [\#1613](https://github.com/matrix-org/matrix-js-sdk/pull/1613)
+ * Extract display name patterns to constants
+   [\#1628](https://github.com/matrix-org/matrix-js-sdk/pull/1628)
+ * Bump pug-code-gen from 2.0.2 to 2.0.3
+   [\#1630](https://github.com/matrix-org/matrix-js-sdk/pull/1630)
+ * Avoid deadlocks when ensuring Olm sessions for devices
+   [\#1627](https://github.com/matrix-org/matrix-js-sdk/pull/1627)
+ * Filter out edits from other senders in history
+   [\#1626](https://github.com/matrix-org/matrix-js-sdk/pull/1626)
+ * Fix ContentHelpers export
+   [\#1618](https://github.com/matrix-org/matrix-js-sdk/pull/1618)
+ * Add logging to in progress Olm sessions
+   [\#1621](https://github.com/matrix-org/matrix-js-sdk/pull/1621)
+ * Don't ignore ICE candidates received before offer/answer
+   [\#1623](https://github.com/matrix-org/matrix-js-sdk/pull/1623)
+ * Better handling of send failures on VoIP events
+   [\#1622](https://github.com/matrix-org/matrix-js-sdk/pull/1622)
+ * Log when turn creds expire
+   [\#1620](https://github.com/matrix-org/matrix-js-sdk/pull/1620)
+ * Initial Spaces [MSC1772] support
+   [\#1563](https://github.com/matrix-org/matrix-js-sdk/pull/1563)
+ * Add logging to crypto store transactions
+   [\#1617](https://github.com/matrix-org/matrix-js-sdk/pull/1617)
+ * Room helper for getting type and checking if it is a space room
+   [\#1610](https://github.com/matrix-org/matrix-js-sdk/pull/1610)
+
+Changes in [9.8.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.8.0) (2021-03-01)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.8.0-rc.1...v9.8.0)
+
+ * No changes since rc.1
+
+Changes in [9.8.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.8.0-rc.1) (2021-02-24)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.7.0...v9.8.0-rc.1)
+
+ * Optimise prefixed logger
+   [\#1615](https://github.com/matrix-org/matrix-js-sdk/pull/1615)
+ * Add debug logs to encryption prep, take 3
+   [\#1614](https://github.com/matrix-org/matrix-js-sdk/pull/1614)
+ * Add functions for upper & lowercase random strings
+   [\#1612](https://github.com/matrix-org/matrix-js-sdk/pull/1612)
+ * Room helpers for invite permissions and join rules
+   [\#1609](https://github.com/matrix-org/matrix-js-sdk/pull/1609)
+ * Fixed wording in "Adding video track with id" log
+   [\#1606](https://github.com/matrix-org/matrix-js-sdk/pull/1606)
+ * Add more debug logs to encryption prep
+   [\#1605](https://github.com/matrix-org/matrix-js-sdk/pull/1605)
+ * Add option to set ice candidate pool size
+   [\#1604](https://github.com/matrix-org/matrix-js-sdk/pull/1604)
+ * Cancel call if no source was selected
+   [\#1601](https://github.com/matrix-org/matrix-js-sdk/pull/1601)
+
+Changes in [9.7.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.7.0) (2021-02-16)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.7.0-rc.1...v9.7.0)
+
+ * No changes since rc.1
+
+Changes in [9.7.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.7.0-rc.1) (2021-02-10)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.6.0...v9.7.0-rc.1)
+
+ * Handle undefined peerconn
+   [\#1600](https://github.com/matrix-org/matrix-js-sdk/pull/1600)
+ * ReEmitter: Don't throw if no error handler is attached
+   [\#1599](https://github.com/matrix-org/matrix-js-sdk/pull/1599)
+ * Convert ReEmitter to TS
+   [\#1598](https://github.com/matrix-org/matrix-js-sdk/pull/1598)
+ * Fix typo in main readme
+   [\#1597](https://github.com/matrix-org/matrix-js-sdk/pull/1597)
+ * Remove rogue plus character
+   [\#1596](https://github.com/matrix-org/matrix-js-sdk/pull/1596)
+ * Fix call ID NaN
+   [\#1595](https://github.com/matrix-org/matrix-js-sdk/pull/1595)
+ * Fix Electron type merging
+   [\#1594](https://github.com/matrix-org/matrix-js-sdk/pull/1594)
+ * Fix browser screen share
+   [\#1593](https://github.com/matrix-org/matrix-js-sdk/pull/1593)
+ * Fix desktop Matrix screen sharing
+   [\#1570](https://github.com/matrix-org/matrix-js-sdk/pull/1570)
+ * Guard against confused server retry times
+   [\#1591](https://github.com/matrix-org/matrix-js-sdk/pull/1591)
+ * Decrypt redaction events
+   [\#1589](https://github.com/matrix-org/matrix-js-sdk/pull/1589)
+ * Fix edge cases with peeking where a room is re-peeked
+   [\#1587](https://github.com/matrix-org/matrix-js-sdk/pull/1587)
+
+Changes in [9.6.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.6.0) (2021-02-03)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.6.0-rc.1...v9.6.0)
+
+ * [Release] Fix edge cases with peeking where a room is re-peeked
+   [\#1588](https://github.com/matrix-org/matrix-js-sdk/pull/1588)
+
+Changes in [9.6.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.6.0-rc.1) (2021-01-29)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.5.1...v9.6.0-rc.1)
+
+ * Add support for getting call stats
+   [\#1584](https://github.com/matrix-org/matrix-js-sdk/pull/1584)
+ * Fix compatibility with v0 calls
+   [\#1583](https://github.com/matrix-org/matrix-js-sdk/pull/1583)
+ * Upgrade deps 2021-01
+   [\#1582](https://github.com/matrix-org/matrix-js-sdk/pull/1582)
+ * Log the call ID when logging that we've received VoIP events
+   [\#1581](https://github.com/matrix-org/matrix-js-sdk/pull/1581)
+ * Fix extra negotiate message in Firefox
+   [\#1579](https://github.com/matrix-org/matrix-js-sdk/pull/1579)
+ * Add debug logs to encryption prep
+   [\#1580](https://github.com/matrix-org/matrix-js-sdk/pull/1580)
+ * Expose getPresence endpoint
+   [\#1578](https://github.com/matrix-org/matrix-js-sdk/pull/1578)
+ * Queue keys for backup even if backup isn't enabled yet
+   [\#1577](https://github.com/matrix-org/matrix-js-sdk/pull/1577)
+ * Stop retrying TURN access when forbidden
+   [\#1576](https://github.com/matrix-org/matrix-js-sdk/pull/1576)
+ * Add DTMF sending support
+   [\#1573](https://github.com/matrix-org/matrix-js-sdk/pull/1573)
+
+Changes in [9.5.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.5.1) (2021-01-26)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.5.0...v9.5.1)
+
+ * [Release] Fix compatibility with v0 calls
+   [\#1585](https://github.com/matrix-org/matrix-js-sdk/pull/1585)
+
+Changes in [9.5.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.5.0) (2021-01-18)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.5.0-rc.1...v9.5.0)
+
+ * No changes since rc.1
+
+Changes in [9.5.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.5.0-rc.1) (2021-01-13)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.4.1...v9.5.0-rc.1)
+
+ * Don't log if no WebRTC
+   [\#1574](https://github.com/matrix-org/matrix-js-sdk/pull/1574)
+ * Add _unstable_getSharedRooms
+   [\#1417](https://github.com/matrix-org/matrix-js-sdk/pull/1417)
+ * Bump node-notifier from 8.0.0 to 8.0.1
+   [\#1568](https://github.com/matrix-org/matrix-js-sdk/pull/1568)
+ * Ignore party ID if opponent is v0
+   [\#1567](https://github.com/matrix-org/matrix-js-sdk/pull/1567)
+ * Basic call transfer initiation support
+   [\#1566](https://github.com/matrix-org/matrix-js-sdk/pull/1566)
+ * Room version 6 is now a thing
+   [\#1572](https://github.com/matrix-org/matrix-js-sdk/pull/1572)
+ * Store keys with same index but better trust level
+   [\#1571](https://github.com/matrix-org/matrix-js-sdk/pull/1571)
+ * Use TypeScript source for development, swap to build during release
+   [\#1561](https://github.com/matrix-org/matrix-js-sdk/pull/1561)
+ * Revert "Ignore party ID if opponent is v0"
+   [\#1565](https://github.com/matrix-org/matrix-js-sdk/pull/1565)
+ * Basic call transfer initiation support
+   [\#1558](https://github.com/matrix-org/matrix-js-sdk/pull/1558)
+ * Ignore party ID if opponent is v0
+   [\#1559](https://github.com/matrix-org/matrix-js-sdk/pull/1559)
+ * Honour a call reject event from another of our own devices
+   [\#1562](https://github.com/matrix-org/matrix-js-sdk/pull/1562)
+
+Changes in [9.4.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.4.1) (2020-12-21)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.4.0...v9.4.1)
+
+ * Further script tweaks to get all layers building again
+
+Changes in [9.4.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.4.0) (2020-12-21)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.4.0-rc.2...v9.4.0)
+
+ * Revert `postinstall` script change, causes issues for other layers
+
+Changes in [9.4.0-rc.2](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.4.0-rc.2) (2020-12-16)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.4.0-rc.1...v9.4.0-rc.2)
+
+ * Remove `postinstall` script which also runs as a dependency
+   [\#1560](https://github.com/matrix-org/matrix-js-sdk/pull/1560)
+
+Changes in [9.4.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.4.0-rc.1) (2020-12-16)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.3.0...v9.4.0-rc.1)
+
+ * Fixes to support line 1 / 2
+   [\#1553](https://github.com/matrix-org/matrix-js-sdk/pull/1553)
+ * Add API for listening to remote hold status, advertise VoIP V1
+   [\#1549](https://github.com/matrix-org/matrix-js-sdk/pull/1549)
+ * A hangup from another client is still valid
+   [\#1555](https://github.com/matrix-org/matrix-js-sdk/pull/1555)
+ * Remove temporary build step for tests
+   [\#1554](https://github.com/matrix-org/matrix-js-sdk/pull/1554)
+ * Move browser build steps to prepublish only
+   [\#1552](https://github.com/matrix-org/matrix-js-sdk/pull/1552)
+ * Extend getSsoLoginUrl for MSC2858
+   [\#1541](https://github.com/matrix-org/matrix-js-sdk/pull/1541)
+
+Changes in [9.3.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.3.0) (2020-12-07)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.3.0-rc.1...v9.3.0)
+
+* No changes since rc.1
+
+Changes in [9.3.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.3.0-rc.1) (2020-12-02)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.2.0...v9.3.0-rc.1)
+
+ * Export CallError
+   [\#1551](https://github.com/matrix-org/matrix-js-sdk/pull/1551)
+ * Upgrade dependencies
+   [\#1550](https://github.com/matrix-org/matrix-js-sdk/pull/1550)
+ * Don't log error when environment does not support WebRTC
+   [\#1547](https://github.com/matrix-org/matrix-js-sdk/pull/1547)
+ * Fix dehydration method name
+   [\#1544](https://github.com/matrix-org/matrix-js-sdk/pull/1544)
+
+Changes in [9.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.2.0) (2020-11-23)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.2.0-rc.1...v9.2.0)
+
+ * [Release] Fix dehydration method name
+   [\#1545](https://github.com/matrix-org/matrix-js-sdk/pull/1545)
+
+Changes in [9.2.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.2.0-rc.1) (2020-11-18)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.1.0...v9.2.0-rc.1)
+
+ * Implement call holding functionality
+   [\#1532](https://github.com/matrix-org/matrix-js-sdk/pull/1532)
+ * Support awaitable one-time dehydration
+   [\#1537](https://github.com/matrix-org/matrix-js-sdk/pull/1537)
+ * Client set profile methods update own user
+   [\#1534](https://github.com/matrix-org/matrix-js-sdk/pull/1534)
+
+Changes in [9.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.1.0) (2020-11-09)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.1.0-rc.1...v9.1.0)
+
+* No changes since rc.1
+
+Changes in [9.1.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.1.0-rc.1) (2020-11-04)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.0.1...v9.1.0-rc.1)
+
+ * Fix spelling error in the server ACL event type
+   [\#1535](https://github.com/matrix-org/matrix-js-sdk/pull/1535)
+ * await idb operations from crypto store for dehydration
+   [\#1533](https://github.com/matrix-org/matrix-js-sdk/pull/1533)
+ * Fix stuck never-sending messages
+   [\#1531](https://github.com/matrix-org/matrix-js-sdk/pull/1531)
+ * Await key cache check to avoid prompts
+   [\#1529](https://github.com/matrix-org/matrix-js-sdk/pull/1529)
+ * Improve ICE candidate batching
+   [\#1524](https://github.com/matrix-org/matrix-js-sdk/pull/1524)
+ * Convert logger to typescript
+   [\#1527](https://github.com/matrix-org/matrix-js-sdk/pull/1527)
+ * Fix logger typo
+   [\#1525](https://github.com/matrix-org/matrix-js-sdk/pull/1525)
+ * bind online listener to window instead of document
+   [\#1523](https://github.com/matrix-org/matrix-js-sdk/pull/1523)
+ * Support m.call.select_answer
+   [\#1522](https://github.com/matrix-org/matrix-js-sdk/pull/1522)
+
+Changes in [9.0.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.0.1) (2020-10-28)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.0.0...v9.0.1)
+
+ * [Release] Await key cache check to avoid prompts
+   [\#1530](https://github.com/matrix-org/matrix-js-sdk/pull/1530)
+
+Changes in [9.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.0.0) (2020-10-26)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v9.0.0-rc.1...v9.0.0)
+
+ * Fix logger typo
+   [\#1528](https://github.com/matrix-org/matrix-js-sdk/pull/1528)
+
+Changes in [9.0.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v9.0.0-rc.1) (2020-10-21)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.5.0...v9.0.0-rc.1)
+
+BREAKING CHANGES
+---
+
+ * `hasPendingEvent` now returns false instead of throwing when pending ordering mode is not `detached`
+
+All changes
+---
+
+ * Don't cache failures when fetching /versions
+   [\#1521](https://github.com/matrix-org/matrix-js-sdk/pull/1521)
+ * Install deps first as part of release
+   [\#1518](https://github.com/matrix-org/matrix-js-sdk/pull/1518)
+ * [Breaking] Change hasPendingEvent to return false if pending ordering
+   !detached
+   [\#1517](https://github.com/matrix-org/matrix-js-sdk/pull/1517)
+ * Skip editor prompts for merges
+   [\#1519](https://github.com/matrix-org/matrix-js-sdk/pull/1519)
+ * Convert call test to TypeScript
+   [\#1516](https://github.com/matrix-org/matrix-js-sdk/pull/1516)
+ * Support party_id
+   [\#1512](https://github.com/matrix-org/matrix-js-sdk/pull/1512)
+ * Support m.call.reject
+   [\#1510](https://github.com/matrix-org/matrix-js-sdk/pull/1510)
+ * Remove specbuild from .gitignore
+   [\#1515](https://github.com/matrix-org/matrix-js-sdk/pull/1515)
+ * Log the error when we failed to send candidates
+   [\#1514](https://github.com/matrix-org/matrix-js-sdk/pull/1514)
+ * Fixes for call state machine
+   [\#1503](https://github.com/matrix-org/matrix-js-sdk/pull/1503)
+ * Fix call event handler listener removing
+   [\#1506](https://github.com/matrix-org/matrix-js-sdk/pull/1506)
+ * Set the type of the call based on the tracks
+   [\#1501](https://github.com/matrix-org/matrix-js-sdk/pull/1501)
+ * Use new local timestamp for calls
+   [\#1499](https://github.com/matrix-org/matrix-js-sdk/pull/1499)
+ * Adjust types and APIs to match React SDK
+   [\#1502](https://github.com/matrix-org/matrix-js-sdk/pull/1502)
+ * Make an accurate version of 'age' for events
+   [\#1495](https://github.com/matrix-org/matrix-js-sdk/pull/1495)
+ * Make 'options' parameter optional
+   [\#1498](https://github.com/matrix-org/matrix-js-sdk/pull/1498)
+ * Create a giant event type enum
+   [\#1497](https://github.com/matrix-org/matrix-js-sdk/pull/1497)
+ * Convert call.js to Typescript & update WebRTC APIs (re-apply)
+   [\#1494](https://github.com/matrix-org/matrix-js-sdk/pull/1494)
+
+Changes in [8.5.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.5.0) (2020-10-12)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.5.0-rc.1...v8.5.0)
+
+* No changes since rc.1
+
+Changes in [8.5.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.5.0-rc.1) (2020-10-07)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.4.1...v8.5.0-rc.1)
+
+ * Add support for olm fallback keys
+   [\#1467](https://github.com/matrix-org/matrix-js-sdk/pull/1467)
+ * Fix editing local echoes not updating them in real time
+   [\#1492](https://github.com/matrix-org/matrix-js-sdk/pull/1492)
+ * Fix re-emit of Event.replaced to be on client and not room
+   [\#1491](https://github.com/matrix-org/matrix-js-sdk/pull/1491)
+ * Add space to log line
+   [\#1496](https://github.com/matrix-org/matrix-js-sdk/pull/1496)
+ * Revert "Convert call.js to Typescript & update WebRTC APIs"
+   [\#1493](https://github.com/matrix-org/matrix-js-sdk/pull/1493)
+ * Convert call.js to Typescript & update WebRTC APIs
+   [\#1487](https://github.com/matrix-org/matrix-js-sdk/pull/1487)
+ * Dehydrate and rehydrate devices
+   [\#1436](https://github.com/matrix-org/matrix-js-sdk/pull/1436)
+ * Keep local device after processing device list sync
+   [\#1490](https://github.com/matrix-org/matrix-js-sdk/pull/1490)
+ * Enforce logger module via lint rules
+   [\#1489](https://github.com/matrix-org/matrix-js-sdk/pull/1489)
+ * Extend method redactEvent with reason
+   [\#1462](https://github.com/matrix-org/matrix-js-sdk/pull/1462)
+ * Catch exception from call event handler
+   [\#1484](https://github.com/matrix-org/matrix-js-sdk/pull/1484)
+ * Ignore invalid candidates
+   [\#1483](https://github.com/matrix-org/matrix-js-sdk/pull/1483)
+ * Always push docs if they are generated
+   [\#1478](https://github.com/matrix-org/matrix-js-sdk/pull/1478)
+ * Only sign key backup with cross-signing keys when available
+   [\#1481](https://github.com/matrix-org/matrix-js-sdk/pull/1481)
+ * Upgrade dependencies
+   [\#1479](https://github.com/matrix-org/matrix-js-sdk/pull/1479)
+
+Changes in [8.4.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.4.1) (2020-09-28)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.4.0...v8.4.1)
+
+ * Catch exception from call event handler
+   [\#1486](https://github.com/matrix-org/matrix-js-sdk/pull/1486)
+ * Ignore invalid candidates
+   [\#1485](https://github.com/matrix-org/matrix-js-sdk/pull/1485)
+
+Changes in [8.4.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.4.0) (2020-09-28)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.4.0-rc.1...v8.4.0)
+
+ * Only sign key backup with cross-signing keys when available
+   [\#1482](https://github.com/matrix-org/matrix-js-sdk/pull/1482)
+
+Changes in [8.4.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.4.0-rc.1) (2020-09-23)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.3.0...v8.4.0-rc.1)
+
+ * If there are extraParams set, ensure that queryParams is defined
+   [\#1477](https://github.com/matrix-org/matrix-js-sdk/pull/1477)
+ * Add diagnostics to security bootstrap paths
+   [\#1475](https://github.com/matrix-org/matrix-js-sdk/pull/1475)
+ * Switch to a combination of better-docs and docdash
+   [\#1459](https://github.com/matrix-org/matrix-js-sdk/pull/1459)
+ * Undo attempts to cache private keys aggressively
+   [\#1474](https://github.com/matrix-org/matrix-js-sdk/pull/1474)
+ * Repair secret storage reset, cache keys when missing
+   [\#1472](https://github.com/matrix-org/matrix-js-sdk/pull/1472)
+ * Prevent parallel getVersions calls
+   [\#1471](https://github.com/matrix-org/matrix-js-sdk/pull/1471)
+ * Send end-of-candidates
+   [\#1473](https://github.com/matrix-org/matrix-js-sdk/pull/1473)
+ * Add a function for checking the /versions flag for forced e2ee
+   [\#1470](https://github.com/matrix-org/matrix-js-sdk/pull/1470)
+ * Add option to allow users of pantialaimon to use the SDK
+   [\#1469](https://github.com/matrix-org/matrix-js-sdk/pull/1469)
+ * Fixed Yarn broken link
+   [\#1468](https://github.com/matrix-org/matrix-js-sdk/pull/1468)
+ * some TypeScript and doc fixes
+   [\#1466](https://github.com/matrix-org/matrix-js-sdk/pull/1466)
+ * Remove Travis CI reference
+   [\#1464](https://github.com/matrix-org/matrix-js-sdk/pull/1464)
+ * Inject identity server token for 3pid invites on createRoom
+   [\#1463](https://github.com/matrix-org/matrix-js-sdk/pull/1463)
+
+Changes in [8.3.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.3.0) (2020-09-14)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.3.0-rc.1...v8.3.0)
+
+* No changes since rc.1
+
+Changes in [8.3.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.3.0-rc.1) (2020-09-09)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.2.0...v8.3.0-rc.1)
+
+ * Add missing options in ICreateClientOpts
+   [\#1452](https://github.com/matrix-org/matrix-js-sdk/pull/1452)
+ * Ensure ready functions return boolean values
+   [\#1457](https://github.com/matrix-org/matrix-js-sdk/pull/1457)
+ * Handle missing cross-signing keys gracefully
+   [\#1456](https://github.com/matrix-org/matrix-js-sdk/pull/1456)
+ * Fix eslint ts override tsx matching
+   [\#1451](https://github.com/matrix-org/matrix-js-sdk/pull/1451)
+ * Untangle cross-signing and secret storage
+   [\#1450](https://github.com/matrix-org/matrix-js-sdk/pull/1450)
+
+Changes in [8.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.2.0) (2020-09-01)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.2.0-rc.1...v8.2.0)
+
+## Security notice
+
+JS SDK 8.2.0 fixes an issue where encrypted state events could break incoming call handling.
+Thanks to @awesome-michael from Awesome Technologies for responsibly disclosing this via Matrix's
+Security Disclosure Policy.
+
+## All changes
+
+* No changes since rc.1
+
+Changes in [8.2.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.2.0-rc.1) (2020-08-26)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.1.0...v8.2.0-rc.1)
+
+ * Add state event check
+   [\#1449](https://github.com/matrix-org/matrix-js-sdk/pull/1449)
+ * Add method to check whether client .well-known has been fetched
+   [\#1444](https://github.com/matrix-org/matrix-js-sdk/pull/1444)
+ * Handle auth errors during cross-signing key upload
+   [\#1443](https://github.com/matrix-org/matrix-js-sdk/pull/1443)
+ * Don't fail if the requested audio output isn't available
+   [\#1448](https://github.com/matrix-org/matrix-js-sdk/pull/1448)
+ * Fix logging failures
+   [\#1447](https://github.com/matrix-org/matrix-js-sdk/pull/1447)
+ * Log the constraints we pass to getUserMedia
+   [\#1446](https://github.com/matrix-org/matrix-js-sdk/pull/1446)
+ * Use SAS emoji data from matrix-doc
+   [\#1440](https://github.com/matrix-org/matrix-js-sdk/pull/1440)
+
+Changes in [8.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.1.0) (2020-08-17)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.1.0-rc.1...v8.1.0)
+
+* No changes since rc.1
+
+Changes in [8.1.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.1.0-rc.1) (2020-08-13)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.0.1...v8.1.0-rc.1)
+
+ * Update on Promises
+   [\#1438](https://github.com/matrix-org/matrix-js-sdk/pull/1438)
+ * Store and request master cross-signing key
+   [\#1437](https://github.com/matrix-org/matrix-js-sdk/pull/1437)
+ * Filter out non-string display names
+   [\#1433](https://github.com/matrix-org/matrix-js-sdk/pull/1433)
+ * Bump elliptic from 6.5.2 to 6.5.3
+   [\#1427](https://github.com/matrix-org/matrix-js-sdk/pull/1427)
+ * Replace Riot with Element in docs and comments
+   [\#1431](https://github.com/matrix-org/matrix-js-sdk/pull/1431)
+ * Remove leftover bits of TSLint
+   [\#1430](https://github.com/matrix-org/matrix-js-sdk/pull/1430)
+
+Changes in [8.0.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.0.1) (2020-08-05)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.0.1-rc.1...v8.0.1)
+
+ * Filter out non-string display names
+   [\#1434](https://github.com/matrix-org/matrix-js-sdk/pull/1434)
+
+Changes in [8.0.1-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.0.1-rc.1) (2020-07-31)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v8.0.0...v8.0.1-rc.1)
+
+ * Remove redundant lint dependencies
+   [\#1426](https://github.com/matrix-org/matrix-js-sdk/pull/1426)
+ * Upload all keys when we start using a new key backup version
+   [\#1428](https://github.com/matrix-org/matrix-js-sdk/pull/1428)
+ * Expose countSessionsNeedingBackup
+   [\#1429](https://github.com/matrix-org/matrix-js-sdk/pull/1429)
+ * Configure and use new eslint package
+   [\#1422](https://github.com/matrix-org/matrix-js-sdk/pull/1422)
+
+Changes in [8.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v8.0.0) (2020-07-27)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v7.1.0...v8.0.0)
+
+BREAKING CHANGES
+---
+
+* `RoomState` events changed to use a Map instead of an object, which changes the collection APIs available to access them.
+ 
+All Changes
+---
+
+ * Properly support txnId
+   [\#1424](https://github.com/matrix-org/matrix-js-sdk/pull/1424)
+ * [BREAKING] Remove deprecated getIdenticonUri
+   [\#1423](https://github.com/matrix-org/matrix-js-sdk/pull/1423)
+ * Bump lodash from 4.17.15 to 4.17.19
+   [\#1421](https://github.com/matrix-org/matrix-js-sdk/pull/1421)
+ * [BREAKING] Convert RoomState's stored state map to a real map
+   [\#1419](https://github.com/matrix-org/matrix-js-sdk/pull/1419)
+
+Changes in [7.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v7.1.0) (2020-07-03)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v7.1.0-rc.1...v7.1.0)
+
+* No changes since rc.1
+
+Changes in [7.1.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v7.1.0-rc.1) (2020-07-01)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v7.0.0...v7.1.0-rc.1)
+
+ * Ask general crypto callbacks for 4S privkey if operation adapter doesn't
+   have it yet
+   [\#1414](https://github.com/matrix-org/matrix-js-sdk/pull/1414)
+ * Fix ICreateClientOpts missing idBaseUrl
+   [\#1413](https://github.com/matrix-org/matrix-js-sdk/pull/1413)
+ * Increase max event listeners for rooms
+   [\#1411](https://github.com/matrix-org/matrix-js-sdk/pull/1411)
+ * Don't trust keys megolm received from backup for verifying the sender
+   [\#1406](https://github.com/matrix-org/matrix-js-sdk/pull/1406)
+ * Raise the last known account data / state event for an update
+   [\#1410](https://github.com/matrix-org/matrix-js-sdk/pull/1410)
+ * Isolate encryption bootstrap side-effects
+   [\#1380](https://github.com/matrix-org/matrix-js-sdk/pull/1380)
+ * Add method to get current in-flight to-device requests
+   [\#1405](https://github.com/matrix-org/matrix-js-sdk/pull/1405)
+
+Changes in [7.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v7.0.0) (2020-06-23)
+================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v7.0.0-rc.1...v7.0.0)
+
+* No changes since rc.1
+
+Changes in [7.0.0-rc.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v7.0.0-rc.1) (2020-06-17)
+==========================================================================================================
+[Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v6.2.2...v7.0.0-rc.1)
+
+BREAKING CHANGES
+---
+
+ * Presence lists were removed from the spec in r0.5.0, and the corresponding methods have now been removed here as well:
+   * `getPresenceList`
+   * `inviteToPresenceList`
+   * `dropFromPresenceList`
+
+All changes
+---
+
+ * Remove support for unspecced device-specific push rules
+   [\#1404](https://github.com/matrix-org/matrix-js-sdk/pull/1404)
+ * Use existing session id for fetching flows as to not get a new session
+   [\#1403](https://github.com/matrix-org/matrix-js-sdk/pull/1403)
+ * Upgrade deps
+   [\#1400](https://github.com/matrix-org/matrix-js-sdk/pull/1400)
+ * Bring back backup key format migration
+   [\#1398](https://github.com/matrix-org/matrix-js-sdk/pull/1398)
+ * Fix: more informative error message when we cant find a key to decrypt with
+   [\#1313](https://github.com/matrix-org/matrix-js-sdk/pull/1313)
+ * Add js-sdk mechanism for polling client well-known for config
+   [\#1394](https://github.com/matrix-org/matrix-js-sdk/pull/1394)
+ * Fix verification request timeouts to match spec
+   [\#1388](https://github.com/matrix-org/matrix-js-sdk/pull/1388)
+ * Drop presence list methods
+   [\#1391](https://github.com/matrix-org/matrix-js-sdk/pull/1391)
+ * Batch up URL previews to prevent excessive requests
+   [\#1395](https://github.com/matrix-org/matrix-js-sdk/pull/1395)
+
 Changes in [6.2.2](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v6.2.2) (2020-06-16)
 ================================================================================================
 [Full Changelog](https://github.com/matrix-org/matrix-js-sdk/compare/v6.2.1...v6.2.2)
@@ -28,10 +28,9 @@ use GitHub's pull request workflow to review the contribution, and either ask
 you to make any refinements needed or merge it and make them ourselves. The
 changes will then land on master when we next do a release.

-We use Travis for continuous integration, and all pull requests get
-automatically tested by Travis: if your change breaks the build, then the PR
-will show that there are failed checks, so please check back after a few
-minutes.
+We use continuous integration, and all pull requests get automatically tested:
+if your change breaks the build, then the PR will show that there are failed
+checks, so please check back after a few minutes.

 Code style
 ~~~~~~~~~~
@@ -30,7 +30,7 @@ This SDK targets Node 10 for compatibility, which translates to ES6. If you're u
 a bundler like webpack you'll likely have to transpile dependencies, including this
 SDK, to match your target browsers.

-Using `yarn` instead of `npm` is recommended. Please see the Yarn [install guide](https://yarnpkg.com/docs/install/) 
+Using `yarn` instead of `npm` is recommended. Please see the Yarn [install guide](https://classic.yarnpkg.com/en/docs/install) 
 if you do not have it already.

 ``yarn add matrix-js-sdk``
@@ -182,10 +182,8 @@ you can pass the result of the promise into it with something like:
  matrixClient.someMethod(arg1, arg2).nodeify(callback);
 ```

-The main thing to note is that it is an error to discard the result of a
-promise-returning function, as that will cause exceptions to go unobserved. If
-you have nothing better to do with the result, just call ``.done()`` on it. See
-http://documentup.com/kriskowal/q/#the-end for more information.
+The main thing to note is that it is problematic to discard the result of a
+promise-returning function, as that will cause exceptions to go unobserved.

 Methods which return a promise show this in their documentation.

@@ -309,7 +307,7 @@ The SDK supports end-to-end encryption via the Olm and Megolm protocols, using
 [libolm](https://gitlab.matrix.org/matrix-org/olm). It is left up to the
 application to make libolm available, via the ``Olm`` global.

-It is also necessry to call ``matrixClient.initCrypto()`` after creating a new
+It is also necessary to call ``matrixClient.initCrypto()`` after creating a new
 ``MatrixClient`` (but **before** calling ``matrixClient.startClient()``) to
 initialise the crypto layer.

@@ -288,7 +288,7 @@ function printMemberList(room) {
 }

 function printRoomInfo(room) {
-    var eventDict = room.currentState.events;
+    var eventMap = room.currentState.events;
    var eTypeHeader = "    Event Type(state_key)    ";
    var sendHeader = "        Sender        ";
    // pad content to 100
@@ -300,14 +300,15 @@ function printRoomInfo(room) {
    var contentHeader = padSide + "Content" + padSide;
    print(eTypeHeader+sendHeader+contentHeader);
    print(new Array(100).join("-"));
-    Object.keys(eventDict).forEach(function(eventType) {
+    eventMap.keys().forEach(function(eventType) {
        if (eventType === "m.room.member") { return; } // use /members instead.
-        Object.keys(eventDict[eventType]).forEach(function(stateKey) {
+        var eventEventMap = eventMap.get(eventType);
+        eventEventMap.keys().forEach(function(stateKey) {
            var typeAndKey = eventType + (
                stateKey.length > 0 ? "("+stateKey+")" : ""
            );
            var typeStr = fixWidth(typeAndKey, eTypeHeader.length);
-            var event = eventDict[eventType][stateKey];
+            var event = eventEventMap.get(stateKey);
            var sendStr = fixWidth(event.getSender(), sendHeader.length);
            var contentStr = fixWidth(
                JSON.stringify(event.getContent()), contentHeader.length
@@ -31,6 +31,23 @@ function addListeners(call) {
        call.hangup();
        disableButtons(false, true, true);
    });
+    call.on("feeds_changed", function(feeds) {
+        const localFeed = feeds.find((feed) => feed.isLocal());
+        const remoteFeed = feeds.find((feed) => !feed.isLocal());
+
+        const remoteElement = document.getElementById("remote");
+        const localElement = document.getElementById("local");
+
+        if (remoteFeed) {
+            remoteElement.srcObject = remoteFeed.stream;
+            remoteElement.play();
+        }
+        if (localFeed) {
+            localElement.muted = true;
+            localElement.srcObject = localFeed.stream;
+            localElement.play();
+        }
+    });
 }

 window.onload = function() {
@@ -62,10 +79,7 @@ function syncComplete() {
        );
        console.log("Call => %s", call);
        addListeners(call);
-        call.placeVideoCall(
-            document.getElementById("remote"),
-            document.getElementById("local")
-        );
+        call.placeVideoCall();
        document.getElementById("result").innerHTML = "<p>Placed call.</p>";
        disableButtons(true, true, false);
    };
@@ -1,26 +1,34 @@
 <html>
+
 <head>
-<title>VoIP Test</title>
-<script src="lib/matrix.js"></script>
-<script src="browserTest.js"></script>
+    <title>VoIP Test</title>
+    <script src="lib/matrix.js"></script>
+    <script src="browserTest.js"></script>
 </head>
+
 <body>
-	You can place and receive calls with this example. Make sure to edit the
+    You can place and receive calls with this example. Make sure to edit the
    constants in <code>browserTest.js</code> first.
    <div id="config"></div>
    <div id="result"></div>
    <button id="call">Place Call</button>
    <button id="answer">Answer Call</button>
    <button id="hangup">Hangup Call</button>
-    <div id="videoBackground">
-        <div id="videoContainer">
-            <video id="remote"></video>
-        </div>
-    </div>
-    <div id="videoBackground">
-        <div id="videoContainer">
-            <video id="local"></video>
-        </div>
+    <div id="videoBackground" class="video-background">
+        <video class="video-element" id="local"></video>
+        <video class="video-element" id="remote"></video>
    </div>
 </body>
+
 </html>
+
+<style>
+    .video-background {
+        height: 500px;
+        margin: 10px;
+    }
+
+    .video-element {
+        height: 100%;
+    }
+</style>
@@ -18,6 +18,13 @@
    "readme": "README.md",
    "recurse": true,
    "verbose": true,
-    "template": "node_modules/better-docs"
+    "template": "node_modules/docdash"
+  },
+  "docdash": {
+    "static": true,
+    "private": false,
+    "search": true,
+    "collapse": true,
+    "typedefs": true
  }
 }
@@ -1,24 +1,25 @@
 {
  "name": "matrix-js-sdk",
-  "version": "6.2.2",
+  "version": "11.2.0",
  "description": "Matrix Client-Server SDK for Javascript",
  "scripts": {
-    "prepare": "yarn build",
+    "prepublishOnly": "yarn build",
    "start": "echo THIS IS FOR LEGACY PURPOSES ONLY. && babel src -w -s -d lib --verbose --extensions \".ts,.js\"",
    "dist": "echo 'This is for the release script so it can make assets (browser bundle).' && yarn build",
    "clean": "rimraf lib dist",
-    "build": "yarn clean && git rev-parse HEAD > git-revision.txt && yarn build:compile && yarn build:compile-browser && yarn build:minify-browser && yarn build:types",
+    "build": "yarn build:dev && yarn build:compile-browser && yarn build:minify-browser",
+    "build:dev": "yarn clean && git rev-parse HEAD > git-revision.txt && yarn build:compile && yarn build:types",
    "build:types": "tsc --emitDeclarationOnly",
    "build:compile": "babel -d lib --verbose --extensions \".ts,.js\" src",
    "build:compile-browser": "mkdirp dist && browserify -d src/browser-index.js -p [ tsify -p ./tsconfig.json ] -t [ babelify --sourceMaps=inline --presets [ @babel/preset-env @babel/preset-typescript ] ] | exorcist dist/browser-matrix.js.map > dist/browser-matrix.js",
    "build:minify-browser": "terser dist/browser-matrix.js --compress --mangle --source-map --output dist/browser-matrix.min.js",
    "gendoc": "jsdoc -c jsdoc.json -P package.json",
-    "lint": "yarn lint:types && yarn lint:ts && yarn lint:js",
-    "lint:js": "eslint --max-warnings 81 src spec",
+    "lint": "yarn lint:types && yarn lint:js",
+    "lint:js": "eslint --max-warnings 72 src spec",
    "lint:types": "tsc --noEmit",
-    "lint:ts": "tslint --project ./tsconfig.json -t stylish",
-    "test": "jest spec/ --coverage --testEnvironment node",
-    "test:watch": "jest spec/ --coverage --testEnvironment node --watch"
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "coverage": "yarn test --coverage"
  },
  "repository": {
    "type": "git",
@@ -28,10 +29,11 @@
    "matrix-org"
  ],
  "main": "./lib/index.js",
-  "typings": "./lib/index.d.ts",
  "browser": "./lib/browser-index.js",
  "matrix_src_main": "./src/index.ts",
  "matrix_src_browser": "./src/browser-index.js",
+  "matrix_lib_main": "./lib/index.js",
+  "matrix_lib_typings": "./lib/index.d.ts",
  "author": "matrix.org",
  "license": "Apache-2.0",
  "files": [
@@ -47,52 +49,65 @@
    "release.sh"
  ],
  "dependencies": {
-    "@babel/runtime": "^7.8.3",
+    "@babel/runtime": "^7.12.5",
    "another-json": "^0.2.0",
    "browser-request": "^0.3.3",
    "bs58": "^4.0.1",
-    "content-type": "^1.0.2",
-    "loglevel": "^1.6.4",
-    "qs": "^6.5.2",
-    "request": "^2.88.0",
-    "unhomoglyph": "^1.0.2"
+    "content-type": "^1.0.4",
+    "loglevel": "^1.7.1",
+    "qs": "^6.9.6",
+    "request": "^2.88.2",
+    "unhomoglyph": "^1.0.6"
  },
  "devDependencies": {
-    "@babel/cli": "^7.7.5",
-    "@babel/core": "^7.7.5",
-    "@babel/plugin-proposal-class-properties": "^7.7.4",
-    "@babel/plugin-proposal-numeric-separator": "^7.7.4",
-    "@babel/plugin-proposal-object-rest-spread": "^7.7.4",
-    "@babel/plugin-syntax-dynamic-import": "^7.7.4",
-    "@babel/plugin-transform-runtime": "^7.8.3",
-    "@babel/preset-env": "^7.7.6",
-    "@babel/preset-typescript": "^7.7.4",
-    "@babel/register": "^7.7.4",
+    "@babel/cli": "^7.12.10",
+    "@babel/core": "^7.12.10",
+    "@babel/eslint-parser": "^7.12.10",
+    "@babel/eslint-plugin": "^7.12.10",
+    "@babel/plugin-proposal-class-properties": "^7.12.1",
+    "@babel/plugin-proposal-numeric-separator": "^7.12.7",
+    "@babel/plugin-proposal-object-rest-spread": "^7.12.1",
+    "@babel/plugin-syntax-dynamic-import": "^7.8.3",
+    "@babel/plugin-transform-runtime": "^7.12.10",
+    "@babel/preset-env": "^7.12.11",
+    "@babel/preset-typescript": "^7.12.7",
+    "@babel/register": "^7.12.10",
+    "@matrix-org/olm": "https://gitlab.matrix.org/api/v4/projects/27/packages/npm/@matrix-org/olm/-/@matrix-org/olm-3.2.3.tgz",
+    "@types/jest": "^26.0.20",
    "@types/node": "12",
-    "@types/request": "^2.48.4",
-    "babel-eslint": "^10.0.3",
-    "babel-jest": "^24.9.0",
+    "@types/request": "^2.48.5",
+    "@typescript-eslint/eslint-plugin": "^4.17.0",
+    "@typescript-eslint/parser": "^4.17.0",
+    "babel-jest": "^26.6.3",
    "babelify": "^10.0.0",
-    "better-docs": "^1.4.7",
-    "browserify": "^16.5.0",
-    "eslint": "^5.12.0",
-    "eslint-config-google": "^0.7.1",
-    "eslint-plugin-babel": "^5.3.0",
-    "eslint-plugin-jest": "^23.0.4",
+    "better-docs": "^2.3.2",
+    "browserify": "^17.0.0",
+    "docdash": "^1.2.0",
+    "eslint": "7.18.0",
+    "eslint-config-google": "^0.14.0",
+    "eslint-plugin-matrix-org": "github:matrix-org/eslint-plugin-matrix-org#main",
    "exorcist": "^1.0.1",
-    "fake-indexeddb": "^3.0.0",
-    "jest": "^24.9.0",
-    "jest-localstorage-mock": "^2.4.0",
-    "jsdoc": "^3.5.5",
+    "fake-indexeddb": "^3.1.2",
+    "jest": "^26.6.3",
+    "jest-localstorage-mock": "^2.4.6",
+    "jsdoc": "^3.6.6",
    "matrix-mock-request": "^1.2.3",
-    "olm": "https://packages.matrix.org/npm/olm/olm-3.1.4.tgz",
-    "rimraf": "^3.0.0",
-    "terser": "^4.4.3",
-    "tsify": "^4.0.1",
-    "tslint": "^5.20.1",
-    "typescript": "^3.7.3"
+    "rimraf": "^3.0.2",
+    "terser": "^5.5.1",
+    "tsify": "^5.0.2",
+    "typescript": "^4.1.3"
  },
  "jest": {
-    "testEnvironment": "node"
-  }
+    "testEnvironment": "node",
+    "testMatch": [
+      "<rootDir>/spec/**/*.spec.{js,ts}"
+    ],
+    "collectCoverageFrom": [
+      "<rootDir>/src/**/*.{js,ts}"
+    ],
+    "coverageReporters": [
+      "text"
+    ]
+  },
+  "typings": "./lib/index.d.ts"
 }
@@ -10,7 +10,7 @@
 #   npm; typically installed by Node.js
 #   yarn; install via brew (macOS) or similar (https://yarnpkg.com/docs/install/)
 #
-# Note: this script is also used to release matrix-react-sdk and riot-web.
+# Note: this script is also used to release matrix-react-sdk and element-web.

 set -e

@@ -94,6 +94,14 @@ if [ $# -ne 1 ]; then
    exit 1
 fi

+# We use Git branch / commit dependencies for some packages, and Yarn seems
+# to have a hard time getting that right. See also
+# https://github.com/yarnpkg/yarn/issues/4734. As a workaround, we clean the
+# global cache here to ensure we get the right thing.
+yarn cache clean
+# Ensure all dependencies are updated
+yarn install --ignore-scripts
+
 if [ -z "$skip_changelog" ]; then
    # update_changelog doesn't have a --version flag
    update_changelog -h > /dev/null || (echo "github-changelog-generator is required: please install it"; exit)
@@ -170,6 +178,19 @@ echo "yarn version"
 # manually commit the result.
 yarn version --no-git-tag-version --new-version "$release"

+# For the published and dist versions of the package, we copy the
+# `matrix_lib_main` and `matrix_lib_typings` fields to `main` and `typings` (if
+# they exist). This small bit of gymnastics allows us to use the TypeScript
+# source directly for development without needing to build before linting or
+# testing.
+for i in main typings
+do
+    lib_value=$(jq -r ".matrix_lib_$i" package.json)
+    if [ "$lib_value" != "null" ]; then
+        jq ".$i = .matrix_lib_$i" package.json > package.json.new && mv package.json.new package.json
+    fi
+done
+
 # commit yarn.lock if it exists, is versioned, and is modified
 if [[ -f yarn.lock && `git status --porcelain yarn.lock | grep '^ M'` ]];
 then
@@ -204,11 +225,6 @@ if [ $dodist -eq 0 ]; then
    pushd "$builddir"
    git clone "$projdir" .
    git checkout "$rel_branch"
-    # We use Git branch / commit dependencies for some packages, and Yarn seems
-    # to have a hard time getting that right. See also
-    # https://github.com/yarnpkg/yarn/issues/4734. As a workaround, we clean the
-    # global cache here to ensure we get the right thing.
-    yarn cache clean
    yarn install
    # We haven't tagged yet, so tell the dist script what version
    # it's building
@@ -327,6 +343,7 @@ if [ -z "$skip_jsdoc" ]; then
        $release index.html
    git add "$release"
    git commit --no-verify -m "Add jsdoc for $release" index.html "$release"
+    git push origin gh-pages
 fi

 # if it is a pre-release, leave it on the release branch for now.
@@ -339,18 +356,40 @@ fi
 echo "updating master branch"
 git checkout master
 git pull
-git merge "$rel_branch"
+git merge "$rel_branch" --no-edit

-# push master and docs (if generated) to github
+# push master to github
 git push origin master
-if [ -z "$skip_jsdoc" ]; then
-    git push origin gh-pages
-fi

 # finally, merge master back onto develop (if it exists)
 if [ $(git branch -lr | grep origin/develop -c) -ge 1 ]; then
    git checkout develop
    git pull
-    git merge master
+    git merge master --no-edit
+
+    # When merging to develop, we need revert the `main` and `typings` fields if
+    # we adjusted them previously.
+    for i in main typings
+    do
+        # If a `lib` prefixed value is present, it means we adjusted the field
+        # earlier at publish time, so we should revert it now.
+        if [ "$(jq -r ".matrix_lib_$i" package.json)" != "null" ]; then
+            # If there's a `src` prefixed value, use that, otherwise delete.
+            # This is used to delete the `typings` field and reset `main` back
+            # to the TypeScript source.
+            src_value=$(jq -r ".matrix_src_$i" package.json)
+            if [ "$src_value" != "null" ]; then
+                jq ".$i = .matrix_src_$i" package.json > package.json.new && mv package.json.new package.json
+            else
+                jq "del(.$i)" package.json > package.json.new && mv package.json.new package.json
+            fi
+        fi
+    done
+
+    if [ -n "$(git ls-files --modified package.json)" ]; then
+        echo "Committing develop package.json"
+        git commit package.json -m "Resetting package fields for development"
+    fi
+
    git push origin develop
 fi
@@ -20,12 +20,12 @@ limitations under the License.
 import './olm-loader';

 import MockHttpBackend from 'matrix-mock-request';
-import {LocalStorageCryptoStore} from '../src/crypto/store/localStorage-crypto-store';
-import {logger} from '../src/logger';
-import {WebStorageSessionStore} from "../src/store/session/webstorage";
-import {syncPromise} from "./test-utils";
-import {createClient} from "../src/matrix";
-import {MockStorageApi} from "./MockStorageApi";
+import { LocalStorageCryptoStore } from '../src/crypto/store/localStorage-crypto-store';
+import { logger } from '../src/logger';
+import { WebStorageSessionStore } from "../src/store/session/webstorage";
+import { syncPromise } from "./test-utils";
+import { createClient } from "../src/matrix";
+import { MockStorageApi } from "./MockStorageApi";

 /**
 * Wrapper for a MockStorageApi, MockHttpBackend and MatrixClient
@@ -69,6 +69,9 @@ export function TestClient(

    this.deviceKeys = null;
    this.oneTimeKeys = {};
+    this._callEventHandler = {
+        calls: new Map(),
+    };
 }

 TestClient.prototype.toString = function() {
@@ -126,11 +129,10 @@ TestClient.prototype.expectDeviceKeyUpload = function() {
        expect(Object.keys(self.oneTimeKeys).length).toEqual(0);

        self.deviceKeys = content.device_keys;
-        return {one_time_key_counts: {signed_curve25519: 0}};
+        return { one_time_key_counts: { signed_curve25519: 0 } };
    });
 };

-
 /**
 * If one-time keys have already been uploaded, return them. Otherwise,
 * set up an expectation that the keys will be uploaded, and wait for
@@ -148,9 +150,9 @@ TestClient.prototype.awaitOneTimeKeyUpload = function() {
        .respond(200, (path, content) => {
            expect(content.device_keys).toBe(undefined);
            expect(content.one_time_keys).toBe(undefined);
-            return {one_time_key_counts: {
+            return { one_time_key_counts: {
                signed_curve25519: Object.keys(this.oneTimeKeys).length,
-            }};
+            } };
        });

    this.httpBackend.when("POST", "/keys/upload")
@@ -161,9 +163,9 @@ TestClient.prototype.awaitOneTimeKeyUpload = function() {
              logger.log('%s: received %i one-time keys', this,
                          Object.keys(content.one_time_keys).length);
              this.oneTimeKeys = content.one_time_keys;
-              return {one_time_key_counts: {
+              return { one_time_key_counts: {
                  signed_curve25519: Object.keys(this.oneTimeKeys).length,
-              }};
+              } };
          });

    // this can take ages
@@ -194,7 +196,6 @@ TestClient.prototype.expectKeyQuery = function(response) {
        });
 };

-
 /**
 * get the uploaded curve25519 device key
 *
@@ -205,7 +206,6 @@ TestClient.prototype.getDeviceKey = function() {
    return this.deviceKeys.keys[keyId];
 };

-
 /**
 * get the uploaded ed25519 device key
 *
@@ -230,3 +230,7 @@ TestClient.prototype.flushSync = function() {
        logger.log(`${this}: flushSync completed`);
    });
 };
+
+TestClient.prototype.isFallbackICEServerAllowed = function() {
+    return true;
+};
@@ -17,10 +17,10 @@ limitations under the License.
 // load XmlHttpRequest mock
 import "./setupTests";
 import "../../dist/browser-matrix"; // uses browser-matrix instead of the src
-import {MockStorageApi} from "../MockStorageApi";
-import {WebStorageSessionStore} from "../../src/store/session/webstorage";
+import { MockStorageApi } from "../MockStorageApi";
+import { WebStorageSessionStore } from "../../src/store/session/webstorage";
 import MockHttpBackend from "matrix-mock-request";
-import {LocalStorageCryptoStore} from "../../src/crypto/store/localStorage-crypto-store";
+import { LocalStorageCryptoStore } from "../../src/crypto/store/localStorage-crypto-store";
 import * as utils from "../test-utils";

 const USER_ID = "@user:test.server";
@@ -58,7 +58,7 @@ describe("Browserify Test", function() {
    }

    beforeEach(async () => {
-        ({client, httpBackend} = await createTestClient());
+        ({ client, httpBackend } = await createTestClient());
        await client.startClient();
    });

@@ -99,5 +99,5 @@ describe("Browserify Test", function() {
                client.once("sync.unexpectedError", reject);
            }),
        ]);
-    }, 10000);
+    }, 20000); // additional timeout as this test can take quite a while
 });
@@ -16,9 +16,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {TestClient} from '../TestClient';
+import { TestClient } from '../TestClient';
 import * as testUtils from '../test-utils';
-import {logger} from '../../src/logger';
+import { logger } from '../../src/logger';

 const ROOM_ID = "!room:id";

@@ -67,7 +67,6 @@ function getSyncResponse(roomMembers) {
    return syncResponse;
 }

-
 describe("DeviceList management:", function() {
    if (!global.Olm) {
        logger.warn('not running deviceList tests: Olm not present');
@@ -98,7 +97,7 @@ describe("DeviceList management:", function() {
    });

    it("Alice shouldn't do a second /query for non-e2e-capable devices", function() {
-        aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+        aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
        return aliceTestClient.start().then(function() {
            const syncResponse = getSyncResponse(['@bob:xyz']);
            aliceTestClient.httpBackend.when('GET', '/sync').respond(200, syncResponse);
@@ -137,11 +136,10 @@ describe("DeviceList management:", function() {
        });
    });

-
    it("We should not get confused by out-of-order device query responses",
       () => {
-           // https://github.com/vector-im/riot-web/issues/3126
-           aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+           // https://github.com/vector-im/element-web/issues/3126
+           aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
           return aliceTestClient.start().then(() => {
               aliceTestClient.httpBackend.when('GET', '/sync').respond(
                   200, getSyncResponse(['@bob:xyz', '@chris:abc']));
@@ -160,7 +158,7 @@ describe("DeviceList management:", function() {
               );

               aliceTestClient.httpBackend.when('PUT', '/send/').respond(
-                   200, {event_id: '$event1'});
+                   200, { event_id: '$event1' });

               return Promise.all([
                   aliceTestClient.client.sendTextMessage(ROOM_ID, 'test'),
@@ -199,7 +197,7 @@ describe("DeviceList management:", function() {
                   },
                   token: '3',
               }).respond(200, {
-                   device_keys: {'@chris:abc': {}},
+                   device_keys: { '@chris:abc': {} },
               });
               return aliceTestClient.httpBackend.flush('/keys/query', 1);
           }).then((flushed) => {
@@ -228,7 +226,7 @@ describe("DeviceList management:", function() {
                   },
                   token: '2',
               }).respond(200, {
-                   device_keys: {'@bob:xyz': {}},
+                   device_keys: { '@bob:xyz': {} },
               });
               return aliceTestClient.httpBackend.flush('/keys/query', 1);
           }).then((flushed) => {
@@ -271,7 +269,7 @@ describe("DeviceList management:", function() {
           });
       }).timeout(3000);

-    // https://github.com/vector-im/riot-web/issues/4983
+    // https://github.com/vector-im/element-web/issues/4983
    describe("Alice should know she has stale device lists", () => {
        beforeEach(async function() {
            await aliceTestClient.start();
@@ -323,7 +321,6 @@ describe("DeviceList management:", function() {
                },
            );

-
            await aliceTestClient.flushSync();
            await aliceTestClient.client._crypto._deviceList.saveIfDirty();

@@ -28,11 +28,10 @@ limitations under the License.
 // load olm before the sdk if possible
 import '../olm-loader';

-import {logger} from '../../src/logger';
+import { logger } from '../../src/logger';
 import * as testUtils from "../test-utils";
-import * as utils from "../../src/utils";
-import {TestClient} from "../TestClient";
-import {CRYPTO_ENABLED} from "../../src/client";
+import { TestClient } from "../TestClient";
+import { CRYPTO_ENABLED } from "../../src/client";

 let aliTestClient;
 const roomId = "!room:localhost";
@@ -76,7 +75,7 @@ function expectAliQueryKeys() {
        );
        const result = {};
        result[bobUserId] = bobKeys;
-        return {device_keys: result};
+        return { device_keys: result };
    });
    return aliTestClient.httpBackend.flush("/keys/query", 1);
 }
@@ -104,7 +103,7 @@ function expectBobQueryKeys() {
        );
        const result = {};
        result[aliUserId] = aliKeys;
-        return {device_keys: result};
+        return { device_keys: result };
    });
    return bobTestClient.httpBackend.flush("/keys/query", 1);
 }
@@ -133,7 +132,7 @@ function expectAliClaimKeys() {
            result[bobUserId] = {};
            result[bobUserId][bobDeviceId] = {};
            result[bobUserId][bobDeviceId][keyId] = keys[keyId];
-            return {one_time_keys: result};
+            return { one_time_keys: result };
        });
    }).then(() => {
        // it can take a while to process the key query, so give it some extra
@@ -145,7 +144,6 @@ function expectAliClaimKeys() {
    });
 }

-
 function aliDownloadsKeys() {
    // can't query keys before bob has uploaded them
    expect(bobTestClient.getSigningKey()).toBeTruthy();
@@ -244,7 +242,7 @@ function bobSendsReplyMessage() {
 function expectAliSendMessageRequest() {
    return expectSendMessageRequest(aliTestClient.httpBackend).then(function(content) {
        aliMessages.push(content);
-        expect(utils.keys(content.ciphertext)).toEqual([bobTestClient.getDeviceKey()]);
+        expect(Object.keys(content.ciphertext)).toEqual([bobTestClient.getDeviceKey()]);
        const ciphertext = content.ciphertext[bobTestClient.getDeviceKey()];
        expect(ciphertext).toBeTruthy();
        return ciphertext;
@@ -261,7 +259,7 @@ function expectBobSendMessageRequest() {
        bobMessages.push(content);
        const aliKeyId = "curve25519:" + aliDeviceId;
        const aliDeviceCurve25519Key = aliTestClient.deviceKeys.keys[aliKeyId];
-        expect(utils.keys(content.ciphertext)).toEqual([aliDeviceCurve25519Key]);
+        expect(Object.keys(content.ciphertext)).toEqual([aliDeviceCurve25519Key]);
        const ciphertext = content.ciphertext[aliDeviceCurve25519Key];
        expect(ciphertext).toBeTruthy();
        return ciphertext;
@@ -270,7 +268,7 @@ function expectBobSendMessageRequest() {

 function sendMessage(client) {
    return client.sendMessage(
-        roomId, {msgtype: "m.text", body: "Hello, World"},
+        roomId, { msgtype: "m.text", body: "Hello, World" },
    );
 }

@@ -358,7 +356,6 @@ function recvMessage(httpBackend, client, sender, message) {
    });
 }

-
 /**
 * Send an initial sync response to the client (which just includes the member
 * list for our test room).
@@ -396,7 +393,6 @@ function firstSync(testClient) {
    return testClient.flushSync();
 }

-
 describe("MatrixClient crypto", function() {
    if (!CRYPTO_ENABLED) {
        return;
@@ -478,7 +474,7 @@ describe("MatrixClient crypto", function() {
        ).respond(200, function(path, content) {
            const result = {};
            result[bobUserId] = bobKeys;
-            return {device_keys: result};
+            return { device_keys: result };
        });

        return Promise.all([
@@ -520,7 +516,7 @@ describe("MatrixClient crypto", function() {
        ).respond(200, function(path, content) {
            const result = {};
            result[bobUserId] = bobKeys;
-            return {device_keys: result};
+            return { device_keys: result };
        });

        return Promise.all([
@@ -534,7 +530,6 @@ describe("MatrixClient crypto", function() {
        });
    });

-
    it("Bob starts his client and uploads device keys and one-time keys", function() {
        return Promise.resolve()
            .then(() => bobTestClient.start())
@@ -546,7 +541,7 @@ describe("MatrixClient crypto", function() {
    });

    it("Ali sends a message", function() {
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => bobTestClient.start())
@@ -556,7 +551,7 @@ describe("MatrixClient crypto", function() {
    });

    it("Bob receives a message", function() {
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => bobTestClient.start())
@@ -567,7 +562,7 @@ describe("MatrixClient crypto", function() {
    });

    it("Bob receives a message with a bogus sender", function() {
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => bobTestClient.start())
@@ -621,7 +616,7 @@ describe("MatrixClient crypto", function() {
    });

    it("Ali blocks Bob's device", function() {
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => bobTestClient.start())
@@ -641,7 +636,7 @@ describe("MatrixClient crypto", function() {
    });

    it("Bob receives two pre-key messages", function() {
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => bobTestClient.start())
@@ -654,8 +649,8 @@ describe("MatrixClient crypto", function() {
    });

    it("Bob replies to the message", function() {
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
-        bobTestClient.expectKeyQuery({device_keys: {[bobUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
+        bobTestClient.expectKeyQuery({ device_keys: { [bobUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => bobTestClient.start())
@@ -673,7 +668,7 @@ describe("MatrixClient crypto", function() {
    it("Ali does a key query when encryption is enabled", function() {
        // enabling encryption in the room should make alice download devices
        // for both members.
-        aliTestClient.expectKeyQuery({device_keys: {[aliUserId]: {}}});
+        aliTestClient.expectKeyQuery({ device_keys: { [aliUserId]: {} } });
        return Promise.resolve()
            .then(() => aliTestClient.start())
            .then(() => firstSync(aliTestClient))
@@ -1,5 +1,5 @@
 import * as utils from "../test-utils";
-import {TestClient} from "../TestClient";
+import { TestClient } from "../TestClient";

 describe("MatrixClient events", function() {
    let client;
@@ -1,7 +1,7 @@
 import * as utils from "../test-utils";
-import {EventTimeline} from "../../src/matrix";
-import {logger} from "../../src/logger";
-import {TestClient} from "../TestClient";
+import { EventTimeline } from "../../src/matrix";
+import { logger } from "../../src/logger";
+import { TestClient } from "../TestClient";

 const userId = "@alice:localhost";
 const userName = "Alice";
@@ -127,7 +127,7 @@ describe("getEventTimeline support", function() {
            "DEVICE",
            accessToken,
            undefined,
-            {timelineSupport: true},
+            { timelineSupport: true },
        );
        client = testClient.client;
        httpBackend = testClient.httpBackend;
@@ -141,7 +141,6 @@ describe("getEventTimeline support", function() {
        });
    });

-
    it("scrollback should be able to scroll back to before a gappy /sync",
      function() {
        // need a client with timelineSupport disabled to make this work
@@ -218,7 +217,7 @@ describe("MatrixClient event timelines", function() {
            "DEVICE",
            accessToken,
            undefined,
-            {timelineSupport: true},
+            { timelineSupport: true },
        );
        client = testClient.client;
        httpBackend = testClient.httpBackend;
@@ -516,7 +515,7 @@ describe("MatrixClient event timelines", function() {
                client.getEventTimeline(timelineSet, EVENTS[0].event_id,
                ).then(function(tl0) {
                    tl = tl0;
-                    return client.paginateEventTimeline(tl, {backwards: true});
+                    return client.paginateEventTimeline(tl, { backwards: true });
                }).then(function(success) {
                    expect(success).toBeTruthy();
                    expect(tl.getEvents().length).toEqual(3);
@@ -532,7 +531,6 @@ describe("MatrixClient event timelines", function() {
            ]);
        });

-
        it("should allow you to paginate forwards", function() {
            const room = client.getRoom(roomId);
            const timelineSet = room.getTimelineSets()[0];
@@ -569,7 +567,7 @@ describe("MatrixClient event timelines", function() {
                ).then(function(tl0) {
                    tl = tl0;
                    return client.paginateEventTimeline(
-                        tl, {backwards: false, limit: 20});
+                        tl, { backwards: false, limit: 20 });
                }).then(function(success) {
                    expect(success).toBeTruthy();
                    expect(tl.getEvents().length).toEqual(3);
@@ -591,7 +589,7 @@ describe("MatrixClient event timelines", function() {
        const event = utils.mkMessage({
            room: roomId, user: userId, msg: "a body",
        });
-        event.unsigned = {transaction_id: TXN_ID};
+        event.unsigned = { transaction_id: TXN_ID };

        beforeEach(function() {
            // set up handlers for both the message send, and the
@@ -680,7 +678,6 @@ describe("MatrixClient event timelines", function() {
        });
    });

-
    it("should handle gappy syncs after redactions", function() {
        // https://github.com/vector-im/vector-web/issues/1389

@@ -1,7 +1,7 @@
 import * as utils from "../test-utils";
-import {CRYPTO_ENABLED} from "../../src/client";
-import {Filter, MemoryStore, Room} from "../../src/matrix";
-import {TestClient} from "../TestClient";
+import { CRYPTO_ENABLED } from "../../src/client";
+import { Filter, MemoryStore, Room } from "../../src/matrix";
+import { TestClient } from "../TestClient";

 describe("MatrixClient", function() {
    let client = null;
@@ -285,7 +285,6 @@ describe("MatrixClient", function() {
        });
    });

-
    describe("downloadKeys", function() {
        if (!CRYPTO_ENABLED) {
            return;
@@ -346,10 +345,10 @@ describe("MatrixClient", function() {
            */

            httpBackend.when("POST", "/keys/query").check(function(req) {
-                expect(req.data).toEqual({device_keys: {
+                expect(req.data).toEqual({ device_keys: {
                    'boris': [],
                    'chaz': [],
-                }});
+                } });
            }).respond(200, {
                device_keys: {
                    boris: borisKeys,
@@ -379,12 +378,12 @@ describe("MatrixClient", function() {
    });

    describe("deleteDevice", function() {
-        const auth = {a: 1};
+        const auth = { a: 1 };
        it("should pass through an auth dict", function() {
            httpBackend.when(
                "DELETE", "/_matrix/client/r0/devices/my_device",
            ).check(function(req) {
-                expect(req.data).toEqual({auth: auth});
+                expect(req.data).toEqual({ auth: auth });
            }).respond(200);

            const prom = client.deleteDevice("my_device", auth);
@@ -1,9 +1,9 @@
 import * as utils from "../test-utils";
 import HttpBackend from "matrix-mock-request";
-import {MatrixClient} from "../../src/matrix";
-import {MatrixScheduler} from "../../src/scheduler";
-import {MemoryStore} from "../../src/store/memory";
-import {MatrixError} from "../../src/http-api";
+import { MatrixClient } from "../../src/matrix";
+import { MatrixScheduler } from "../../src/scheduler";
+import { MemoryStore } from "../../src/store/memory";
+import { MatrixError } from "../../src/http-api";

 describe("MatrixClient opts", function() {
    const baseUrl = "http://localhost.or.something";
@@ -1,7 +1,7 @@
-import {EventStatus} from "../../src/matrix";
-import {MatrixScheduler} from "../../src/scheduler";
-import {Room} from "../../src/models/room";
-import {TestClient} from "../TestClient";
+import { EventStatus } from "../../src/matrix";
+import { MatrixScheduler } from "../../src/scheduler";
+import { Room } from "../../src/models/room";
+import { TestClient } from "../TestClient";

 describe("MatrixClient retrying", function() {
    let client = null;
@@ -19,7 +19,7 @@ describe("MatrixClient retrying", function() {
            "DEVICE",
            accessToken,
            undefined,
-            {scheduler},
+            { scheduler },
        );
        httpBackend = testClient.httpBackend;
        client = testClient.client;
@@ -90,7 +90,7 @@ describe("MatrixClient retrying", function() {
        // wait for the localecho of ev1 to be updated
        const p3 = new Promise((resolve, reject) => {
            room.on("Room.localEchoUpdated", (ev0) => {
-                if(ev0 === ev1) {
+                if (ev0 === ev1) {
                    resolve();
                }
            });
@@ -1,7 +1,6 @@
 import * as utils from "../test-utils";
-import {EventStatus} from "../../src/models/event";
-import {TestClient} from "../TestClient";
-
+import { EventStatus } from "../../src/models/event";
+import { TestClient } from "../TestClient";

 describe("MatrixClient room timelines", function() {
    let client = null;
@@ -104,7 +103,7 @@ describe("MatrixClient room timelines", function() {
            "DEVICE",
            accessToken,
            undefined,
-            {timelineSupport: true},
+            { timelineSupport: true },
        );
        httpBackend = testClient.httpBackend;
        client = testClient.client;
@@ -166,7 +165,7 @@ describe("MatrixClient room timelines", function() {
                body: "I am a fish", user: userId, room: roomId,
            });
            ev.event_id = eventId;
-            ev.unsigned = {transaction_id: "txn1"};
+            ev.unsigned = { transaction_id: "txn1" };
            setNextSyncData([ev]);

            client.on("sync", function(state) {
@@ -198,7 +197,7 @@ describe("MatrixClient room timelines", function() {
                body: "I am a fish", user: userId, room: roomId,
            });
            ev.event_id = eventId;
-            ev.unsigned = {transaction_id: "txn1"};
+            ev.unsigned = { transaction_id: "txn1" };
            setNextSyncData([ev]);

            client.on("sync", function(state) {
@@ -396,8 +395,8 @@ describe("MatrixClient room timelines", function() {
    describe("new events", function() {
        it("should be added to the right place in the timeline", function() {
            const eventData = [
-                utils.mkMessage({user: userId, room: roomId}),
-                utils.mkMessage({user: userId, room: roomId}),
+                utils.mkMessage({ user: userId, room: roomId }),
+                utils.mkMessage({ user: userId, room: roomId }),
            ];
            setNextSyncData(eventData);

@@ -434,11 +433,11 @@ describe("MatrixClient room timelines", function() {

        it("should set the right event.sender values", function() {
            const eventData = [
-                utils.mkMessage({user: userId, room: roomId}),
+                utils.mkMessage({ user: userId, room: roomId }),
                utils.mkMembership({
                    user: userId, room: roomId, mship: "join", name: "New Name",
                }),
-                utils.mkMessage({user: userId, room: roomId}),
+                utils.mkMessage({ user: userId, room: roomId }),
            ];
            eventData[1].__prev_event = USER_MEMBERSHIP_EVENT;
            setNextSyncData(eventData);
@@ -546,7 +545,7 @@ describe("MatrixClient room timelines", function() {
    describe("gappy sync", function() {
        it("should copy the last known state to the new timeline", function() {
            const eventData = [
-                utils.mkMessage({user: userId, room: roomId}),
+                utils.mkMessage({ user: userId, room: roomId }),
            ];
            setNextSyncData(eventData);
            NEXT_SYNC_DATA.rooms.join[roomId].timeline.limited = true;
@@ -579,7 +578,7 @@ describe("MatrixClient room timelines", function() {

        it("should emit a 'Room.timelineReset' event", function() {
            const eventData = [
-                utils.mkMessage({user: userId, room: roomId}),
+                utils.mkMessage({ user: userId, room: roomId }),
            ];
            setNextSyncData(eventData);
            NEXT_SYNC_DATA.rooms.join[roomId].timeline.limited = true;
@@ -1,7 +1,7 @@
-import {MatrixEvent} from "../../src/models/event";
-import {EventTimeline} from "../../src/models/event-timeline";
+import { MatrixEvent } from "../../src/models/event";
+import { EventTimeline } from "../../src/models/event-timeline";
 import * as utils from "../test-utils";
-import {TestClient} from "../TestClient";
+import { TestClient } from "../TestClient";

 describe("MatrixClient syncing", function() {
    let client = null;
@@ -122,7 +122,6 @@ describe("MatrixClient syncing", function() {
                resolveInvitesToProfiles: true,
            });

-
            return Promise.all([
                httpBackend.flushAllExpected(),
                awaitSyncEvent(),
@@ -677,8 +676,8 @@ describe("MatrixClient syncing", function() {
        it("should create and use an appropriate filter", function() {
            httpBackend.when("POST", "/filter").check(function(req) {
                expect(req.data).toEqual({
-                    room: { timeline: {limit: 1},
-                            include_leave: true }});
+                    room: { timeline: { limit: 1 },
+                            include_leave: true } });
            }).respond(200, { filter_id: "another_id" });

            const prom = new Promise((resolve) => {
@@ -16,10 +16,9 @@ limitations under the License.
 */

 import anotherjson from "another-json";
-import * as utils from "../../src/utils";
 import * as testUtils from "../test-utils";
-import {TestClient} from "../TestClient";
-import {logger} from "../../src/logger";
+import { TestClient } from "../TestClient";
+import { logger } from "../../src/logger";

 const ROOM_ID = "!room:id";

@@ -32,7 +31,7 @@ const ROOM_ID = "!room:id";
 */
 function createOlmSession(olmAccount, recipientTestClient) {
    return recipientTestClient.awaitOneTimeKeyUpload().then((keys) => {
-        const otkId = utils.keys(keys)[0];
+        const otkId = Object.keys(keys)[0];
        const otk = keys[otkId];

        const session = new global.Olm.Session();
@@ -197,7 +196,6 @@ function getSyncResponse(roomMembers) {
    return syncResponse;
 }

-
 describe("megolm", function() {
    if (!global.Olm) {
        logger.warn('not running megolm tests: Olm not present');
@@ -257,7 +255,7 @@ describe("megolm", function() {
        const testOneTimeKeys = JSON.parse(testOlmAccount.one_time_keys());
        testOlmAccount.mark_keys_as_published();

-        const keyId = utils.keys(testOneTimeKeys.curve25519)[0];
+        const keyId = Object.keys(testOneTimeKeys.curve25519)[0];
        const oneTimeKey = testOneTimeKeys.curve25519[keyId];
        const keyResult = {
            'key': oneTimeKey,
@@ -269,7 +267,7 @@ describe("megolm", function() {
            'ed25519:DEVICE_ID': sig,
        };

-        const claimResponse = {one_time_keys: {}};
+        const claimResponse = { one_time_keys: {} };
        claimResponse.one_time_keys[userId] = {
            'DEVICE_ID': {},
        };
@@ -346,7 +344,7 @@ describe("megolm", function() {
    });

    it("Alice receives a megolm message before the session keys", function() {
-        // https://github.com/vector-im/riot-web/issues/2273
+        // https://github.com/vector-im/element-web/issues/2273
        let roomKeyEncrypted;

        return aliceTestClient.start().then(() => {
@@ -484,8 +482,9 @@ describe("megolm", function() {
            return aliceTestClient.flushSync().then(() => {
                return aliceTestClient.flushSync();
            });
-        }).then(function() {
+        }).then(async function() {
            const room = aliceTestClient.client.getRoom(ROOM_ID);
+            await room.decryptCriticalEvents();
            const event = room.getLiveTimeline().getEvents()[0];
            expect(event.getContent().body).toEqual('42');
        });
@@ -494,7 +493,7 @@ describe("megolm", function() {
    it('Alice sends a megolm message', function() {
        let p2pSession;

-        aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+        aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
        return aliceTestClient.start().then(() => {
            // establish an olm session with alice
            return createOlmSession(testOlmAccount, aliceTestClient);
@@ -577,7 +576,7 @@ describe("megolm", function() {
    });

    it("We shouldn't attempt to send to blocked devices", function() {
-        aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+        aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
        return aliceTestClient.start().then(() => {
            // establish an olm session with alice
            return createOlmSession(testOlmAccount, aliceTestClient);
@@ -634,7 +633,7 @@ describe("megolm", function() {
        let p2pSession;
        let megolmSessionId;

-        aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+        aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
        return aliceTestClient.start().then(() => {
            // establish an olm session with alice
            return createOlmSession(testOlmAccount, aliceTestClient);
@@ -726,7 +725,7 @@ describe("megolm", function() {
        });
    });

-    // https://github.com/vector-im/riot-web/issues/2676
+    // https://github.com/vector-im/element-web/issues/2676
    it("Alice should send to her other devices", function() {
        // for this test, we make the testOlmAccount be another of Alice's devices.
        // it ought to get included in messages Alice sends.
@@ -841,13 +840,12 @@ describe("megolm", function() {
        });
    });

-
    it('Alice should wait for device list to complete when sending a megolm message',
    function() {
        let downloadPromise;
        let sendPromise;

-        aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+        aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
        return aliceTestClient.start().then(() => {
            // establish an olm session with alice
            return createOlmSession(testOlmAccount, aliceTestClient);
@@ -887,11 +885,10 @@ describe("megolm", function() {
        });
    });

-
    it("Alice exports megolm keys and imports them to a new device", function() {
        let messageEncrypted;

-        aliceTestClient.expectKeyQuery({device_keys: {'@alice:localhost': {}}});
+        aliceTestClient.expectKeyQuery({ device_keys: { '@alice:localhost': {} } });
        return aliceTestClient.start().then(() => {
            // establish an olm session with alice
            return createOlmSession(testOlmAccount, aliceTestClient);
@@ -933,8 +930,9 @@ describe("megolm", function() {

            aliceTestClient.httpBackend.when("GET", "/sync").respond(200, syncResponse);
            return aliceTestClient.flushSync();
-        }).then(function() {
+        }).then(async function() {
            const room = aliceTestClient.client.getRoom(ROOM_ID);
+            await room.decryptCriticalEvents();
            const event = room.getLiveTimeline().getEvents()[0];
            expect(event.getContent().body).toEqual('42');

@@ -971,4 +969,60 @@ describe("megolm", function() {
            expect(event.getContent().body).toEqual('42');
        });
    });
+
+    it("Alice receives an untrusted megolm key, only to receive the trusted one shortly after", function() {
+        const testClient = new TestClient(
+            "@alice:localhost", "device2", "access_token2",
+        );
+        const groupSession = new Olm.OutboundGroupSession();
+        groupSession.create();
+        const inboundGroupSession = new Olm.InboundGroupSession();
+        inboundGroupSession.create(groupSession.session_key());
+        const rawEvent = encryptMegolmEvent({
+            senderKey: testSenderKey,
+            groupSession: groupSession,
+            room_id: ROOM_ID,
+        });
+        return testClient.client.initCrypto().then(() => {
+            const keys = [{
+                room_id: ROOM_ID,
+                algorithm: 'm.megolm.v1.aes-sha2',
+                session_id: groupSession.session_id(),
+                session_key: inboundGroupSession.export_session(0),
+                sender_key: testSenderKey,
+            }];
+            return testClient.client.importRoomKeys(keys, { untrusted: true });
+        }).then(() => {
+            const event = testUtils.mkEvent({
+                event: true,
+                ...rawEvent,
+                room: ROOM_ID,
+            });
+            return event.attemptDecryption(testClient.client._crypto, true).then(() => {
+                expect(event.isKeySourceUntrusted()).toBeTruthy();
+            });
+        }).then(() => {
+            const event = testUtils.mkEvent({
+                type: 'm.room_key',
+                content: {
+                    room_id: ROOM_ID,
+                    algorithm: 'm.megolm.v1.aes-sha2',
+                    session_id: groupSession.session_id(),
+                    session_key: groupSession.session_key(),
+                },
+                event: true,
+            });
+            event._senderCurve25519Key = testSenderKey;
+            return testClient.client._crypto._onRoomKeyEvent(event);
+        }).then(() => {
+            const event = testUtils.mkEvent({
+                event: true,
+                ...rawEvent,
+                room: ROOM_ID,
+            });
+            return event.attemptDecryption(testClient.client._crypto, true).then(() => {
+                expect(event.isKeySourceUntrusted()).toBeFalsy();
+            });
+        });
+    });
 });
@@ -15,12 +15,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../src/logger';
+import { logger } from '../src/logger';
 import * as utils from "../src/utils";

 // try to load the olm library.
 try {
-    global.Olm = require('olm');
+    global.Olm = require('@matrix-org/olm');
    logger.log('loaded libolm');
 } catch (e) {
    logger.warn("unable to run crypto tests: libolm not available");
@@ -31,5 +31,5 @@ try {
    const crypto = require('crypto');
    utils.setCrypto(crypto);
 } catch (err) {
-    console.log('nodejs was compiled without crypto support: some tests will fail');
+    logger.log('nodejs was compiled without crypto support: some tests will fail');
 }
@@ -1,8 +1,8 @@
 // load olm before the sdk if possible
 import './olm-loader';

-import {logger} from '../src/logger';
-import {MatrixEvent} from "../src/models/event";
+import { logger } from '../src/logger';
+import { MatrixEvent } from "../src/models/event";

 /**
 * Return a promise that is resolved when the client next emits a
@@ -177,7 +177,6 @@ export function mkMessage(opts) {
    return mkEvent(opts);
 }

-
 /**
 * A mock implementation of webstorage
 *
@@ -204,7 +203,6 @@ MockStorageApi.prototype = {
    },
 };

-
 /**
 * If an event is being decrypted, wait for it to finish being decrypted.
 *
@@ -212,21 +210,23 @@ MockStorageApi.prototype = {
 * @returns {Promise} promise which resolves (to `event`) when the event has been decrypted
 */
 export function awaitDecryption(event) {
-    if (!event.isBeingDecrypted()) {
-        return Promise.resolve(event);
-    }
+    // An event is not always decrypted ahead of time
+    // getClearContent is a good signal to know whether an event has been decrypted
+    // already
+    if (event.getClearContent() !== null) {
+        return event;
+    } else {
+        logger.log(`${Date.now()} event ${event.getId()} is being decrypted; waiting`);

-    logger.log(`${Date.now()} event ${event.getId()} is being decrypted; waiting`);
-
-    return new Promise((resolve, reject) => {
-        event.once('Event.decrypted', (ev) => {
-            logger.log(`${Date.now()} event ${event.getId()} now decrypted`);
-            resolve(ev);
+        return new Promise((resolve, reject) => {
+            event.once('Event.decrypted', (ev) => {
+                logger.log(`${Date.now()} event ${event.getId()} now decrypted`);
+                resolve(ev);
+            });
        });
-    });
+    }
 }

-
 export function HttpResponse(
    httpLookups, acceptKeepalives, ignoreUnhandledSync,
 ) {
@@ -0,0 +1,72 @@
+/*
+Copyright 2021 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { EventEmitter } from "events";
+import { ReEmitter } from "../../src/ReEmitter";
+
+const EVENTNAME = "UnknownEntry";
+
+class EventSource extends EventEmitter {
+    doTheThing() {
+        this.emit(EVENTNAME, "foo", "bar");
+    }
+
+    doAnError() {
+        this.emit('error');
+    }
+}
+
+class EventTarget extends EventEmitter {
+
+}
+
+describe("ReEmitter", function() {
+    it("Re-Emits events with the same args", function() {
+        const src = new EventSource();
+        const tgt = new EventTarget();
+
+        const handler = jest.fn();
+        tgt.on(EVENTNAME, handler);
+
+        const reEmitter = new ReEmitter(tgt);
+        reEmitter.reEmit(src, [EVENTNAME]);
+
+        src.doTheThing();
+
+        // Args should be the args passed to 'emit' after the event name, and
+        // also the source object of the event which re-emitter adds
+        expect(handler).toHaveBeenCalledWith("foo", "bar", src);
+    });
+
+    it("Doesn't throw if no handler for 'error' event", function() {
+        const src = new EventSource();
+        const tgt = new EventTarget();
+
+        const reEmitter = new ReEmitter(tgt);
+        reEmitter.reEmit(src, ['error']);
+
+        // without the workaround in ReEmitter, this would throw
+        src.doAnError();
+
+        const handler = jest.fn();
+        tgt.on('error', handler);
+
+        src.doAnError();
+
+        // Now we've attached an error handler, it should be called
+        expect(handler).toHaveBeenCalled();
+    });
+});
@@ -17,7 +17,7 @@ limitations under the License.

 import MockHttpBackend from "matrix-mock-request";
 import * as sdk from "../../src";
-import {AutoDiscovery} from "../../src/autodiscovery";
+import { AutoDiscovery } from "../../src/autodiscovery";

 describe("AutoDiscovery", function() {
    let httpBackend = null;
@@ -1,4 +1,4 @@
-import {getHttpUriForMxc, getIdenticonUri} from "../../src/content-repo";
+import { getHttpUriForMxc } from "../../src/content-repo";

 describe("ContentRepo", function() {
    const baseUrl = "https://my.home.server";
@@ -56,31 +56,4 @@ describe("ContentRepo", function() {
            );
        });
    });
-
-    describe("getIdenticonUri", function() {
-        it("should do nothing for null input", function() {
-            expect(getIdenticonUri(null)).toEqual(null);
-        });
-
-        it("should set w/h by default to 96", function() {
-            expect(getIdenticonUri(baseUrl, "foobar")).toEqual(
-                baseUrl + "/_matrix/media/unstable/identicon/foobar" +
-                "?width=96&height=96",
-            );
-        });
-
-        it("should be able to set custom w/h", function() {
-            expect(getIdenticonUri(baseUrl, "foobar", 32, 64)).toEqual(
-                baseUrl + "/_matrix/media/unstable/identicon/foobar" +
-                "?width=32&height=64",
-            );
-        });
-
-        it("should URL encode the identicon string", function() {
-            expect(getIdenticonUri(baseUrl, "foo#bar", 32, 64)).toEqual(
-                baseUrl + "/_matrix/media/unstable/identicon/foo%23bar" +
-                "?width=32&height=64",
-            );
-        });
-    });
 });
@@ -1,15 +1,16 @@
 import '../olm-loader';
-import {Crypto} from "../../src/crypto";
-import {WebStorageSessionStore} from "../../src/store/session/webstorage";
-import {MemoryCryptoStore} from "../../src/crypto/store/memory-crypto-store";
-import {MockStorageApi} from "../MockStorageApi";
-import {TestClient} from "../TestClient";
-import {MatrixEvent} from "../../src/models/event";
-import {Room} from "../../src/models/room";
+import { Crypto } from "../../src/crypto";
+import { WebStorageSessionStore } from "../../src/store/session/webstorage";
+import { MemoryCryptoStore } from "../../src/crypto/store/memory-crypto-store";
+import { MockStorageApi } from "../MockStorageApi";
+import { TestClient } from "../TestClient";
+import { MatrixEvent } from "../../src/models/event";
+import { Room } from "../../src/models/room";
 import * as olmlib from "../../src/crypto/olmlib";
-import {sleep} from "../../src/utils";
-import {EventEmitter} from "events";
-import {CRYPTO_ENABLED} from "../../src/client";
+import { sleep } from "../../src/utils";
+import { EventEmitter } from "events";
+import { CRYPTO_ENABLED } from "../../src/client";
+import { DeviceInfo } from "../../src/crypto/deviceinfo";

 const Olm = global.Olm;

@@ -26,6 +27,66 @@ describe("Crypto", function() {
        expect(Crypto.getOlmVersion()[0]).toEqual(3);
    });

+    describe("encrypted events", function() {
+        it("provides encryption information", async function() {
+            const client = (new TestClient(
+                "@alice:example.com", "deviceid",
+            )).client;
+            await client.initCrypto();
+
+            // unencrypted event
+            const event = {
+                getId: () => "$event_id",
+                getSenderKey: () => null,
+                getWireContent: () => {return {};},
+            };
+
+            let encryptionInfo = client.getEventEncryptionInfo(event);
+            expect(encryptionInfo.encrypted).toBeFalsy();
+
+            // unknown sender (e.g. deleted device), forwarded megolm key (untrusted)
+            event.getSenderKey = () => 'YmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmI';
+            event.getWireContent = () => {return { algorithm: olmlib.MEGOLM_ALGORITHM };};
+            event.getForwardingCurve25519KeyChain = () => ["not empty"];
+            event.isKeySourceUntrusted = () => false;
+            event.getClaimedEd25519Key =
+                () => 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';
+
+            encryptionInfo = client.getEventEncryptionInfo(event);
+            expect(encryptionInfo.encrypted).toBeTruthy();
+            expect(encryptionInfo.authenticated).toBeFalsy();
+            expect(encryptionInfo.sender).toBeFalsy();
+
+            // known sender, megolm key from backup
+            event.getForwardingCurve25519KeyChain = () => [];
+            event.isKeySourceUntrusted = () => true;
+            const device = new DeviceInfo("FLIBBLE");
+            device.keys["curve25519:FLIBBLE"] =
+                'YmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmI';
+            device.keys["ed25519:FLIBBLE"] =
+                'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';
+            client._crypto._deviceList.getDeviceByIdentityKey = () => device;
+
+            encryptionInfo = client.getEventEncryptionInfo(event);
+            expect(encryptionInfo.encrypted).toBeTruthy();
+            expect(encryptionInfo.authenticated).toBeFalsy();
+            expect(encryptionInfo.sender).toBeTruthy();
+            expect(encryptionInfo.mismatchedSender).toBeFalsy();
+
+            // known sender, trusted megolm key, but bad ed25519key
+            event.isKeySourceUntrusted = () => false;
+            device.keys["ed25519:FLIBBLE"] =
+                'BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB';
+
+            encryptionInfo = client.getEventEncryptionInfo(event);
+            expect(encryptionInfo.encrypted).toBeTruthy();
+            expect(encryptionInfo.authenticated).toBeTruthy();
+            expect(encryptionInfo.sender).toBeTruthy();
+            expect(encryptionInfo.mismatchedSender).toBeTruthy();
+
+            client.stopClient();
+        });
+    });

    describe('Session management', function() {
        const otkResponse = {
@@ -22,10 +22,11 @@ import {
 import {
    IndexedDBCryptoStore,
 } from '../../../src/crypto/store/indexeddb-crypto-store';
-import {MemoryCryptoStore} from '../../../src/crypto/store/memory-crypto-store';
+import { MemoryCryptoStore } from '../../../src/crypto/store/memory-crypto-store';
 import 'fake-indexeddb/auto';
 import 'jest-localstorage-mock';
-import {OlmDevice} from "../../../src/crypto/OlmDevice";
+import { OlmDevice } from "../../../src/crypto/OlmDevice";
+import { logger } from '../../../src/logger';

 const userId = "@alice:example.com";

@@ -38,7 +39,7 @@ const testKey = new Uint8Array([
 ]);

 const types = [
-    { type: "master", shouldCache: false },
+    { type: "master", shouldCache: true },
    { type: "self_signing", shouldCache: true },
    { type: "user_signing", shouldCache: true },
    { type: "invalid", shouldCache: false },
@@ -51,7 +52,7 @@ const masterKeyPub = "nqOvzeuGWT/sRx3h7+MHoInYj3Uk2LD/unI9kDYcHwk";

 describe("CrossSigningInfo.getCrossSigningKey", function() {
    if (!global.Olm) {
-        console.warn('Not running megolm backup unit tests: libolm not present');
+        logger.warn('Not running megolm backup unit tests: libolm not present');
        return;
    }

@@ -65,7 +66,7 @@ describe("CrossSigningInfo.getCrossSigningKey", function() {
    });

    it.each(types)("should throw if the callback returns falsey",
-                   async ({type, shouldCache}) => {
+                   async ({ type, shouldCache }) => {
        const info = new CrossSigningInfo(userId, {
            getCrossSigningKey: () => false,
        });
@@ -83,9 +84,16 @@ describe("CrossSigningInfo.getCrossSigningKey", function() {
        const info = new CrossSigningInfo(userId, {
            getCrossSigningKey: () => testKey,
        });
-        const [pubKey, ab] = await info.getCrossSigningKey("master", masterKeyPub);
+        const [pubKey, pkSigning] = await info.getCrossSigningKey("master", masterKeyPub);
        expect(pubKey).toEqual(masterKeyPub);
-        expect(ab).toEqual({a: 106712, b: 106712});
+        // check that the pkSigning object corresponds to the pubKey
+        const signature = pkSigning.sign("message");
+        const util = new global.Olm.Utility();
+        try {
+            util.ed25519_verify(pubKey, "message", signature);
+        } finally {
+            util.free();
+        }
    });

    it.each(types)("should request a key from the cache callback (if set)" +
@@ -16,10 +16,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from "../../../src/logger";
+import { logger } from "../../../src/logger";
 import * as utils from "../../../src/utils";
-import {MemoryCryptoStore} from "../../../src/crypto/store/memory-crypto-store";
-import {DeviceList} from "../../../src/crypto/DeviceList";
+import { MemoryCryptoStore } from "../../../src/crypto/store/memory-crypto-store";
+import { DeviceList } from "../../../src/crypto/DeviceList";

 const signedDeviceList = {
    "failures": {},
@@ -51,6 +51,36 @@ const signedDeviceList = {
    },
 };

+const signedDeviceList2 = {
+    "failures": {},
+    "device_keys": {
+        "@test2:sw1v.org": {
+            "QJVRHWAKGH": {
+                "signatures": {
+                    "@test2:sw1v.org": {
+                        "ed25519:QJVRHWAKGH":
+                            "w1xxdLe1iIqzEFHLRVYQeuiM6t2N2ZRiI8s5nDKxf054BP8" +
+                            "1CPEX/AQXh5BhkKAVMlKnwg4T9zU1/wBALeajk3",
+                    },
+                },
+                "user_id": "@test2:sw1v.org",
+                "keys": {
+                    "ed25519:QJVRHWAKGH":
+                        "Ig0/C6T+bBII1l2By2Wnnvtjp1nm/iXBlLU5/QESFXL",
+                    "curve25519:QJVRHWAKGH":
+                        "YR3eQnUvTQzGlWih4rsmJkKxpDxzgkgIgsBd1DEZIbm",
+                },
+                "algorithms": [
+                    "m.olm.v1.curve25519-aes-sha2",
+                    "m.megolm.v1.aes-sha2",
+                ],
+                "device_id": "QJVRHWAKGH",
+                "unsigned": {},
+            },
+        },
+    },
+};
+
 describe('DeviceList', function() {
    let downloadSpy;
    let cryptoStore;
@@ -69,14 +99,16 @@ describe('DeviceList', function() {
        }
    });

-    function createTestDeviceList() {
+    function createTestDeviceList(keyDownloadChunkSize = 250) {
        const baseApis = {
            downloadKeysForUsers: downloadSpy,
+            getUserId: () => '@test1:sw1v.org',
+            deviceId: 'HGKAWHRVJQ',
        };
        const mockOlm = {
            verifySignature: function(key, message, signature) {},
        };
-        const dl = new DeviceList(baseApis, cryptoStore, mockOlm);
+        const dl = new DeviceList(baseApis, cryptoStore, mockOlm, keyDownloadChunkSize);
        deviceLists.push(dl);
        return dl;
    }
@@ -148,4 +180,30 @@ describe('DeviceList', function() {
            expect(Object.keys(storedKeys)).toEqual(['HGKAWHRVJQ']);
        });
    });
+
+    it("should download device keys in batches", function() {
+        const dl = createTestDeviceList(1);
+
+        dl.startTrackingDeviceList('@test1:sw1v.org');
+        dl.startTrackingDeviceList('@test2:sw1v.org');
+
+        const queryDefer1 = utils.defer();
+        downloadSpy.mockReturnValueOnce(queryDefer1.promise);
+        const queryDefer2 = utils.defer();
+        downloadSpy.mockReturnValueOnce(queryDefer2.promise);
+
+        const prom1 = dl.refreshOutdatedDeviceLists();
+        expect(downloadSpy).toBeCalledTimes(2);
+        expect(downloadSpy).toHaveBeenNthCalledWith(1, ['@test1:sw1v.org'], {});
+        expect(downloadSpy).toHaveBeenNthCalledWith(2, ['@test2:sw1v.org'], {});
+        queryDefer1.resolve(utils.deepCopy(signedDeviceList));
+        queryDefer2.resolve(utils.deepCopy(signedDeviceList2));
+
+        return prom1.then(() => {
+            const storedKeys1 = dl.getRawStoredDevicesForUser('@test1:sw1v.org');
+            expect(Object.keys(storedKeys1)).toEqual(['HGKAWHRVJQ']);
+            const storedKeys2 = dl.getRawStoredDevicesForUser('@test2:sw1v.org');
+            expect(Object.keys(storedKeys2)).toEqual(['QJVRHWAKGH']);
+        });
+    });
 });
@@ -1,14 +1,14 @@
 import '../../../olm-loader';
 import * as algorithms from "../../../../src/crypto/algorithms";
-import {MemoryCryptoStore} from "../../../../src/crypto/store/memory-crypto-store";
-import {MockStorageApi} from "../../../MockStorageApi";
+import { MemoryCryptoStore } from "../../../../src/crypto/store/memory-crypto-store";
+import { MockStorageApi } from "../../../MockStorageApi";
 import * as testUtils from "../../../test-utils";
-import {OlmDevice} from "../../../../src/crypto/OlmDevice";
-import {Crypto} from "../../../../src/crypto";
-import {logger} from "../../../../src/logger";
-import {MatrixEvent} from "../../../../src/models/event";
-import {TestClient} from "../../../TestClient";
-import {Room} from "../../../../src/models/room";
+import { OlmDevice } from "../../../../src/crypto/OlmDevice";
+import { Crypto } from "../../../../src/crypto";
+import { logger } from "../../../../src/logger";
+import { MatrixEvent } from "../../../../src/models/event";
+import { TestClient } from "../../../TestClient";
+import { Room } from "../../../../src/models/room";
 import * as olmlib from "../../../../src/crypto/olmlib";

 const MegolmDecryption = algorithms.DECRYPTION_CLASSES['m.megolm.v1.aes-sha2'];
@@ -50,7 +50,6 @@ describe("MegolmDecryption", function() {
            roomId: ROOM_ID,
        });

-
        // we stub out the olm encryption bits
        mockOlmLib = {};
        mockOlmLib.ensureOlmSessionsForDevices = jest.fn();
@@ -136,9 +135,9 @@ describe("MegolmDecryption", function() {
                mockCrypto.getStoredDevice.mockReturnValue(deviceInfo);

                mockOlmLib.ensureOlmSessionsForDevices.mockResolvedValue({
-                    '@alice:foo': {'alidevice': {
+                    '@alice:foo': { 'alidevice': {
                        sessionId: 'alisession',
-                    }},
+                    } },
                });

                const awaitEncryptForDevice = new Promise((res, rej) => {
@@ -313,7 +312,7 @@ describe("MegolmDecryption", function() {
            });
            const mockRoom = {
                getEncryptionTargetMembers: jest.fn().mockReturnValue(
-                    [{userId: "@alice:home.server"}],
+                    [{ userId: "@alice:home.server" }],
                ),
                getBlacklistUnverifiedDevices: jest.fn().mockReturnValue(false),
            };
@@ -373,7 +372,7 @@ describe("MegolmDecryption", function() {
        const roomId = "!someroom";
        const room = new Room(roomId, aliceClient, "@alice:example.com", {});
        room.getEncryptionTargetMembers = async function() {
-            return [{userId: "@bob:example.com"}];
+            return [{ userId: "@bob:example.com" }];
        };
        room.setBlacklistUnverifiedDevices(true);
        aliceClient.store.storeRoom(room);
@@ -16,12 +16,12 @@ limitations under the License.
 */

 import '../../../olm-loader';
-import {MemoryCryptoStore} from "../../../../src/crypto/store/memory-crypto-store";
-import {MockStorageApi} from "../../../MockStorageApi";
-import {logger} from "../../../../src/logger";
-import {OlmDevice} from "../../../../src/crypto/OlmDevice";
+import { MemoryCryptoStore } from "../../../../src/crypto/store/memory-crypto-store";
+import { MockStorageApi } from "../../../MockStorageApi";
+import { logger } from "../../../../src/logger";
+import { OlmDevice } from "../../../../src/crypto/OlmDevice";
 import * as olmlib from "../../../../src/crypto/olmlib";
-import {DeviceInfo} from "../../../../src/crypto/deviceinfo";
+import { DeviceInfo } from "../../../../src/crypto/deviceinfo";

 function makeOlmDevice() {
    const mockStorage = new MockStorageApi();
@@ -190,5 +190,91 @@ describe("OlmDevice", function() {
            // new session and will have called claimOneTimeKeys
            expect(count).toBe(2);
        });
+
+        it("avoids deadlocks when two tasks are ensuring the same devices", async function() {
+            // This test checks whether `ensureOlmSessionsForDevices` properly
+            // handles multiple tasks in flight ensuring some set of devices in
+            // common without deadlocks.
+
+            let claimRequestCount = 0;
+            const baseApis = {
+                claimOneTimeKeys: () => {
+                    // simulate a very slow server (.5 seconds to respond)
+                    claimRequestCount++;
+                    return new Promise((resolve, reject) => {
+                        setTimeout(reject, 500);
+                    });
+                },
+            };
+
+            const deviceBobA = DeviceInfo.fromStorage({
+                keys: {
+                    "curve25519:BOB-A": "akey",
+                },
+            }, "BOB-A");
+            const deviceBobB = DeviceInfo.fromStorage({
+                keys: {
+                    "curve25519:BOB-B": "bkey",
+                },
+            }, "BOB-B");
+
+            // There's no required ordering of devices per user, so here we
+            // create two different orderings so that each task reserves a
+            // device the other task needs before continuing.
+            const devicesByUserAB = {
+                "@bob:example.com": [
+                    deviceBobA,
+                    deviceBobB,
+                ],
+            };
+            const devicesByUserBA = {
+                "@bob:example.com": [
+                    deviceBobB,
+                    deviceBobA,
+                ],
+            };
+
+            function alwaysSucceed(promise) {
+                // swallow any exception thrown by a promise, so that
+                // Promise.all doesn't abort
+                return promise.catch(() => {});
+            }
+
+            const task1 = alwaysSucceed(olmlib.ensureOlmSessionsForDevices(
+                aliceOlmDevice, baseApis, devicesByUserAB,
+            ));
+
+            // After a single tick through the first task, it should have
+            // claimed ownership of all devices to avoid deadlocking others.
+            expect(Object.keys(aliceOlmDevice._sessionsInProgress).length).toBe(2);
+
+            const task2 = alwaysSucceed(olmlib.ensureOlmSessionsForDevices(
+                aliceOlmDevice, baseApis, devicesByUserBA,
+            ));
+
+            // The second task should not have changed the ownership count, as
+            // it's waiting on the first task.
+            expect(Object.keys(aliceOlmDevice._sessionsInProgress).length).toBe(2);
+
+            // Track the tasks, but don't await them yet.
+            const promises = Promise.all([
+                task1,
+                task2,
+            ]);
+
+            await new Promise((resolve) => {
+                setTimeout(resolve, 200);
+            });
+
+            // After .2s, the first task should have made an initial claim request.
+            expect(claimRequestCount).toBe(1);
+
+            await promises;
+
+            // After waiting for both tasks to complete, the first task should
+            // have failed, so the second task should have tried to create a
+            // new session and will have called claimOneTimeKeys
+            expect(claimRequestCount).toBe(2);
+        });
    });
 });
@@ -16,17 +16,18 @@ limitations under the License.
 */

 import '../../olm-loader';
-import {logger} from "../../../src/logger";
+import { logger } from "../../../src/logger";
 import * as olmlib from "../../../src/crypto/olmlib";
-import {MatrixClient} from "../../../src/client";
-import {MatrixEvent} from "../../../src/models/event";
+import { MatrixClient } from "../../../src/client";
+import { MatrixEvent } from "../../../src/models/event";
 import * as algorithms from "../../../src/crypto/algorithms";
-import {WebStorageSessionStore} from "../../../src/store/session/webstorage";
-import {MemoryCryptoStore} from "../../../src/crypto/store/memory-crypto-store";
-import {MockStorageApi} from "../../MockStorageApi";
+import { WebStorageSessionStore } from "../../../src/store/session/webstorage";
+import { MemoryCryptoStore } from "../../../src/crypto/store/memory-crypto-store";
+import { MockStorageApi } from "../../MockStorageApi";
 import * as testUtils from "../../test-utils";
-import {OlmDevice} from "../../../src/crypto/OlmDevice";
-import {Crypto} from "../../../src/crypto";
+import { OlmDevice } from "../../../src/crypto/OlmDevice";
+import { Crypto } from "../../../src/crypto";
+import { resetCrossSigningKeys } from "./crypto-utils";

 const Olm = global.Olm;

@@ -332,7 +333,7 @@ describe("MegolmBackup", function() {
            client.on("crossSigning.getKey", function(e) {
                e.done(privateKeys[e.type]);
            });
-            await client.resetCrossSigningKeys();
+            await resetCrossSigningKeys(client);
            let numCalls = 0;
            await new Promise((resolve, reject) => {
                client._http.authedRequest = function(
@@ -517,6 +518,7 @@ describe("MegolmBackup", function() {
                return megolmDecryption.decryptEvent(ENCRYPTED_EVENT);
            }).then((res) => {
                expect(res.clearEvent.content).toEqual('testytest');
+                expect(res.untrusted).toBeTruthy(); // keys from backup are untrusted
            });
        });

@@ -18,8 +18,11 @@ limitations under the License.
 import '../../olm-loader';
 import anotherjson from 'another-json';
 import * as olmlib from "../../../src/crypto/olmlib";
-import {TestClient} from '../../TestClient';
-import {HttpResponse, setHttpResponses} from '../../test-utils';
+import { TestClient } from '../../TestClient';
+import { HttpResponse, setHttpResponses } from '../../test-utils';
+import { resetCrossSigningKeys } from "./crypto-utils";
+import { MatrixError } from '../../../src/http-api';
+import { logger } from '../../../src/logger';

 async function makeTestClient(userInfo, options, keys) {
    if (!keys) keys = {};
@@ -47,7 +50,7 @@ async function makeTestClient(userInfo, options, keys) {

 describe("Cross Signing", function() {
    if (!global.Olm) {
-        console.warn('Not running megolm backup unit tests: libolm not present');
+        logger.warn('Not running megolm backup unit tests: libolm not present');
        return;
    }

@@ -57,7 +60,7 @@ describe("Cross Signing", function() {

    it("should sign the master key with the device key", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );
        alice.uploadDeviceSigningKeys = jest.fn(async (auth, keys) => {
            await olmlib.verifySignature(
@@ -66,19 +69,74 @@ describe("Cross Signing", function() {
            );
        });
        alice.uploadKeySignatures = async () => {};
+        alice.setAccountData = async () => {};
+        alice.getAccountDataFromServer = async () => {};
        // set Alice's cross-signing key
-        await alice.resetCrossSigningKeys();
+        await alice.bootstrapCrossSigning({
+            authUploadDeviceSigningKeys: async func => await func({}),
+        });
        expect(alice.uploadDeviceSigningKeys).toHaveBeenCalled();
    });

+    it("should abort bootstrap if device signing auth fails", async function() {
+        const alice = await makeTestClient(
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
+        );
+        alice.uploadDeviceSigningKeys = async (auth, keys) => {
+            const errorResponse = {
+                session: "sessionId",
+                flows: [
+                    {
+                        stages: [
+                            "m.login.password",
+                        ],
+                    },
+                ],
+                params: {},
+            };
+
+            // If we're not just polling for flows, add on error rejecting the
+            // auth attempt.
+            if (auth) {
+                Object.assign(errorResponse, {
+                    completed: [],
+                    error: "Invalid password",
+                    errcode: "M_FORBIDDEN",
+                });
+            }
+
+            const error = new MatrixError(errorResponse);
+            error.httpStatus == 401;
+            throw error;
+        };
+        alice.uploadKeySignatures = async () => {};
+        alice.setAccountData = async () => {};
+        alice.getAccountDataFromServer = async () => { };
+        const authUploadDeviceSigningKeys = async func => await func({});
+
+        // Try bootstrap, expecting `authUploadDeviceSigningKeys` to pass
+        // through failure, stopping before actually applying changes.
+        let bootstrapDidThrow = false;
+        try {
+            await alice.bootstrapCrossSigning({
+                authUploadDeviceSigningKeys,
+            });
+        } catch (e) {
+            if (e.errcode === "M_FORBIDDEN") {
+                bootstrapDidThrow = true;
+            }
+        }
+        expect(bootstrapDidThrow).toBeTruthy();
+    });
+
    it("should upload a signature when a user is verified", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );
        alice.uploadDeviceSigningKeys = async () => {};
        alice.uploadKeySignatures = async () => {};
        // set Alice's cross-signing key
-        await alice.resetCrossSigningKeys();
+        await resetCrossSigningKeys(alice);
        // Alice downloads Bob's device key
        alice._crypto._deviceList.storeCrossSigningForUser("@bob:example.com", {
            keys: {
@@ -117,7 +175,7 @@ describe("Cross Signing", function() {
        ]);

        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
            {
                cryptoCallbacks: {
                    // will be called to sign our own device
@@ -135,7 +193,9 @@ describe("Cross Signing", function() {
        const keyChangePromise = new Promise((resolve, reject) => {
            alice.once("crossSigning.keysChanged", async (e) => {
                resolve(e);
-                await alice.checkOwnCrossSigningTrust();
+                await alice.checkOwnCrossSigningTrust({
+                    allowPrivateKeyRequests: true,
+                });
            });
        });

@@ -268,12 +328,12 @@ describe("Cross Signing", function() {

    it("should use trust chain to determine device verification", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );
        alice.uploadDeviceSigningKeys = async () => {};
        alice.uploadKeySignatures = async () => {};
        // set Alice's cross-signing key
-        await alice.resetCrossSigningKeys();
+        await resetCrossSigningKeys(alice);
        // Alice downloads Bob's ssk and device key
        const bobMasterSigning = new global.Olm.PkSigning();
        const bobMasterPrivkey = bobMasterSigning.generate_seed();
@@ -353,7 +413,7 @@ describe("Cross Signing", function() {
    it("should trust signatures received from other devices", async function() {
        const aliceKeys = {};
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
            null,
            aliceKeys,
        );
@@ -363,7 +423,7 @@ describe("Cross Signing", function() {
        alice.uploadKeySignatures = async () => {};

        // set Alice's cross-signing key
-        await alice.resetCrossSigningKeys();
+        await resetCrossSigningKeys(alice);

        const selfSigningKey = new Uint8Array([
            0x1e, 0xf4, 0x01, 0x6d, 0x4f, 0xa1, 0x73, 0x66,
@@ -515,12 +575,12 @@ describe("Cross Signing", function() {

    it("should dis-trust an unsigned device", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );
        alice.uploadDeviceSigningKeys = async () => {};
        alice.uploadKeySignatures = async () => {};
        // set Alice's cross-signing key
-        await alice.resetCrossSigningKeys();
+        await resetCrossSigningKeys(alice);
        // Alice downloads Bob's ssk and device key
        // (NOTE: device key is not signed by ssk)
        const bobMasterSigning = new global.Olm.PkSigning();
@@ -584,11 +644,11 @@ describe("Cross Signing", function() {

    it("should dis-trust a user when their ssk changes", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );
        alice.uploadDeviceSigningKeys = async () => {};
        alice.uploadKeySignatures = async () => {};
-        await alice.resetCrossSigningKeys();
+        await resetCrossSigningKeys(alice);
        // Alice downloads Bob's keys
        const bobMasterSigning = new global.Olm.PkSigning();
        const bobMasterPrivkey = bobMasterSigning.generate_seed();
@@ -722,7 +782,7 @@ describe("Cross Signing", function() {
        let upgradeResolveFunc;

        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
            {
                cryptoCallbacks: {
                    shouldUpgradeDeviceVerifications: (verifs) => {
@@ -734,13 +794,13 @@ describe("Cross Signing", function() {
            },
        );
        const bob = await makeTestClient(
-            {userId: "@bob:example.com", deviceId: "Dynabook"},
+            { userId: "@bob:example.com", deviceId: "Dynabook" },
        );

        bob.uploadDeviceSigningKeys = async () => {};
        bob.uploadKeySignatures = async () => {};
        // set Bob's cross-signing key
-        await bob.resetCrossSigningKeys();
+        await resetCrossSigningKeys(bob);
        alice._crypto._deviceList.storeDevicesForUser("@bob:example.com", {
            Dynabook: {
                algorithms: ["m.olm.curve25519-aes-sha256", "m.megolm.v1.aes-sha"],
@@ -766,7 +826,7 @@ describe("Cross Signing", function() {
        let upgradePromise = new Promise((resolve) => {
            upgradeResolveFunc = resolve;
        });
-        await alice.resetCrossSigningKeys();
+        await resetCrossSigningKeys(alice);
        await upgradePromise;

        const bobTrust = alice.checkUserTrust("@bob:example.com");
@@ -0,0 +1,43 @@
+import { IndexedDBCryptoStore } from '../../../src/crypto/store/indexeddb-crypto-store';
+
+// needs to be phased out and replaced with bootstrapSecretStorage,
+// but that is doing too much extra stuff for it to be an easy transition.
+export async function resetCrossSigningKeys(client, {
+    level,
+    authUploadDeviceSigningKeys = async func => await func(),
+} = {}) {
+    const crypto = client._crypto;
+
+    const oldKeys = Object.assign({}, crypto._crossSigningInfo.keys);
+    try {
+        await crypto._crossSigningInfo.resetKeys(level);
+        await crypto._signObject(crypto._crossSigningInfo.keys.master);
+        // write a copy locally so we know these are trusted keys
+        await crypto._cryptoStore.doTxn(
+            'readwrite', [IndexedDBCryptoStore.STORE_ACCOUNT],
+            (txn) => {
+                crypto._cryptoStore.storeCrossSigningKeys(
+                    txn, crypto._crossSigningInfo.keys);
+            },
+        );
+    } catch (e) {
+        // If anything failed here, revert the keys so we know to try again from the start
+        // next time.
+        crypto._crossSigningInfo.keys = oldKeys;
+        throw e;
+    }
+    crypto._baseApis.emit("crossSigning.keysChanged", {});
+    await crypto._afterCrossSigningLocalKeyChange();
+}
+
+export async function createSecretStorageKey() {
+    const decryption = new global.Olm.PkDecryption();
+    const storagePublicKey = decryption.generate_key();
+    const storagePrivateKey = decryption.get_private_key();
+    decryption.free();
+    return {
+        // `pubkey` not used anymore with symmetric 4S
+        keyInfo: { pubkey: storagePublicKey },
+        privateKey: storagePrivateKey,
+    };
+}
@@ -17,7 +17,7 @@ limitations under the License.
 import {
    IndexedDBCryptoStore,
 } from '../../../src/crypto/store/indexeddb-crypto-store';
-import {MemoryCryptoStore} from '../../../src/crypto/store/memory-crypto-store';
+import { MemoryCryptoStore } from '../../../src/crypto/store/memory-crypto-store';
 import 'fake-indexeddb/auto';
 import 'jest-localstorage-mock';

@@ -16,11 +16,13 @@ limitations under the License.

 import '../../olm-loader';
 import * as olmlib from "../../../src/crypto/olmlib";
-import {SECRET_STORAGE_ALGORITHM_V1_AES} from "../../../src/crypto/SecretStorage";
-import {MatrixEvent} from "../../../src/models/event";
-import {TestClient} from '../../TestClient';
-import {makeTestClients} from './verification/util';
-import {encryptAES} from "../../../src/crypto/aes";
+import { SECRET_STORAGE_ALGORITHM_V1_AES } from "../../../src/crypto/SecretStorage";
+import { MatrixEvent } from "../../../src/models/event";
+import { TestClient } from '../../TestClient';
+import { makeTestClients } from './verification/util';
+import { encryptAES } from "../../../src/crypto/aes";
+import { resetCrossSigningKeys, createSecretStorageKey } from "./crypto-utils";
+import { logger } from '../../../src/logger';

 import * as utils from "../../../src/utils";

@@ -28,7 +30,7 @@ try {
    const crypto = require('crypto');
    utils.setCrypto(crypto);
 } catch (err) {
-    console.log('nodejs was compiled without crypto support');
+    logger.log('nodejs was compiled without crypto support');
 }

 async function makeTestClient(userInfo, options) {
@@ -59,7 +61,7 @@ function sign(obj, key, userId) {

 describe("Secrets", function() {
    if (!global.Olm) {
-        console.warn('Not running megolm backup unit tests: libolm not present');
+        logger.warn('Not running megolm backup unit tests: libolm not present');
        return;
    }

@@ -89,7 +91,7 @@ describe("Secrets", function() {
        });

        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
            {
                cryptoCallbacks: {
                    getCrossSigningKey: t => signingKey,
@@ -139,7 +141,7 @@ describe("Secrets", function() {

    it("should throw if given a key that doesn't exist", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );

        try {
@@ -153,7 +155,7 @@ describe("Secrets", function() {

    it("should refuse to encrypt with zero keys", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );

        try {
@@ -173,7 +175,7 @@ describe("Secrets", function() {

        let keys = {};
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
            {
                cryptoCallbacks: {
                    getCrossSigningKey: t => keys[t],
@@ -190,9 +192,9 @@ describe("Secrets", function() {
                }),
            ]);
        };
-        alice.resetCrossSigningKeys();
+        resetCrossSigningKeys(alice);

-        const newKeyId = await alice.addSecretStorageKey(
+        const { keyId: newKeyId } = await alice.addSecretStorageKey(
            SECRET_STORAGE_ALGORITHM_V1_AES,
        );
        // we don't await on this because it waits for the event to come down the sync
@@ -206,7 +208,7 @@ describe("Secrets", function() {

    it("should refuse to encrypt if no keys given and no default key", async function() {
        const alice = await makeTestClient(
-            {userId: "@alice:example.com", deviceId: "Osborne2"},
+            { userId: "@alice:example.com", deviceId: "Osborne2" },
        );

        try {
@@ -219,13 +221,13 @@ describe("Secrets", function() {
    it("should request secrets from other clients", async function() {
        const [osborne2, vax] = await makeTestClients(
            [
-                {userId: "@alice:example.com", deviceId: "Osborne2"},
-                {userId: "@alice:example.com", deviceId: "VAX"},
+                { userId: "@alice:example.com", deviceId: "Osborne2" },
+                { userId: "@alice:example.com", deviceId: "VAX" },
            ],
            {
                cryptoCallbacks: {
-                    onSecretRequested: e => {
-                        expect(e.name).toBe("foo");
+                    onSecretRequested: (userId, deviceId, requestId, secretName, deviceTrust) => {
+                        expect(secretName).toBe("foo");
                        return "bar";
                    },
                },
@@ -325,7 +327,12 @@ describe("Secrets", function() {
                this.emit("accountData", event);
            };

-            await bob.bootstrapSecretStorage();
+            await bob.bootstrapCrossSigning({
+                authUploadDeviceSigningKeys: async func => await func({}),
+            });
+            await bob.bootstrapSecretStorage({
+                createSecretStorageKey,
+            });

            const crossSigning = bob._crypto._crossSigningInfo;
            const secretStorage = bob._crypto._secretStorage;
@@ -375,6 +382,9 @@ describe("Secrets", function() {
            const secretStorage = bob._crypto._secretStorage;

            // Set up cross-signing keys from scratch with specific storage key
+            await bob.bootstrapCrossSigning({
+                authUploadDeviceSigningKeys: async func => await func({}),
+            });
            await bob.bootstrapSecretStorage({
                createSecretStorageKey: async () => ({
                    // `pubkey` not used anymore with symmetric 4S
@@ -389,7 +399,9 @@ describe("Secrets", function() {
                crossSigning.toStorage(),
            );
            crossSigning.keys = {};
-            await bob.bootstrapSecretStorage();
+            await bob.bootstrapCrossSigning({
+                authUploadDeviceSigningKeys: async func => await func({}),
+            });

            expect(crossSigning.getId()).toBeTruthy();
            expect(await crossSigning.isStoredInSecretStorage(secretStorage))
@@ -407,12 +419,12 @@ describe("Secrets", function() {
                key_id: SSSSKey,
            };
            const alice = await makeTestClient(
-                {userId: "@alice:example.com", deviceId: "Osborne2"},
+                { userId: "@alice:example.com", deviceId: "Osborne2" },
                {
                    cryptoCallbacks: {
                        getCrossSigningKey: t => crossSigningKeys[t],
                        saveCrossSigningKeys: k => crossSigningKeys = k,
-                        getSecretStorageKey: ({keys}, name) => {
+                        getSecretStorageKey: ({ keys }, name) => {
                            for (const keyId of Object.keys(keys)) {
                                if (secretStorageKeys[keyId]) {
                                    return [keyId, secretStorageKeys[keyId]];
@@ -446,7 +458,7 @@ describe("Secrets", function() {
                    type: "m.cross_signing.master",
                    content: {
                        encrypted: {
-                            key_id: {ciphertext: "bla", mac: "bla", iv: "bla"},
+                            key_id: { ciphertext: "bla", mac: "bla", iv: "bla" },
                        },
                    },
                }),
@@ -454,7 +466,7 @@ describe("Secrets", function() {
                    type: "m.cross_signing.self_signing",
                    content: {
                        encrypted: {
-                            key_id: {ciphertext: "bla", mac: "bla", iv: "bla"},
+                            key_id: { ciphertext: "bla", mac: "bla", iv: "bla" },
                        },
                    },
                }),
@@ -462,7 +474,7 @@ describe("Secrets", function() {
                    type: "m.cross_signing.user_signing",
                    content: {
                        encrypted: {
-                            key_id: {ciphertext: "bla", mac: "bla", iv: "bla"},
+                            key_id: { ciphertext: "bla", mac: "bla", iv: "bla" },
                        },
                    },
                }),
@@ -513,7 +525,7 @@ describe("Secrets", function() {
            await alice.bootstrapSecretStorage();

            expect(alice.getAccountData("m.secret_storage.default_key").getContent())
-                .toEqual({key: "key_id"});
+                .toEqual({ key: "key_id" });
            const keyInfo = alice.getAccountData("m.secret_storage.key.key_id")
                .getContent();
            expect(keyInfo.algorithm)
@@ -538,12 +550,12 @@ describe("Secrets", function() {
                key_id: SSSSKey,
            };
            const alice = await makeTestClient(
-                {userId: "@alice:example.com", deviceId: "Osborne2"},
+                { userId: "@alice:example.com", deviceId: "Osborne2" },
                {
                    cryptoCallbacks: {
                        getCrossSigningKey: t => crossSigningKeys[t],
                        saveCrossSigningKeys: k => crossSigningKeys = k,
-                        getSecretStorageKey: ({keys}, name) => {
+                        getSecretStorageKey: ({ keys }, name) => {
                            for (const keyId of Object.keys(keys)) {
                                if (secretStorageKeys[keyId]) {
                                    return [keyId, secretStorageKeys[keyId]];
@@ -575,7 +587,7 @@ describe("Secrets", function() {
                    type: "m.cross_signing.master",
                    content: {
                        encrypted: {
-                            key_id: {ciphertext: "bla", mac: "bla", iv: "bla"},
+                            key_id: { ciphertext: "bla", mac: "bla", iv: "bla" },
                        },
                    },
                }),
@@ -583,7 +595,7 @@ describe("Secrets", function() {
                    type: "m.cross_signing.self_signing",
                    content: {
                        encrypted: {
-                            key_id: {ciphertext: "bla", mac: "bla", iv: "bla"},
+                            key_id: { ciphertext: "bla", mac: "bla", iv: "bla" },
                        },
                    },
                }),
@@ -591,7 +603,7 @@ describe("Secrets", function() {
                    type: "m.cross_signing.user_signing",
                    content: {
                        encrypted: {
-                            key_id: {ciphertext: "bla", mac: "bla", iv: "bla"},
+                            key_id: { ciphertext: "bla", mac: "bla", iv: "bla" },
                        },
                    },
                }),
@@ -13,9 +13,9 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
-import {InRoomChannel} from "../../../../src/crypto/verification/request/InRoomChannel";
+import { InRoomChannel } from "../../../../src/crypto/verification/request/InRoomChannel";
    "../../../../src/crypto/verification/request/ToDeviceChannel";
-import {MatrixEvent} from "../../../../src/models/event";
+import { MatrixEvent } from "../../../../src/models/event";

 describe("InRoomChannel tests", function() {
    const ALICE = "@alice:hs.tld";
@@ -15,7 +15,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 import "../../../olm-loader";
-import {logger} from "../../../../src/logger";
+import { logger } from "../../../../src/logger";

 const Olm = global.Olm;

@@ -15,10 +15,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 import "../../../olm-loader";
-import {verificationMethods} from "../../../../src/crypto";
-import {logger} from "../../../../src/logger";
-import {SAS} from "../../../../src/crypto/verification/SAS";
-import {makeTestClients, setupWebcrypto, teardownWebcrypto} from './util';
+import { verificationMethods } from "../../../../src/crypto";
+import { logger } from "../../../../src/logger";
+import { SAS } from "../../../../src/crypto/verification/SAS";
+import { makeTestClients, setupWebcrypto, teardownWebcrypto } from './util';

 const Olm = global.Olm;

@@ -42,8 +42,8 @@ describe("verification request integration tests with crypto layer", function()
    it("should request and accept a verification", async function() {
        const [alice, bob] = await makeTestClients(
            [
-                {userId: "@alice:example.com", deviceId: "Osborne2"},
-                {userId: "@bob:example.com", deviceId: "Dynabook"},
+                { userId: "@alice:example.com", deviceId: "Osborne2" },
+                { userId: "@bob:example.com", deviceId: "Dynabook" },
            ],
            {
                verificationMethods: [verificationMethods.SAS],
@@ -15,13 +15,14 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 import "../../../olm-loader";
-import {makeTestClients, setupWebcrypto, teardownWebcrypto} from './util';
-import {MatrixEvent} from "../../../../src/models/event";
-import {SAS} from "../../../../src/crypto/verification/SAS";
-import {DeviceInfo} from "../../../../src/crypto/deviceinfo";
-import {verificationMethods} from "../../../../src/crypto";
+import { makeTestClients, setupWebcrypto, teardownWebcrypto } from './util';
+import { MatrixEvent } from "../../../../src/models/event";
+import { SAS } from "../../../../src/crypto/verification/SAS";
+import { DeviceInfo } from "../../../../src/crypto/deviceinfo";
+import { verificationMethods } from "../../../../src/crypto";
 import * as olmlib from "../../../../src/crypto/olmlib";
-import {logger} from "../../../../src/logger";
+import { logger } from "../../../../src/logger";
+import { resetCrossSigningKeys } from "../crypto-utils";

 const Olm = global.Olm;

@@ -78,8 +79,8 @@ describe("SAS verification", function() {
        beforeEach(async () => {
            [alice, bob] = await makeTestClients(
                [
-                    {userId: "@alice:example.com", deviceId: "Osborne2"},
-                    {userId: "@bob:example.com", deviceId: "Dynabook"},
+                    { userId: "@alice:example.com", deviceId: "Osborne2" },
+                    { userId: "@bob:example.com", deviceId: "Dynabook" },
                ],
                {
                    verificationMethods: [verificationMethods.SAS],
@@ -288,12 +289,12 @@ describe("SAS verification", function() {
            );
            alice.httpBackend.when('POST', '/keys/signatures/upload').respond(200, {});
            alice.httpBackend.flush(undefined, 2);
-            await alice.client.resetCrossSigningKeys();
+            await resetCrossSigningKeys(alice.client);
            bob.httpBackend.when('POST', '/keys/device_signing/upload').respond(200, {});
            bob.httpBackend.when('POST', '/keys/signatures/upload').respond(200, {});
            bob.httpBackend.flush(undefined, 2);

-            await bob.client.resetCrossSigningKeys();
+            await resetCrossSigningKeys(bob.client);

            bob.client._crypto._deviceList.storeCrossSigningForUser(
                "@alice:example.com", {
@@ -335,8 +336,8 @@ describe("SAS verification", function() {
    it("should send a cancellation message on error", async function() {
        const [alice, bob] = await makeTestClients(
            [
-                {userId: "@alice:example.com", deviceId: "Osborne2"},
-                {userId: "@bob:example.com", deviceId: "Dynabook"},
+                { userId: "@alice:example.com", deviceId: "Osborne2" },
+                { userId: "@bob:example.com", deviceId: "Dynabook" },
            ],
            {
                verificationMethods: [verificationMethods.SAS],
@@ -389,8 +390,8 @@ describe("SAS verification", function() {
        beforeEach(async function() {
            [alice, bob] = await makeTestClients(
                [
-                    {userId: "@alice:example.com", deviceId: "Osborne2"},
-                    {userId: "@bob:example.com", deviceId: "Dynabook"},
+                    { userId: "@alice:example.com", deviceId: "Osborne2" },
+                    { userId: "@bob:example.com", deviceId: "Dynabook" },
                ],
                {
                    verificationMethods: [verificationMethods.SAS],
@@ -14,10 +14,10 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {VerificationBase} from '../../../../src/crypto/verification/Base';
-import {CrossSigningInfo} from '../../../../src/crypto/CrossSigning';
-import {encodeBase64} from "../../../../src/crypto/olmlib";
-import {setupWebcrypto, teardownWebcrypto} from './util';
+import { VerificationBase } from '../../../../src/crypto/verification/Base';
+import { CrossSigningInfo } from '../../../../src/crypto/CrossSigning';
+import { encodeBase64 } from "../../../../src/crypto/olmlib";
+import { setupWebcrypto, teardownWebcrypto } from './util';

 jest.useFakeTimers();

@@ -54,6 +54,7 @@ describe("self-verifications", () => {
            cacheCallbacks,
        );
        _crossSigningInfo.keys = {
+            master: { keys: { X: testKeyPub } },
            self_signing: { keys: { X: testKeyPub } },
            user_signing: { keys: { X: testKeyPub } },
        };
@@ -96,9 +97,9 @@ describe("self-verifications", () => {

        const result = await verification.done();

-        /* We should request, and store, two cross signing key and the key backup key */
-        expect(cacheCallbacks.storeCrossSigningKeyCache.mock.calls.length).toBe(2);
-        expect(_secretStorage.request.mock.calls.length).toBe(3);
+        /* We should request, and store, 3 cross signing keys and the key backup key */
+        expect(cacheCallbacks.storeCrossSigningKeyCache.mock.calls.length).toBe(3);
+        expect(_secretStorage.request.mock.calls.length).toBe(4);

        expect(cacheCallbacks.storeCrossSigningKeyCache.mock.calls[0][1])
          .toEqual(testKey);
@@ -15,21 +15,22 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {TestClient} from '../../../TestClient';
-import {MatrixEvent} from "../../../../src/models/event";
+import { TestClient } from '../../../TestClient';
+import { MatrixEvent } from "../../../../src/models/event";
 import nodeCrypto from "crypto";
+import { logger } from '../../../../src/logger';

 export async function makeTestClients(userInfos, options) {
    const clients = [];
    const clientMap = {};
    const sendToDevice = function(type, map) {
-        // console.log(this.getUserId(), "sends", type, map);
+        // logger.log(this.getUserId(), "sends", type, map);
        for (const [userId, devMap] of Object.entries(map)) {
            if (userId in clientMap) {
                for (const [deviceId, msg] of Object.entries(devMap)) {
                    if (deviceId in clientMap[userId]) {
                        const event = new MatrixEvent({
-                            sender: this.getUserId(), // eslint-disable-line babel/no-invalid-this
+                            sender: this.getUserId(), // eslint-disable-line @babel/no-invalid-this
                            type: type,
                            content: msg,
                        });
@@ -48,9 +49,9 @@ export async function makeTestClients(userInfos, options) {
    };
    const sendEvent = function(room, type, content) {
        // make up a unique ID as the event ID
-        const eventId = "$" + this.makeTxnId(); // eslint-disable-line babel/no-invalid-this
+        const eventId = "$" + this.makeTxnId(); // eslint-disable-line @babel/no-invalid-this
        const rawEvent = {
-            sender: this.getUserId(), // eslint-disable-line babel/no-invalid-this
+            sender: this.getUserId(), // eslint-disable-line @babel/no-invalid-this
            type: type,
            content: content,
            room_id: room,
@@ -60,14 +61,14 @@ export async function makeTestClients(userInfos, options) {
        const event = new MatrixEvent(rawEvent);
        const remoteEcho = new MatrixEvent(Object.assign({}, rawEvent, {
            unsigned: {
-                transaction_id: this.makeTxnId(), // eslint-disable-line babel/no-invalid-this
+                transaction_id: this.makeTxnId(), // eslint-disable-line @babel/no-invalid-this
            },
        }));

        setImmediate(() => {
            for (const tc of clients) {
-                if (tc.client === this) { // eslint-disable-line babel/no-invalid-this
-                    console.log("sending remote echo!!");
+                if (tc.client === this) { // eslint-disable-line @babel/no-invalid-this
+                    logger.log("sending remote echo!!");
                    tc.client.emit("Room.timeline", remoteEcho);
                } else {
                    tc.client.emit("Room.timeline", event);
@@ -75,7 +76,7 @@ export async function makeTestClients(userInfos, options) {
            }
        });

-        return Promise.resolve({event_id: eventId});
+        return Promise.resolve({ event_id: eventId });
    };

    for (const userInfo of userInfos) {
@@ -13,13 +13,13 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
-import {VerificationRequest, READY_TYPE, START_TYPE, DONE_TYPE} from
+import { VerificationRequest, READY_TYPE, START_TYPE, DONE_TYPE } from
    "../../../../src/crypto/verification/request/VerificationRequest";
-import {InRoomChannel} from "../../../../src/crypto/verification/request/InRoomChannel";
-import {ToDeviceChannel} from
+import { InRoomChannel } from "../../../../src/crypto/verification/request/InRoomChannel";
+import { ToDeviceChannel } from
    "../../../../src/crypto/verification/request/ToDeviceChannel";
-import {MatrixEvent} from "../../../../src/models/event";
-import {setupWebcrypto, teardownWebcrypto} from "./util";
+import { MatrixEvent } from "../../../../src/models/event";
+import { setupWebcrypto, teardownWebcrypto } from "./util";

 function makeMockClient(userId, deviceId) {
    let counter = 1;
@@ -40,7 +40,7 @@ function makeMockClient(userId, deviceId) {
                content,
                origin_server_ts: Date.now(),
            }));
-            return Promise.resolve({event_id: eventId});
+            return Promise.resolve({ event_id: eventId });
        },

        sendToDevice(type, msgMap) {
@@ -48,7 +48,7 @@ function makeMockClient(userId, deviceId) {
                const deviceMap = msgMap[userId];
                for (const deviceId of Object.keys(deviceMap)) {
                    const content = deviceMap[deviceId];
-                    const event = new MatrixEvent({content, type});
+                    const event = new MatrixEvent({ content, type });
                    deviceEvents[userId] = deviceEvents[userId] || {};
                    deviceEvents[userId][deviceId] = deviceEvents[userId][deviceId] || [];
                    deviceEvents[userId][deviceId].push(event);
@@ -90,7 +90,7 @@ class MockVerifier {
        if (this._startEvent) {
            await this._channel.send(DONE_TYPE, {});
        } else {
-            await this._channel.send(START_TYPE, {method: MOCK_METHOD});
+            await this._channel.send(START_TYPE, { method: MOCK_METHOD });
        }
    }

@@ -119,6 +119,8 @@ async function distributeEvent(ownRequest, theirRequest, event) {
    await theirRequest.channel.handleEvent(event, theirRequest, true);
 }

+jest.useFakeTimers();
+
 describe("verification request unit tests", function() {
    beforeAll(function() {
        setupWebcrypto();
@@ -224,7 +226,7 @@ describe("verification request unit tests", function() {
            new ToDeviceChannel(bob1, bob1.getUserId(), ["device1", "device2"],
                ToDeviceChannel.makeTransactionId(), "device2"),
            new Map([[MOCK_METHOD, MockVerifier]]), bob1);
-        const to = {userId: "@bob:matrix.tld", deviceId: "device2"};
+        const to = { userId: "@bob:matrix.tld", deviceId: "device2" };
        const verifier = bob1Request.beginKeyVerification(MOCK_METHOD, to);
        expect(verifier).toBeInstanceOf(MockVerifier);
        await verifier.start();
@@ -246,4 +248,38 @@ describe("verification request unit tests", function() {
        expect(bob1Request.done).toBe(true);
        expect(bob2Request.done).toBe(true);
    });
+
+    it("request times out after 10 minutes", async function() {
+        const alice = makeMockClient("@alice:matrix.tld", "device1");
+        const bob = makeMockClient("@bob:matrix.tld", "device1");
+        const aliceRequest = new VerificationRequest(
+            new InRoomChannel(alice, "!room", bob.getUserId()), new Map(), alice);
+        await aliceRequest.sendRequest();
+        const [requestEvent] = alice.popEvents();
+        await aliceRequest.channel.handleEvent(requestEvent, aliceRequest, true,
+            true, true);
+
+        expect(aliceRequest.cancelled).toBe(false);
+        expect(aliceRequest._cancellingUserId).toBe(undefined);
+        jest.advanceTimersByTime(10 * 60 * 1000);
+        expect(aliceRequest._cancellingUserId).toBe(alice.getUserId());
+    });
+
+    it("request times out 2 minutes after receipt", async function() {
+        const alice = makeMockClient("@alice:matrix.tld", "device1");
+        const bob = makeMockClient("@bob:matrix.tld", "device1");
+        const aliceRequest = new VerificationRequest(
+            new InRoomChannel(alice, "!room", bob.getUserId()), new Map(), alice);
+        await aliceRequest.sendRequest();
+        const [requestEvent] = alice.popEvents();
+        const bobRequest = new VerificationRequest(
+            new InRoomChannel(bob, "!room"), new Map(), bob);
+
+        await bobRequest.channel.handleEvent(requestEvent, bobRequest, true);
+
+        expect(bobRequest.cancelled).toBe(false);
+        expect(bobRequest._cancellingUserId).toBe(undefined);
+        jest.advanceTimersByTime(2 * 60 * 1000);
+        expect(bobRequest._cancellingUserId).toBe(bob.getUserId());
+    });
 });
@@ -1,6 +1,6 @@
 import * as utils from "../test-utils";
-import {EventTimeline} from "../../src/models/event-timeline";
-import {RoomState} from "../../src/models/room-state";
+import { EventTimeline } from "../../src/models/event-timeline";
+import { RoomState } from "../../src/models/room-state";

 function mockRoomStates(timeline) {
    timeline._startState = utils.mock(RoomState, "startState");
@@ -15,7 +15,7 @@ describe("EventTimeline", function() {

    beforeEach(function() {
        // XXX: this is a horrid hack; should use sinon or something instead to mock
-        const timelineSet = { room: { roomId: roomId }};
+        const timelineSet = { room: { roomId: roomId } };
        timelineSet.room.getUnfilteredTimelineSet = function() {
            return timelineSet;
        };
@@ -94,7 +94,6 @@ describe("EventTimeline", function() {
        });
    });

-
    describe("neighbouringTimelines", function() {
        it("neighbouring timelines should start null", function() {
            expect(timeline.getNeighbouringTimeline(EventTimeline.BACKWARDS)).toBe(null);
@@ -102,8 +101,8 @@ describe("EventTimeline", function() {
        });

        it("setNeighbouringTimeline should set neighbour", function() {
-            const prev = {a: "a"};
-            const next = {b: "b"};
+            const prev = { a: "a" };
+            const next = { b: "b" };
            timeline.setNeighbouringTimeline(prev, EventTimeline.BACKWARDS);
            timeline.setNeighbouringTimeline(next, EventTimeline.FORWARDS);
            expect(timeline.getNeighbouringTimeline(EventTimeline.BACKWARDS)).toBe(prev);
@@ -111,8 +110,8 @@ describe("EventTimeline", function() {
        });

        it("setNeighbouringTimeline should throw if called twice", function() {
-            const prev = {a: "a"};
-            const next = {b: "b"};
+            const prev = { a: "a" };
+            const next = { b: "b" };
            expect(function() {
                timeline.setNeighbouringTimeline(prev, EventTimeline.BACKWARDS);
            }).not.toThrow();
@@ -278,7 +277,6 @@ describe("EventTimeline", function() {
                not.toHaveBeenCalled();
        });

-
        it("should call setStateEvents on the right RoomState with the right " +
           "forwardLooking value for old events", function() {
            const events = [
@@ -15,8 +15,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from "../../src/logger";
-import {MatrixEvent} from "../../src/models/event";
+import { logger } from "../../src/logger";
+import { MatrixEvent } from "../../src/models/event";

 describe("MatrixEvent", () => {
    describe(".attemptDecryption", () => {
@@ -1,5 +1,5 @@
-import {FilterComponent} from "../../src/filter-component";
-import {mkEvent} from '../test-utils';
+import { FilterComponent } from "../../src/filter-component";
+import { mkEvent } from '../test-utils';

 describe("Filter Component", function() {
    describe("types", function() {
@@ -1,4 +1,4 @@
-import {Filter} from "../../src/filter";
+import { Filter } from "../../src/filter";

 describe("Filter", function() {
    const filterId = "f1lt3ring15g00d4ursoul";
@@ -15,9 +15,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from "../../src/logger";
-import {InteractiveAuth} from "../../src/interactive-auth";
-import {MatrixError} from "../../src/http-api";
+import { logger } from "../../src/logger";
+import { InteractiveAuth } from "../../src/interactive-auth";
+import { MatrixError } from "../../src/http-api";

 // Trivial client object to test interactive auth
 // (we do not need TestClient here)
@@ -63,7 +63,7 @@ describe("InteractiveAuth", function() {
        });

        // .. which should trigger a call here
-        const requestRes = {"a": "b"};
+        const requestRes = { "a": "b" };
        doRequest.mockImplementation(function(authData) {
            logger.log('cccc');
            expect(authData).toEqual({
@@ -112,7 +112,7 @@ describe("InteractiveAuth", function() {
        });

        // .. which should be followed by a call to stateUpdated
-        const requestRes = {"a": "b"};
+        const requestRes = { "a": "b" };
        stateUpdated.mockImplementation(function(stage) {
            expect(stage).toEqual("logintype");
            expect(ia.getSessionId()).toEqual("sessionId");
@@ -1,4 +1,4 @@
-import {TestClient} from '../TestClient';
+import { TestClient } from '../TestClient';

 describe('Login request', function() {
    let client;
@@ -1,6 +1,6 @@
-import {logger} from "../../src/logger";
-import {MatrixClient} from "../../src/client";
-import {Filter} from "../../src/filter";
+import { logger } from "../../src/logger";
+import { MatrixClient } from "../../src/client";
+import { Filter } from "../../src/filter";

 jest.useFakeTimers();

@@ -178,7 +178,7 @@ describe("MatrixClient", function() {
        const filterId = "ehfewf";
        store.getFilterIdByName.mockReturnValue(filterId);
        const filter = new Filter(0, filterId);
-        filter.setDefinition({"room": {"timeline": {"limit": 8}}});
+        filter.setDefinition({ "room": { "timeline": { "limit": 8 } } });
        store.getFilter.mockReturnValue(filter);
        const syncPromise = new Promise((resolve, reject) => {
            client.on("sync", function syncListener(state) {
@@ -521,4 +521,19 @@ describe("MatrixClient", function() {
        xit("should be able to peek into a room using peekInRoom", function(done) {
        });
    });
+
+    describe("getPresence", function() {
+        it("should send a presence HTTP GET", function() {
+            httpLookups = [{
+                method: "GET",
+                path: `/presence/${encodeURIComponent(userId)}/status`,
+                data: {
+                    "presence": "unavailable",
+                    "last_active_ago": 420845,
+                },
+            }];
+            client.getPresence(userId);
+            expect(httpLookups.length).toEqual(0);
+        });
+    });
 });
@@ -1,5 +1,5 @@
 import * as utils from "../test-utils";
-import {PushProcessor} from "../../src/pushprocessor";
+import { PushProcessor } from "../../src/pushprocessor";

 describe('NotificationService', function() {
    const testUserId = "@ali:matrix.org";
@@ -46,8 +46,8 @@ describe("realtime-callbacks", function() {
        it("should set 'this' to the global object", function() {
            let passed = false;
            const callback = function() {
-                expect(this).toBe(global); // eslint-disable-line babel/no-invalid-this
-                expect(this.console).toBeTruthy(); // eslint-disable-line babel/no-invalid-this
+                expect(this).toBe(global); // eslint-disable-line @babel/no-invalid-this
+                expect(this.console).toBeTruthy(); // eslint-disable-line @babel/no-invalid-this
                passed = true;
            };
            callbacks.setTimeout(callback);
@@ -0,0 +1,133 @@
+/*
+Copyright 2021 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { EventTimelineSet } from "../../src/models/event-timeline-set";
+import { MatrixEvent } from "../../src/models/event";
+import { Relations } from "../../src/models/relations";
+
+describe("Relations", function() {
+    it("should deduplicate annotations", function() {
+        const relations = new Relations("m.annotation", "m.reaction");
+
+        // Create an instance of an annotation
+        const eventData = {
+            "sender": "@bob:example.com",
+            "type": "m.reaction",
+            "event_id": "$cZ1biX33ENJqIm00ks0W_hgiO_6CHrsAc3ZQrnLeNTw",
+            "room_id": "!pzVjCQSoQPpXQeHpmK:example.com",
+            "content": {
+                "m.relates_to": {
+                    "event_id": "$2s4yYpEkVQrPglSCSqB_m6E8vDhWsg0yFNyOJdVIb_o",
+                    "key": "👍️",
+                    "rel_type": "m.annotation",
+                },
+            },
+        };
+        const eventA = new MatrixEvent(eventData);
+
+        // Add the event once and check results
+        {
+            relations.addEvent(eventA);
+            const annotationsByKey = relations.getSortedAnnotationsByKey();
+            expect(annotationsByKey.length).toEqual(1);
+            const [key, events] = annotationsByKey[0];
+            expect(key).toEqual("👍️");
+            expect(events.size).toEqual(1);
+        }
+
+        // Add the event again and expect the same
+        {
+            relations.addEvent(eventA);
+            const annotationsByKey = relations.getSortedAnnotationsByKey();
+            expect(annotationsByKey.length).toEqual(1);
+            const [key, events] = annotationsByKey[0];
+            expect(key).toEqual("👍️");
+            expect(events.size).toEqual(1);
+        }
+
+        // Create a fresh object with the same event content
+        const eventB = new MatrixEvent(eventData);
+
+        // Add the event again and expect the same
+        {
+            relations.addEvent(eventB);
+            const annotationsByKey = relations.getSortedAnnotationsByKey();
+            expect(annotationsByKey.length).toEqual(1);
+            const [key, events] = annotationsByKey[0];
+            expect(key).toEqual("👍️");
+            expect(events.size).toEqual(1);
+        }
+    });
+
+    it("should emit created regardless of ordering", async function() {
+        const targetEvent = new MatrixEvent({
+            "sender": "@bob:example.com",
+            "type": "m.room.message",
+            "event_id": "$2s4yYpEkVQrPglSCSqB_m6E8vDhWsg0yFNyOJdVIb_o",
+            "room_id": "!pzVjCQSoQPpXQeHpmK:example.com",
+            "content": {},
+        });
+        const relationEvent = new MatrixEvent({
+            "sender": "@bob:example.com",
+            "type": "m.reaction",
+            "event_id": "$cZ1biX33ENJqIm00ks0W_hgiO_6CHrsAc3ZQrnLeNTw",
+            "room_id": "!pzVjCQSoQPpXQeHpmK:example.com",
+            "content": {
+                "m.relates_to": {
+                    "event_id": "$2s4yYpEkVQrPglSCSqB_m6E8vDhWsg0yFNyOJdVIb_o",
+                    "key": "👍️",
+                    "rel_type": "m.annotation",
+                },
+            },
+        });
+
+        // Stub the room
+        const room = {
+            getPendingEvent() { return null; },
+            getUnfilteredTimelineSet() { return null; },
+        };
+
+        // Add the target event first, then the relation event
+        {
+            const relationsCreated = new Promise(resolve => {
+                targetEvent.once("Event.relationsCreated", resolve);
+            })
+
+            const timelineSet = new EventTimelineSet(room, {
+                unstableClientRelationAggregation: true,
+            });
+            timelineSet.addLiveEvent(targetEvent);
+            timelineSet.addLiveEvent(relationEvent);
+
+            await relationsCreated;
+        }
+
+        // Add the relation event first, then the target event
+        {
+            const relationsCreated = new Promise(resolve => {
+                targetEvent.once("Event.relationsCreated", resolve);
+            })
+
+            const timelineSet = new EventTimelineSet(room, {
+                unstableClientRelationAggregation: true,
+            });
+            timelineSet.addLiveEvent(relationEvent);
+            timelineSet.addLiveEvent(targetEvent);
+
+            await relationsCreated;
+        }
+    });
+});
@@ -1,5 +1,5 @@
 import * as utils from "../test-utils";
-import {RoomMember} from "../../src/models/room-member";
+import { RoomMember } from "../../src/models/room-member";

 describe("RoomMember", function() {
    const roomId = "!foo:bar";
@@ -33,12 +33,6 @@ describe("RoomMember", function() {
            expect(url.indexOf("flibble/wibble")).not.toEqual(-1);
        });

-        it("should return an identicon HTTP URL if allowDefault was set and there " +
-        "was no m.room.member event", function() {
-            const url = member.getAvatarUrl(hsUrl, 64, 64, "crop", true);
-            expect(url.indexOf("http")).toEqual(0); // don't care about form
-        });
-
        it("should return nothing if there is no m.room.member and allowDefault=false",
        function() {
            const url = member.getAvatarUrl(hsUrl, 64, 64, "crop", false);
@@ -1,6 +1,6 @@
 import * as utils from "../test-utils";
-import {RoomState} from "../../src/models/room-state";
-import {RoomMember} from "../../src/models/room-member";
+import { RoomState } from "../../src/models/room-state";
+import { RoomMember } from "../../src/models/room-member";

 describe("RoomState", function() {
    const roomId = "!foo:bar";
@@ -471,13 +471,13 @@ describe("RoomState", function() {

        it("should update after adding joined member", function() {
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "join",
-                    user: userA, room: roomId}),
+                utils.mkMembership({ event: true, mship: "join",
+                    user: userA, room: roomId }),
            ]);
            expect(state.getJoinedMemberCount()).toEqual(1);
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "join",
-                    user: userC, room: roomId}),
+                utils.mkMembership({ event: true, mship: "join",
+                    user: userC, room: roomId }),
            ]);
            expect(state.getJoinedMemberCount()).toEqual(2);
        });
@@ -490,13 +490,13 @@ describe("RoomState", function() {

        it("should update after adding invited member", function() {
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "invite",
-                    user: userA, room: roomId}),
+                utils.mkMembership({ event: true, mship: "invite",
+                    user: userA, room: roomId }),
            ]);
            expect(state.getInvitedMemberCount()).toEqual(1);
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "invite",
-                    user: userC, room: roomId}),
+                utils.mkMembership({ event: true, mship: "invite",
+                    user: userC, room: roomId }),
            ]);
            expect(state.getInvitedMemberCount()).toEqual(2);
        });
@@ -509,15 +509,15 @@ describe("RoomState", function() {

        it("should, once used, override counting members from state", function() {
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "join",
-                    user: userA, room: roomId}),
+                utils.mkMembership({ event: true, mship: "join",
+                    user: userA, room: roomId }),
            ]);
            expect(state.getJoinedMemberCount()).toEqual(1);
            state.setJoinedMemberCount(100);
            expect(state.getJoinedMemberCount()).toEqual(100);
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "join",
-                    user: userC, room: roomId}),
+                utils.mkMembership({ event: true, mship: "join",
+                    user: userC, room: roomId }),
            ]);
            expect(state.getJoinedMemberCount()).toEqual(100);
        });
@@ -525,14 +525,14 @@ describe("RoomState", function() {
        it("should, once used, override counting members from state, " +
        "also after clone", function() {
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "join",
-                    user: userA, room: roomId}),
+                utils.mkMembership({ event: true, mship: "join",
+                    user: userA, room: roomId }),
            ]);
            state.setJoinedMemberCount(100);
            const copy = state.clone();
            copy.setStateEvents([
-                utils.mkMembership({event: true, mship: "join",
-                    user: userC, room: roomId}),
+                utils.mkMembership({ event: true, mship: "join",
+                    user: userC, room: roomId }),
            ]);
            expect(state.getJoinedMemberCount()).toEqual(100);
        });
@@ -545,15 +545,15 @@ describe("RoomState", function() {

        it("should, once used, override counting members from state", function() {
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "invite",
-                    user: userB, room: roomId}),
+                utils.mkMembership({ event: true, mship: "invite",
+                    user: userB, room: roomId }),
            ]);
            expect(state.getInvitedMemberCount()).toEqual(1);
            state.setInvitedMemberCount(100);
            expect(state.getInvitedMemberCount()).toEqual(100);
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "invite",
-                    user: userC, room: roomId}),
+                utils.mkMembership({ event: true, mship: "invite",
+                    user: userC, room: roomId }),
            ]);
            expect(state.getInvitedMemberCount()).toEqual(100);
        });
@@ -561,14 +561,14 @@ describe("RoomState", function() {
        it("should, once used, override counting members from state, " +
        "also after clone", function() {
            state.setStateEvents([
-                utils.mkMembership({event: true, mship: "invite",
-                    user: userB, room: roomId}),
+                utils.mkMembership({ event: true, mship: "invite",
+                    user: userB, room: roomId }),
            ]);
            state.setInvitedMemberCount(100);
            const copy = state.clone();
            copy.setStateEvents([
-                utils.mkMembership({event: true, mship: "invite",
-                    user: userC, room: roomId}),
+                utils.mkMembership({ event: true, mship: "invite",
+                    user: userC, room: roomId }),
            ]);
            expect(state.getInvitedMemberCount()).toEqual(100);
        });
@@ -1,8 +1,9 @@
 import * as utils from "../test-utils";
-import {EventStatus, MatrixEvent} from "../../src/models/event";
-import {EventTimeline} from "../../src/models/event-timeline";
-import {RoomState} from "../../src/models/room-state";
-import {Room} from "../../src/models/room";
+import { EventStatus, MatrixEvent } from "../../src/models/event";
+import { EventTimeline } from "../../src/models/event-timeline";
+import { RoomState } from "../../src/models/room-state";
+import { Room } from "../../src/models/room";
+import { TestClient } from "../TestClient";

 describe("Room", function() {
    const roomId = "!foo:bar";
@@ -45,12 +46,6 @@ describe("Room", function() {
            expect(url.indexOf("flibble/wibble")).not.toEqual(-1);
        });

-        it("should return an identicon HTTP URL if allowDefault was set and there " +
-        "was no m.room.avatar event", function() {
-            const url = room.getAvatarUrl(hsUrl, 64, 64, "crop", true);
-            expect(url.indexOf("http")).toEqual(0); // don't care about form
-        });
-
        it("should return nothing if there is no m.room.avatar and allowDefault=false",
        function() {
            const url = room.getAvatarUrl(hsUrl, 64, 64, "crop", false);
@@ -196,7 +191,7 @@ describe("Room", function() {
            const remoteEvent = utils.mkMessage({
                room: roomId, user: userA, event: true,
            });
-            remoteEvent.event.unsigned = {transaction_id: "TXN_ID"};
+            remoteEvent.event.unsigned = { transaction_id: "TXN_ID" };
            const remoteEventId = remoteEvent.getId();

            let callCount = 0;
@@ -380,7 +375,7 @@ describe("Room", function() {
        let events = null;

        beforeEach(function() {
-            room = new Room(roomId, null, null, {timelineSupport: timelineSupport});
+            room = new Room(roomId, null, null, { timelineSupport: timelineSupport });
            // set events each time to avoid resusing Event objects (which
            // doesn't work because they get frozen)
            events = [
@@ -462,7 +457,7 @@ describe("Room", function() {

    describe("compareEventOrdering", function() {
        beforeEach(function() {
-            room = new Room(roomId, null, null, {timelineSupport: true});
+            room = new Room(roomId, null, null, { timelineSupport: true });
        });

        const events = [
@@ -718,7 +713,7 @@ describe("Room", function() {
            it("uses hero name from state", function() {
                const name = "Mr B";
                addMember(userA, "invite");
-                addMember(userB, "join", {name});
+                addMember(userB, "join", { name });
                room.setSummary({
                    "m.heroes": [userB],
                });
@@ -729,7 +724,7 @@ describe("Room", function() {

            it("uses counts from summary", function() {
                const name = "Mr B";
-                addMember(userB, "join", {name});
+                addMember(userB, "join", { name });
                room.setSummary({
                    "m.heroes": [userB],
                    "m.joined_member_count": 50,
@@ -742,8 +737,8 @@ describe("Room", function() {
            it("relies on heroes in case of absent counts", function() {
                const nameB = "Mr Bean";
                const nameC = "Mel C";
-                addMember(userB, "join", {name: nameB});
-                addMember(userC, "join", {name: nameC});
+                addMember(userB, "join", { name: nameB });
+                addMember(userC, "join", { name: nameC });
                room.setSummary({
                    "m.heroes": [userB, userC],
                });
@@ -753,7 +748,7 @@ describe("Room", function() {

            it("uses only heroes", function() {
                const nameB = "Mr Bean";
-                addMember(userB, "join", {name: nameB});
+                addMember(userB, "join", { name: nameB });
                addMember(userC, "join");
                room.setSummary({
                    "m.heroes": [userB],
@@ -846,7 +841,7 @@ describe("Room", function() {
            it("should show the other user's name for private" +
            " (invite join_rules) rooms if you are invited to it.", function() {
                setJoinRule("invite");
-                addMember(userA, "invite", {user: userB});
+                addMember(userA, "invite", { user: userB });
                addMember(userB);
                room.recalculate();
                const name = room.name;
@@ -921,8 +916,8 @@ describe("Room", function() {
               "available",
            function() {
                setJoinRule("invite");
-                addMember(userB, 'join', {name: "Alice"});
-                addMember(userA, "invite", {user: userA});
+                addMember(userB, 'join', { name: "Alice" });
+                addMember(userA, "invite", { user: userA });
                room.recalculate();
                const name = room.name;
                expect(name).toEqual("Alice");
@@ -932,7 +927,7 @@ describe("Room", function() {
            function() {
                setJoinRule("invite");
                addMember(userB);
-                addMember(userA, "invite", {user: userA});
+                addMember(userA, "invite", { user: userA });
                room.recalculate();
                const name = room.name;
                expect(name).toEqual(userB);
@@ -1182,7 +1177,10 @@ describe("Room", function() {
    describe("addPendingEvent", function() {
        it("should add pending events to the pendingEventList if " +
                      "pendingEventOrdering == 'detached'", function() {
-            const room = new Room(roomId, null, userA, {
+            const client = (new TestClient(
+                "@alice:example.com", "alicedevice",
+            )).client;
+            const room = new Room(roomId, client, userA, {
                pendingEventOrdering: "detached",
            });
            const eventA = utils.mkMessage({
@@ -1232,7 +1230,10 @@ describe("Room", function() {

    describe("updatePendingEvent", function() {
        it("should remove cancelled events from the pending list", function() {
-            const room = new Room(roomId, null, userA, {
+            const client = (new TestClient(
+                "@alice:example.com", "alicedevice",
+            )).client;
+            const room = new Room(roomId, client, userA, {
                pendingEventOrdering: "detached",
            });
            const eventA = utils.mkMessage({
@@ -1266,7 +1267,6 @@ describe("Room", function() {
            expect(callCount).toEqual(1);
        });

-
        it("should remove cancelled events from the timeline", function() {
            const room = new Room(roomId, null, userA);
            const eventA = utils.mkMessage({
@@ -1320,7 +1320,7 @@ describe("Room", function() {
                        if (this.serverResponse instanceof Error) {
                            return Promise.reject(this.serverResponse);
                        } else {
-                            return Promise.resolve({chunk: this.serverResponse});
+                            return Promise.resolve({ chunk: this.serverResponse });
                        }
                    },
                },
@@ -1350,7 +1350,7 @@ describe("Room", function() {

        it("should load members from server on first call", async function() {
            const client = createClientMock([memberEvent]);
-            const room = new Room(roomId, client, null, {lazyLoadMembers: true});
+            const room = new Room(roomId, client, null, { lazyLoadMembers: true });
            await room.loadMembersIfNeeded();
            const memberA = room.getMember("@user_a:bar");
            expect(memberA.name).toEqual("User A");
@@ -1365,7 +1365,7 @@ describe("Room", function() {
                room: roomId, event: true, name: "Ms A",
            });
            const client = createClientMock([memberEvent2], [memberEvent]);
-            const room = new Room(roomId, client, null, {lazyLoadMembers: true});
+            const room = new Room(roomId, client, null, { lazyLoadMembers: true });

            await room.loadMembersIfNeeded();

@@ -1375,11 +1375,11 @@ describe("Room", function() {

        it("should allow retry on error", async function() {
            const client = createClientMock(new Error("server says no"));
-            const room = new Room(roomId, client, null, {lazyLoadMembers: true});
+            const room = new Room(roomId, client, null, { lazyLoadMembers: true });
            let hasThrown = false;
            try {
                await room.loadMembersIfNeeded();
-            } catch(err) {
+            } catch (err) {
                hasThrown = true;
            }
            expect(hasThrown).toEqual(true);
@@ -1403,17 +1403,17 @@ describe("Room", function() {
            const room = new Room(roomId, null, userA);
            const events = [];
            room.on("Room.myMembership", (_room, membership, oldMembership) => {
-                events.push({membership, oldMembership});
+                events.push({ membership, oldMembership });
            });
            room.updateMyMembership("invite");
            expect(room.getMyMembership()).toEqual("invite");
-            expect(events[0]).toEqual({membership: "invite", oldMembership: null});
+            expect(events[0]).toEqual({ membership: "invite", oldMembership: null });
            events.splice(0);   //clear
            room.updateMyMembership("invite");
            expect(events.length).toEqual(0);
            room.updateMyMembership("join");
            expect(room.getMyMembership()).toEqual("join");
-            expect(events[0]).toEqual({membership: "join", oldMembership: "invite"});
+            expect(events[0]).toEqual({ membership: "join", oldMembership: "invite" });
        });
    });

@@ -1421,7 +1421,7 @@ describe("Room", function() {
        it("should return first hero id",
        function() {
            const room = new Room(roomId, null, userA);
-            room.setSummary({'m.heroes': [userB]});
+            room.setSummary({ 'm.heroes': [userB] });
            expect(room.guessDMUserId()).toEqual(userB);
        });
        it("should return first member that isn't self",
@@ -1,9 +1,9 @@
 // This file had a function whose name is all caps, which displeases eslint
 /* eslint new-cap: "off" */

-import {defer} from '../../src/utils';
-import {MatrixError} from "../../src/http-api";
-import {MatrixScheduler} from "../../src/scheduler";
+import { defer } from '../../src/utils';
+import { MatrixError } from "../../src/http-api";
+import { MatrixScheduler } from "../../src/scheduler";
 import * as utils from "../test-utils";

 jest.useFakeTimers();
@@ -62,8 +62,8 @@ describe("MatrixScheduler", function() {
            scheduler.queueEvent(eventA),
            scheduler.queueEvent(eventB),
        ]);
-        deferB.resolve({b: true});
-        deferA.resolve({a: true});
+        deferB.resolve({ b: true });
+        deferA.resolve({ a: true });
        const [a, b] = await abPromise;
        expect(a.a).toEqual(true);
        expect(b.b).toEqual(true);
@@ -143,7 +143,7 @@ describe("MatrixScheduler", function() {
        deferA.reject({});
        try {
            await globalA;
-        } catch(err) {
+        } catch (err) {
            await Promise.resolve();
            expect(procCount).toEqual(2);
        }
@@ -156,8 +156,8 @@ describe("MatrixScheduler", function() {
        // Expect to have processFn invoked for A&B.
        // Resolve A.
        // Expect to have processFn invoked for D.
-        const eventC = utils.mkMessage({user: "@a:bar", room: roomId, event: true});
-        const eventD = utils.mkMessage({user: "@b:bar", room: roomId, event: true});
+        const eventC = utils.mkMessage({ user: "@a:bar", room: roomId, event: true });
+        const eventD = utils.mkMessage({ user: "@b:bar", room: roomId, event: true });

        const buckets = {};
        buckets[eventA.getId()] = "queue_A";
@@ -241,7 +241,7 @@ describe("MatrixScheduler", function() {
            expect(queue).toEqual([eventA, eventB]);
            // modify the queue
            const eventC = utils.mkMessage(
-                {user: "@a:bar", room: roomId, event: true},
+                { user: "@a:bar", room: roomId, event: true },
            );
            queue.push(eventC);
            const queueAgain = scheduler.getQueueForEvent(eventA);
@@ -15,7 +15,40 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {SyncAccumulator} from "../../src/sync-accumulator";
+import { SyncAccumulator } from "../../src/sync-accumulator";
+
+// The event body & unsigned object get frozen to assert that they don't get altered
+// by the impl
+const RES_WITH_AGE = {
+    next_batch: "abc",
+    rooms: {
+        invite: {},
+        leave: {},
+        join: {
+            "!foo:bar": {
+                account_data: { events: [] },
+                ephemeral: { events: [] },
+                unread_notifications: {},
+                timeline: {
+                    events: [
+                        Object.freeze({
+                            content: {
+                                body: "This thing is happening right now!",
+                            },
+                            origin_server_ts: 123456789,
+                            sender: "@alice:localhost",
+                            type: "m.room.message",
+                            unsigned: Object.freeze({
+                                age: 50,
+                            }),
+                        }),
+                    ],
+                    prev_batch: "something",
+                },
+            },
+        },
+    },
+};

 describe("SyncAccumulator", function() {
    let sa;
@@ -368,6 +401,39 @@ describe("SyncAccumulator", function() {
            expect(summary["m.joined_member_count"]).toEqual(5);
            expect(summary["m.heroes"]).toEqual(["@bob:bar"]);
        });
+
+        it("should return correctly adjusted age attributes", () => {
+            const delta = 1000;
+            const startingTs = 1000;
+
+            const oldDateNow = Date.now;
+            try {
+                Date.now = jest.fn();
+                Date.now.mockReturnValue(startingTs);
+
+                sa.accumulate(RES_WITH_AGE);
+
+                Date.now.mockReturnValue(startingTs + delta);
+
+                const output = sa.getJSON();
+                expect(output.roomsData.join["!foo:bar"].timeline.events[0].unsigned.age).toEqual(
+                    RES_WITH_AGE.rooms.join["!foo:bar"].timeline.events[0].unsigned.age + delta,
+                );
+                expect(Object.keys(output.roomsData.join["!foo:bar"].timeline.events[0])).toEqual(
+                    Object.keys(RES_WITH_AGE.rooms.join["!foo:bar"].timeline.events[0]),
+                );
+            } finally {
+                Date.now = oldDateNow;
+            }
+        });
+
+        it("should mangle age without adding extra keys", () => {
+            sa.accumulate(RES_WITH_AGE);
+            const output = sa.getJSON();
+            expect(Object.keys(output.roomsData.join["!foo:bar"].timeline.events[0])).toEqual(
+                Object.keys(RES_WITH_AGE.rooms.join["!foo:bar"].timeline.events[0]),
+            );
+        });
    });
 });

@@ -1,5 +1,5 @@
-import {EventTimeline} from "../../src/models/event-timeline";
-import {TimelineIndex, TimelineWindow} from "../../src/timeline-window";
+import { EventTimeline } from "../../src/models/event-timeline";
+import { TimelineIndex, TimelineWindow } from "../../src/timeline-window";
 import * as utils from "../test-utils";

 const ROOM_ID = "roomId";
@@ -18,7 +18,7 @@ function createTimeline(numEvents, baseIndex) {
    }

    // XXX: this is a horrid hack
-    const timelineSet = { room: { roomId: ROOM_ID }};
+    const timelineSet = { room: { roomId: ROOM_ID } };
    timelineSet.room.getUnfilteredTimelineSet = function() {
        return timelineSet;
    };
@@ -46,7 +46,6 @@ function addEventsToTimeline(timeline, numEvents, atStart) {
    }
 }

-
 /*
 * create a pair of linked timelines
 */
@@ -58,7 +57,6 @@ function createLinkedTimelines() {
    return [tl1, tl2];
 }

-
 describe("TimelineIndex", function() {
    describe("minIndex", function() {
        it("should return the min index relative to BaseIndex", function() {
@@ -133,7 +131,6 @@ describe("TimelineIndex", function() {
    });
 });

-
 describe("TimelineWindow", function() {
    /**
     * create a dummy eventTimelineSet and client, and a TimelineWindow
@@ -142,7 +139,7 @@ describe("TimelineWindow", function() {
    let timelineSet;
    let client;
    function createWindow(timeline, opts) {
-        timelineSet = {getTimelineForEvent: () => null};
+        timelineSet = { getTimelineForEvent: () => null };
        client = {};
        client.getEventTimeline = function(timelineSet0, eventId0) {
            expect(timelineSet0).toBe(timelineSet);
@@ -171,7 +168,7 @@ describe("TimelineWindow", function() {
            const timeline = createTimeline();
            const eventId = timeline.getEvents()[1].getId();

-            const timelineSet = {getTimelineForEvent: () => null};
+            const timelineSet = { getTimelineForEvent: () => null };
            const client = {};
            client.getEventTimeline = function(timelineSet0, eventId0) {
                expect(timelineSet0).toBe(timelineSet);
@@ -193,7 +190,7 @@ describe("TimelineWindow", function() {

            const eventId = timeline.getEvents()[1].getId();

-            const timelineSet = {getTimelineForEvent: () => null};
+            const timelineSet = { getTimelineForEvent: () => null };
            const client = {};

            const timelineWindow = new TimelineWindow(client, timelineSet);
@@ -266,7 +263,7 @@ describe("TimelineWindow", function() {
        it("should advance into next timeline", function() {
            const tls = createLinkedTimelines();
            const eventId = tls[0].getEvents()[1].getId();
-            const timelineWindow = createWindow(tls[0], {windowLimit: 5});
+            const timelineWindow = createWindow(tls[0], { windowLimit: 5 });

            return timelineWindow.load(eventId, 3).then(function() {
                const expectedEvents = tls[0].getEvents();
@@ -311,7 +308,7 @@ describe("TimelineWindow", function() {
        it("should retreat into previous timeline", function() {
            const tls = createLinkedTimelines();
            const eventId = tls[1].getEvents()[1].getId();
-            const timelineWindow = createWindow(tls[1], {windowLimit: 5});
+            const timelineWindow = createWindow(tls[1], { windowLimit: 5 });

            return timelineWindow.load(eventId, 3).then(function() {
                const expectedEvents = tls[1].getEvents();
@@ -357,7 +354,7 @@ describe("TimelineWindow", function() {
            const timeline = createTimeline();
            timeline.setPaginationToken("toktok", EventTimeline.FORWARDS);

-            const timelineWindow = createWindow(timeline, {windowLimit: 5});
+            const timelineWindow = createWindow(timeline, { windowLimit: 5 });
            const eventId = timeline.getEvents()[1].getId();

            client.paginateEventTimeline = function(timeline0, opts) {
@@ -385,12 +382,11 @@ describe("TimelineWindow", function() {
            });
        });

-
        it("should make backward pagination requests", function() {
            const timeline = createTimeline();
            timeline.setPaginationToken("toktok", EventTimeline.BACKWARDS);

-            const timelineWindow = createWindow(timeline, {windowLimit: 5});
+            const timelineWindow = createWindow(timeline, { windowLimit: 5 });
            const eventId = timeline.getEvents()[1].getId();

            client.paginateEventTimeline = function(timeline0, opts) {
@@ -422,7 +418,7 @@ describe("TimelineWindow", function() {
            const timeline = createTimeline();
            timeline.setPaginationToken("toktok", EventTimeline.FORWARDS);

-            const timelineWindow = createWindow(timeline, {windowLimit: 5});
+            const timelineWindow = createWindow(timeline, { windowLimit: 5 });
            const eventId = timeline.getEvents()[1].getId();

            let paginateCount = 0;
@@ -1,4 +1,4 @@
-import {User} from "../../src/models/user";
+import { User } from "../../src/models/user";
 import * as utils from "../test-utils";

 describe("User", function() {
@@ -26,40 +26,6 @@ describe("utils", function() {
        });
    });

-    describe("forEach", function() {
-        it("should be invoked for each element", function() {
-            const arr = [];
-            utils.forEach([55, 66, 77], function(element) {
-                arr.push(element);
-            });
-            expect(arr).toEqual([55, 66, 77]);
-        });
-    });
-
-    describe("findElement", function() {
-        it("should find only 1 element if there is a match", function() {
-            const matchFn = function() {
-                return true;
-            };
-            const arr = [55, 66, 77];
-            expect(utils.findElement(arr, matchFn)).toEqual(55);
-        });
-        it("should be able to find in reverse order", function() {
-            const matchFn = function() {
-                return true;
-            };
-            const arr = [55, 66, 77];
-            expect(utils.findElement(arr, matchFn, true)).toEqual(77);
-        });
-        it("should find nothing if the function never returns true", function() {
-            const matchFn = function() {
-                return false;
-            };
-            const arr = [55, 66, 77];
-            expect(utils.findElement(arr, matchFn)).toBeFalsy();
-        });
-    });
-
    describe("removeElement", function() {
        it("should remove only 1 element if there is a match", function() {
            const matchFn = function() {
@@ -103,20 +69,6 @@ describe("utils", function() {
        });
    });

-    describe("isArray", function() {
-        it("should return true for arrays", function() {
-            expect(utils.isArray([])).toBe(true);
-            expect(utils.isArray([5, 3, 7])).toBe(true);
-
-            expect(utils.isArray()).toBe(false);
-            expect(utils.isArray(null)).toBe(false);
-            expect(utils.isArray({})).toBe(false);
-            expect(utils.isArray("foo")).toBe(false);
-            expect(utils.isArray(555)).toBe(false);
-            expect(utils.isArray(function() {})).toBe(false);
-        });
-    });
-
    describe("checkObjectHasKeys", function() {
        it("should throw for missing keys", function() {
            expect(function() {
@@ -188,19 +140,19 @@ describe("utils", function() {

        it("should handle simple objects", function() {
            assert.isTrue(utils.deepCompare({}, {}));
-            assert.isTrue(utils.deepCompare({a: 1, b: 2}, {a: 1, b: 2}));
-            assert.isTrue(utils.deepCompare({a: 1, b: 2}, {b: 2, a: 1}));
-            assert.isFalse(utils.deepCompare({a: 1, b: 2}, {a: 1, b: 3}));
+            assert.isTrue(utils.deepCompare({ a: 1, b: 2 }, { a: 1, b: 2 }));
+            assert.isTrue(utils.deepCompare({ a: 1, b: 2 }, { b: 2, a: 1 }));
+            assert.isFalse(utils.deepCompare({ a: 1, b: 2 }, { a: 1, b: 3 }));

-            assert.isTrue(utils.deepCompare({1: {name: "mhc", age: 28},
-                                             2: {name: "arb", age: 26}},
-                                            {1: {name: "mhc", age: 28},
-                                             2: {name: "arb", age: 26}}));
+            assert.isTrue(utils.deepCompare({ 1: { name: "mhc", age: 28 },
+                                             2: { name: "arb", age: 26 } },
+                                            { 1: { name: "mhc", age: 28 },
+                                             2: { name: "arb", age: 26 } }));

-            assert.isFalse(utils.deepCompare({1: {name: "mhc", age: 28},
-                                              2: {name: "arb", age: 26}},
-                                             {1: {name: "mhc", age: 28},
-                                              2: {name: "arb", age: 27}}));
+            assert.isFalse(utils.deepCompare({ 1: { name: "mhc", age: 28 },
+                                              2: { name: "arb", age: 26 } },
+                                             { 1: { name: "mhc", age: 28 },
+                                              2: { name: "arb", age: 27 } }));

            assert.isFalse(utils.deepCompare({}, null));
            assert.isFalse(utils.deepCompare({}, undefined));
@@ -223,7 +175,6 @@ describe("utils", function() {
        });
    });

-
    describe("extend", function() {
        const SOURCE = { "prop2": 1, "string2": "x", "newprop": "new" };

@@ -282,4 +233,30 @@ describe("utils", function() {
            expect(target.nonenumerableProp).toBe(undefined);
        });
    });
+
+    describe("chunkPromises", function() {
+        it("should execute promises in chunks", async function() {
+            let promiseCount = 0;
+
+            function fn1() {
+                return new Promise(async function(resolve, reject) {
+                    await utils.sleep(1);
+                    expect(promiseCount).toEqual(0);
+                    ++promiseCount;
+                    resolve();
+                });
+            }
+
+            function fn2() {
+                return new Promise(function(resolve, reject) {
+                    expect(promiseCount).toEqual(1);
+                    ++promiseCount;
+                    resolve();
+                });
+            }
+
+            await utils.chunkPromises([fn1, fn2], 1);
+            expect(promiseCount).toEqual(2);
+        });
+    });
 });
@@ -0,0 +1,301 @@
+/*
+Copyright 2020 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { TestClient } from '../../TestClient';
+import { MatrixCall, CallErrorCode, CallEvent } from '../../../src/webrtc/call';
+
+const DUMMY_SDP = (
+    "v=0\r\n" +
+    "o=- 5022425983810148698 2 IN IP4 127.0.0.1\r\n" +
+    "s=-\r\nt=0 0\r\na=group:BUNDLE 0\r\n" +
+    "a=msid-semantic: WMS h3wAi7s8QpiQMH14WG3BnDbmlOqo9I5ezGZA\r\n" +
+    "m=audio 9 UDP/TLS/RTP/SAVPF 111 103 104 9 0 8 106 105 13 110 112 113 126\r\n" +
+    "c=IN IP4 0.0.0.0\r\na=rtcp:9 IN IP4 0.0.0.0\r\na=ice-ufrag:hLDR\r\n" +
+    "a=ice-pwd:bMGD9aOldHWiI+6nAq/IIlRw\r\n" +
+    "a=ice-options:trickle\r\n" +
+    "a=fingerprint:sha-256 E4:94:84:F9:4A:98:8A:56:F5:5F:FD:AF:72:B9:32:89:49:5C:4B:9A:" +
+        "4A:15:8E:41:8A:F3:69:E4:39:52:DC:D6\r\n" +
+    "a=setup:active\r\n" +
+    "a=mid:0\r\n" +
+    "a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level\r\n" +
+    "a=extmap:2 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time\r\n" +
+    "a=extmap:3 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01\r\n" +
+    "a=extmap:4 urn:ietf:params:rtp-hdrext:sdes:mid\r\n" +
+    "a=extmap:5 urn:ietf:params:rtp-hdrext:sdes:rtp-stream-id\r\n" +
+    "a=extmap:6 urn:ietf:params:rtp-hdrext:sdes:repaired-rtp-stream-id\r\n" +
+    "a=sendrecv\r\n" +
+    "a=msid:h3wAi7s8QpiQMH14WG3BnDbmlOqo9I5ezGZA 4357098f-3795-4131-bff4-9ba9c0348c49\r\n" +
+    "a=rtcp-mux\r\n" +
+    "a=rtpmap:111 opus/48000/2\r\n" +
+    "a=rtcp-fb:111 transport-cc\r\n" +
+    "a=fmtp:111 minptime=10;useinbandfec=1\r\n" +
+    "a=rtpmap:103 ISAC/16000\r\n" +
+    "a=rtpmap:104 ISAC/32000\r\n" +
+    "a=rtpmap:9 G722/8000\r\n" +
+    "a=rtpmap:0 PCMU/8000\r\n" +
+    "a=rtpmap:8 PCMA/8000\r\n" +
+    "a=rtpmap:106 CN/32000\r\n" +
+    "a=rtpmap:105 CN/16000\r\n" +
+    "a=rtpmap:13 CN/8000\r\n" +
+    "a=rtpmap:110 telephone-event/48000\r\n" +
+    "a=rtpmap:112 telephone-event/32000\r\n" +
+    "a=rtpmap:113 telephone-event/16000\r\n" +
+    "a=rtpmap:126 telephone-event/8000\r\n" +
+    "a=ssrc:3619738545 cname:2RWtmqhXLdoF4sOi\r\n"
+);
+
+class MockRTCPeerConnection {
+    localDescription: RTCSessionDescription;
+
+    constructor() {
+        this.localDescription = {
+            sdp: DUMMY_SDP,
+            type: 'offer',
+            toJSON: function() {},
+        };
+    }
+
+    addEventListener() {}
+    createOffer() {
+        return Promise.resolve({});
+    }
+    setRemoteDescription() {
+        return Promise.resolve();
+    }
+    setLocalDescription() {
+        return Promise.resolve();
+    }
+    close() {}
+    getStats() { return []; }
+}
+
+describe('Call', function() {
+    let client;
+    let call;
+    let prevNavigator;
+    let prevDocument;
+    let prevWindow;
+
+    beforeEach(function() {
+        prevNavigator = global.navigator;
+        prevDocument = global.document;
+        prevWindow = global.window;
+
+        global.navigator = {
+            mediaDevices: {
+                // @ts-ignore Mock
+                getUserMedia: () => {
+                    return {
+                        getTracks: () => [],
+                        getAudioTracks: () => [],
+                        getVideoTracks: () => [],
+                    };
+                },
+            },
+        };
+
+        global.window = {
+            // @ts-ignore Mock
+            RTCPeerConnection: MockRTCPeerConnection,
+            // @ts-ignore Mock
+            RTCSessionDescription: {},
+            // @ts-ignore Mock
+            RTCIceCandidate: {},
+            getUserMedia: {},
+        };
+        // @ts-ignore Mock
+        global.document = {};
+
+        client = new TestClient("@alice:foo", "somedevice", "token", undefined, {});
+        // We just stub out sendEvent: we're not interested in testing the client's
+        // event sending code here
+        client.client.sendEvent = () => {};
+        client.httpBackend.when("GET", "/voip/turnServer").respond(200, {});
+        call = new MatrixCall({
+            client: client.client,
+            roomId: '!foo:bar',
+        });
+        // call checks one of these is wired up
+        call.on('error', () => {});
+    });
+
+    afterEach(function() {
+        client.stop();
+        global.navigator = prevNavigator;
+        global.window = prevWindow;
+        global.document = prevDocument;
+    });
+
+    it('should ignore candidate events from non-matching party ID', async function() {
+        const callPromise = call.placeVoiceCall();
+        await client.httpBackend.flush();
+        await callPromise;
+        await call.onAnswerReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'the_correct_party_id',
+                    answer: {
+                        sdp: DUMMY_SDP,
+                    },
+                };
+            },
+        });
+
+        call.peerConn.addIceCandidate = jest.fn();
+        call.onRemoteIceCandidatesReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'the_correct_party_id',
+                    candidates: [
+                        {
+                            candidate: '',
+                            sdpMid: '',
+                        },
+                    ],
+                };
+            },
+        });
+        expect(call.peerConn.addIceCandidate.mock.calls.length).toBe(1);
+
+        call.onRemoteIceCandidatesReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'some_other_party_id',
+                    candidates: [
+                        {
+                            candidate: '',
+                            sdpMid: '',
+                        },
+                    ],
+                };
+            },
+        });
+        expect(call.peerConn.addIceCandidate.mock.calls.length).toBe(1);
+
+        // Hangup to stop timers
+        call.hangup(CallErrorCode.UserHangup, true);
+    });
+
+    it('should add candidates received before answer if party ID is correct', async function() {
+        const callPromise = call.placeVoiceCall();
+        await client.httpBackend.flush();
+        await callPromise;
+        call.peerConn.addIceCandidate = jest.fn();
+
+        call.onRemoteIceCandidatesReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'the_correct_party_id',
+                    candidates: [
+                        {
+                            candidate: 'the_correct_candidate',
+                            sdpMid: '',
+                        },
+                    ],
+                };
+            },
+        });
+
+        call.onRemoteIceCandidatesReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'some_other_party_id',
+                    candidates: [
+                        {
+                            candidate: 'the_wrong_candidate',
+                            sdpMid: '',
+                        },
+                    ],
+                };
+            },
+        });
+
+        expect(call.peerConn.addIceCandidate.mock.calls.length).toBe(0);
+
+        await call.onAnswerReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'the_correct_party_id',
+                    answer: {
+                        sdp: DUMMY_SDP,
+                    },
+                };
+            },
+        });
+
+        expect(call.peerConn.addIceCandidate.mock.calls.length).toBe(1);
+        expect(call.peerConn.addIceCandidate).toHaveBeenCalledWith({
+            candidate: 'the_correct_candidate',
+            sdpMid: '',
+        });
+    });
+
+    it('should map asserted identity messages to remoteAssertedIdentity', async function() {
+        const callPromise = call.placeVoiceCall();
+        await client.httpBackend.flush();
+        await callPromise;
+        await call.onAnswerReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'party_id',
+                    answer: {
+                        sdp: DUMMY_SDP,
+                    },
+                };
+            },
+        });
+
+        const identChangedCallback = jest.fn();
+        call.on(CallEvent.AssertedIdentityChanged, identChangedCallback);
+
+        await call.onAssertedIdentityReceived({
+            getContent: () => {
+                return {
+                    version: 1,
+                    call_id: call.callId,
+                    party_id: 'party_id',
+                    asserted_identity: {
+                        id: "@steve:example.com",
+                        display_name: "Steve Gibbons",
+                    },
+                };
+            },
+        });
+
+        expect(identChangedCallback).toHaveBeenCalled();
+
+        const ident = call.getRemoteAssertedIdentity();
+        expect(ident.id).toEqual("@steve:example.com");
+        expect(ident.displayName).toEqual("Steve Gibbons");
+
+        // Hangup to stop timers
+        call.hangup(CallErrorCode.UserHangup, true);
+    });
+});
@@ -0,0 +1,102 @@
+/*
+Copyright 2020 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+export enum EventType {
+    // Room state events
+    RoomCanonicalAlias = "m.room.canonical_alias",
+    RoomCreate = "m.room.create",
+    RoomJoinRules = "m.room.join_rules",
+    RoomMember = "m.room.member",
+    RoomThirdPartyInvite = "m.room.third_party_invite",
+    RoomPowerLevels = "m.room.power_levels",
+    RoomName = "m.room.name",
+    RoomTopic = "m.room.topic",
+    RoomAvatar = "m.room.avatar",
+    RoomPinnedEvents = "m.room.pinned_events",
+    RoomEncryption = "m.room.encryption",
+    RoomHistoryVisibility = "m.room.history_visibility",
+    RoomGuestAccess = "m.room.guest_access",
+    RoomServerAcl = "m.room.server_acl",
+    RoomTombstone = "m.room.tombstone",
+    /**
+     * @deprecated Should not be used.
+     */
+    RoomAliases = "m.room.aliases", // deprecated https://matrix.org/docs/spec/client_server/r0.6.1#historical-events
+
+    SpaceChild = "m.space.child",
+    SpaceParent = "m.space.parent",
+
+    // Room timeline events
+    RoomRedaction = "m.room.redaction",
+    RoomMessage = "m.room.message",
+    RoomMessageEncrypted = "m.room.encrypted",
+    Sticker = "m.sticker",
+    CallInvite = "m.call.invite",
+    CallCandidates = "m.call.candidates",
+    CallAnswer = "m.call.answer",
+    CallHangup = "m.call.hangup",
+    CallReject = "m.call.reject",
+    CallSelectAnswer = "m.call.select_answer",
+    CallNegotiate = "m.call.negotiate",
+    CallReplaces = "m.call.replaces",
+    CallAssertedIdentity = "m.call.asserted_identity",
+    CallAssertedIdentityPrefix = "org.matrix.call.asserted_identity",
+    KeyVerificationRequest = "m.key.verification.request",
+    KeyVerificationStart = "m.key.verification.start",
+    KeyVerificationCancel = "m.key.verification.cancel",
+    KeyVerificationMac = "m.key.verification.mac",
+    KeyVerificationDone = "m.key.verification.done",
+    // use of this is discouraged https://matrix.org/docs/spec/client_server/r0.6.1#m-room-message-feedback
+    RoomMessageFeedback = "m.room.message.feedback",
+    Reaction = "m.reaction",
+
+    // Room ephemeral events
+    Typing = "m.typing",
+    Receipt = "m.receipt",
+    Presence = "m.presence",
+
+    // Room account_data events
+    FullyRead = "m.fully_read",
+    Tag = "m.tag",
+
+    // User account_data events
+    PushRules = "m.push_rules",
+    Direct = "m.direct",
+    IgnoredUserList = "m.ignored_user_list",
+
+    // to_device events
+    RoomKey = "m.room_key",
+    RoomKeyRequest = "m.room_key_request",
+    ForwardedRoomKey = "m.forwarded_room_key",
+    Dummy = "m.dummy",
+}
+
+export enum MsgType {
+    Text = "m.text",
+    Emote = "m.emote",
+    Notice = "m.notice",
+    Image = "m.image",
+    File = "m.file",
+    Audio = "m.audio",
+    Location = "m.location",
+    Video = "m.video",
+}
+
+export const RoomCreateTypeField = "type";
+
+export enum RoomType {
+    Space = "m.space",
+}
@@ -14,6 +14,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

+// this is needed to tell TS about global.Olm
+import * as Olm from "@matrix-org/olm"; // eslint-disable-line @typescript-eslint/no-unused-vars
+
 export {};

 declare global {
@@ -22,4 +25,63 @@ declare global {
            localStorage: Storage;
        }
    }
+
+    interface Window {
+        electron?: Electron;
+    }
+
+    interface Electron {
+        getDesktopCapturerSources(options: GetSourcesOptions): Promise<Array<DesktopCapturerSource>>;
+    }
+
+    interface MediaDevices {
+        // This is experimental and types don't know about it yet
+        // https://github.com/microsoft/TypeScript/issues/33232
+        getDisplayMedia(constraints: MediaStreamConstraints | DesktopCapturerConstraints): Promise<MediaStream>;
+        getUserMedia(constraints: MediaStreamConstraints | DesktopCapturerConstraints): Promise<MediaStream>;
+    }
+
+    interface DesktopCapturerConstraints {
+        audio: boolean | {
+            mandatory: {
+                chromeMediaSource: string;
+                chromeMediaSourceId: string;
+            };
+        };
+        video: boolean | {
+            mandatory: {
+                chromeMediaSource: string;
+                chromeMediaSourceId: string;
+            };
+        };
+    }
+
+    interface DesktopCapturerSource {
+        id: string;
+        name: string;
+        thumbnailURL: string;
+    }
+
+    interface GetSourcesOptions {
+        types: Array<string>;
+        thumbnailSize?: {
+            height: number;
+            width: number;
+        };
+        fetchWindowIcons?: boolean;
+    }
+
+    interface HTMLAudioElement {
+        // sinkId & setSinkId are experimental and typescript doesn't know about them
+        sinkId: string;
+        setSinkId(outputId: string);
+    }
+
+    interface DummyInterfaceWeShouldntBeUsingThis {}
+
+    interface Navigator {
+        // We check for the webkit-prefixed getUserMedia to detect if we're
+        // on webkit: we should check if we still need to do this
+        webkitGetUserMedia: DummyInterfaceWeShouldntBeUsingThis;
+    }
 }
@@ -1,52 +0,0 @@
-/*
-Copyright 2015, 2016 OpenMarket Ltd
-Copyright 2017 Vector Creations Ltd
-Copyright 2017 New Vector Ltd
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-/**
- * @module
- */
-
-export class ReEmitter {
-    constructor(target) {
-        this.target = target;
-
-        // We keep one bound event handler for each event name so we know
-        // what event is arriving
-        this.boundHandlers = {};
-    }
-
-    _handleEvent(eventName, ...args) {
-        this.target.emit(eventName, ...args);
-    }
-
-    reEmit(source, eventNames) {
-        // We include the source as the last argument for event handlers which may need it,
-        // such as read receipt listeners on the client class which won't have the context
-        // of the room.
-        const forSource = (handler, ...args) => {
-            handler(...args, source);
-        };
-        for (const eventName of eventNames) {
-            if (this.boundHandlers[eventName] === undefined) {
-                this.boundHandlers[eventName] = this._handleEvent.bind(this, eventName);
-            }
-
-            const boundHandler = forSource.bind(this, this.boundHandlers[eventName]);
-            source.on(eventName, boundHandler);
-        }
-    }
-}
@@ -0,0 +1,50 @@
+/*
+Copyright 2015, 2016 OpenMarket Ltd
+Copyright 2017 Vector Creations Ltd
+Copyright 2017 New Vector Ltd
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { EventEmitter } from "events";
+
+export class ReEmitter {
+    private target: EventEmitter;
+
+    constructor(target: EventEmitter) {
+        this.target = target;
+    }
+
+    reEmit(source: EventEmitter, eventNames: string[]) {
+        for (const eventName of eventNames) {
+            // We include the source as the last argument for event handlers which may need it,
+            // such as read receipt listeners on the client class which won't have the context
+            // of the room.
+            const forSource = (...args) => {
+                // EventEmitter special cases 'error' to make the emit function throw if no
+                // handler is attached, which sort of makes sense for making sure that something
+                // handles an error, but for re-emitting, there could be a listener on the original
+                // source object so the test doesn't really work. We *could* try to replicate the
+                // same logic and throw if there is no listener on either the source or the target,
+                // but this behaviour is fairly undesireable for us anyway: the main place we throw
+                // 'error' events is for calls, where error events are usually emitted some time
+                // later by a different part of the code where 'emit' throwing because the app hasn't
+                // added an error handler isn't terribly helpful. (A better fix in retrospect may
+                // have been to just avoid using the event name 'error', but backwards compat...)
+                if (eventName === 'error' && this.target.listenerCount('error') === 0) return;
+                this.target.emit(eventName, ...args, source);
+            };
+            source.on(eventName, forSource);
+        }
+    }
+}
@@ -17,8 +17,8 @@ limitations under the License.

 /** @module auto-discovery */

-import {logger} from './logger';
-import {URL as NodeURL} from "url";
+import { logger } from './logger';
+import { URL as NodeURL } from "url";

 // Dev note: Auto discovery is part of the spec.
 // See: https://matrix.org/docs/spec/client_server/r0.4.0.html#server-discovery
@@ -511,12 +511,12 @@ export class AutoDiscovery {
                            action = "IGNORE";
                            reason = AutoDiscovery.ERROR_MISSING_WELLKNOWN;
                        }
-                        resolve({raw: {}, action: action, reason: reason, error: err});
+                        resolve({ raw: {}, action: action, reason: reason, error: err });
                        return;
                    }

                    try {
-                        resolve({raw: JSON.parse(body), action: "SUCCESS"});
+                        resolve({ raw: JSON.parse(body), action: "SUCCESS" });
                    } catch (e) {
                        let reason = AutoDiscovery.ERROR_INVALID;
                        if (e.name === "SyntaxError") {
@@ -24,11 +24,11 @@ limitations under the License.
 * @module base-apis
 */

-import {SERVICE_TYPES} from './service-types';
-import {logger} from './logger';
-import {PushProcessor} from "./pushprocessor";
+import { SERVICE_TYPES } from './service-types';
+import { logger } from './logger';
+import { PushProcessor } from "./pushprocessor";
 import * as utils from "./utils";
-import {MatrixHttpApi, PREFIX_IDENTITY_V2, PREFIX_R0, PREFIX_UNSTABLE} from "./http-api";
+import { MatrixHttpApi, PREFIX_IDENTITY_V2, PREFIX_R0, PREFIX_UNSTABLE } from "./http-api";

 function termsUrlForService(serviceType, baseUrl) {
    switch (serviceType) {
@@ -66,7 +66,7 @@ function termsUrlForService(serviceType, baseUrl) {
 * callback that returns a Promise<String> of an identity access token to supply
 * with identity requests. If the object is unset, no access token will be
 * supplied.
- * See also https://github.com/vector-im/riot-web/issues/10615 which seeks to
+ * See also https://github.com/vector-im/element-web/issues/10615 which seeks to
 * replace the previous approach of manual access tokens params with this
 * callback throughout the SDK.
 *
@@ -158,7 +158,6 @@ MatrixBaseApis.prototype.makeTxnId = function() {
    return "m" + new Date().getTime() + "." + (this._txnCtr++);
 };

-
 // Registration/Login operations
 // =============================

@@ -197,7 +196,7 @@ MatrixBaseApis.prototype.register = function(
 ) {
    // backwards compat
    if (bindThreepids === true) {
-        bindThreepids = {email: true};
+        bindThreepids = { email: true };
    } else if (bindThreepids === null || bindThreepids === undefined) {
        bindThreepids = {};
    }
@@ -246,10 +245,25 @@ MatrixBaseApis.prototype.register = function(

 /**
 * Register a guest account.
+ * This method returns the auth info needed to create a new authenticated client,
+ * Remember to call `setGuest(true)` on the (guest-)authenticated client, e.g:
+ * ```javascript
+ * const tmpClient = await sdk.createClient(MATRIX_INSTANCE);
+ * const { user_id, device_id, access_token } = tmpClient.registerGuest();
+ * const client = createClient({
+ *   baseUrl: MATRIX_INSTANCE,
+ *   accessToken: access_token,
+ *   userId: user_id,
+ *   deviceId: device_id,
+ * })
+ * client.setGuest(true);
+ * ```
+ *
 * @param {Object=} opts Registration options
 * @param {Object} opts.body JSON HTTP body to provide.
 * @param {module:client.callback} callback Optional.
- * @return {Promise} Resolves: TODO
+ * @return {Promise} Resolves: JSON object that contains:
+ *                   { user_id, device_id, access_token, home_server }
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.registerGuest = function(opts, callback) {
@@ -356,15 +370,20 @@ MatrixBaseApis.prototype.getCasLoginUrl = function(redirectUrl) {
 *     authenticates with the SSO.
 * @param {string} loginType The type of SSO login we are doing (sso or cas).
 *     Defaults to 'sso'.
+ * @param {string} idpId The ID of the Identity Provider being targeted, optional.
 * @return {string} The HS URL to hit to begin the SSO login process.
 */
-MatrixBaseApis.prototype.getSsoLoginUrl = function(redirectUrl, loginType) {
+MatrixBaseApis.prototype.getSsoLoginUrl = function(redirectUrl, loginType, idpId) {
    if (loginType === undefined) {
        loginType = "sso";
    }
-    return this._http.getUrl("/login/"+loginType+"/redirect", {
-        "redirectUrl": redirectUrl,
-    }, PREFIX_R0);
+
+    let url = "/login/" + loginType + "/redirect";
+    if (idpId) {
+        url += "/" + idpId;
+    }
+
+    return this._http.getUrl(url, { redirectUrl }, PREFIX_R0);
 };

 /**
@@ -379,7 +398,6 @@ MatrixBaseApis.prototype.loginWithToken = function(token, callback) {
    }, callback);
 };

-
 /**
 * Logs out the current session.
 * Obviously, further calls that require authorisation should fail after this
@@ -462,8 +480,26 @@ MatrixBaseApis.prototype.getFallbackAuthUrl = function(loginType, authSessionId)
 * room_alias: {string(opt)}}</code>
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
-MatrixBaseApis.prototype.createRoom = function(options, callback) {
-    // valid options include: room_alias_name, visibility, invite
+MatrixBaseApis.prototype.createRoom = async function(options, callback) {
+    // some valid options include: room_alias_name, visibility, invite
+
+    // inject the id_access_token if inviting 3rd party addresses
+    const invitesNeedingToken = (options.invite_3pid || [])
+        .filter(i => !i.id_access_token);
+    if (
+        invitesNeedingToken.length > 0 &&
+        this.identityServer &&
+        this.identityServer.getAccessToken &&
+        await this.doesServerAcceptIdentityAccessToken()
+    ) {
+        const identityAccessToken = await this.identityServer.getAccessToken();
+        if (identityAccessToken) {
+            for (const invite of invitesNeedingToken) {
+                invite.id_access_token = identityAccessToken;
+            }
+        }
+    }
+
    return this._http.authedRequest(
        callback, "POST", "/createRoom", undefined, options,
    );
@@ -507,7 +543,7 @@ MatrixBaseApis.prototype.fetchRelations =
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.roomState = function(roomId, callback) {
-    const path = utils.encodeUri("/rooms/$roomId/state", {$roomId: roomId});
+    const path = utils.encodeUri("/rooms/$roomId/state", { $roomId: roomId });
    return this._http.authedRequest(callback, "GET", path);
 };

@@ -555,7 +591,7 @@ function(roomId, includeMembership, excludeMembership, atEventId, callback) {
    const queryString = utils.encodeParams(queryParams);

    const path = utils.encodeUri("/rooms/$roomId/members?" + queryString,
-        {$roomId: roomId});
+        { $roomId: roomId });
    return this._http.authedRequest(callback, "GET", path);
 };

@@ -567,20 +603,19 @@ function(roomId, includeMembership, excludeMembership, atEventId, callback) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.upgradeRoom = function(roomId, newVersion) {
-    const path = utils.encodeUri("/rooms/$roomId/upgrade", {$roomId: roomId});
+    const path = utils.encodeUri("/rooms/$roomId/upgrade", { $roomId: roomId });
    return this._http.authedRequest(
-        undefined, "POST", path, undefined, {new_version: newVersion},
+        undefined, "POST", path, undefined, { new_version: newVersion },
    );
 };

-
 /**
 * @param {string} groupId
 * @return {Promise} Resolves: Group summary object
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.getGroupSummary = function(groupId) {
-    const path = utils.encodeUri("/groups/$groupId/summary", {$groupId: groupId});
+    const path = utils.encodeUri("/groups/$groupId/summary", { $groupId: groupId });
    return this._http.authedRequest(undefined, "GET", path);
 };

@@ -590,7 +625,7 @@ MatrixBaseApis.prototype.getGroupSummary = function(groupId) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.getGroupProfile = function(groupId) {
-    const path = utils.encodeUri("/groups/$groupId/profile", {$groupId: groupId});
+    const path = utils.encodeUri("/groups/$groupId/profile", { $groupId: groupId });
    return this._http.authedRequest(undefined, "GET", path);
 };

@@ -605,7 +640,7 @@ MatrixBaseApis.prototype.getGroupProfile = function(groupId) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.setGroupProfile = function(groupId, profile) {
-    const path = utils.encodeUri("/groups/$groupId/profile", {$groupId: groupId});
+    const path = utils.encodeUri("/groups/$groupId/profile", { $groupId: groupId });
    return this._http.authedRequest(
        undefined, "POST", path, undefined, profile,
    );
@@ -623,7 +658,7 @@ MatrixBaseApis.prototype.setGroupProfile = function(groupId, profile) {
 MatrixBaseApis.prototype.setGroupJoinPolicy = function(groupId, policy) {
    const path = utils.encodeUri(
        "/groups/$groupId/settings/m.join_policy",
-        {$groupId: groupId},
+        { $groupId: groupId },
    );
    return this._http.authedRequest(
        undefined, "PUT", path, undefined, {
@@ -638,7 +673,7 @@ MatrixBaseApis.prototype.setGroupJoinPolicy = function(groupId, policy) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.getGroupUsers = function(groupId) {
-    const path = utils.encodeUri("/groups/$groupId/users", {$groupId: groupId});
+    const path = utils.encodeUri("/groups/$groupId/users", { $groupId: groupId });
    return this._http.authedRequest(undefined, "GET", path);
 };

@@ -648,7 +683,7 @@ MatrixBaseApis.prototype.getGroupUsers = function(groupId) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.getGroupInvitedUsers = function(groupId) {
-    const path = utils.encodeUri("/groups/$groupId/invited_users", {$groupId: groupId});
+    const path = utils.encodeUri("/groups/$groupId/invited_users", { $groupId: groupId });
    return this._http.authedRequest(undefined, "GET", path);
 };

@@ -658,7 +693,7 @@ MatrixBaseApis.prototype.getGroupInvitedUsers = function(groupId) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.getGroupRooms = function(groupId) {
-    const path = utils.encodeUri("/groups/$groupId/rooms", {$groupId: groupId});
+    const path = utils.encodeUri("/groups/$groupId/rooms", { $groupId: groupId });
    return this._http.authedRequest(undefined, "GET", path);
 };

@@ -671,7 +706,7 @@ MatrixBaseApis.prototype.getGroupRooms = function(groupId) {
 MatrixBaseApis.prototype.inviteUserToGroup = function(groupId, userId) {
    const path = utils.encodeUri(
        "/groups/$groupId/admin/users/invite/$userId",
-        {$groupId: groupId, $userId: userId},
+        { $groupId: groupId, $userId: userId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {});
 };
@@ -685,7 +720,7 @@ MatrixBaseApis.prototype.inviteUserToGroup = function(groupId, userId) {
 MatrixBaseApis.prototype.removeUserFromGroup = function(groupId, userId) {
    const path = utils.encodeUri(
        "/groups/$groupId/admin/users/remove/$userId",
-        {$groupId: groupId, $userId: userId},
+        { $groupId: groupId, $userId: userId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {});
 };
@@ -702,7 +737,7 @@ MatrixBaseApis.prototype.addUserToGroupSummary = function(groupId, userId, roleI
        roleId ?
            "/groups/$groupId/summary/$roleId/users/$userId" :
            "/groups/$groupId/summary/users/$userId",
-        {$groupId: groupId, $roleId: roleId, $userId: userId},
+        { $groupId: groupId, $roleId: roleId, $userId: userId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {});
 };
@@ -716,7 +751,7 @@ MatrixBaseApis.prototype.addUserToGroupSummary = function(groupId, userId, roleI
 MatrixBaseApis.prototype.removeUserFromGroupSummary = function(groupId, userId) {
    const path = utils.encodeUri(
        "/groups/$groupId/summary/users/$userId",
-        {$groupId: groupId, $userId: userId},
+        { $groupId: groupId, $userId: userId },
    );
    return this._http.authedRequest(undefined, "DELETE", path, undefined, {});
 };
@@ -733,7 +768,7 @@ MatrixBaseApis.prototype.addRoomToGroupSummary = function(groupId, roomId, categ
        categoryId ?
            "/groups/$groupId/summary/$categoryId/rooms/$roomId" :
            "/groups/$groupId/summary/rooms/$roomId",
-        {$groupId: groupId, $categoryId: categoryId, $roomId: roomId},
+        { $groupId: groupId, $categoryId: categoryId, $roomId: roomId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {});
 };
@@ -747,7 +782,7 @@ MatrixBaseApis.prototype.addRoomToGroupSummary = function(groupId, roomId, categ
 MatrixBaseApis.prototype.removeRoomFromGroupSummary = function(groupId, roomId) {
    const path = utils.encodeUri(
        "/groups/$groupId/summary/rooms/$roomId",
-        {$groupId: groupId, $roomId: roomId},
+        { $groupId: groupId, $roomId: roomId },
    );
    return this._http.authedRequest(undefined, "DELETE", path, undefined, {});
 };
@@ -765,7 +800,7 @@ MatrixBaseApis.prototype.addRoomToGroup = function(groupId, roomId, isPublic) {
    }
    const path = utils.encodeUri(
        "/groups/$groupId/admin/rooms/$roomId",
-        {$groupId: groupId, $roomId: roomId},
+        { $groupId: groupId, $roomId: roomId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined,
        { "m.visibility": { type: isPublic ? "public" : "private" } },
@@ -787,7 +822,7 @@ MatrixBaseApis.prototype.updateGroupRoomVisibility = function(groupId, roomId, i

    const path = utils.encodeUri(
        "/groups/$groupId/admin/rooms/$roomId/config/m.visibility",
-        {$groupId: groupId, $roomId: roomId},
+        { $groupId: groupId, $roomId: roomId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined,
        { type: isPublic ? "public" : "private" },
@@ -803,7 +838,7 @@ MatrixBaseApis.prototype.updateGroupRoomVisibility = function(groupId, roomId, i
 MatrixBaseApis.prototype.removeRoomFromGroup = function(groupId, roomId) {
    const path = utils.encodeUri(
        "/groups/$groupId/admin/rooms/$roomId",
-        {$groupId: groupId, $roomId: roomId},
+        { $groupId: groupId, $roomId: roomId },
    );
    return this._http.authedRequest(undefined, "DELETE", path, undefined, {});
 };
@@ -817,7 +852,7 @@ MatrixBaseApis.prototype.removeRoomFromGroup = function(groupId, roomId) {
 MatrixBaseApis.prototype.acceptGroupInvite = function(groupId, opts = null) {
    const path = utils.encodeUri(
        "/groups/$groupId/self/accept_invite",
-        {$groupId: groupId},
+        { $groupId: groupId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, opts || {});
 };
@@ -830,7 +865,7 @@ MatrixBaseApis.prototype.acceptGroupInvite = function(groupId, opts = null) {
 MatrixBaseApis.prototype.joinGroup = function(groupId) {
    const path = utils.encodeUri(
        "/groups/$groupId/self/join",
-        {$groupId: groupId},
+        { $groupId: groupId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {});
 };
@@ -843,7 +878,7 @@ MatrixBaseApis.prototype.joinGroup = function(groupId) {
 MatrixBaseApis.prototype.leaveGroup = function(groupId) {
    const path = utils.encodeUri(
        "/groups/$groupId/self/leave",
-        {$groupId: groupId},
+        { $groupId: groupId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {});
 };
@@ -900,7 +935,7 @@ MatrixBaseApis.prototype.getPublicisedGroups = function(userIds) {
 MatrixBaseApis.prototype.setGroupPublicity = function(groupId, isPublic) {
    const path = utils.encodeUri(
        "/groups/$groupId/self/update_publicity",
-        {$groupId: groupId},
+        { $groupId: groupId },
    );
    return this._http.authedRequest(undefined, "PUT", path, undefined, {
        publicise: isPublic,
@@ -968,7 +1003,7 @@ MatrixBaseApis.prototype.roomInitialSync = function(roomId, limit, callback) {
        callback = limit; limit = undefined;
    }
    const path = utils.encodeUri("/rooms/$roomId/initialSync",
-        {$roomId: roomId},
+        { $roomId: roomId },
    );
    if (!limit) {
        limit = 30;
@@ -1119,7 +1154,7 @@ MatrixBaseApis.prototype.deleteAlias = function(alias, callback) {
 MatrixBaseApis.prototype.unstableGetLocalAliases =
 function(roomId, callback) {
    const path = utils.encodeUri("/rooms/$roomId/aliases",
-        {$roomId: roomId});
+        { $roomId: roomId });
    const prefix = PREFIX_UNSTABLE + "/org.matrix.msc2432";
    return this._http.authedRequest(callback, "GET", path,
        null, null, { prefix });
@@ -1150,7 +1185,7 @@ MatrixBaseApis.prototype.getRoomIdForAlias = function(alias, callback) {
 */
 MatrixBaseApis.prototype.resolveRoomAlias = function(roomAlias, callback) {
    // TODO: deprecate this or getRoomIdForAlias
-    const path = utils.encodeUri("/directory/room/$alias", {$alias: roomAlias});
+    const path = utils.encodeUri("/directory/room/$alias", { $alias: roomAlias });
    return this._http.request(callback, "GET", path);
 };

@@ -1238,7 +1273,6 @@ MatrixBaseApis.prototype.searchUserDirectory = function(opts) {
    );
 };

-
 // Media operations
 // ================

@@ -1307,7 +1341,6 @@ MatrixBaseApis.prototype.getCurrentUploads = function() {
    return this._http.getCurrentUploads();
 };

-
 // Profile operations
 // ==================

@@ -1332,7 +1365,6 @@ MatrixBaseApis.prototype.getProfileInfo = function(userId, info, callback) {
    return this._http.authedRequest(callback, "GET", path);
 };

-
 // Account operations
 // ==================

@@ -1478,7 +1510,6 @@ MatrixBaseApis.prototype.setPassword = function(authDict, newPassword, callback)
    );
 };

-
 // Device operations
 // =================

@@ -1493,6 +1524,21 @@ MatrixBaseApis.prototype.getDevices = function() {
    );
 };

+/**
+ * Gets specific device details for the logged-in user
+ * @param {string} device_id  device to query
+ * @return {Promise} Resolves: result object
+ * @return {module:http-api.MatrixError} Rejects: with an error response.
+ */
+MatrixBaseApis.prototype.getDevice = function(device_id) {
+    const path = utils.encodeUri("/devices/$device_id", {
+        $device_id: device_id,
+    });
+    return this._http.authedRequest(
+        undefined, 'GET', path, undefined, undefined,
+    );
+};
+
 /**
 * Update the given device
 *
@@ -1540,7 +1586,7 @@ MatrixBaseApis.prototype.deleteDevice = function(device_id, auth) {
 * @return {module:http-api.MatrixError} Rejects: with an error response.
 */
 MatrixBaseApis.prototype.deleteMultipleDevices = function(devices, auth) {
-    const body = {devices};
+    const body = { devices };

    if (auth) {
        body.auth = auth;
@@ -1550,7 +1596,6 @@ MatrixBaseApis.prototype.deleteMultipleDevices = function(devices, auth) {
    return this._http.authedRequest(undefined, "POST", path, undefined, body);
 };

-
 // Push operations
 // ===============

@@ -1648,7 +1693,7 @@ MatrixBaseApis.prototype.setPushRuleEnabled = function(scope, kind,
        $ruleId: ruleId,
    });
    return this._http.authedRequest(
-        callback, "PUT", path, undefined, {"enabled": enabled},
+        callback, "PUT", path, undefined, { "enabled": enabled },
    );
 };

@@ -1669,11 +1714,10 @@ MatrixBaseApis.prototype.setPushRuleActions = function(scope, kind,
        $ruleId: ruleId,
    });
    return this._http.authedRequest(
-        callback, "PUT", path, undefined, {"actions": actions},
+        callback, "PUT", path, undefined, { "actions": actions },
    );
 };

-
 // Search
 // ======

@@ -1787,7 +1831,7 @@ MatrixBaseApis.prototype.claimOneTimeKeys = function(devices, key_algorithm, tim
        queries[userId] = query;
        query[deviceId] = key_algorithm;
    }
-    const content = {one_time_keys: queries};
+    const content = { one_time_keys: queries };
    if (timeout) {
        content.timeout = timeout;
    }
@@ -1817,7 +1861,7 @@ MatrixBaseApis.prototype.getKeyChanges = function(oldToken, newToken) {

 MatrixBaseApis.prototype.uploadDeviceSigningKeys = function(auth, keys) {
    const data = Object.assign({}, keys);
-    if (auth) Object.assign(data, {auth});
+    if (auth) Object.assign(data, { auth });
    return this._http.authedRequest(
        undefined, "POST", "/keys/device_signing/upload", undefined, data, {
            prefix: PREFIX_UNSTABLE,
@@ -2111,7 +2155,7 @@ MatrixBaseApis.prototype.identityHashedLookup = async function(
            throw new Error("Identity server returned more results than expected");
        }

-        foundAddresses.push({address: plainAddress, mxid});
+        foundAddresses.push({ address: plainAddress, mxid });
    }
    return foundAddresses;
 };
@@ -2202,7 +2246,7 @@ MatrixBaseApis.prototype.bulkLookupThreePids = async function(
        ]);
    }

-    return {threepids: v1results};
+    return { threepids: v1results };
 };

 /**
@@ -2346,6 +2390,38 @@ MatrixBaseApis.prototype.reportEvent = function(roomId, eventId, score, reason)
        $eventId: eventId,
    });

-    return this._http.authedRequest(undefined, "POST", path, null, {score, reason});
+    return this._http.authedRequest(undefined, "POST", path, null, { score, reason });
 };

+/**
+ * Fetches or paginates a summary of a space as defined by MSC2946
+ * @param {string} roomId The ID of the space-room to use as the root of the summary.
+ * @param {number?} maxRoomsPerSpace The maximum number of rooms to return per subspace.
+ * @param {boolean?} suggestedOnly Whether to only return rooms with suggested=true.
+ * @param {boolean?} autoJoinOnly Whether to only return rooms with auto_join=true.
+ * @param {number?} limit The maximum number of rooms to return in total.
+ * @param {string?} batch The opaque token to paginate a previous summary request.
+ * @returns {Promise} the response, with next_batch, rooms, events fields.
+ */
+MatrixBaseApis.prototype.getSpaceSummary = function(
+    roomId,
+    maxRoomsPerSpace,
+    suggestedOnly,
+    autoJoinOnly,
+    limit,
+    batch,
+) {
+    const path = utils.encodeUri("/rooms/$roomId/spaces", {
+        $roomId: roomId,
+    });
+
+    return this._http.authedRequest(undefined, "POST", path, null, {
+        max_rooms_per_space: maxRoomsPerSpace,
+        suggested_only: suggestedOnly,
+        auto_join_only: autoJoinOnly,
+        limit,
+        batch,
+    }, {
+        prefix: "/_matrix/client/unstable/org.matrix.msc2946",
+    });
+};
@@ -34,7 +34,7 @@ matrixcs.request(function(opts, fn) {
 let indexedDB;
 try {
    indexedDB = global.indexedDB;
-} catch(e) {}
+} catch (e) {}

 // if our browser (appears to) support indexeddb, use an indexeddb crypto store.
 if (indexedDB) {
@@ -59,7 +59,7 @@ export function getHttpUriForMxc(baseUrl, mxc, width, height,
    if (resizeMethod) {
        params.method = resizeMethod;
    }
-    if (utils.keys(params).length > 0) {
+    if (Object.keys(params).length > 0) {
        // these are thumbnailing params so they probably want the
        // thumbnailing API...
        prefix = "/_matrix/media/r0/thumbnail/";
@@ -72,38 +72,6 @@ export function getHttpUriForMxc(baseUrl, mxc, width, height,
        serverAndMediaId = serverAndMediaId.substr(0, fragmentOffset);
    }
    return baseUrl + prefix + serverAndMediaId +
-        (utils.keys(params).length === 0 ? "" :
+        (Object.keys(params).length === 0 ? "" :
        ("?" + utils.encodeParams(params))) + fragment;
 }
-
-/**
- * Get an identicon URL from an arbitrary string.
- * @param {string} baseUrl The base homeserver url which has a content repo.
- * @param {string} identiconString The string to create an identicon for.
- * @param {Number} width The desired width of the image in pixels. Default: 96.
- * @param {Number} height The desired height of the image in pixels. Default: 96.
- * @return {string} The complete URL to the identicon.
- * @deprecated This is no longer in the specification.
- */
-export function getIdenticonUri(baseUrl, identiconString, width, height) {
-    if (!identiconString) {
-        return null;
-    }
-    if (!width) {
-        width = 96;
-    }
-    if (!height) {
-        height = 96;
-    }
-    const params = {
-        width: width,
-        height: height,
-    };
-
-    const path = utils.encodeUri("/_matrix/media/unstable/identicon/$ident", {
-        $ident: identiconString,
-    });
-    return baseUrl + path +
-        (utils.keys(params).length === 0 ? "" :
-            ("?" + utils.encodeParams(params)));
-}
@@ -20,11 +20,13 @@ limitations under the License.
 * @module crypto/CrossSigning
 */

-import {decodeBase64, encodeBase64, pkSign, pkVerify} from './olmlib';
-import {EventEmitter} from 'events';
-import {logger} from '../logger';
-import {IndexedDBCryptoStore} from '../crypto/store/indexeddb-crypto-store';
-import {decryptAES, encryptAES} from './aes';
+import { decodeBase64, encodeBase64, pkSign, pkVerify } from './olmlib';
+import { EventEmitter } from 'events';
+import { logger } from '../logger';
+import { IndexedDBCryptoStore } from '../crypto/store/indexeddb-crypto-store';
+import { decryptAES, encryptAES } from './aes';
+
+const KEY_REQUEST_TIMEOUT_MS = 1000 * 60;

 function publicKeyFromKeyInfo(keyInfo) {
    // `keys` is an object with { [`ed25519:${pubKey}`]: pubKey }
@@ -64,15 +66,34 @@ export class CrossSigningInfo extends EventEmitter {
        this.crossSigningVerifiedBefore = false;
    }

+    static fromStorage(obj, userId) {
+        const res = new CrossSigningInfo(userId);
+        for (const prop in obj) {
+            if (obj.hasOwnProperty(prop)) {
+                res[prop] = obj[prop];
+            }
+        }
+        return res;
+    }
+
+    toStorage() {
+        return {
+            keys: this.keys,
+            firstUse: this.firstUse,
+            crossSigningVerifiedBefore: this.crossSigningVerifiedBefore,
+        };
+    }
+
    /**
     * Calls the app callback to ask for a private key
+     *
     * @param {string} type The key type ("master", "self_signing", or "user_signing")
     * @param {string} expectedPubkey The matching public key or undefined to use
     *     the stored public key for the given key type.
     * @returns {Array} An array with [ public key, Olm.PkSigning ]
     */
    async getCrossSigningKey(type, expectedPubkey) {
-        const shouldCache = ["self_signing", "user_signing"].indexOf(type) >= 0;
+        const shouldCache = ["master", "self_signing", "user_signing"].indexOf(type) >= 0;

        if (!this._callbacks.getCrossSigningKey) {
            throw new Error("No getCrossSigningKey callback supplied");
@@ -125,24 +146,6 @@ export class CrossSigningInfo extends EventEmitter {
        );
    }

-    static fromStorage(obj, userId) {
-        const res = new CrossSigningInfo(userId);
-        for (const prop in obj) {
-            if (obj.hasOwnProperty(prop)) {
-                res[prop] = obj[prop];
-            }
-        }
-        return res;
-    }
-
-    toStorage() {
-        return {
-            keys: this.keys,
-            firstUse: this.firstUse,
-            crossSigningVerifiedBefore: this.crossSigningVerifiedBefore,
-        };
-    }
-
    /**
     * Check whether the private keys exist in secret storage.
     * XXX: This could be static, be we often seem to have an instance when we
@@ -178,12 +181,12 @@ export class CrossSigningInfo extends EventEmitter {
     * typically called in conjunction with the creation of new cross-signing
     * keys.
     *
-     * @param {object} keys The keys to store
+     * @param {Map} keys The keys to store
     * @param {SecretStorage} secretStorage The secret store using account data
     */
    static async storeInSecretStorage(keys, secretStorage) {
-        for (const type of Object.keys(keys)) {
-            const encodedKey = encodeBase64(keys[type]);
+        for (const [type, privateKey] of keys) {
+            const encodedKey = encodeBase64(privateKey);
            await secretStorage.store(`m.cross_signing.${type}`, encodedKey);
        }
    }
@@ -199,9 +202,50 @@ export class CrossSigningInfo extends EventEmitter {
     */
    static async getFromSecretStorage(type, secretStorage) {
        const encodedKey = await secretStorage.get(`m.cross_signing.${type}`);
+        if (!encodedKey) {
+            return null;
+        }
        return decodeBase64(encodedKey);
    }

+    /**
+     * Check whether the private keys exist in the local key cache.
+     *
+     * @param {string} [type] The type of key to get. One of "master",
+     * "self_signing", or "user_signing". Optional, will check all by default.
+     * @returns {boolean} True if all keys are stored in the local cache.
+     */
+    async isStoredInKeyCache(type) {
+        const cacheCallbacks = this._cacheCallbacks;
+        if (!cacheCallbacks) return false;
+        const types = type ? [type] : ["master", "self_signing", "user_signing"];
+        for (const t of types) {
+            if (!await cacheCallbacks.getCrossSigningKeyCache(t)) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * Get cross-signing private keys from the local cache.
+     *
+     * @returns {Map} A map from key type (string) to private key (Uint8Array)
+     */
+    async getCrossSigningKeysFromCache() {
+        const keys = new Map();
+        const cacheCallbacks = this._cacheCallbacks;
+        if (!cacheCallbacks) return keys;
+        for (const type of ["master", "self_signing", "user_signing"]) {
+            const privKey = await cacheCallbacks.getCrossSigningKeyCache(type);
+            if (!privKey) {
+                continue;
+            }
+            keys.set(type, privKey);
+        }
+        return keys;
+    }
+
    /**
     * Get the ID used to identify the user. This can also be used to test for
     * the existence of a given key type.
@@ -677,3 +721,96 @@ export function createCryptoStoreCacheCallbacks(store, olmdevice) {
        },
    };
 }
+
+/**
+ * Request cross-signing keys from another device during verification.
+ *
+ * @param {module:base-apis~MatrixBaseApis} baseApis base Matrix API interface
+ * @param {string} userId The user ID being verified
+ * @param {string} deviceId The device ID being verified
+ */
+export async function requestKeysDuringVerification(baseApis, userId, deviceId) {
+    // If this is a self-verification, ask the other party for keys
+    if (baseApis.getUserId() !== userId) {
+        return;
+    }
+    logger.log("Cross-signing: Self-verification done; requesting keys");
+    // This happens asynchronously, and we're not concerned about waiting for
+    // it.  We return here in order to test.
+    return new Promise((resolve, reject) => {
+        const client = baseApis;
+        const original = client._crypto._crossSigningInfo;
+
+        // We already have all of the infrastructure we need to validate and
+        // cache cross-signing keys, so instead of replicating that, here we set
+        // up callbacks that request them from the other device and call
+        // CrossSigningInfo.getCrossSigningKey() to validate/cache
+        const crossSigning = new CrossSigningInfo(
+            original.userId,
+            { getCrossSigningKey: async (type) => {
+                logger.debug("Cross-signing: requesting secret",
+                                type, deviceId);
+                const { promise } = client.requestSecret(
+                    `m.cross_signing.${type}`, [deviceId],
+                );
+                const result = await promise;
+                const decoded = decodeBase64(result);
+                return Uint8Array.from(decoded);
+            } },
+            original._cacheCallbacks,
+        );
+        crossSigning.keys = original.keys;
+
+        // XXX: get all keys out if we get one key out
+        // https://github.com/vector-im/element-web/issues/12604
+        // then change here to reject on the timeout
+        // Requests can be ignored, so don't wait around forever
+        const timeout = new Promise((resolve, reject) => {
+            setTimeout(
+                resolve,
+                KEY_REQUEST_TIMEOUT_MS,
+                new Error("Timeout"),
+            );
+        });
+
+        // also request and cache the key backup key
+        const backupKeyPromise = new Promise(async resolve => {
+            const cachedKey = await client._crypto.getSessionBackupPrivateKey();
+            if (!cachedKey) {
+                logger.info("No cached backup key found. Requesting...");
+                const secretReq = client.requestSecret(
+                    'm.megolm_backup.v1', [deviceId],
+                );
+                const base64Key = await secretReq.promise;
+                logger.info("Got key backup key, decoding...");
+                const decodedKey = decodeBase64(base64Key);
+                logger.info("Decoded backup key, storing...");
+                client._crypto.storeSessionBackupPrivateKey(
+                    Uint8Array.from(decodedKey),
+                );
+                logger.info("Backup key stored. Starting backup restore...");
+                const backupInfo = await client.getKeyBackupVersion();
+                // no need to await for this - just let it go in the bg
+                client.restoreKeyBackupWithCache(
+                    undefined, undefined, backupInfo,
+                ).then(() => {
+                    logger.info("Backup restored.");
+                });
+            }
+            resolve();
+        });
+
+        // We call getCrossSigningKey() for its side-effects
+        return Promise.race([
+            Promise.all([
+                crossSigning.getCrossSigningKey("master"),
+                crossSigning.getCrossSigningKey("self_signing"),
+                crossSigning.getCrossSigningKey("user_signing"),
+                backupKeyPromise,
+            ]),
+            timeout,
+        ]).then(resolve, reject);
+    }).catch((e) => {
+        logger.warn("Cross-signing: failure while requesting keys:", e);
+    });
+}
@@ -22,14 +22,13 @@ limitations under the License.
 * Manages the list of other users' devices
 */

-import {EventEmitter} from 'events';
-import {logger} from '../logger';
-import {DeviceInfo} from './deviceinfo';
-import {CrossSigningInfo} from './CrossSigning';
+import { EventEmitter } from 'events';
+import { logger } from '../logger';
+import { DeviceInfo } from './deviceinfo';
+import { CrossSigningInfo } from './CrossSigning';
 import * as olmlib from './olmlib';
-import {IndexedDBCryptoStore} from './store/indexeddb-crypto-store';
-import {defer, sleep} from '../utils';
-
+import { IndexedDBCryptoStore } from './store/indexeddb-crypto-store';
+import { chunkPromises, defer, sleep } from '../utils';

 /* State transition diagram for DeviceList._deviceTrackingStatus
 *
@@ -51,7 +50,6 @@ import {defer, sleep} from '../utils';
 *   +----------------------- UP_TO_DATE ------------------------+
 */

-
 // constants for DeviceList._deviceTrackingStatus
 const TRACKING_STATUS_NOT_TRACKED = 0;
 const TRACKING_STATUS_PENDING_DOWNLOAD = 1;
@@ -62,7 +60,7 @@ const TRACKING_STATUS_UP_TO_DATE = 3;
 * @alias module:crypto/DeviceList
 */
 export class DeviceList extends EventEmitter {
-    constructor(baseApis, cryptoStore, olmDevice) {
+    constructor(baseApis, cryptoStore, olmDevice, keyDownloadChunkSize = 250) {
        super();

        this._cryptoStore = cryptoStore;
@@ -98,6 +96,9 @@ export class DeviceList extends EventEmitter {
        // userId -> promise
        this._keyDownloadsInProgressByUser = {};

+        // Maximum number of user IDs per request to prevent server overload (#1619)
+        this._keyDownloadChunkSize = keyDownloadChunkSize;
+
        // Set whenever changes are made other than setting the sync token
        this._dirty = false;

@@ -780,17 +781,21 @@ class DeviceListUpdateSerialiser {
            opts.token = this._syncToken;
        }

-        this._baseApis.downloadKeysForUsers(
-            downloadUsers, opts,
-        ).then(async (res) => {
-            const dk = res.device_keys || {};
-            const masterKeys = res.master_keys || {};
-            const ssks = res.self_signing_keys || {};
-            const usks = res.user_signing_keys || {};
+        const factories = [];
+        for (let i = 0; i < downloadUsers.length; i += this._deviceList._keyDownloadChunkSize) {
+            const userSlice = downloadUsers.slice(i, i + this._deviceList._keyDownloadChunkSize);
+            factories.push(() => this._baseApis.downloadKeysForUsers(userSlice, opts));
+        }
+
+        chunkPromises(factories, 3).then(async (responses) => {
+            const dk = Object.assign({}, ...(responses.map(res => res.device_keys || {})));
+            const masterKeys = Object.assign({}, ...(responses.map(res => res.master_keys || {})));
+            const ssks = Object.assign({}, ...(responses.map(res => res.self_signing_keys || {})));
+            const usks = Object.assign({}, ...(responses.map(res => res.user_signing_keys || {})));

            // yield to other things that want to execute in between users, to
            // avoid wedging the CPU
-            // (https://github.com/vector-im/riot-web/issues/3158)
+            // (https://github.com/vector-im/element-web/issues/3158)
            //
            // of course we ought to do this in a web worker or similar, but
            // this serves as an easy solution for now.
@@ -848,6 +853,7 @@ class DeviceListUpdateSerialiser {

            await _updateStoredDeviceKeysForUser(
                this._olmDevice, userId, userStore, dkResponse || {},
+                this._baseApis.getUserId(), this._baseApis.deviceId,
            );

            // put the updates into the object that will be returned as our results
@@ -884,9 +890,9 @@ class DeviceListUpdateSerialiser {
    }
 }

-
-async function _updateStoredDeviceKeysForUser(_olmDevice, userId, userStore,
-        userResult) {
+async function _updateStoredDeviceKeysForUser(
+    _olmDevice, userId, userStore, userResult, localUserId, localDeviceId,
+) {
    let updated = false;

    // remove any devices in the store which aren't in the response
@@ -896,6 +902,13 @@ async function _updateStoredDeviceKeysForUser(_olmDevice, userId, userStore,
        }

        if (!(deviceId in userResult)) {
+            if (userId === localUserId && deviceId === localDeviceId) {
+                logger.warn(
+                    `Local device ${deviceId} missing from sync, skipping removal`,
+                );
+                continue;
+            }
+
            logger.log("Device " + userId + ":" + deviceId +
                " has been removed");
            delete userStore[deviceId];
@@ -0,0 +1,355 @@
+import { logger } from "../logger";
+import { MatrixEvent } from "../models/event";
+import { EventEmitter } from "events";
+import { createCryptoStoreCacheCallbacks } from "./CrossSigning";
+import { IndexedDBCryptoStore } from './store/indexeddb-crypto-store';
+import {
+    PREFIX_UNSTABLE,
+} from "../http-api";
+
+/**
+ * Builds an EncryptionSetupOperation by calling any of the add.. methods.
+ * Once done, `buildOperation()` can be called which allows to apply to operation.
+ *
+ * This is used as a helper by Crypto to keep track of all the network requests
+ * and other side-effects of bootstrapping, so it can be applied in one go (and retried in the future)
+ * Also keeps track of all the private keys created during bootstrapping, so we don't need to prompt for them
+ * more than once.
+ */
+export class EncryptionSetupBuilder {
+    /**
+     * @param {Object.<String, MatrixEvent>} accountData pre-existing account data, will only be read, not written.
+     * @param {CryptoCallbacks} delegateCryptoCallbacks crypto callbacks to delegate to if the key isn't in cache yet
+     */
+    constructor(accountData, delegateCryptoCallbacks) {
+        this.accountDataClientAdapter = new AccountDataClientAdapter(accountData);
+        this.crossSigningCallbacks = new CrossSigningCallbacks();
+        this.ssssCryptoCallbacks = new SSSSCryptoCallbacks(delegateCryptoCallbacks);
+
+        this._crossSigningKeys = null;
+        this._keySignatures = null;
+        this._keyBackupInfo = null;
+    }
+
+    /**
+     * Adds new cross-signing public keys
+     *
+     * @param {function} authUpload Function called to await an interactive auth
+     * flow when uploading device signing keys.
+     * Args:
+     *     {function} A function that makes the request requiring auth. Receives
+     *     the auth data as an object. Can be called multiple times, first with
+     *     an empty authDict, to obtain the flows.
+     * @param {Object} keys the new keys
+     */
+    addCrossSigningKeys(authUpload, keys) {
+        this._crossSigningKeys = { authUpload, keys };
+    }
+
+    /**
+     * Adds the key backup info to be updated on the server
+     *
+     * Used either to create a new key backup, or add signatures
+     * from the new MSK.
+     *
+     * @param {Object} keyBackupInfo as received from/sent to the server
+     */
+    addSessionBackup(keyBackupInfo) {
+        this._keyBackupInfo = keyBackupInfo;
+    }
+
+    /**
+     * Adds the session backup private key to be updated in the local cache
+     *
+     * Used after fixing the format of the key
+     *
+     * @param {Uint8Array} privateKey
+     */
+    addSessionBackupPrivateKeyToCache(privateKey) {
+        this._sessionBackupPrivateKey = privateKey;
+    }
+
+    /**
+     * Add signatures from a given user and device/x-sign key
+     * Used to sign the new cross-signing key with the device key
+     *
+     * @param {String} userId
+     * @param {String} deviceId
+     * @param {String} signature
+     */
+    addKeySignature(userId, deviceId, signature) {
+        if (!this._keySignatures) {
+            this._keySignatures = {};
+        }
+        const userSignatures = this._keySignatures[userId] || {};
+        this._keySignatures[userId] = userSignatures;
+        userSignatures[deviceId] = signature;
+    }
+
+    /**
+     * @param {String} type
+     * @param {Object} content
+     * @return {Promise}
+     */
+    setAccountData(type, content) {
+        return this.accountDataClientAdapter.setAccountData(type, content);
+    }
+
+    /**
+     * builds the operation containing all the parts that have been added to the builder
+     * @return {EncryptionSetupOperation}
+     */
+    buildOperation() {
+        const accountData = this.accountDataClientAdapter._values;
+        return new EncryptionSetupOperation(
+            accountData,
+            this._crossSigningKeys,
+            this._keyBackupInfo,
+            this._keySignatures,
+        );
+    }
+
+    /**
+     * Stores the created keys locally.
+     *
+     * This does not yet store the operation in a way that it can be restored,
+     * but that is the idea in the future.
+     *
+     * @param  {Crypto} crypto
+     * @return {Promise}
+     */
+    async persist(crypto) {
+        // store private keys in cache
+        if (this._crossSigningKeys) {
+            const cacheCallbacks = createCryptoStoreCacheCallbacks(
+                crypto._cryptoStore, crypto._olmDevice);
+            for (const type of ["master", "self_signing", "user_signing"]) {
+                logger.log(`Cache ${type} cross-signing private key locally`);
+                const privateKey = this.crossSigningCallbacks.privateKeys.get(type);
+                await cacheCallbacks.storeCrossSigningKeyCache(type, privateKey);
+            }
+            // store own cross-sign pubkeys as trusted
+            await crypto._cryptoStore.doTxn(
+                'readwrite', [IndexedDBCryptoStore.STORE_ACCOUNT],
+                (txn) => {
+                    crypto._cryptoStore.storeCrossSigningKeys(
+                        txn, this._crossSigningKeys.keys);
+                },
+            );
+        }
+        // store session backup key in cache
+        if (this._sessionBackupPrivateKey) {
+            await crypto.storeSessionBackupPrivateKey(this._sessionBackupPrivateKey);
+        }
+    }
+}
+
+/**
+ * Can be created from EncryptionSetupBuilder, or
+ * (in a follow-up PR, not implemented yet) restored from storage, to retry.
+ *
+ * It does not have knowledge of any private keys, unlike the builder.
+ */
+export class EncryptionSetupOperation {
+    /**
+     * @param  {Map<String, Object>} accountData
+     * @param  {Object} crossSigningKeys
+     * @param  {Object} keyBackupInfo
+     * @param  {Object} keySignatures
+     */
+    constructor(accountData, crossSigningKeys, keyBackupInfo, keySignatures) {
+        this._accountData = accountData;
+        this._crossSigningKeys = crossSigningKeys;
+        this._keyBackupInfo = keyBackupInfo;
+        this._keySignatures = keySignatures;
+    }
+
+    /**
+     * Runs the (remaining part of, in the future) operation by sending requests to the server.
+     * @param  {Crypto} crypto
+     */
+    async apply(crypto) {
+        const baseApis = crypto._baseApis;
+        // upload cross-signing keys
+        if (this._crossSigningKeys) {
+            const keys = {};
+            for (const [name, key] of Object.entries(this._crossSigningKeys.keys)) {
+                keys[name + "_key"] = key;
+            }
+
+            // We must only call `uploadDeviceSigningKeys` from inside this auth
+            // helper to ensure we properly handle auth errors.
+            await this._crossSigningKeys.authUpload(authDict => {
+                return baseApis.uploadDeviceSigningKeys(authDict, keys);
+            });
+
+            // pass the new keys to the main instance of our own CrossSigningInfo.
+            crypto._crossSigningInfo.setKeys(this._crossSigningKeys.keys);
+        }
+        // set account data
+        if (this._accountData) {
+            for (const [type, content] of this._accountData) {
+                await baseApis.setAccountData(type, content);
+            }
+        }
+        // upload first cross-signing signatures with the new key
+        // (e.g. signing our own device)
+        if (this._keySignatures) {
+            await baseApis.uploadKeySignatures(this._keySignatures);
+        }
+        // need to create/update key backup info
+        if (this._keyBackupInfo) {
+            if (this._keyBackupInfo.version) {
+                // session backup signature
+                // The backup is trusted because the user provided the private key.
+                // Sign the backup with the cross signing key so the key backup can
+                // be trusted via cross-signing.
+                await baseApis._http.authedRequest(
+                    undefined, "PUT", "/room_keys/version/" + this._keyBackupInfo.version,
+                    undefined, {
+                        algorithm: this._keyBackupInfo.algorithm,
+                        auth_data: this._keyBackupInfo.auth_data,
+                    },
+                    { prefix: PREFIX_UNSTABLE },
+                );
+            } else {
+                // add new key backup
+                await baseApis._http.authedRequest(
+                    undefined, "POST", "/room_keys/version",
+                    undefined, this._keyBackupInfo,
+                    { prefix: PREFIX_UNSTABLE },
+                );
+            }
+        }
+    }
+}
+
+/**
+ * Catches account data set by SecretStorage during bootstrapping by
+ * implementing the methods related to account data in MatrixClient
+ */
+class AccountDataClientAdapter extends EventEmitter {
+    /**
+     * @param  {Object.<String, MatrixEvent>} accountData existing account data
+     */
+    constructor(accountData) {
+        super();
+        this._existingValues = accountData;
+        this._values = new Map();
+    }
+
+    /**
+     * @param  {String} type
+     * @return {Promise<Object>} the content of the account data
+     */
+    getAccountDataFromServer(type) {
+        return Promise.resolve(this.getAccountData(type));
+    }
+
+    /**
+     * @param  {String} type
+     * @return {Object} the content of the account data
+     */
+    getAccountData(type) {
+        const modifiedValue = this._values.get(type);
+        if (modifiedValue) {
+            return modifiedValue;
+        }
+        const existingValue = this._existingValues[type];
+        if (existingValue) {
+            return existingValue.getContent();
+        }
+        return null;
+    }
+
+    /**
+     * @param {String} type
+     * @param {Object} content
+     * @return {Promise}
+     */
+    setAccountData(type, content) {
+        const lastEvent = this._values.get(type);
+        this._values.set(type, content);
+        // ensure accountData is emitted on the next tick,
+        // as SecretStorage listens for it while calling this method
+        // and it seems to rely on this.
+        return Promise.resolve().then(() => {
+            const event = new MatrixEvent({ type, content });
+            this.emit("accountData", event, lastEvent);
+        });
+    }
+}
+
+/**
+ * Catches the private cross-signing keys set during bootstrapping
+ * by both cache callbacks (see createCryptoStoreCacheCallbacks) as non-cache callbacks.
+ * See CrossSigningInfo constructor
+ */
+class CrossSigningCallbacks {
+    constructor() {
+        this.privateKeys = new Map();
+    }
+
+    // cache callbacks
+    getCrossSigningKeyCache(type, expectedPublicKey) {
+        return this.getCrossSigningKey(type, expectedPublicKey);
+    }
+
+    storeCrossSigningKeyCache(type, key) {
+        this.privateKeys.set(type, key);
+        return Promise.resolve();
+    }
+
+    // non-cache callbacks
+    getCrossSigningKey(type, _expectedPubkey) {
+        return Promise.resolve(this.privateKeys.get(type));
+    }
+
+    saveCrossSigningKeys(privateKeys) {
+        for (const [type, privateKey] of Object.entries(privateKeys)) {
+            this.privateKeys.set(type, privateKey);
+        }
+    }
+}
+
+/**
+ * Catches the 4S private key set during bootstrapping by implementing
+ * the SecretStorage crypto callbacks
+ */
+class SSSSCryptoCallbacks {
+    constructor(delegateCryptoCallbacks) {
+        this._privateKeys = new Map();
+        this._delegateCryptoCallbacks = delegateCryptoCallbacks;
+    }
+
+    async getSecretStorageKey({ keys }, name) {
+        for (const keyId of Object.keys(keys)) {
+            const privateKey = this._privateKeys.get(keyId);
+            if (privateKey) {
+                return [keyId, privateKey];
+            }
+        }
+        // if we don't have the key cached yet, ask
+        // for it to the general crypto callbacks and cache it
+        if (this._delegateCryptoCallbacks) {
+            const result = await this._delegateCryptoCallbacks.
+                getSecretStorageKey({ keys }, name);
+            if (result) {
+                const [keyId, privateKey] = result;
+                this._privateKeys.set(keyId, privateKey);
+            }
+            return result;
+        }
+    }
+
+    addPrivateKey(keyId, keyInfo, privKey) {
+        this._privateKeys.set(keyId, privKey);
+        // Also pass along to application to cache if it wishes
+        if (
+            this._delegateCryptoCallbacks &&
+            this._delegateCryptoCallbacks.cacheSecretStorageKey
+        ) {
+            this._delegateCryptoCallbacks.cacheSecretStorageKey(keyId, keyInfo, privKey);
+        }
+    }
+}
@@ -16,8 +16,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../logger';
-import {IndexedDBCryptoStore} from './store/indexeddb-crypto-store';
+import { logger } from '../logger';
+import { IndexedDBCryptoStore } from './store/indexeddb-crypto-store';
 import * as algorithms from './algorithms';

 // The maximum size of an event is 65K, and we base64 the content, so this is a
@@ -48,7 +48,6 @@ function checkPayloadLength(payloadString) {
    }
 }

-
 /**
 * The type of object we use for importing and exporting megolm session data.
 *
@@ -62,7 +61,6 @@ function checkPayloadLength(payloadString) {
 * @property {String} session_key Base64'ed key data
 */

-
 /**
 * Manages the olm cryptography functions. Each OlmDevice has a single
 * OlmAccount and a number of OlmSessions.
@@ -144,7 +142,7 @@ OlmDevice.prototype.init = async function(opts = {}) {
    try {
        if (fromExportedDevice) {
            if (pickleKey) {
-                console.warn(
+                logger.warn(
                    'ignoring opts.pickleKey'
                    + ' because opts.fromExportedDevice is present.',
                );
@@ -350,7 +348,7 @@ OlmDevice.prototype._unpickleSession = function(sessionInfo, func) {
    const session = new global.Olm.Session();
    try {
        session.unpickle(this._pickleKey, sessionInfo.session);
-        const unpickledSessInfo = Object.assign({}, sessionInfo, {session});
+        const unpickledSessInfo = Object.assign({}, sessionInfo, { session });

        func(unpickledSessInfo);
    } finally {
@@ -376,7 +374,6 @@ OlmDevice.prototype._saveSession = function(deviceKey, sessionInfo, txn) {
    );
 };

-
 /**
 * get an OlmUtility and call the given function
 *
@@ -393,7 +390,6 @@ OlmDevice.prototype._getUtility = function(func) {
    }
 };

-
 /**
 * Signs a message with the ed25519 key for this account.
 *
@@ -434,7 +430,6 @@ OlmDevice.prototype.getOneTimeKeys = async function() {
    return result;
 };

-
 /**
 * Get the maximum number of one-time keys we can store.
 *
@@ -477,6 +472,36 @@ OlmDevice.prototype.generateOneTimeKeys = function(numKeys) {
    );
 };

+/**
+ * Generate a new fallback keys
+ *
+ * @return {Promise} Resolved once the account is saved back having generated the key
+ */
+OlmDevice.prototype.generateFallbackKey = async function() {
+    await this._cryptoStore.doTxn(
+        'readwrite', [IndexedDBCryptoStore.STORE_ACCOUNT],
+        (txn) => {
+            this._getAccount(txn, (account) => {
+                account.generate_fallback_key();
+                this._storeAccount(txn, account);
+            });
+        },
+    );
+};
+
+OlmDevice.prototype.getFallbackKey = async function() {
+    let result;
+    await this._cryptoStore.doTxn(
+        'readonly', [IndexedDBCryptoStore.STORE_ACCOUNT],
+        (txn) => {
+            this._getAccount(txn, (account) => {
+                result = JSON.parse(account.fallback_key());
+            });
+        },
+    );
+    return result;
+};
+
 /**
 * Generate a new outbound session
 *
@@ -515,11 +540,11 @@ OlmDevice.prototype.createOutboundSession = async function(
                }
            });
        },
+        logger.withPrefix("[createOutboundSession]"),
    );
    return newSessionId;
 };

-
 /**
 * Generate a new inbound session, given an incoming message
 *
@@ -575,12 +600,12 @@ OlmDevice.prototype.createInboundSession = async function(
                }
            });
        },
+        logger.withPrefix("[createInboundSession]"),
    );

    return result;
 };

-
 /**
 * Get a list of known session IDs for the given device
 *
@@ -589,8 +614,10 @@ OlmDevice.prototype.createInboundSession = async function(
 * @return {Promise<string[]>}  a list of known session ids for the device
 */
 OlmDevice.prototype.getSessionIdsForDevice = async function(theirDeviceIdentityKey) {
+    const log = logger.withPrefix("[getSessionIdsForDevice]");
+
    if (this._sessionsInProgress[theirDeviceIdentityKey]) {
-        logger.log("waiting for olm session to be created");
+        log.debug(`Waiting for Olm session for ${theirDeviceIdentityKey} to be created`);
        try {
            await this._sessionsInProgress[theirDeviceIdentityKey];
        } catch (e) {
@@ -608,6 +635,7 @@ OlmDevice.prototype.getSessionIdsForDevice = async function(theirDeviceIdentityK
                },
            );
        },
+        log,
    );

    return sessionIds;
@@ -621,13 +649,14 @@ OlmDevice.prototype.getSessionIdsForDevice = async function(theirDeviceIdentityK
 * @param {boolean} nowait Don't wait for an in-progress session to complete.
 *     This should only be set to true of the calling function is the function
 *     that marked the session as being in-progress.
+ * @param {Logger} [log] A possibly customised log
 * @return {Promise<?string>}  session id, or null if no established session
 */
 OlmDevice.prototype.getSessionIdForDevice = async function(
-    theirDeviceIdentityKey, nowait,
+    theirDeviceIdentityKey, nowait, log,
 ) {
    const sessionInfos = await this.getSessionInfoForDevice(
-        theirDeviceIdentityKey, nowait,
+        theirDeviceIdentityKey, nowait, log,
    );

    if (sessionInfos.length === 0) {
@@ -667,11 +696,16 @@ OlmDevice.prototype.getSessionIdForDevice = async function(
 * @param {boolean} nowait Don't wait for an in-progress session to complete.
 *     This should only be set to true of the calling function is the function
 *     that marked the session as being in-progress.
+ * @param {Logger} [log] A possibly customised log
 * @return {Array.<{sessionId: string, hasReceivedMessage: Boolean}>}
 */
-OlmDevice.prototype.getSessionInfoForDevice = async function(deviceIdentityKey, nowait) {
+OlmDevice.prototype.getSessionInfoForDevice = async function(
+    deviceIdentityKey, nowait, log = logger,
+) {
+    log = log.withPrefix("[getSessionInfoForDevice]");
+
    if (this._sessionsInProgress[deviceIdentityKey] && !nowait) {
-        logger.log("waiting for olm session to be created");
+        log.debug(`Waiting for Olm session for ${deviceIdentityKey} to be created`);
        try {
            await this._sessionsInProgress[deviceIdentityKey];
        } catch (e) {
@@ -697,6 +731,7 @@ OlmDevice.prototype.getSessionInfoForDevice = async function(deviceIdentityKey,
                }
            });
        },
+        log,
    );

    return info;
@@ -731,6 +766,7 @@ OlmDevice.prototype.encryptMessage = async function(
                this._saveSession(theirDeviceIdentityKey, sessionInfo, txn);
            });
        },
+        logger.withPrefix("[encryptMessage]"),
    );
    return res;
 };
@@ -764,6 +800,7 @@ OlmDevice.prototype.decryptMessage = async function(
                this._saveSession(theirDeviceIdentityKey, sessionInfo, txn);
            });
        },
+        logger.withPrefix("[decryptMessage]"),
    );
    return payloadString;
 };
@@ -795,6 +832,7 @@ OlmDevice.prototype.matchesSession = async function(
                matches = sessionInfo.session.matches_inbound(ciphertext);
            });
        },
+        logger.withPrefix("[matchesSession]"),
    );
    return matches;
 };
@@ -811,7 +849,6 @@ OlmDevice.prototype.filterOutNotifiedErrorDevices = async function(devices) {
    return await this._cryptoStore.filterOutNotifiedErrorDevices(devices);
 };

-
 // Outbound group session
 // ======================

@@ -826,7 +863,6 @@ OlmDevice.prototype._saveOutboundGroupSession = function(session) {
    this._outboundGroupSessionStore[session.session_id()] = pickledSession;
 };

-
 /**
 * extract an OutboundGroupSession from _outboundGroupSessionStore and call the
 * given function
@@ -851,7 +887,6 @@ OlmDevice.prototype._getOutboundGroupSession = function(sessionId, func) {
    }
 };

-
 /**
 * Generate a new outbound group session
 *
@@ -868,7 +903,6 @@ OlmDevice.prototype.createOutboundGroupSession = function() {
    }
 };

-
 /**
 * Encrypt an outgoing message with an outbound group session
 *
@@ -908,7 +942,6 @@ OlmDevice.prototype.getOutboundGroupSessionKey = function(sessionId) {
    });
 };

-
 // Inbound group session
 // =====================

@@ -992,16 +1025,18 @@ OlmDevice.prototype._getInboundGroupSession = function(
 * @param {Object<string, string>} keysClaimed Other keys the sender claims.
 * @param {boolean} exportFormat true if the megolm keys are in export format
 *    (ie, they lack an ed25519 signature)
+ * @param {Object} [extraSessionData={}] any other data to be include with the session
 */
 OlmDevice.prototype.addInboundGroupSession = async function(
    roomId, senderKey, forwardingCurve25519KeyChain,
    sessionId, sessionKey, keysClaimed,
-    exportFormat,
+    exportFormat, extraSessionData = {},
 ) {
    await this._cryptoStore.doTxn(
        'readwrite', [
            IndexedDBCryptoStore.STORE_INBOUND_GROUP_SESSIONS,
            IndexedDBCryptoStore.STORE_INBOUND_GROUP_SESSIONS_WITHHELD,
+            IndexedDBCryptoStore.STORE_SHARED_HISTORY_INBOUND_GROUP_SESSIONS,
        ], (txn) => {
            /* if we already have this session, consider updating it */
            this._getInboundGroupSession(
@@ -1028,9 +1063,14 @@ OlmDevice.prototype.addInboundGroupSession = async function(
                                    + senderKey + "/" + sessionId,
                            );
                            if (existingSession.first_known_index()
-                                <= session.first_known_index()) {
+                                <= session.first_known_index()
+                                && !(existingSession.first_known_index() == session.first_known_index()
+                                    && !extraSessionData.untrusted
+                                    && existingSessionData.untrusted)) {
                                // existing session has lower index (i.e. can
-                                // decrypt more), so keep it
+                                // decrypt more), or they have the same index and
+                                // the new sessions trust does not win over the old
+                                // sessions trust, so keep it
                                logger.log(
                                    `Keeping existing megolm session ${sessionId}`,
                                );
@@ -1043,22 +1083,29 @@ OlmDevice.prototype.addInboundGroupSession = async function(
                            " with first index " + session.first_known_index(),
                        );

-                        const sessionData = {
+                        const sessionData = Object.assign({}, extraSessionData, {
                            room_id: roomId,
                            session: session.pickle(this._pickleKey),
                            keysClaimed: keysClaimed,
                            forwardingCurve25519KeyChain: forwardingCurve25519KeyChain,
-                        };
+                        });

                        this._cryptoStore.storeEndToEndInboundGroupSession(
                            senderKey, sessionId, sessionData, txn,
                        );
+
+                        if (!existingSession && extraSessionData.sharedHistory) {
+                            this._cryptoStore.addSharedHistoryInboundGroupSession(
+                                roomId, senderKey, sessionId, txn,
+                            );
+                        }
                    } finally {
                        session.free();
                    }
                },
            );
        },
+        logger.withPrefix("[addInboundGroupSession]"),
    );
 };

@@ -1224,10 +1271,12 @@ OlmDevice.prototype.decryptGroupMessage = async function(
                        forwardingCurve25519KeyChain: (
                            sessionData.forwardingCurve25519KeyChain || []
                        ),
+                        untrusted: sessionData.untrusted,
                    };
                },
            );
        },
+        logger.withPrefix("[decryptGroupMessage]"),
    );

    if (error) {
@@ -1273,6 +1322,7 @@ OlmDevice.prototype.hasInboundSessionKeys = async function(roomId, senderKey, se
                },
            );
        },
+        logger.withPrefix("[hasInboundSessionKeys]"),
    );

    return result;
@@ -1328,10 +1378,12 @@ OlmDevice.prototype.getInboundGroupSessionKey = async function(
                        "forwarding_curve25519_key_chain":
                            sessionData.forwardingCurve25519KeyChain || [],
                        "sender_claimed_ed25519_key": senderEd25519Key,
+                        "shared_history": sessionData.sharedHistory || false,
                    };
                },
            );
        },
+        logger.withPrefix("[getInboundGroupSessionKey]"),
    );

    return result;
@@ -1359,10 +1411,24 @@ OlmDevice.prototype.exportInboundGroupSession = function(
            "session_key": session.export_session(messageIndex),
            "forwarding_curve25519_key_chain": session.forwardingCurve25519KeyChain || [],
            "first_known_index": session.first_known_index(),
+            "org.matrix.msc3061.shared_history": sessionData.sharedHistory || false,
        };
    });
 };

+OlmDevice.prototype.getSharedHistoryInboundGroupSessions = async function(roomId) {
+    let result;
+    await this._cryptoStore.doTxn(
+        'readonly', [
+            IndexedDBCryptoStore.STORE_SHARED_HISTORY_INBOUND_GROUP_SESSIONS,
+        ], (txn) => {
+            result = this._cryptoStore.getSharedHistoryInboundGroupSessions(roomId, txn);
+        },
+        logger.withPrefix("[getSharedHistoryInboundGroupSessionsForRoom]"),
+    );
+    return result;
+};
+
 // Utilities
 // =========

@@ -14,8 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../logger';
-import * as utils from '../utils';
+import { logger } from '../logger';

 /**
 * Internal module. Management of outgoing room key requests.
@@ -496,7 +495,7 @@ function stringifyRequestBody(requestBody) {

 function stringifyRecipientList(recipients) {
    return '['
-        + utils.map(recipients, (r) => `${r.userId}:${r.deviceId}`).join(",")
+        + recipients.map((r) => `${r.userId}:${r.deviceId}`).join(",")
        + ']';
 }

@@ -20,7 +20,7 @@ limitations under the License.
 * Manages the list of encrypted rooms
 */

-import {IndexedDBCryptoStore} from './store/indexeddb-crypto-store';
+import { IndexedDBCryptoStore } from './store/indexeddb-crypto-store';

 /**
 * @alias module:crypto/RoomList
@@ -14,12 +14,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {EventEmitter} from 'events';
-import {logger} from '../logger';
+import { EventEmitter } from 'events';
+import { logger } from '../logger';
 import * as olmlib from './olmlib';
-import {randomString} from '../randomstring';
-import {encryptAES, decryptAES} from './aes';
-import {encodeBase64} from "./olmlib";
+import { randomString } from '../randomstring';
+import { encryptAES, decryptAES } from './aes';
+import { encodeBase64 } from "./olmlib";

 export const SECRET_STORAGE_ALGORITHM_V1_AES
    = "m.secret_storage.v1.aes-hmac-sha2";
@@ -81,25 +81,27 @@ export class SecretStorage extends EventEmitter {
     * @param {string} [keyId] the ID of the key.  If not given, a random
     *     ID will be generated.
     *
-     * @return {string} the ID of the key
+     * @return {object} An object with:
+     *     keyId: {string} the ID of the key
+     *     keyInfo: {object} details about the key (iv, mac, passphrase)
     */
    async addKey(algorithm, opts, keyId) {
-        const keyData = {algorithm};
+        const keyInfo = { algorithm };

        if (!opts) opts = {};

        if (opts.name) {
-            keyData.name = opts.name;
+            keyInfo.name = opts.name;
        }

        if (algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
            if (opts.passphrase) {
-                keyData.passphrase = opts.passphrase;
+                keyInfo.passphrase = opts.passphrase;
            }
            if (opts.key) {
-                const {iv, mac} = await SecretStorage._calculateKeyCheck(opts.key);
-                keyData.iv = iv;
-                keyData.mac = mac;
+                const { iv, mac } = await SecretStorage._calculateKeyCheck(opts.key);
+                keyInfo.iv = iv;
+                keyInfo.mac = mac;
            }
        } else {
            throw new Error(`Unknown key algorithm ${opts.algorithm}`);
@@ -116,10 +118,13 @@ export class SecretStorage extends EventEmitter {
        }

        await this._baseApis.setAccountData(
-            `m.secret_storage.key.${keyId}`, keyData,
+            `m.secret_storage.key.${keyId}`, keyInfo,
        );

-        return keyId;
+        return {
+            keyId,
+            keyInfo,
+        };
    }

    /**
@@ -166,7 +171,7 @@ export class SecretStorage extends EventEmitter {
    async checkKey(key, info) {
        if (info.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
            if (info.mac) {
-                const {mac} = await SecretStorage._calculateKeyCheck(key, info.iv);
+                const { mac } = await SecretStorage._calculateKeyCheck(key, info.iv);
                return info.mac.replace(/=+$/g, '') === mac.replace(/=+$/g, '');
            } else {
                // if we have no information, we have to assume the key is right
@@ -215,7 +220,7 @@ export class SecretStorage extends EventEmitter {

            // encrypt secret, based on the algorithm
            if (keyInfo.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
-                const keys = {[keyId]: keyInfo};
+                const keys = { [keyId]: keyInfo };
                const [, encryption] = await this._getSecretStorageKey(keys, name);
                encrypted[keyId] = await encryption.encrypt(secret);
            } else {
@@ -226,7 +231,7 @@ export class SecretStorage extends EventEmitter {
        }

        // save encrypted secret
-        await this._baseApis.setAccountData(name, {encrypted});
+        await this._baseApis.setAccountData(name, { encrypted });
    }

    /**
@@ -247,7 +252,7 @@ export class SecretStorage extends EventEmitter {
        ) {
            const hasKey = await this.hasKey(keys[0]);
            if (hasKey) {
-                console.log("Fixing up passthrough secret: " + name);
+                logger.log("Fixing up passthrough secret: " + name);
                await this.storePassthrough(name, keys[0]);
                const newData = await this._baseApis.getAccountDataFromServer(name);
                return newData;
@@ -292,6 +297,11 @@ export class SecretStorage extends EventEmitter {
            }
        }

+        if (Object.keys(keys).length === 0) {
+            throw new Error(`Could not decrypt ${name} because none of ` +
+                `the keys it is encrypted with are for a supported algorithm`);
+        }
+
        let keyId;
        let decryption;
        try {
@@ -368,6 +378,7 @@ export class SecretStorage extends EventEmitter {
        const requestId = this._baseApis.makeTxnId();

        const requestControl = this._requests[requestId] = {
+            name,
            devices,
        };
        const promise = new Promise((resolve, reject) => {
@@ -451,13 +462,13 @@ export class SecretStorage extends EventEmitter {
            if (!this._cryptoCallbacks.onSecretRequested) {
                return;
            }
-            const secret = await this._cryptoCallbacks.onSecretRequested({
-                user_id: sender,
-                device_id: deviceId,
-                request_id: content.request_id,
-                name: content.name,
-                device_trust: this._baseApis.checkDeviceTrust(sender, deviceId),
-            });
+            const secret = await this._cryptoCallbacks.onSecretRequested(
+                sender,
+                deviceId,
+                content.request_id,
+                content.name,
+                this._baseApis.checkDeviceTrust(sender, deviceId),
+            );
            if (secret) {
                logger.info(`Preparing ${content.name} secret for ${deviceId}`);
                const payload = {
@@ -531,6 +542,10 @@ export class SecretStorage extends EventEmitter {
                return;
            }

+            logger.log(
+                `Successfully received secret ${requestControl.name} ` +
+                `from ${deviceInfo.deviceId}`,
+            );
            requestControl.resolve(content.secret);
        }
    }
@@ -14,8 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {getCrypto} from '../utils';
-import {decodeBase64, encodeBase64} from './olmlib';
+import { getCrypto } from '../utils';
+import { decodeBase64, encodeBase64 } from './olmlib';

 const subtleCrypto = (typeof window !== "undefined" && window.crypto) ?
    (window.crypto.subtle || window.crypto.webkitSubtle) : null;
@@ -148,7 +148,7 @@ async function encryptBrowser(data, key, name, ivStr) {
    );

    const hmac = await subtleCrypto.sign(
-        {name: 'HMAC'},
+        { name: 'HMAC' },
        hmacKey,
        ciphertext,
    );
@@ -176,7 +176,7 @@ async function decryptBrowser(data, key, name) {
    const ciphertext = decodeBase64(data.ciphertext);

    if (!await subtleCrypto.verify(
-        {name: "HMAC"},
+        { name: "HMAC" },
        hmacKey,
        decodeBase64(data.mac),
        ciphertext,
@@ -201,7 +201,7 @@ async function deriveKeysBrowser(key, name) {
    const hkdfkey = await subtleCrypto.importKey(
        'raw',
        key,
-        {name: "HKDF"},
+        { name: "HKDF" },
        false,
        ["deriveBits"],
    );
@@ -222,7 +222,7 @@ async function deriveKeysBrowser(key, name) {
    const aesProm = subtleCrypto.importKey(
        'raw',
        aesKey,
-        {name: 'AES-CTR'},
+        { name: 'AES-CTR' },
        false,
        ['encrypt', 'decrypt'],
    );
@@ -232,7 +232,7 @@ async function deriveKeysBrowser(key, name) {
        hmacKey,
        {
            name: 'HMAC',
-            hash: {name: 'SHA-256'},
+            hash: { name: 'SHA-256' },
        },
        false,
        ['sign', 'verify'],
@@ -22,9 +22,9 @@ limitations under the License.
 * @module crypto/algorithms/megolm
 */

-import {logger} from '../../logger';
+import { logger } from '../../logger';
 import * as utils from "../../utils";
-import {polyfillSuper} from "../../utils";
+import { polyfillSuper } from "../../utils";
 import * as olmlib from "../olmlib";
 import {
    DecryptionAlgorithm,
@@ -34,13 +34,29 @@ import {
    UnknownDeviceError,
 } from "./base";

-import {WITHHELD_MESSAGES} from '../OlmDevice';
+import { WITHHELD_MESSAGES } from '../OlmDevice';
+
+// determine whether the key can be shared with invitees
+function isRoomSharedHistory(room) {
+    const visibilityEvent = room.currentState &&
+          room.currentState.getStateEvents("m.room.history_visibility", "");
+    // NOTE: if the room visibility is unset, it would normally default to
+    // "world_readable".
+    // (https://spec.matrix.org/unstable/client-server-api/#server-behaviour-5)
+    // But we will be paranoid here, and treat it as a situation where the room
+    // is not shared-history
+    const visibility = visibilityEvent && visibilityEvent.getContent() &&
+          visibilityEvent.getContent().history_visibility;
+    return ["world_readable", "shared"].includes(visibility);
+}

 /**
 * @private
 * @constructor
 *
 * @param {string} sessionId
+ * @param {boolean} sharedHistory whether the session can be freely shared with
+ *    other group members, according to the room history visibility settings
 *
 * @property {string} sessionId
 * @property {Number} useCount     number of times this session has been used
@@ -50,15 +66,15 @@ import {WITHHELD_MESSAGES} from '../OlmDevice';
 *    devices with which we have shared the session key
 *        userId -> {deviceId -> msgindex}
 */
-function OutboundSessionInfo(sessionId) {
+function OutboundSessionInfo(sessionId, sharedHistory = false) {
    this.sessionId = sessionId;
    this.useCount = 0;
    this.creationTime = new Date().getTime();
    this.sharedWithDevices = {};
    this.blockedDevicesNotified = {};
+    this.sharedHistory = sharedHistory;
 }

-
 /**
 * Check if it's time to rotate the session
 *
@@ -141,7 +157,6 @@ OutboundSessionInfo.prototype.sharedWithTooManyDevices = function(
    }
 };

-
 /**
 * Megolm encryption implementation
 *
@@ -183,6 +198,7 @@ utils.inherits(MegolmEncryption, EncryptionAlgorithm);
 /**
 * @private
 *
+ * @param {module:models/room} room
 * @param {Object} devicesInRoom The devices in this room, indexed by user ID
 * @param {Object} blocked The devices that are blocked, indexed by user ID
 * @param {boolean} [singleOlmCreationPhase] Only perform one round of olm
@@ -192,7 +208,7 @@ utils.inherits(MegolmEncryption, EncryptionAlgorithm);
 *    OutboundSessionInfo when setup is complete.
 */
 MegolmEncryption.prototype._ensureOutboundSession = async function(
-    devicesInRoom, blocked, singleOlmCreationPhase,
+    room, devicesInRoom, blocked, singleOlmCreationPhase,
 ) {
    let session;

@@ -204,6 +220,13 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
    const prepareSession = async (oldSession) => {
        session = oldSession;

+        const sharedHistory = isRoomSharedHistory(room);
+
+        // history visibility changed
+        if (session && sharedHistory !== session.sharedHistory) {
+            session = null;
+        }
+
        // need to make a brand new session?
        if (session && session.needsRotation(this._sessionRotationPeriodMsgs,
                                             this._sessionRotationPeriodMs)
@@ -219,7 +242,7 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(

        if (!session) {
            logger.log(`Starting new megolm session for room ${this._roomId}`);
-            session = await this._prepareNewSession();
+            session = await this._prepareNewSession(sharedHistory);
            logger.log(`Started new megolm session ${session.sessionId} ` +
                       `for room ${this._roomId}`);
            this._outboundSessions[session.sessionId] = session;
@@ -250,11 +273,12 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
        const payload = {
            type: "m.room_key",
            content: {
-                algorithm: olmlib.MEGOLM_ALGORITHM,
-                room_id: this._roomId,
-                session_id: session.sessionId,
-                session_key: key.key,
-                chain_index: key.chain_index,
+                "algorithm": olmlib.MEGOLM_ALGORITHM,
+                "room_id": this._roomId,
+                "session_id": session.sessionId,
+                "session_key": key.key,
+                "chain_index": key.chain_index,
+                "org.matrix.msc3061.shared_history": sharedHistory,
            },
        };
        const [devicesWithoutSession, olmSessions] = await olmlib.getExistingOlmSessions(
@@ -264,11 +288,14 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
        await Promise.all([
            (async () => {
                // share keys with devices that we already have a session for
+                logger.debug(`Sharing keys with existing Olm sessions in ${this._roomId}`);
                await this._shareKeyWithOlmSessions(
                    session, key, payload, olmSessions,
                );
+                logger.debug(`Shared keys with existing Olm sessions in ${this._roomId}`);
            })(),
            (async () => {
+                logger.debug(`Sharing keys (start phase 1) with new Olm sessions in ${this._roomId}`);
                const errorDevices = [];

                // meanwhile, establish olm sessions for devices that we don't
@@ -282,6 +309,7 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
                    session, key, payload, devicesWithoutSession, errorDevices,
                    singleOlmCreationPhase ? 10000 : 2000, failedServers,
                );
+                logger.debug(`Shared keys (end phase 1) with new Olm sessions in ${this._roomId}`);

                if (!singleOlmCreationPhase && (Date.now() - start < 10000)) {
                    // perform the second phase of olm session creation if requested,
@@ -298,7 +326,7 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
                            failedServerMap.add(server);
                        }
                        const failedDevices = [];
-                        for (const {userId, deviceInfo} of errorDevices) {
+                        for (const { userId, deviceInfo } of errorDevices) {
                            const userHS = userId.slice(userId.indexOf(":") + 1);
                            if (failedServerMap.has(userHS)) {
                                retryDevices[userId] = retryDevices[userId] || [];
@@ -306,23 +334,28 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
                            } else {
                                // if we aren't going to retry, then handle it
                                // as a failed device
-                                failedDevices.push({userId, deviceInfo});
+                                failedDevices.push({ userId, deviceInfo });
                            }
                        }

+                        logger.debug(`Sharing keys (start phase 2) with new Olm sessions in ${this._roomId}`);
                        await this._shareKeyWithDevices(
                            session, key, payload, retryDevices, failedDevices, 30000,
                        );
+                        logger.debug(`Shared keys (end phase 2) with new Olm sessions in ${this._roomId}`);

                        await this._notifyFailedOlmDevices(session, key, failedDevices);
                    })();
                } else {
                    await this._notifyFailedOlmDevices(session, key, errorDevices);
                }
+                logger.debug(`Shared keys (all phases done) with new Olm sessions in ${this._roomId}`);
            })(),
            (async () => {
+                logger.debug(`Notifying blocked devices in ${this._roomId}`);
                // also, notify blocked devices that they're blocked
                const blockedMap = {};
+                let blockedCount = 0;
                for (const [userId, userBlockedDevices] of Object.entries(blocked)) {
                    for (const [deviceId, device] of Object.entries(userBlockedDevices)) {
                        if (
@@ -330,12 +363,14 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
                            session.blockedDevicesNotified[userId][deviceId] === undefined
                        ) {
                            blockedMap[userId] = blockedMap[userId] || {};
-                            blockedMap[userId][deviceId] = {device};
+                            blockedMap[userId][deviceId] = { device };
+                            blockedCount++;
                        }
                    }
                }

                await this._notifyBlockedDevices(session, blockedMap);
+                logger.debug(`Notified ${blockedCount} blocked devices in ${this._roomId}`);
            })(),
        ]);
    };
@@ -348,6 +383,11 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
    // first wait for the previous share to complete
    const prom = this._setupPromise.then(prepareSession);

+    // Ensure any failures are logged for debugging
+    prom.catch(e => {
+        logger.error(`Failed to ensure outbound session in ${this._roomId}`, e);
+    });
+
    // _setupPromise resolves to `session` whether or not the share succeeds
    this._setupPromise = prom.then(returnSession, returnSession);

@@ -358,30 +398,27 @@ MegolmEncryption.prototype._ensureOutboundSession = async function(
 /**
 * @private
 *
+ * @param {boolean} sharedHistory
+ *
 * @return {module:crypto/algorithms/megolm.OutboundSessionInfo} session
 */
-MegolmEncryption.prototype._prepareNewSession = async function() {
+MegolmEncryption.prototype._prepareNewSession = async function(sharedHistory) {
    const sessionId = this._olmDevice.createOutboundGroupSession();
    const key = this._olmDevice.getOutboundGroupSessionKey(sessionId);

    await this._olmDevice.addInboundGroupSession(
        this._roomId, this._olmDevice.deviceCurve25519Key, [], sessionId,
-        key.key, {ed25519: this._olmDevice.deviceEd25519Key},
+        key.key, { ed25519: this._olmDevice.deviceEd25519Key }, false,
+        { sharedHistory: sharedHistory },
    );

-    if (this._crypto.backupInfo) {
-        // don't wait for it to complete
-        this._crypto.backupGroupSession(
-            this._roomId, this._olmDevice.deviceCurve25519Key, [],
-            sessionId, key.key,
-        ).catch((e) => {
-            // This throws if the upload failed, but this is fine
-            // since it will have written it to the db and will retry.
-            logger.log("Failed to back up megolm session", e);
-        });
-    }
+    // don't wait for it to complete
+    this._crypto.backupGroupSession(
+        this._roomId, this._olmDevice.deviceCurve25519Key, [],
+        sessionId, key.key,
+    );

-    return new OutboundSessionInfo(sessionId);
+    return new OutboundSessionInfo(sessionId, sharedHistory);
 };

 /**
@@ -415,7 +452,7 @@ MegolmEncryption.prototype._getDevicesWithoutSessions = function(
                // no session with this device, probably because there
                // were no one-time keys.

-                noOlmDevices.push({userId, deviceInfo});
+                noOlmDevices.push({ userId, deviceInfo });
                delete sessionResults[deviceId];

                // ensureOlmSessionsForUsers has already done the logging,
@@ -662,14 +699,15 @@ MegolmEncryption.prototype.reshareKeyWithDevice = async function(
    const payload = {
        type: "m.forwarded_room_key",
        content: {
-            algorithm: olmlib.MEGOLM_ALGORITHM,
-            room_id: this._roomId,
-            session_id: sessionId,
-            session_key: key.key,
-            chain_index: key.chain_index,
-            sender_key: senderKey,
-            sender_claimed_ed25519_key: key.sender_claimed_ed25519_key,
-            forwarding_curve25519_key_chain: key.forwarding_curve25519_key_chain,
+            "algorithm": olmlib.MEGOLM_ALGORITHM,
+            "room_id": this._roomId,
+            "session_id": sessionId,
+            "session_key": key.key,
+            "chain_index": key.chain_index,
+            "sender_key": senderKey,
+            "sender_claimed_ed25519_key": key.sender_claimed_ed25519_key,
+            "forwarding_curve25519_key_chain": key.forwarding_curve25519_key_chain,
+            "org.matrix.msc3061.shared_history": key.shared_history || false,
        },
    };

@@ -723,13 +761,18 @@ MegolmEncryption.prototype.reshareKeyWithDevice = async function(
 MegolmEncryption.prototype._shareKeyWithDevices = async function(
    session, key, payload, devicesByUser, errorDevices, otkTimeout, failedServers,
 ) {
+    logger.debug(`Ensuring Olm sessions for devices in ${this._roomId}`);
    const devicemap = await olmlib.ensureOlmSessionsForDevices(
        this._olmDevice, this._baseApis, devicesByUser, otkTimeout, failedServers,
+        logger.withPrefix(`[${this._roomId}]`),
    );
+    logger.debug(`Ensured Olm sessions for devices in ${this._roomId}`);

    this._getDevicesWithoutSessions(devicemap, devicesByUser, errorDevices);

+    logger.debug(`Sharing keys with Olm sessions in ${this._roomId}`);
    await this._shareKeyWithOlmSessions(session, key, payload, devicemap);
+    logger.debug(`Shared keys with Olm sessions in ${this._roomId}`);
 };

 MegolmEncryption.prototype._shareKeyWithOlmSessions = async function(
@@ -738,16 +781,17 @@ MegolmEncryption.prototype._shareKeyWithOlmSessions = async function(
    const userDeviceMaps = this._splitDevices(devicemap);

    for (let i = 0; i < userDeviceMaps.length; i++) {
+        const taskDetail =
+            `megolm keys for ${session.sessionId} ` +
+            `in ${this._roomId} (slice ${i + 1}/${userDeviceMaps.length})`;
        try {
+            logger.debug(`Sharing ${taskDetail}`);
            await this._encryptAndSendKeysToDevices(
                session, key.chain_index, userDeviceMaps[i], payload,
            );
-            logger.log(`Completed megolm keyshare for ${session.sessionId} `
-                + `in ${this._roomId} (slice ${i + 1}/${userDeviceMaps.length})`);
+            logger.debug(`Shared ${taskDetail}`);
        } catch (e) {
-            logger.log(`megolm keyshare for ${session.sessionId} in ${this._roomId} `
-                + `(slice ${i + 1}/${userDeviceMaps.length}) failed`);
-
+            logger.error(`Failed to share ${taskDetail}`);
            throw e;
        }
    }
@@ -766,9 +810,14 @@ MegolmEncryption.prototype._shareKeyWithOlmSessions = async function(
 MegolmEncryption.prototype._notifyFailedOlmDevices = async function(
    session, key, failedDevices,
 ) {
+    logger.debug(
+        `Notifying ${failedDevices.length} devices we failed to ` +
+        `create Olm sessions in ${this._roomId}`,
+    );
+
    // mark the devices that failed as "handled" because we don't want to try
    // to claim a one-time-key for dead devices on every message.
-    for (const {userId, deviceInfo} of failedDevices) {
+    for (const { userId, deviceInfo } of failedDevices) {
        const deviceId = deviceInfo.deviceId;

        session.markSharedWithDevice(
@@ -780,8 +829,12 @@ MegolmEncryption.prototype._notifyFailedOlmDevices = async function(
          await this._olmDevice.filterOutNotifiedErrorDevices(
              failedDevices,
          );
+    logger.debug(
+        `Filtered down to ${filteredFailedDevices.length} error devices ` +
+        `in ${this._roomId}`,
+    );
    const blockedMap = {};
-    for (const {userId, deviceInfo} of filteredFailedDevices) {
+    for (const { userId, deviceInfo } of filteredFailedDevices) {
        blockedMap[userId] = blockedMap[userId] || {};
        // we use a similar format to what
        // olmlib.ensureOlmSessionsForDevices returns, so that
@@ -797,6 +850,10 @@ MegolmEncryption.prototype._notifyFailedOlmDevices = async function(

    // send the notifications
    await this._notifyBlockedDevices(session, blockedMap);
+    logger.debug(
+        `Notified ${filteredFailedDevices.length} devices we failed to ` +
+        `create Olm sessions in ${this._roomId}`,
+    );
 };

 /**
@@ -846,24 +903,41 @@ MegolmEncryption.prototype.prepareToEncrypt = function(room) {
        // We're already preparing something, so don't do anything else.
        // FIXME: check if we need to restart
        // (https://github.com/matrix-org/matrix-js-sdk/issues/1255)
+        const elapsedTime = Date.now() - this.encryptionPreparationMetadata.startTime;
+        logger.debug(
+            `Already started preparing to encrypt for ${this._roomId} ` +
+            `${elapsedTime} ms ago, skipping`,
+        );
        return;
    }

    logger.debug(`Preparing to encrypt events for ${this._roomId}`);

+    this.encryptionPreparationMetadata = {
+        startTime: Date.now(),
+    };
    this.encryptionPreparation = (async () => {
-        const [devicesInRoom, blocked] = await this._getDevicesInRoom(room);
+        try {
+            logger.debug(`Getting devices in ${this._roomId}`);
+            const [devicesInRoom, blocked] = await this._getDevicesInRoom(room);

-        if (this._crypto.getGlobalErrorOnUnknownDevices()) {
-            // Drop unknown devices for now.  When the message gets sent, we'll
-            // throw an error, but we'll still be prepared to send to the known
-            // devices.
-            this._removeUnknownDevices(devicesInRoom);
+            if (this._crypto.getGlobalErrorOnUnknownDevices()) {
+                // Drop unknown devices for now.  When the message gets sent, we'll
+                // throw an error, but we'll still be prepared to send to the known
+                // devices.
+                this._removeUnknownDevices(devicesInRoom);
+            }
+
+            logger.debug(`Ensuring outbound session in ${this._roomId}`);
+            await this._ensureOutboundSession(room, devicesInRoom, blocked, true);
+
+            logger.debug(`Ready to encrypt events for ${this._roomId}`);
+        } catch (e) {
+            logger.error(`Failed to prepare to encrypt events for ${this._roomId}`, e);
+        } finally {
+            delete this.encryptionPreparationMetadata;
+            delete this.encryptionPreparation;
        }
-
-        await this._ensureOutboundSession(devicesInRoom, blocked, true);
-
-        delete this.encryptionPreparation;
    })();
 };

@@ -899,7 +973,7 @@ MegolmEncryption.prototype.encryptMessage = async function(room, eventType, cont
        this._checkForUnknownDevices(devicesInRoom);
    }

-    const session = await this._ensureOutboundSession(devicesInRoom, blocked);
+    const session = await this._ensureOutboundSession(room, devicesInRoom, blocked);
    const payloadJson = {
        room_id: this._roomId,
        type: eventType,
@@ -1000,7 +1074,7 @@ MegolmEncryption.prototype._removeUnknownDevices = function(devicesInRoom) {
 */
 MegolmEncryption.prototype._getDevicesInRoom = async function(room) {
    const members = await room.getEncryptionTargetMembers();
-    const roomMembers = utils.map(members, function(u) {
+    const roomMembers = members.map(function(u) {
        return u.userId;
    });

@@ -1015,7 +1089,7 @@ MegolmEncryption.prototype._getDevicesInRoom = async function(room) {
    // with them, which means that they will have announced any new devices via
    // device_lists in their /sync response.  This cache should then be maintained
    // using all the device_lists changes and left fields.
-    // See https://github.com/vector-im/riot-web/issues/2305 for details.
+    // See https://github.com/vector-im/element-web/issues/2305 for details.
    const devices = await this._crypto.downloadKeys(roomMembers, false);
    const blocked = {};
    // remove any blocked devices
@@ -1109,7 +1183,7 @@ MegolmDecryption.prototype.decryptEvent = async function(event) {
    //
    // then, if the key turns up while decryption is in progress (and
    // decryption fails), we will schedule a retry.
-    // (fixes https://github.com/vector-im/riot-web/issues/5001)
+    // (fixes https://github.com/vector-im/element-web/issues/5001)
    this._addEventToPendingList(event);

    let res;
@@ -1201,6 +1275,7 @@ MegolmDecryption.prototype.decryptEvent = async function(event) {
        senderCurve25519Key: res.senderKey,
        claimedEd25519Key: res.keysClaimed.ed25519,
        forwardingCurve25519KeyChain: res.forwardingCurve25519KeyChain,
+        untrusted: res.untrusted,
    };
 };

@@ -1264,7 +1339,6 @@ MegolmDecryption.prototype._removeEventFromPendingList = function(event) {
    }
 };

-
 /**
 * @inheritdoc
 *
@@ -1294,7 +1368,7 @@ MegolmDecryption.prototype.onRoomKeyEvent = function(event) {
    if (event.getType() == "m.forwarded_room_key") {
        exportFormat = true;
        forwardingKeyChain = content.forwarding_curve25519_key_chain;
-        if (!utils.isArray(forwardingKeyChain)) {
+        if (!Array.isArray(forwardingKeyChain)) {
            forwardingKeyChain = [];
        }

@@ -1323,10 +1397,14 @@ MegolmDecryption.prototype.onRoomKeyEvent = function(event) {
        keysClaimed = event.getKeysClaimed();
    }

+    const extraSessionData = {};
+    if (content["org.matrix.msc3061.shared_history"]) {
+        extraSessionData.sharedHistory = true;
+    }
    return this._olmDevice.addInboundGroupSession(
        content.room_id, senderKey, forwardingKeyChain, sessionId,
        content.session_key, keysClaimed,
-        exportFormat,
+        exportFormat, extraSessionData,
    ).then(() => {
        // have another go at decrypting events sent with this session.
        this._retryDecryption(senderKey, sessionId)
@@ -1346,18 +1424,12 @@ MegolmDecryption.prototype.onRoomKeyEvent = function(event) {
                }
            });
    }).then(() => {
-        if (this._crypto.backupInfo) {
-            // don't wait for the keys to be backed up for the server
-            this._crypto.backupGroupSession(
-                content.room_id, senderKey, forwardingKeyChain,
-                content.session_id, content.session_key, keysClaimed,
-                exportFormat,
-            ).catch((e) => {
-                // This throws if the upload failed, but this is fine
-                // since it will have written it to the db and will retry.
-                logger.log("Failed to back up megolm session", e);
-            });
-        }
+        // don't wait for the keys to be backed up for the server
+        this._crypto.backupGroupSession(
+            content.room_id, senderKey, forwardingKeyChain,
+            content.session_id, content.session_key, keysClaimed,
+            exportFormat,
+        );
    }).catch((e) => {
        logger.error(`Error handling m.room_key_event: ${e}`);
    });
@@ -1414,7 +1486,7 @@ MegolmDecryption.prototype.onRoomKeyWithheldEvent = async function(event) {
            }
        }
        await olmlib.ensureOlmSessionsForDevices(
-            this._olmDevice, this._baseApis, {[sender]: [device]}, false,
+            this._olmDevice, this._baseApis, { [sender]: [device] }, false,
        );
        const encryptedContent = {
            algorithm: olmlib.OLM_ALGORITHM,
@@ -1428,7 +1500,7 @@ MegolmDecryption.prototype.onRoomKeyWithheldEvent = async function(event) {
            this._olmDevice,
            sender,
            device,
-            {type: "m.dummy"},
+            { type: "m.dummy" },
        );

        await this._olmDevice.recordSessionProblem(senderKey, "no_olm", true);
@@ -1532,14 +1604,15 @@ MegolmDecryption.prototype._buildKeyForwardingMessage = async function(
    return {
        type: "m.forwarded_room_key",
        content: {
-            algorithm: olmlib.MEGOLM_ALGORITHM,
-            room_id: roomId,
-            sender_key: senderKey,
-            sender_claimed_ed25519_key: key.sender_claimed_ed25519_key,
-            session_id: sessionId,
-            session_key: key.key,
-            chain_index: key.chain_index,
-            forwarding_curve25519_key_chain: key.forwarding_curve25519_key_chain,
+            "algorithm": olmlib.MEGOLM_ALGORITHM,
+            "room_id": roomId,
+            "sender_key": senderKey,
+            "sender_claimed_ed25519_key": key.sender_claimed_ed25519_key,
+            "session_id": sessionId,
+            "session_key": key.key,
+            "chain_index": key.chain_index,
+            "forwarding_curve25519_key_chain": key.forwarding_curve25519_key_chain,
+            "org.matrix.msc3061.shared_history": key.shared_history || false,
        },
    };
 };
@@ -1548,8 +1621,18 @@ MegolmDecryption.prototype._buildKeyForwardingMessage = async function(
 * @inheritdoc
 *
 * @param {module:crypto/OlmDevice.MegolmSessionData} session
+ * @param {object} [opts={}] options for the import
+ * @param {boolean} [opts.untrusted] whether the key should be considered as untrusted
+ * @param {string} [opts.source] where the key came from
 */
-MegolmDecryption.prototype.importRoomKey = function(session) {
+MegolmDecryption.prototype.importRoomKey = function(session, opts = {}) {
+    const extraSessionData = {};
+    if (opts.untrusted) {
+        extraSessionData.untrusted = true;
+    }
+    if (session["org.matrix.msc3061.shared_history"]) {
+        extraSessionData.sharedHistory = true;
+    }
    return this._olmDevice.addInboundGroupSession(
        session.room_id,
        session.sender_key,
@@ -1558,8 +1641,9 @@ MegolmDecryption.prototype.importRoomKey = function(session) {
        session.session_key,
        session.sender_claimed_keys,
        true,
+        extraSessionData,
    ).then(() => {
-        if (this._crypto.backupInfo) {
+        if (opts.source !== "backup") {
            // don't wait for it to complete
            this._crypto.backupGroupSession(
                session.room_id,
@@ -1605,7 +1689,7 @@ MegolmDecryption.prototype._retryDecryption = async function(senderKey, sessionI

    await Promise.all([...pending].map(async (ev) => {
        try {
-            await ev.attemptDecryption(this._crypto, true);
+            await ev.attemptDecryption(this._crypto, { isRetry: true });
        } catch (e) {
            // don't die if something goes wrong
        }
@@ -1636,6 +1720,80 @@ MegolmDecryption.prototype.retryDecryptionFromSender = async function(senderKey)
    return !this._pendingEvents[senderKey];
 };

+MegolmDecryption.prototype.sendSharedHistoryInboundSessions = async function(devicesByUser) {
+    await olmlib.ensureOlmSessionsForDevices(
+        this._olmDevice, this._baseApis, devicesByUser,
+    );
+
+    logger.log("sendSharedHistoryInboundSessions to users", Object.keys(devicesByUser));
+
+    const sharedHistorySessions =
+          await this._olmDevice.getSharedHistoryInboundGroupSessions(
+              this._roomId,
+          );
+    logger.log("shared-history sessions", sharedHistorySessions);
+    for (const [senderKey, sessionId] of sharedHistorySessions) {
+        const payload = await this._buildKeyForwardingMessage(
+            this._roomId, senderKey, sessionId,
+        );
+
+        const promises = [];
+        const contentMap = {};
+        for (const [userId, devices] of Object.entries(devicesByUser)) {
+            contentMap[userId] = {};
+            for (const deviceInfo of devices) {
+                const encryptedContent = {
+                    algorithm: olmlib.OLM_ALGORITHM,
+                    sender_key: this._olmDevice.deviceCurve25519Key,
+                    ciphertext: {},
+                };
+                contentMap[userId][deviceInfo.deviceId] = encryptedContent;
+                promises.push(
+                    olmlib.encryptMessageForDevice(
+                        encryptedContent.ciphertext,
+                        this._userId,
+                        this._deviceId,
+                        this._olmDevice,
+                        userId,
+                        deviceInfo,
+                        payload,
+                    ),
+                );
+            }
+        }
+        await Promise.all(promises);
+
+        // prune out any devices that encryptMessageForDevice could not encrypt for,
+        // in which case it will have just not added anything to the ciphertext object.
+        // There's no point sending messages to devices if we couldn't encrypt to them,
+        // since that's effectively a blank message.
+        for (const userId of Object.keys(contentMap)) {
+            for (const deviceId of Object.keys(contentMap[userId])) {
+                if (Object.keys(contentMap[userId][deviceId].ciphertext).length === 0) {
+                    logger.log(
+                        "No ciphertext for device " +
+                            userId + ":" + deviceId + ": pruning",
+                    );
+                    delete contentMap[userId][deviceId];
+                }
+            }
+            // No devices left for that user? Strip that too.
+            if (Object.keys(contentMap[userId]).length === 0) {
+                logger.log("Pruned all devices for user " + userId);
+                delete contentMap[userId];
+            }
+        }
+
+        // Is there anything left?
+        if (Object.keys(contentMap).length === 0) {
+            logger.log("No users left to send to: aborting");
+            return;
+        }
+
+        await this._baseApis.sendToDevice("m.room.encrypted", contentMap);
+    }
+};
+
 registerAlgorithm(
    olmlib.MEGOLM_ALGORITHM, MegolmEncryption, MegolmDecryption,
 );
@@ -20,11 +20,11 @@ limitations under the License.
 * @module crypto/algorithms/olm
 */

-import {logger} from '../../logger';
+import { logger } from '../../logger';
 import * as utils from "../../utils";
-import {polyfillSuper} from "../../utils";
+import { polyfillSuper } from "../../utils";
 import * as olmlib from "../olmlib";
-import {DeviceInfo} from "../deviceinfo";
+import { DeviceInfo } from "../deviceinfo";
 import {
    DecryptionAlgorithm,
    DecryptionError,
@@ -95,7 +95,7 @@ OlmEncryption.prototype.encryptMessage = async function(room, eventType, content

    const members = await room.getEncryptionTargetMembers();

-    const users = utils.map(members, function(u) {
+    const users = members.map(function(u) {
        return u.userId;
    });

@@ -358,5 +358,4 @@ OlmDecryption.prototype._reallyDecryptMessage = async function(
    return res.payload;
 };

-
 registerAlgorithm(olmlib.OLM_ALGORITHM, OlmEncryption, OlmDecryption);
@@ -0,0 +1,288 @@
+/*
+Copyright 2020 The Matrix.org Foundation C.I.C.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+import { decodeBase64, encodeBase64 } from './olmlib';
+import { IndexedDBCryptoStore } from '../crypto/store/indexeddb-crypto-store';
+import { decryptAES, encryptAES } from './aes';
+import anotherjson from "another-json";
+import { logger } from '../logger';
+
+// FIXME: these types should eventually go in a different file
+type Signatures = Record<string, Record<string, string>>;
+
+interface DeviceKeys {
+    algorithms: Array<string>;
+    device_id: string; // eslint-disable-line camelcase
+    user_id: string; // eslint-disable-line camelcase
+    keys: Record<string, string>;
+    signatures?: Signatures;
+}
+
+interface OneTimeKey {
+    key: string;
+    fallback?: boolean;
+    signatures?: Signatures;
+}
+
+export const DEHYDRATION_ALGORITHM = "org.matrix.msc2697.v1.olm.libolm_pickle";
+
+const oneweek = 7 * 24 * 60 * 60 * 1000;
+
+export class DehydrationManager {
+    private inProgress = false;
+    private timeoutId: any;
+    private key: Uint8Array;
+    private keyInfo: {[props: string]: any};
+    private deviceDisplayName: string;
+    constructor(private crypto) {
+        this.getDehydrationKeyFromCache();
+    }
+    async getDehydrationKeyFromCache(): Promise<void> {
+        return await this.crypto._cryptoStore.doTxn(
+            'readonly',
+            [IndexedDBCryptoStore.STORE_ACCOUNT],
+            (txn) => {
+                this.crypto._cryptoStore.getSecretStorePrivateKey(
+                    txn,
+                    async (result) => {
+                        if (result) {
+                            const { key, keyInfo, deviceDisplayName, time } = result;
+                            const pickleKey = Buffer.from(this.crypto._olmDevice._pickleKey);
+                            const decrypted = await decryptAES(key, pickleKey, DEHYDRATION_ALGORITHM);
+                            this.key = decodeBase64(decrypted);
+                            this.keyInfo = keyInfo;
+                            this.deviceDisplayName = deviceDisplayName;
+                            const now = Date.now();
+                            const delay = Math.max(1, time + oneweek - now);
+                            this.timeoutId = global.setTimeout(
+                                this.dehydrateDevice.bind(this), delay,
+                            );
+                        }
+                    },
+                    "dehydration",
+                );
+            },
+        );
+    }
+
+    /** set the key, and queue periodic dehydration to the server in the background */
+    async setKeyAndQueueDehydration(
+        key: Uint8Array, keyInfo: {[props: string]: any} = {},
+        deviceDisplayName: string = undefined,
+    ): Promise<void> {
+        const matches = await this.setKey(key, keyInfo, deviceDisplayName);
+        if (!matches) {
+            // start dehydration in the background
+            this.dehydrateDevice();
+        }
+    }
+
+    async setKey(
+        key: Uint8Array, keyInfo: {[props: string]: any} = {},
+        deviceDisplayName: string = undefined,
+    ): Promise<boolean> {
+        if (!key) {
+            // unsetting the key -- cancel any pending dehydration task
+            if (this.timeoutId) {
+                global.clearTimeout(this.timeoutId);
+                this.timeoutId = undefined;
+            }
+            // clear storage
+            await this.crypto._cryptoStore.doTxn(
+                'readwrite',
+                [IndexedDBCryptoStore.STORE_ACCOUNT],
+                (txn) => {
+                    this.crypto._cryptoStore.storeSecretStorePrivateKey(
+                        txn, "dehydration", null,
+                    );
+                },
+            );
+            this.key = undefined;
+            this.keyInfo = undefined;
+            return;
+        }
+
+        // Check to see if it's the same key as before.  If it's different,
+        // dehydrate a new device.  If it's the same, we can keep the same
+        // device.  (Assume that keyInfo and deviceDisplayName will be the
+        // same if the key is the same.)
+        let matches: boolean = this.key && key.length == this.key.length;
+        for (let i = 0; matches && i < key.length; i++) {
+            if (key[i] != this.key[i]) {
+                matches = false;
+            }
+        }
+        if (!matches) {
+            this.key = key;
+            this.keyInfo = keyInfo;
+            this.deviceDisplayName = deviceDisplayName;
+        }
+        return matches;
+    }
+
+    /** returns the device id of the newly created dehydrated device */
+    async dehydrateDevice(): Promise<string> {
+        if (this.inProgress) {
+            logger.log("Dehydration already in progress -- not starting new dehydration");
+            return;
+        }
+        this.inProgress = true;
+        if (this.timeoutId) {
+            global.clearTimeout(this.timeoutId);
+            this.timeoutId = undefined;
+        }
+        try {
+            const pickleKey = Buffer.from(this.crypto._olmDevice._pickleKey);
+
+            // update the crypto store with the timestamp
+            const key = await encryptAES(encodeBase64(this.key), pickleKey, DEHYDRATION_ALGORITHM);
+            await this.crypto._cryptoStore.doTxn(
+                'readwrite',
+                [IndexedDBCryptoStore.STORE_ACCOUNT],
+                (txn) => {
+                    this.crypto._cryptoStore.storeSecretStorePrivateKey(
+                        txn, "dehydration",
+                        {
+                            keyInfo: this.keyInfo,
+                            key,
+                            deviceDisplayName: this.deviceDisplayName,
+                            time: Date.now(),
+                        },
+                    );
+                },
+            );
+            logger.log("Attempting to dehydrate device");
+
+            logger.log("Creating account");
+            // create the account and all the necessary keys
+            const account = new global.Olm.Account();
+            account.create();
+            const e2eKeys = JSON.parse(account.identity_keys());
+
+            const maxKeys = account.max_number_of_one_time_keys();
+            // FIXME: generate in small batches?
+            account.generate_one_time_keys(maxKeys / 2);
+            account.generate_fallback_key();
+            const otks: Record<string, string> = JSON.parse(account.one_time_keys());
+            const fallbacks: Record<string, string> = JSON.parse(account.fallback_key());
+            account.mark_keys_as_published();
+
+            // dehydrate the account and store it on the server
+            const pickledAccount = account.pickle(new Uint8Array(this.key));
+
+            const deviceData: {[props: string]: any} = {
+                algorithm: DEHYDRATION_ALGORITHM,
+                account: pickledAccount,
+            };
+            if (this.keyInfo.passphrase) {
+                deviceData.passphrase = this.keyInfo.passphrase;
+            }
+
+            logger.log("Uploading account to server");
+            const dehydrateResult = await this.crypto._baseApis._http.authedRequest(
+                undefined,
+                "PUT",
+                "/dehydrated_device",
+                undefined,
+                {
+                    device_data: deviceData,
+                    initial_device_display_name: this.deviceDisplayName,
+                },
+                {
+                    prefix: "/_matrix/client/unstable/org.matrix.msc2697.v2",
+                },
+            );
+
+            // send the keys to the server
+            const deviceId = dehydrateResult.device_id;
+            logger.log("Preparing device keys", deviceId);
+            const deviceKeys: DeviceKeys = {
+                algorithms: this.crypto._supportedAlgorithms,
+                device_id: deviceId,
+                user_id: this.crypto._userId,
+                keys: {
+                    [`ed25519:${deviceId}`]: e2eKeys.ed25519,
+                    [`curve25519:${deviceId}`]: e2eKeys.curve25519,
+                },
+            };
+            const deviceSignature = account.sign(anotherjson.stringify(deviceKeys));
+            deviceKeys.signatures = {
+                [this.crypto._userId]: {
+                    [`ed25519:${deviceId}`]: deviceSignature,
+                },
+            };
+            if (this.crypto._crossSigningInfo.getId("self_signing")) {
+                await this.crypto._crossSigningInfo.signObject(deviceKeys, "self_signing");
+            }
+
+            logger.log("Preparing one-time keys");
+            const oneTimeKeys = {};
+            for (const [keyId, key] of Object.entries(otks.curve25519)) {
+                const k: OneTimeKey = { key };
+                const signature = account.sign(anotherjson.stringify(k));
+                k.signatures = {
+                    [this.crypto._userId]: {
+                        [`ed25519:${deviceId}`]: signature,
+                    },
+                };
+                oneTimeKeys[`signed_curve25519:${keyId}`] = k;
+            }
+
+            logger.log("Preparing fallback keys");
+            const fallbackKeys = {};
+            for (const [keyId, key] of Object.entries(fallbacks.curve25519)) {
+                const k: OneTimeKey = { key, fallback: true };
+                const signature = account.sign(anotherjson.stringify(k));
+                k.signatures = {
+                    [this.crypto._userId]: {
+                        [`ed25519:${deviceId}`]: signature,
+                    },
+                };
+                fallbackKeys[`signed_curve25519:${keyId}`] = k;
+            }
+
+            logger.log("Uploading keys to server");
+            await this.crypto._baseApis._http.authedRequest(
+                undefined,
+                "POST",
+                "/keys/upload/" + encodeURI(deviceId),
+                undefined,
+                {
+                    "device_keys": deviceKeys,
+                    "one_time_keys": oneTimeKeys,
+                    "org.matrix.msc2732.fallback_keys": fallbackKeys,
+                },
+            );
+            logger.log("Done dehydrating");
+
+            // dehydrate again in a week
+            this.timeoutId = global.setTimeout(
+                this.dehydrateDevice.bind(this), oneweek,
+            );
+
+            return deviceId;
+        } finally {
+            this.inProgress = false;
+        }
+    }
+
+    private stop() {
+        if (this.timeoutId) {
+            global.clearTimeout(this.timeoutId);
+            this.timeoutId = undefined;
+        }
+    }
+}
@@ -15,7 +15,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {randomString} from '../randomstring';
+import { randomString } from '../randomstring';

 const DEFAULT_ITERATIONS = 500000;

@@ -63,7 +63,7 @@ export async function deriveKey(password, salt, iterations, numBits = DEFAULT_BI
    const key = await subtleCrypto.importKey(
        'raw',
        new TextEncoder().encode(password),
-        {name: 'PBKDF2'},
+        { name: 'PBKDF2' },
        false,
        ['deriveBits'],
    );
@@ -22,7 +22,7 @@ limitations under the License.
 * Utilities common to olm encryption algorithms
 */

-import {logger} from '../logger';
+import { logger } from '../logger';
 import * as utils from "../utils";
 import anotherjson from "another-json";

@@ -41,7 +41,6 @@ export const MEGOLM_ALGORITHM = "m.megolm.v1.aes-sha2";
 */
 export const MEGOLM_BACKUP_ALGORITHM = "m.megolm_backup.v1.curve25519-aes-sha2";

-
 /**
 * Encrypt an event payload for an Olm device
 *
@@ -183,18 +182,24 @@ export async function getExistingOlmSessions(
 * @param {Array} [failedServers] An array to fill with remote servers that
 *     failed to respond to one-time-key requests.
 *
+ * @param {Logger} [log] A possibly customised log
+ *
 * @return {Promise} resolves once the sessions are complete, to
 *    an Object mapping from userId to deviceId to
 *    {@link module:crypto~OlmSessionResult}
 */
 export async function ensureOlmSessionsForDevices(
-    olmDevice, baseApis, devicesByUser, force, otkTimeout, failedServers,
+    olmDevice, baseApis, devicesByUser, force, otkTimeout, failedServers, log,
 ) {
    if (typeof force === "number") {
+        log = failedServers;
        failedServers = otkTimeout;
        otkTimeout = force;
        force = false;
    }
+    if (!log) {
+        log = logger;
+    }

    const devicesWithoutSession = [
        // [userId, deviceId], ...
@@ -202,6 +207,35 @@ export async function ensureOlmSessionsForDevices(
    const result = {};
    const resolveSession = {};

+    // Mark all sessions this task intends to update as in progress. It is
+    // important to do this for all devices this task cares about in a single
+    // synchronous operation, as otherwise it is possible to have deadlocks
+    // where multiple tasks wait indefinitely on another task to update some set
+    // of common devices.
+    for (const [, devices] of Object.entries(devicesByUser)) {
+        for (const deviceInfo of devices) {
+            const key = deviceInfo.getIdentityKey();
+
+            if (key === olmDevice.deviceCurve25519Key) {
+                // We don't start sessions with ourself, so there's no need to
+                // mark it in progress.
+                continue;
+            }
+
+            if (!olmDevice._sessionsInProgress[key]) {
+                // pre-emptively mark the session as in-progress to avoid race
+                // conditions.  If we find that we already have a session, then
+                // we'll resolve
+                olmDevice._sessionsInProgress[key] = new Promise(resolve => {
+                    resolveSession[key] = (...args) => {
+                        delete olmDevice._sessionsInProgress[key];
+                        resolve(...args);
+                    };
+                });
+            }
+        }
+    }
+
    for (const [userId, devices] of Object.entries(devicesByUser)) {
        result[userId] = {};
        for (const deviceInfo of devices) {
@@ -216,7 +250,7 @@ export async function ensureOlmSessionsForDevices(
                // new chain when this side has an active sender chain.
                // If you see this message being logged in the wild, we should find
                // the thing that is trying to send Olm messages to itself and fix it.
-                logger.info("Attempted to start session with ourself! Ignoring");
+                log.info("Attempted to start session with ourself! Ignoring");
                // We must fill in the section in the return value though, as callers
                // expect it to be there.
                result[userId][deviceId] = {
@@ -226,41 +260,21 @@ export async function ensureOlmSessionsForDevices(
                continue;
            }

-            if (!olmDevice._sessionsInProgress[key]) {
-                // pre-emptively mark the session as in-progress to avoid race
-                // conditions.  If we find that we already have a session, then
-                // we'll resolve
-                olmDevice._sessionsInProgress[key] = new Promise(
-                    (resolve, reject) => {
-                        resolveSession[key] = {
-                            resolve: (...args) => {
-                                delete olmDevice._sessionsInProgress[key];
-                                resolve(...args);
-                            },
-                            reject: (...args) => {
-                                delete olmDevice._sessionsInProgress[key];
-                                reject(...args);
-                            },
-                        };
-                    },
-                );
-            }
+            const forWhom = `for ${key} (${userId}:${deviceId})`;
            const sessionId = await olmDevice.getSessionIdForDevice(
-                key, resolveSession[key],
+                key, resolveSession[key], log,
            );
            if (sessionId !== null && resolveSession[key]) {
                // we found a session, but we had marked the session as
-                // in-progress, so unmark it and unblock anything that was
-                // waiting
-                delete olmDevice._sessionsInProgress[key];
-                resolveSession[key].resolve();
-                delete resolveSession[key];
+                // in-progress, so resolve it now, which will unmark it and
+                // unblock anything that was waiting
+                resolveSession[key]();
            }
            if (sessionId === null || force) {
                if (force) {
-                    logger.info("Forcing new Olm session for " + userId + ":" + deviceId);
+                    log.info(`Forcing new Olm session ${forWhom}`);
                } else {
-                    logger.info("Making new Olm session for " + userId + ":" + deviceId);
+                    log.info(`Making new Olm session ${forWhom}`);
                }
                devicesWithoutSession.push([userId, deviceId]);
            }
@@ -277,15 +291,18 @@ export async function ensureOlmSessionsForDevices(

    const oneTimeKeyAlgorithm = "signed_curve25519";
    let res;
+    let taskDetail = `one-time keys for ${devicesWithoutSession.length} devices`;
    try {
+        log.debug(`Claiming ${taskDetail}`);
        res = await baseApis.claimOneTimeKeys(
            devicesWithoutSession, oneTimeKeyAlgorithm, otkTimeout,
        );
+        log.debug(`Claimed ${taskDetail}`);
    } catch (e) {
        for (const resolver of Object.values(resolveSession)) {
-            resolver.resolve();
+            resolver();
        }
-        logger.log("failed to claim one-time keys", e, devicesWithoutSession);
+        log.log(`Failed to claim ${taskDetail}`, e, devicesWithoutSession);
        throw e;
    }

@@ -293,10 +310,10 @@ export async function ensureOlmSessionsForDevices(
        failedServers.push(...Object.keys(res.failures));
    }

-    const otk_res = res.one_time_keys || {};
+    const otkResult = res.one_time_keys || {};
    const promises = [];
    for (const [userId, devices] of Object.entries(devicesByUser)) {
-        const userRes = otk_res[userId] || {};
+        const userRes = otkResult[userId] || {};
        for (let j = 0; j < devices.length; j++) {
            const deviceInfo = devices[j];
            const deviceId = deviceInfo.deviceId;
@@ -323,11 +340,12 @@ export async function ensureOlmSessionsForDevices(
            }

            if (!oneTimeKey) {
-                const msg = "No one-time keys (alg=" + oneTimeKeyAlgorithm +
-                      ") for device " + userId + ":" + deviceId;
-                logger.warn(msg);
+                log.warn(
+                    `No one-time keys (alg=${oneTimeKeyAlgorithm}) ` +
+                    `for device ${userId}:${deviceId}`,
+                );
                if (resolveSession[key]) {
-                    resolveSession[key].resolve();
+                    resolveSession[key]();
                }
                continue;
            }
@@ -337,12 +355,12 @@ export async function ensureOlmSessionsForDevices(
                    olmDevice, oneTimeKey, userId, deviceInfo,
                ).then((sid) => {
                    if (resolveSession[key]) {
-                        resolveSession[key].resolve(sid);
+                        resolveSession[key](sid);
                    }
                    result[userId][deviceId].sessionId = sid;
                }, (e) => {
                    if (resolveSession[key]) {
-                        resolveSession[key].resolve();
+                        resolveSession[key]();
                    }
                    throw e;
                }),
@@ -350,7 +368,10 @@ export async function ensureOlmSessionsForDevices(
        }
    }

+    taskDetail = `Olm sessions for ${promises.length} devices`;
+    log.debug(`Starting ${taskDetail}`);
    await Promise.all(promises);
+    log.debug(`Started ${taskDetail}`);
    return result;
 }

@@ -386,7 +407,6 @@ async function _verifyKeyAndStartSession(olmDevice, oneTimeKey, userId, deviceIn
    return sid;
 }

-
 /**
 * Verify the signature on an object
 *
@@ -16,10 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../../logger';
+import { logger } from '../../logger';
 import * as utils from "../../utils";

-export const VERSION = 9;
+export const VERSION = 10;
+const PROFILE_TRANSACTIONS = false;

 /**
 * Implementation of a CryptoStore which is backed by an existing
@@ -34,6 +35,7 @@ export class Backend {
     */
    constructor(db) {
        this._db = db;
+        this._nextTxnId = 0;

        // make sure we close the db on `onversionchange` - otherwise
        // attempts to delete the database will block (and subsequent
@@ -131,7 +133,7 @@ export class Backend {

        cursorReq.onsuccess = (ev) => {
            const cursor = ev.target.result;
-            if(!cursor) {
+            if (!cursor) {
                // no match found
                callback(null);
                return;
@@ -228,7 +230,7 @@ export class Backend {
            const cursor = ev.target.result;
            if (cursor) {
                const keyReq = cursor.value;
-                if (keyReq.recipients.includes({userId, deviceId})) {
+                if (keyReq.recipients.includes({ userId, deviceId })) {
                    results.push(keyReq);
                }
                cursor.continue();
@@ -494,7 +496,7 @@ export class Backend {
            const lastProblem = problems[problems.length - 1];
            for (const problem of problems) {
                if (problem.time > timestamp) {
-                    result = Object.assign({}, problem, {fixed: lastProblem.fixed});
+                    result = Object.assign({}, problem, { fixed: lastProblem.fixed });
                    return;
                }
            }
@@ -517,11 +519,11 @@ export class Backend {

        await Promise.all(devices.map((device) => {
            return new Promise((resolve) => {
-                const {userId, deviceInfo} = device;
+                const { userId, deviceInfo } = device;
                const getReq = objectStore.get([userId, deviceInfo.deviceId]);
                getReq.onsuccess = function() {
                    if (!getReq.result) {
-                        objectStore.put({userId, deviceId: deviceInfo.deviceId});
+                        objectStore.put({ userId, deviceId: deviceInfo.deviceId });
                        ret.push(device);
                    }
                    resolve();
@@ -757,10 +759,59 @@ export class Backend {
        }));
    }

-    doTxn(mode, stores, func) {
+    addSharedHistoryInboundGroupSession(roomId, senderKey, sessionId, txn) {
+        if (!txn) {
+            txn = this._db.transaction(
+                "shared_history_inbound_group_sessions", "readwrite",
+            );
+        }
+        const objectStore = txn.objectStore("shared_history_inbound_group_sessions");
+        const req = objectStore.get([roomId]);
+        req.onsuccess = () => {
+            const { sessions } = req.result || { sessions: [] };
+            sessions.push([senderKey, sessionId]);
+            objectStore.put({ roomId, sessions });
+        };
+    }
+
+    getSharedHistoryInboundGroupSessions(roomId, txn) {
+        if (!txn) {
+            txn = this._db.transaction(
+                "shared_history_inbound_group_sessions", "readonly",
+            );
+        }
+        const objectStore = txn.objectStore("shared_history_inbound_group_sessions");
+        const req = objectStore.get([roomId]);
+        return new Promise((resolve, reject) => {
+            req.onsuccess = () => {
+                const { sessions } = req.result || { sessions: [] };
+                resolve(sessions);
+            };
+            req.onerror = reject;
+        });
+    }
+
+    doTxn(mode, stores, func, log = logger) {
+        let startTime;
+        let description;
+        if (PROFILE_TRANSACTIONS) {
+            const txnId = this._nextTxnId++;
+            startTime = Date.now();
+            description = `${mode} crypto store transaction ${txnId} in ${stores}`;
+            log.debug(`Starting ${description}`);
+        }
        const txn = this._db.transaction(stores, mode);
        const promise = promiseifyTxn(txn);
        const result = func(txn);
+        if (PROFILE_TRANSACTIONS) {
+            promise.then(() => {
+                const elapsedTime = Date.now() - startTime;
+                log.debug(`Finished ${description}, took ${elapsedTime} ms`);
+            }, () => {
+                const elapsedTime = Date.now() - startTime;
+                log.error(`Failed ${description}, took ${elapsedTime} ms`);
+            });
+        }
        return promise.then(() => {
            return result;
        });
@@ -815,6 +866,11 @@ export function upgradeDatabase(db, oldVersion) {
            keyPath: ["userId", "deviceId"],
        });
    }
+    if (oldVersion < 10) {
+        db.createObjectStore("shared_history_inbound_group_sessions", {
+            keyPath: ["roomId"],
+        });
+    }
    // Expand as needed.
 }

@@ -16,11 +16,11 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../../logger';
-import {LocalStorageCryptoStore} from './localStorage-crypto-store';
-import {MemoryCryptoStore} from './memory-crypto-store';
+import { logger } from '../../logger';
+import { LocalStorageCryptoStore } from './localStorage-crypto-store';
+import { MemoryCryptoStore } from './memory-crypto-store';
 import * as IndexedDBCryptoStoreBackend from './indexeddb-crypto-store-backend';
-import {InvalidCryptoStoreError} from '../../errors';
+import { InvalidCryptoStoreError } from '../../errors';
 import * as IndexedDBHelpers from "../../indexeddb-helpers";

 /**
@@ -582,6 +582,29 @@ export class IndexedDBCryptoStore {
        return this._backend.markSessionsNeedingBackup(sessions, txn);
    }

+    /**
+     * Add a shared-history group session for a room.
+     * @param {string} roomId The room that the key belongs to
+     * @param {string} senderKey The sender's curve 25519 key
+     * @param {string} sessionId The ID of the session
+     * @param {*} txn An active transaction. See doTxn(). (optional)
+     */
+    addSharedHistoryInboundGroupSession(roomId, senderKey, sessionId, txn) {
+        this._backend.addSharedHistoryInboundGroupSession(
+            roomId, senderKey, sessionId, txn,
+        );
+    }
+
+    /**
+     * Get the shared-history group session for a room.
+     * @param {string} roomId The room that the key belongs to
+     * @param {*} txn An active transaction. See doTxn(). (optional)
+     * @returns {Promise} Resolves to an array of [senderKey, sessionId]
+     */
+    getSharedHistoryInboundGroupSessions(roomId, txn) {
+        return this._backend.getSharedHistoryInboundGroupSessions(roomId, txn);
+    }
+
    /**
     * Perform a transaction on the crypto store. Any store methods
     * that require a transaction (txn) object to be passed in may
@@ -596,6 +619,7 @@ export class IndexedDBCryptoStore {
     * @param {function(*)} func Function called with the
     *     transaction object: an opaque object that should be passed
     *     to store functions.
+     * @param {Logger} [log] A possibly customised log
     * @return {Promise} Promise that resolves with the result of the `func`
     *     when the transaction is complete. If the backend is
     *     async (ie. the indexeddb backend) any of the callback
@@ -603,8 +627,8 @@ export class IndexedDBCryptoStore {
     *     reject with that exception. On synchronous backends, the
     *     exception will propagate to the caller of the getFoo method.
     */
-    doTxn(mode, stores, func) {
-        return this._backend.doTxn(mode, stores, func);
+    doTxn(mode, stores, func, log) {
+        return this._backend.doTxn(mode, stores, func, log);
    }
 }

@@ -613,6 +637,8 @@ IndexedDBCryptoStore.STORE_SESSIONS = 'sessions';
 IndexedDBCryptoStore.STORE_INBOUND_GROUP_SESSIONS = 'inbound_group_sessions';
 IndexedDBCryptoStore.STORE_INBOUND_GROUP_SESSIONS_WITHHELD
    = 'inbound_group_sessions_withheld';
+IndexedDBCryptoStore.STORE_SHARED_HISTORY_INBOUND_GROUP_SESSIONS
+    = 'shared_history_inbound_group_sessions';
 IndexedDBCryptoStore.STORE_DEVICE_DATA = 'device_data';
 IndexedDBCryptoStore.STORE_ROOMS = 'rooms';
 IndexedDBCryptoStore.STORE_BACKUP = 'sessions_needing_backup';
@@ -15,8 +15,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../../logger';
-import {MemoryCryptoStore} from './memory-crypto-store';
+import { logger } from '../../logger';
+import { MemoryCryptoStore } from './memory-crypto-store';

 /**
 * Internal module. Partial localStorage backed storage for e2e.
@@ -136,7 +136,7 @@ export class LocalStorageCryptoStore extends MemoryCryptoStore {
    async storeEndToEndSessionProblem(deviceKey, type, fixed) {
        const key = keyEndToEndSessionProblems(deviceKey);
        const problems = getJsonItem(this.store, key) || [];
-        problems.push({type, fixed, time: Date.now()});
+        problems.push({ type, fixed, time: Date.now() });
        problems.sort((a, b) => {
            return a.time - b.time;
        });
@@ -152,7 +152,7 @@ export class LocalStorageCryptoStore extends MemoryCryptoStore {
        const lastProblem = problems[problems.length - 1];
        for (const problem of problems) {
            if (problem.time > timestamp) {
-                return Object.assign({}, problem, {fixed: lastProblem.fixed});
+                return Object.assign({}, problem, { fixed: lastProblem.fixed });
            }
        }
        if (lastProblem.fixed) {
@@ -168,7 +168,7 @@ export class LocalStorageCryptoStore extends MemoryCryptoStore {
        const ret = [];

        for (const device of devices) {
-            const {userId, deviceInfo} = device;
+            const { userId, deviceInfo } = device;
            if (userId in notifiedErrorDevices) {
                if (!(deviceInfo.deviceId in notifiedErrorDevices[userId])) {
                    ret.push(device);
@@ -176,7 +176,7 @@ export class LocalStorageCryptoStore extends MemoryCryptoStore {
                }
            } else {
                ret.push(device);
-                notifiedErrorDevices[userId] = {[deviceInfo.deviceId]: true };
+                notifiedErrorDevices[userId] = { [deviceInfo.deviceId]: true };
            }
        }

@@ -16,7 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../../logger';
+import { logger } from '../../logger';
 import * as utils from "../../utils";

 /**
@@ -51,6 +51,8 @@ export class MemoryCryptoStore {
        this._rooms = {};
        // Set of {senderCurve25519Key+'/'+sessionId}
        this._sessionsNeedingBackup = {};
+        // roomId -> array of [senderKey, sessionId]
+        this._sharedHistoryInboundGroupSessions = {};
    }

    /**
@@ -184,7 +186,7 @@ export class MemoryCryptoStore {

        for (const req of this._outgoingRoomKeyRequests) {
            for (const state of wantedStates) {
-                if (req.state === state && req.recipients.includes({userId, deviceId})) {
+                if (req.state === state && req.recipients.includes({ userId, deviceId })) {
                    results.push(req);
                }
            }
@@ -322,7 +324,7 @@ export class MemoryCryptoStore {
    async storeEndToEndSessionProblem(deviceKey, type, fixed) {
        const problems = this._sessionProblems[deviceKey]
              = this._sessionProblems[deviceKey] || [];
-        problems.push({type, fixed, time: Date.now()});
+        problems.push({ type, fixed, time: Date.now() });
        problems.sort((a, b) => {
            return a.time - b.time;
        });
@@ -336,7 +338,7 @@ export class MemoryCryptoStore {
        const lastProblem = problems[problems.length - 1];
        for (const problem of problems) {
            if (problem.time > timestamp) {
-                return Object.assign({}, problem, {fixed: lastProblem.fixed});
+                return Object.assign({}, problem, { fixed: lastProblem.fixed });
            }
        }
        if (lastProblem.fixed) {
@@ -351,7 +353,7 @@ export class MemoryCryptoStore {
        const ret = [];

        for (const device of devices) {
-            const {userId, deviceInfo} = device;
+            const { userId, deviceInfo } = device;
            if (userId in notifiedErrorDevices) {
                if (!(deviceInfo.deviceId in notifiedErrorDevices[userId])) {
                    ret.push(device);
@@ -359,7 +361,7 @@ export class MemoryCryptoStore {
                }
            } else {
                ret.push(device);
-                notifiedErrorDevices[userId] = {[deviceInfo.deviceId]: true };
+                notifiedErrorDevices[userId] = { [deviceInfo.deviceId]: true };
            }
        }

@@ -467,6 +469,16 @@ export class MemoryCryptoStore {
        return Promise.resolve();
    }

+    addSharedHistoryInboundGroupSession(roomId, senderKey, sessionId) {
+        const sessions = this._sharedHistoryInboundGroupSessions[roomId] || [];
+        sessions.push([senderKey, sessionId]);
+        this._sharedHistoryInboundGroupSessions[roomId] = sessions;
+    }
+
+    getSharedHistoryInboundGroupSessions(roomId) {
+        return Promise.resolve(this._sharedHistoryInboundGroupSessions[roomId] || []);
+    }
+
    // Session key backups

    doTxn(mode, stores, func) {
@@ -20,13 +20,12 @@ limitations under the License.
 * @module crypto/verification/Base
 */

-import {MatrixEvent} from '../../models/event';
-import {EventEmitter} from 'events';
-import {logger} from '../../logger';
-import {DeviceInfo} from '../deviceinfo';
-import {newTimeoutError} from "./Error";
-import {CrossSigningInfo} from "../CrossSigning";
-import {decodeBase64} from "../olmlib";
+import { MatrixEvent } from '../../models/event';
+import { EventEmitter } from 'events';
+import { logger } from '../../logger';
+import { DeviceInfo } from '../deviceinfo';
+import { newTimeoutError } from "./Error";
+import { requestKeysDuringVerification } from "../CrossSigning";

 const timeoutException = new Error("Verification timed out");

@@ -79,8 +78,6 @@ export class VerificationBase extends EventEmitter {
        this._transactionTimeoutTimer = null;
    }

-    static keyRequestTimeoutMs = 1000 * 60;
-
    get initiatedByMe() {
        // if there is no start event yet,
        // we probably want to send it,
@@ -141,7 +138,7 @@ export class VerificationBase extends EventEmitter {
    switchStartEvent(event) {
        if (this.canSwitchStartEvent(event)) {
            logger.log("Verification Base: switching verification start event",
-                {restartingFlow: !!this._rejectEvent});
+                { restartingFlow: !!this._rejectEvent });
            if (this._rejectEvent) {
                const reject = this._rejectEvent;
                this._rejectEvent = undefined;
@@ -170,7 +167,7 @@ export class VerificationBase extends EventEmitter {
            // there is only promise to reject if verify has been called
            if (reject) {
                const content = e.getContent();
-                const {reason, code} = content;
+                const { reason, code } = content;
                reject(new Error(`Other side cancelled verification ` +
                    `because ${reason} (${code})`));
            }
@@ -198,93 +195,7 @@ export class VerificationBase extends EventEmitter {
        if (!this._done) {
            this.request.onVerifierFinished();
            this._resolve();
-
-            //#region Cross-signing keys request
-            // If this is a self-verification, ask the other party for keys
-            if (this._baseApis.getUserId() !== this.userId) {
-                return;
-            }
-            // FIXME: This is a lot of logic that isn't anything to do with verification
-            // and probably ought to be somewhere else.
-            console.log("VerificationBase.done: Self-verification done; requesting keys");
-            /* This happens asynchronously, and we're not concerned about
-             * waiting for it.  We return here in order to test. */
-            return new Promise((resolve, reject) => {
-                const client = this._baseApis;
-                const original = client._crypto._crossSigningInfo;
-
-                /* We already have all of the infrastructure we need to validate and
-                 * cache cross-signing keys, so instead of replicating that, here we
-                 * set up callbacks that request them from the other device and call
-                 * CrossSigningInfo.getCrossSigningKey() to validate/cache */
-                const crossSigning = new CrossSigningInfo(
-                    original.userId,
-                    { getCrossSigningKey: async (type) => {
-                        console.debug("VerificationBase.done: requesting secret",
-                                      type, this.deviceId);
-                        const { promise } = client.requestSecret(
-                            `m.cross_signing.${type}`, [this.deviceId],
-                        );
-                        const result = await promise;
-                        const decoded = decodeBase64(result);
-                        return Uint8Array.from(decoded);
-                    } },
-                    original._cacheCallbacks,
-                );
-                crossSigning.keys = original.keys;
-
-                // XXX: get all keys out if we get one key out
-                // https://github.com/vector-im/riot-web/issues/12604
-                // then change here to reject on the timeout
-                /* Requests can be ignored, so don't wait around forever */
-                const timeout = new Promise((resolve, reject) => {
-                    setTimeout(
-                        resolve,
-                        VerificationBase.keyRequestTimeoutMs,
-                        new Error("Timeout"),
-                    );
-                });
-
-                // also request and cache the key backup key
-                const backupKeyPromise = new Promise(async resolve => {
-                    const cachedKey = await client._crypto.getSessionBackupPrivateKey();
-                    if (!cachedKey) {
-                        logger.info("No cached backup key found. Requesting...");
-                        const secretReq = client.requestSecret(
-                            'm.megolm_backup.v1', [this.deviceId],
-                        );
-                        const base64Key = await secretReq.promise;
-                        logger.info("Got key backup key, decoding...");
-                        const decodedKey = decodeBase64(base64Key);
-                        logger.info("Decoded backup key, storing...");
-                        client._crypto.storeSessionBackupPrivateKey(
-                            Uint8Array.from(decodedKey),
-                        );
-                        logger.info("Backup key stored. Starting backup restore...");
-                        const backupInfo = await client.getKeyBackupVersion();
-                        // no need to await for this - just let it go in the bg
-                        client.restoreKeyBackupWithCache(
-                            undefined, undefined, backupInfo,
-                        ).then(() => {
-                            logger.info("Backup restored.");
-                        });
-                    }
-                    resolve();
-                });
-
-                /* We call getCrossSigningKey() for its side-effects */
-                return Promise.race([
-                    Promise.all([
-                        crossSigning.getCrossSigningKey("self_signing"),
-                        crossSigning.getCrossSigningKey("user_signing"),
-                        backupKeyPromise,
-                    ]),
-                    timeout,
-                ]).then(resolve, reject);
-            }).catch((e) => {
-                console.warn("VerificationBase: failure while requesting keys:", e);
-            });
-            //#endregion
+            return requestKeysDuringVerification(this._baseApis, this.userId, this.deviceId);
        }
    }

@@ -20,10 +20,10 @@ limitations under the License.
 * @module crypto/verification/Error
 */

-import {MatrixEvent} from "../../models/event";
+import { MatrixEvent } from "../../models/event";

 export function newVerificationError(code, reason, extradata) {
-    const content = Object.assign({}, {code, reason}, extradata);
+    const content = Object.assign({}, { code, reason }, extradata);
    return new MatrixEvent({
        type: "m.key.verification.cancel",
        content,
@@ -87,9 +87,9 @@ export const newInvalidMessageError = errorFactory(
 export function errorFromEvent(event) {
    const content = event.getContent();
    if (content) {
-        const {code, reason} = content;
-        return {code, reason};
+        const { code, reason } = content;
+        return { code, reason };
    } else {
-        return {code: "Unknown error", reason: "m.unknown"};
+        return { code: "Unknown error", reason: "m.unknown" };
    }
 }
@@ -20,7 +20,7 @@ limitations under the License.
 * @module crypto/verification/IllegalMethod
 */

-import {VerificationBase as Base} from "./Base";
+import { VerificationBase as Base } from "./Base";

 /**
 * @class crypto/verification/IllegalMethod/IllegalMethod
@@ -20,12 +20,13 @@ limitations under the License.
 * @module crypto/verification/QRCode
 */

-import {VerificationBase as Base} from "./Base";
+import { VerificationBase as Base } from "./Base";
 import {
    newKeyMismatchError,
    newUserCancelledError,
 } from './Error';
-import {encodeUnpaddedBase64, decodeBase64} from "../olmlib";
+import { encodeUnpaddedBase64, decodeBase64 } from "../olmlib";
+import { logger } from '../../logger';

 export const SHOW_QR_CODE_METHOD = "m.qr_code.show.v1";
 export const SCAN_QR_CODE_METHOD = "m.qr_code.scan.v1";
@@ -50,7 +51,7 @@ export class ReciprocateQRCode extends Base {
                "with this method yet.");
        }

-        const {qrCodeData} = this.request;
+        const { qrCodeData } = this.request;
        // 1. check the secret
        if (this.startEvent.getContent()['secret'] !== qrCodeData.encodedSharedSecret) {
            throw newKeyMismatchError();
@@ -94,7 +95,7 @@ export class ReciprocateQRCode extends Base {
            if (!targetKey) throw newKeyMismatchError();

            if (keyInfo !== targetKey) {
-                console.error("key ID from key info does not match");
+                logger.error("key ID from key info does not match");
                throw newKeyMismatchError();
            }
            for (const deviceKeyId in device.keys) {
@@ -102,7 +103,7 @@ export class ReciprocateQRCode extends Base {
                const deviceTargetKey = keys[deviceKeyId];
                if (!deviceTargetKey) throw newKeyMismatchError();
                if (device.keys[deviceKeyId] !== deviceTargetKey) {
-                    console.error("master key does not match");
+                    logger.error("master key does not match");
                    throw newKeyMismatchError();
                }
            }
@@ -19,7 +19,7 @@ limitations under the License.
 * @module crypto/verification/SAS
 */

-import {VerificationBase as Base, SwitchStartEventError} from "./Base";
+import { VerificationBase as Base, SwitchStartEventError } from "./Base";
 import anotherjson from 'another-json';
 import {
    errorFactory,
@@ -28,7 +28,7 @@ import {
    newUnknownMethodError,
    newUserCancelledError,
 } from './Error';
-import {logger} from '../../logger';
+import { logger } from '../../logger';

 const START_TYPE = "m.key.verification.start";

@@ -323,7 +323,6 @@ export class SAS extends Base {
                key: this.ourSASPubKey,
            });

-
            e = await this._waitForEvent("m.key.verification.key");
            // FIXME: make sure event is properly formed
            content = e.getContent();
@@ -353,7 +352,6 @@ export class SAS extends Base {
                this.emit("show_sas", this.sasEvent);
            });

-
            [e] = await Promise.all([
                this._waitForEvent("m.key.verification.mac")
                    .then((e) => {
@@ -411,7 +409,6 @@ export class SAS extends Base {
                commitment: olmutil.sha256(commitmentStr),
            });

-
            let e = await this._waitForEvent("m.key.verification.key");
            // FIXME: make sure event is properly formed
            content = e.getContent();
@@ -430,7 +427,7 @@ export class SAS extends Base {
                        try {
                            await this._sendMAC(olmSAS, macMethod);
                            resolve();
-                        } catch(err) {
+                        } catch (err) {
                            reject(err);
                        }
                    },
@@ -440,7 +437,6 @@ export class SAS extends Base {
                this.emit("show_sas", this.sasEvent);
            });

-
            [e] = await Promise.all([
                this._waitForEvent("m.key.verification.mac")
                    .then((e) => {
@@ -21,7 +21,7 @@ import {
    READY_TYPE,
    START_TYPE,
 } from "./VerificationRequest";
-import {logger} from '../../../logger';
+import { logger } from '../../../logger';

 const MESSAGE_TYPE = "m.room.message";
 const M_REFERENCE = "m.reference";
@@ -157,7 +157,7 @@ export class InRoomChannel {
        if (type === MESSAGE_TYPE) {
            const content = event.getContent();
            if (content) {
-                const {msgtype} = content;
+                const { msgtype } = content;
                if (msgtype === REQUEST_TYPE) {
                    return REQUEST_TYPE;
                }
@@ -15,8 +15,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {randomString} from '../../../randomstring';
-import {logger} from '../../../logger';
+import { randomString } from '../../../randomstring';
+import { logger } from '../../../logger';
 import {
    CANCEL_TYPE,
    PHASE_STARTED,
@@ -26,8 +26,8 @@ import {
    START_TYPE,
    VerificationRequest,
 } from "./VerificationRequest";
-import {errorFromEvent, newUnexpectedMessageError} from "../Error";
-import {MatrixEvent} from "../../../models/event";
+import { errorFromEvent, newUnexpectedMessageError } from "../Error";
+import { MatrixEvent } from "../../../models/event";

 /**
 * A key verification channel that sends verification events over to_device messages.
@@ -179,7 +179,9 @@ export class ToDeviceChannel {
        const isAcceptingEvent = type === START_TYPE || type === READY_TYPE;
        // the request has picked a ready or start event, tell the other devices about it
        if (isAcceptingEvent && !wasStarted && isStarted && this._deviceId) {
-            const nonChosenDevices = this._devices.filter(d => d !== this._deviceId);
+            const nonChosenDevices = this._devices.filter(
+                d => d !== this._deviceId && d !== this._client.getDeviceId(),
+            );
            if (nonChosenDevices.length) {
                const message = this.completeContent({
                    code: "m.accepted",
@@ -275,7 +277,7 @@ export class ToDeviceChannel {
                msgMap[deviceId] = content;
            }

-            return this._client.sendToDevice(type, {[this.userId]: msgMap});
+            return this._client.sendToDevice(type, { [this.userId]: msgMap });
        } else {
            return Promise.resolve();
        }
@@ -290,7 +292,6 @@ export class ToDeviceChannel {
    }
 }

-
 export class ToDeviceRequests {
    constructor() {
        this._requestsByUserId = new Map();
@@ -356,4 +357,12 @@ export class ToDeviceRequests {
            }
        }
    }
+
+    getRequestsInProgress(userId) {
+        const requestsByTxnId = this._requestsByUserId.get(userId);
+        if (requestsByTxnId) {
+            return Array.from(requestsByTxnId.values()).filter(r => r.pending);
+        }
+        return [];
+    }
 }
@@ -15,26 +15,27 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

-import {logger} from '../../../logger';
-import {EventEmitter} from 'events';
+import { logger } from '../../../logger';
+import { EventEmitter } from 'events';
 import {
    errorFactory,
    errorFromEvent,
    newUnexpectedMessageError,
    newUnknownMethodError,
 } from "../Error";
-import {QRCodeData, SCAN_QR_CODE_METHOD} from "../QRCode";
+import { QRCodeData, SCAN_QR_CODE_METHOD } from "../QRCode";
+
+// How long after the event's timestamp that the request times out
+const TIMEOUT_FROM_EVENT_TS = 10 * 60 * 1000; // 10 minutes
+
+// How long after we receive the event that the request times out
+const TIMEOUT_FROM_EVENT_RECEIPT = 2 * 60 * 1000; // 2 minutes

-// the recommended amount of time before a verification request
-// should be (automatically) cancelled without user interaction
-// and ignored.
-const VERIFICATION_REQUEST_TIMEOUT = 10 * 60 * 1000; //10m
 // to avoid almost expired verification notifications
 // from showing a notification and almost immediately
 // disappearing, also ignore verification requests that
 // are this amount of time away from expiring.
-const VERIFICATION_REQUEST_MARGIN = 3 * 1000; //3s
-
+const VERIFICATION_REQUEST_MARGIN = 3 * 1000; // 3 seconds

 export const EVENT_PREFIX = "m.key.verification.";
 export const REQUEST_TYPE = EVENT_PREFIX + "request";
@@ -50,7 +51,6 @@ export const PHASE_STARTED = 4;
 export const PHASE_CANCELLED = 5;
 export const PHASE_DONE = 6;

-
 /**
 * State machine for verification requests.
 * Things that differ based on what channel is used to
@@ -80,6 +80,9 @@ export class VerificationRequest extends EventEmitter {
        // cross-signing identity reset between the .ready and .start event
        // and signing the wrong key after .start
        this._qrCodeData = null;
+
+        // The timestamp when we received the request event from the other side
+        this._requestReceivedAt = null;
    }

    /**
@@ -93,7 +96,6 @@ export class VerificationRequest extends EventEmitter {
    static validateEvent(type, event, client) {
        const content = event.getContent();

-
        if (!type || !type.startsWith(EVENT_PREFIX)) {
            return false;
        }
@@ -165,12 +167,26 @@ export class VerificationRequest extends EventEmitter {
        return this._chosenMethod;
    }

+    calculateEventTimeout(event) {
+        let effectiveExpiresAt = this.channel.getTimestamp(event)
+            + TIMEOUT_FROM_EVENT_TS;
+
+        if (this._requestReceivedAt && !this.initiatedByMe &&
+            this.phase <= PHASE_REQUESTED
+        ) {
+            const expiresAtByReceipt = this._requestReceivedAt
+                + TIMEOUT_FROM_EVENT_RECEIPT;
+            effectiveExpiresAt = Math.min(effectiveExpiresAt, expiresAtByReceipt);
+        }
+
+        return Math.max(0, effectiveExpiresAt - Date.now());
+    }
+
    /** The current remaining amount of ms before the request should be automatically cancelled */
    get timeout() {
        const requestEvent = this._getEventByEither(REQUEST_TYPE);
        if (requestEvent) {
-            const elapsed = Date.now() - this.channel.getTimestamp(requestEvent);
-            return Math.max(0, VERIFICATION_REQUEST_TIMEOUT - elapsed);
+            return this.calculateEventTimeout(requestEvent);
        }
        return 0;
    }
@@ -246,7 +262,7 @@ export class VerificationRequest extends EventEmitter {
        if (!content) {
            return false;
        }
-        const {methods} = content;
+        const { methods } = content;
        if (!Array.isArray(methods)) {
            return false;
        }
@@ -336,7 +352,6 @@ export class VerificationRequest extends EventEmitter {
        return this._observeOnly;
    }

-
    /**
     * Gets which device the verification should be started with
     * given the events sent so far in the verification. This is the
@@ -395,7 +410,7 @@ export class VerificationRequest extends EventEmitter {
    async sendRequest() {
        if (!this.observeOnly && this._phase === PHASE_UNSENT) {
            const methods = [...this._verificationMethods.keys()];
-            await this.channel.send(REQUEST_TYPE, {methods});
+            await this.channel.send(REQUEST_TYPE, { methods });
        }
    }

@@ -405,7 +420,7 @@ export class VerificationRequest extends EventEmitter {
     * @param {string?} error.code the error code to send the cancellation with
     * @returns {Promise} resolves when the event has been sent.
     */
-    async cancel({reason = "User declined", code = "m.user"} = {}) {
+    async cancel({ reason = "User declined", code = "m.user" } = {}) {
        if (!this.observeOnly && this._phase !== PHASE_CANCELLED) {
            this._declining = true;
            this.emit("change");
@@ -413,7 +428,7 @@ export class VerificationRequest extends EventEmitter {
                return this._verifier.cancel(errorFactory(code, reason)());
            } else {
                this._cancellingUserId = this._client.getUserId();
-                await this.channel.send(CANCEL_TYPE, {code, reason});
+                await this.channel.send(CANCEL_TYPE, { code, reason });
            }
        }
    }
@@ -427,7 +442,7 @@ export class VerificationRequest extends EventEmitter {
            const methods = [...this._verificationMethods.keys()];
            this._accepting = true;
            this.emit("change");
-            await this.channel.send(READY_TYPE, {methods});
+            await this.channel.send(READY_TYPE, { methods });
        }
    }

@@ -480,20 +495,20 @@ export class VerificationRequest extends EventEmitter {
    }

    _calculatePhaseTransitions() {
-        const transitions = [{phase: PHASE_UNSENT}];
+        const transitions = [{ phase: PHASE_UNSENT }];
        const phase = () => transitions[transitions.length - 1].phase;

        // always pass by .request first to be sure channel.userId has been set
        const hasRequestByThem = this._eventsByThem.has(REQUEST_TYPE);
        const requestEvent = this._getEventBy(REQUEST_TYPE, hasRequestByThem);
        if (requestEvent) {
-            transitions.push({phase: PHASE_REQUESTED, event: requestEvent});
+            transitions.push({ phase: PHASE_REQUESTED, event: requestEvent });
        }

        const readyEvent =
            requestEvent && this._getEventBy(READY_TYPE, !hasRequestByThem);
        if (readyEvent && phase() === PHASE_REQUESTED) {
-            transitions.push({phase: PHASE_READY, event: readyEvent});
+            transitions.push({ phase: PHASE_READY, event: readyEvent });
        }

        let startEvent;
@@ -516,18 +531,18 @@ export class VerificationRequest extends EventEmitter {
            const fromUnsentPhase = phase() === PHASE_UNSENT &&
                this.channel.constructor.canCreateRequest(START_TYPE);
            if (fromRequestPhase || phase() === PHASE_READY || fromUnsentPhase) {
-                transitions.push({phase: PHASE_STARTED, event: startEvent});
+                transitions.push({ phase: PHASE_STARTED, event: startEvent });
            }
        }

        const ourDoneEvent = this._eventsByUs.get(DONE_TYPE);
        if (this._verifierHasFinished || (ourDoneEvent && phase() === PHASE_STARTED)) {
-            transitions.push({phase: PHASE_DONE});
+            transitions.push({ phase: PHASE_DONE });
        }

        const cancelEvent = this._getEventByEither(CANCEL_TYPE);
        if ((this._cancelled || cancelEvent) && phase() !== PHASE_DONE) {
-            transitions.push({phase: PHASE_CANCELLED, event: cancelEvent});
+            transitions.push({ phase: PHASE_CANCELLED, event: cancelEvent });
            return transitions;
        }

@@ -535,7 +550,7 @@ export class VerificationRequest extends EventEmitter {
    }

    _transitionToPhase(transition) {
-        const {phase, event} = transition;
+        const { phase, event } = transition;
        // get common methods
        if (phase === PHASE_REQUESTED || phase === PHASE_READY) {
            if (!this._wasSentByOwnDevice(event)) {
@@ -562,7 +577,7 @@ export class VerificationRequest extends EventEmitter {
        }
        // create verifier
        if (phase === PHASE_STARTED) {
-            const {method} = event.getContent();
+            const { method } = event.getContent();
            if (!this._verifier && !this.observeOnly) {
                this._verifier = this._createVerifier(method, event);
                if (!this._verifier) {
@@ -712,7 +727,7 @@ export class VerificationRequest extends EventEmitter {
                }

                const lastTransition = newTransitions[newTransitions.length - 1];
-                const {phase} = lastTransition;
+                const { phase } = lastTransition;

                this._setupTimeout(phase);
                // set phase as last thing as this emits the "change" event
@@ -735,7 +750,7 @@ export class VerificationRequest extends EventEmitter {

    _setupTimeout(phase) {
        const shouldTimeout = !this._timeoutTimer && !this.observeOnly &&
-            phase === PHASE_REQUESTED && this.initiatedByMe;
+            phase === PHASE_REQUESTED;

        if (shouldTimeout) {
            this._timeoutTimer = setTimeout(this._cancelOnTimeout, this.timeout);
@@ -754,7 +769,17 @@ export class VerificationRequest extends EventEmitter {

    _cancelOnTimeout = () => {
        try {
-            this.cancel({reason: "Other party didn't accept in time", code: "m.timeout"});
+            if (this.initiatedByMe) {
+                this.cancel({
+                    reason: "Other party didn't accept in time",
+                    code: "m.timeout",
+                });
+            } else {
+                this.cancel({
+                    reason: "User didn't accept in time",
+                    code: "m.timeout",
+                });
+            }
        } catch (err) {
            logger.error("Error while cancelling verification request", err);
        }
@@ -780,7 +805,7 @@ export class VerificationRequest extends EventEmitter {
            logger.warn(`Cancelling, unexpected ${type} verification ` +
                `event from ${event.getSender()}`);
            const reason = `Unexpected ${type} event in phase ${this.phase}`;
-            await this.cancel(errorFromEvent(newUnexpectedMessageError({reason})));
+            await this.cancel(errorFromEvent(newUnexpectedMessageError({ reason })));
            return true;
        }
        return false;
@@ -791,16 +816,8 @@ export class VerificationRequest extends EventEmitter {
        if (!isLiveEvent) {
            this._observeOnly = true;
        }
-        // a timestamp is not provided on all to_device events
-        const timestamp = this.channel.getTimestamp(event);
-        if (Number.isFinite(timestamp)) {
-            const elapsed = Date.now() - timestamp;
-            // don't allow interaction on old requests
-            if (elapsed > (VERIFICATION_REQUEST_TIMEOUT - VERIFICATION_REQUEST_MARGIN) ||
-                elapsed < -(VERIFICATION_REQUEST_TIMEOUT / 2)
-            ) {
-                this._observeOnly = true;
-            }
+        if (this.calculateEventTimeout(event) < VERIFICATION_REQUEST_MARGIN) {
+            this._observeOnly = true;
        }
    }

@@ -819,6 +836,8 @@ export class VerificationRequest extends EventEmitter {
                    this._eventsByThem.delete(type);
                }
            }
+            // also remember when we received the request event
+            this._requestReceivedAt = Date.now();
        }
    }

@@ -826,7 +845,7 @@ export class VerificationRequest extends EventEmitter {
        if (!targetDevice) {
            targetDevice = this.targetDevice;
        }
-        const {userId, deviceId} = targetDevice;
+        const { userId, deviceId } = targetDevice;

        const VerifierCtor = this._verificationMethods.get(method);
        if (!VerifierCtor) {
@@ -22,7 +22,6 @@ InvalidStoreError.prototype = Object.create(Error.prototype, {
 });
 Reflect.setPrototypeOf(InvalidStoreError, Error);

-
 export function InvalidCryptoStoreError(reason) {
    const message = `Crypto store is invalid because ${reason}, ` +
        `please stop the client, delete all data and start the client again`;
--- a/Show More
+++ b/Show More