Release matrix-sdk 0.6.2

fix(sdk): Remove token field from SyncSettings Debug output
Release matrix-sdk-base 0.6.1 and matrix-sdk 0.6.1
2022-10-24 12:55:00 +02:00 · 2022-10-24 12:53:25 +02:00 · 2022-10-24 12:26:47 +02:00 · 2022-10-24 12:25:33 +02:00 · 2022-10-24 12:07:20 +02:00
1119 changed files with 58269 additions and 366847 deletions
@@ -1,16 +1,41 @@
+# Pass the rustflags specified to host dependencies (build scripts, proc-macros)
+# when a `--target` is passed to Cargo. Historically this was not the case, and
+# because of that, cross-compilation would not set the rustflags configured
+# below in `target.'cfg(all())'` for them, resulting in cache invalidation.
+#
+# Since this is an unstable feature (enabled at the bottom of the file), this
+# setting is unfortunately ignored on stable toolchains, but it's still better
+# to have it apply on nightly than using the old behavior for all toolchains.
+target-applies-to-host = false
+
 [alias]
 xtask = "run --package xtask --"
-uniffi-bindgen = "run --package uniffi-bindgen --"

 [doc.extern-map.registries]
 crates-io = "https://docs.rs/"

+[target.'cfg(all())']
+rustflags = [
+    "-Wrust_2018_idioms",
+    "-Wsemicolon_in_expressions_from_macros",
+    "-Wunused_extern_crates",
+    "-Wunused_import_braces",
+    "-Wunused_qualifications",
+    "-Wtrivial_casts",
+    "-Wtrivial_numeric_casts",
+    "-Wclippy::cloned_instead_of_copied",
+    "-Wclippy::dbg_macro",
+    "-Wclippy::inefficient_to_string",
+    "-Wclippy::macro_use_imports",
+    "-Wclippy::mut_mut",
+    "-Wclippy::needless_borrow",
+    "-Wclippy::nonstandard_macro_braces",
+    "-Wclippy::str_to_string",
+    "-Wclippy::todo",
+]
+
+# activate the target-applies-to-host feature.
+# Required for `target-applies-to-host` at the top to take effect.
 [unstable]
 rustdoc-map = true
-
-[target.aarch64-linux-android]
-# These rust flags improve the performance on Android on arm64
-rustflags = ["-C", "target-feature=+neon,+aes,+sha2,+sha3,+pmuv3"]
-
-[env]
-IPHONEOS_DEPLOYMENT_TARGET = "16.0"
+target-applies-to-host = true
@@ -1,13 +1,5 @@
+
 [profile.default]
-retries = { backoff = "exponential", count = 3, delay = "1s", jitter = true }
+retries = 2
 # kill the slow tests if they still aren't up after 180s
 slow-timeout = { period = "60s", terminate-after = 3 }
-
-[profile.ci]
-retries = { backoff = "exponential", count = 4, delay = "1s", jitter = true }
-# kill the slow tests if they still aren't up after 180s
-slow-timeout = { period = "60s", terminate-after = 3 }
-
-[profile.ci.junit]
-path = "junit.xml"
-store-success-output = true
@@ -1,56 +0,0 @@
-# https://embarkstudios.github.io/cargo-deny/checks/cfg.html
-[graph]
-all-features = true
-exclude = [
-    # dev only dependency
-    "criterion"
-]
-
-[advisories]
-version = 2
-ignore = [
-    { id = "RUSTSEC-2024-0436", reason = "Unmaintained paste crate, not critical." },
-    { id = "RUSTSEC-2024-0388", reason = "Unmaintained derivative crate, not a direct dependency" },
-]
-
-[licenses]
-version = 2
-allow = [
-    "Apache-2.0",
-    "Apache-2.0 WITH LLVM-exception",
-    "CDLA-Permissive-2.0",
-    "BSD-2-Clause",
-    "BSD-3-Clause",
-    "BSL-1.0",
-    "ISC",
-    "MIT",
-    "MPL-2.0",
-    "Unicode-3.0",
-    "Zlib",
-]
-
-[bans]
-# We should disallow this, but it's currently a PITA.
-multiple-versions = "allow"
-wildcards = "allow"
-
-[sources]
-unknown-registry = "deny"
-unknown-git = "deny"
-
-allow-git = [
-    # A patch override for the bindings fixing a bug for Android before upstream
-    # releases a new version.
-    "https://github.com/tokio-rs/tracing.git",
-    # Well, it's Ruma.
-    "https://github.com/ruma/ruma",
-    # A patch override for the bindings: https://github.com/rodrimati1992/const_panic/pull/10
-    "https://github.com/jplatte/const_panic",
-    # A patch override for the bindings: https://github.com/smol-rs/async-compat/pull/22
-    "https://github.com/element-hq/async-compat",
-    # We can release vodozemac whenever we need but let's not block development
-    # on releases.
-    "https://github.com/matrix-org/vodozemac",
-    # A patch override for the bindings: https://github.com/Alorel/rust-indexed-db/pull/72
-    "https://github.com/matrix-org/rust-indexed-db"
-]
@@ -1,3 +0,0 @@
-* @matrix-org/rust
-/crates/matrix-sdk-crypto @matrix-org/rust @matrix-org/rust-crypto-reviewers
-/crates/matrix-sdk-indexeddb/src/crypto_store @matrix-org/rust @matrix-org/rust-crypto-reviewers
@@ -1,9 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      # Check for updates to GitHub Actions every week
-      interval: "weekly"
-    cooldown:
-      default-days: 7
@@ -1,8 +0,0 @@
-<!-- description of the changes in this PR -->
-
- [ ] I've documented the public API Changes in the appropriate `CHANGELOG.md` files.
- [ ] This PR was made with the help of AI.
-
-<!-- Sign-off, if not part of the commits -->
-<!-- See CONTRIBUTING.md if you don't know what this is -->
-Signed-off-by: 
@@ -0,0 +1,13 @@
+name: Security audit
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * *'
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions-rs/audit-check@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
@@ -1,103 +1,56 @@
 name: Benchmarks

 on:
-  push:
-    branches:
-      - "main"
-  pull_request:
  workflow_dispatch:

 jobs:
  benchmarks:
    name: Run Benchmarks
    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-    strategy:
-      matrix:
-        benchmark:
-          - crypto_bench
-          - event_cache
-          - linked_chunk
-          - store_bench
-          - timeline
-          - room_list
+    environment: matrix-rust-bot
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
-      # This CI workflow can run into space issue, so we're cleaning up some
-      # space here.
-      - name: Create some more space
-        run: |
-          echo "Disk space before cleanup"
-          df -h
+    - name: Checkout the repo
+      uses: actions/checkout@v3

-          cd /opt
-          find . -maxdepth 1 -mindepth 1 '!' -path ./containerd '!' -path ./actionarchivecache '!' -path ./runner '!' -path ./runner-cache -exec rm -rf '{}' ';'
-          rm -rf /opt/hostedtoolcache
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: nightly
+        components: rustfmt
+        profile: minimal
+        override: true

-          # Get rid of binaries and libs we're not interested in.
-          sudo rm -rf \
-            /usr/local/julia* \
-            /usr/local/aws*
+    - name: Run Benchmarks
+      run: cargo bench | tee benchmark-output.txt

-          sudo rm -rf \
-            /usr/local/bin/minikube \
-            /usr/local/bin/node \
-            /usr/local/bin/stack \
-            /usr/local/bin/bicep \
-            /usr/local/bin/pulumi* \
-            /usr/local/bin/helm \
-            /usr/local/bin/azcopy \
-            /usr/local/bin/packer \
-            /usr/local/bin/cmake-gui \
-            /usr/local/bin/cpack
+    - name: Check benchmark result for PR
+      if: github.event_name == 'pull_request'
+      uses: benchmark-action/github-action-benchmark@v1
+      with:
+        name: Rust Benchmark
+        tool: 'cargo'
+        output-file-path: benchmark-output.txt
+        auto-push: false
+        # comment to alert the user this has gone bad
+        github-token: ${{ secrets.MRB_ACCESS_TOKEN }}
+        alert-threshold: '120%'
+        comment-on-alert: true
+        fail-threshold: '150%'
+        fail-on-alert: true

-          sudo rm -rf \
-            /usr/local/share/powershell \
-            /usr/local/share/chromium
-
-          sudo rm -rf /usr/local/lib/android
-
-          echo "::group::/usr/local/bin/*"
-          du -hsc /usr/local/bin/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/usr/local/share/*"
-          du -hsc /usr/local/share/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/usr/local/*"
-          du -hsc /usr/local/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/usr/local/lib/*"
-          du -hsc /usr/local/lib/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/opt/*"
-          du -hsc /opt/* | sort -h
-          echo "::endgroup::"
-
-          echo "Disk space after cleanup"
-          df -h
-
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-        with:
-          persist-credentials: false
-
-      - name: Setup rust toolchain, cache and cargo-codspeed binary
-        uses: moonrepo/setup-rust@abb2d32350334249b178c401e5ec5836e0cd88d3
-        with:
-          channel: stable
-          cache-target: release
-          bins: cargo-codspeed
-
-      - name: Build the benchmark target(s)
-        run: cargo codspeed build -p benchmarks --bench ${{ matrix.benchmark }} --features codspeed
-
-      - name: Run the benchmarks
-        uses: CodSpeedHQ/action@db35df748deb45fdef0960669f57d627c1956c30
-        with:
-          run: cargo codspeed run
-          mode: simulation
+    - name: Store benchmark result
+      if: github.event_name != 'pull_request'
+      uses: benchmark-action/github-action-benchmark@v1
+      with:
+        name: Rust Benchmark
+        tool: 'cargo'
+        output-file-path: benchmark-output.txt
+        github-token: ${{ secrets.GITHUB_TOKEN }}
+        auto-push: true
+        # Show alert with commit comment on detecting possible performance regression
+        alert-threshold: '150%'
+        comment-on-alert: true
+        fail-on-alert: true
+        alert-comment-cc-users: '@gnunicornBen,@jplatte,@poljar'
@@ -12,232 +12,166 @@ on:
      - synchronize
      - ready_for_review

-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
 env:
  CARGO_TERM_COLOR: always
+  MATRIX_SDK_CRYPTO_NODEJS_PATH: bindings/matrix-sdk-crypto-nodejs
+  MATRIX_SDK_CRYPTO_JS_PATH: bindings/matrix-sdk-crypto-js

 jobs:
-  xtask:
-    uses: ./.github/workflows/xtask.yml
-
-  test-uniffi-codegen:
-    name: Test UniFFI bindings generation
-    needs: xtask
+  test-matrix-sdk-crypto-nodejs:
+    name: ${{ matrix.os-name }} [m]-crypto-nodejs, v${{ matrix.node-version }}
    if: github.event_name == 'push' || !github.event.pull_request.draft
+
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: true
+      matrix:
+        os: [ubuntu-latest]
+        node-version: [14.0, 16.0, 18.0]
+        include:
+          - os: ubuntu-latest
+            os-name: 🐧
+
+          - os: macos-latest
+            os-name: 🍏
+            node-version: 18.0
+
+          - node-version: 18.0
+            build-doc: true
+
+    steps:
+      - name: Checkout the repo
+        uses: actions/checkout@v3
+
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          profile: minimal
+          override: true
+
+      - name: Load cache
+        uses: Swatinem/rust-cache@v1
+
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+
+      - name: Install NPM dependencies
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_NODEJS_PATH }}
+        run: npm install
+
+      - name: Build the Node.js binding
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_NODEJS_PATH }}
+        run: npm run release-build
+
+      - name: Test the Node.js binding
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_NODEJS_PATH }}
+        run: npm run test
+
+      # Building in dev-mode and copy lib in failure case
+      - name: Build the Node.js binding in non-release
+        if: failure()
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_NODEJS_PATH }}
+        run: |
+          cp *.node release-mode-lib.node
+          npm run build
+
+      - uses: actions/upload-artifact@v3
+        if: failure()
+        with:
+          name: Failure Files
+          path: |
+            bindings/matrix-sdk-crypto-nodejs/*.node
+            /var/crash/*.crash
+
+      - if: ${{ matrix.build-doc }}
+        name: Build the documentation
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_NODEJS_PATH }}
+        run: npm run doc
+
+  test-matrix-sdk-crypto-js:
+    name: 🕸 [m]-crypto-js
+    if: github.event_name == 'push' || !github.event.pull_request.draft
+
    runs-on: ubuntu-latest

    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Install protoc
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v2.75.10
-        with:
-          tool: protoc@3.20.3
+      - name: Checkout the repo
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
-
-      # Cargo config can screw with caching and is only used for alias config
-      # and extra lints, which we don't care about here
-      - name: Delete cargo config
-        run: rm .cargo/config.toml
+          target: wasm32-unknown-unknown
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
+        uses: Swatinem/rust-cache@v1
+
+      - name: Install Node.js
+        uses: actions/setup-node@v3
        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+          node-version: 18.0

-      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-        with:
-          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
+      - name: Install NPM dependencies
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_JS_PATH }}
+        run: npm install

-      - name: Build library & generate bindings
-        run: target/debug/xtask ci bindings
+      - name: Build the WebAssembly + JavaScript binding
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_JS_PATH }}
+        run: npm run build

-  test-android:
-    name: matrix-rust-components-kotlin
-    needs: xtask
-    runs-on: ubuntu-latest
-    if: github.event_name == 'push' || !github.event.pull_request.draft
+      - name: Test the JavaScript binding
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_JS_PATH }}
+        run: npm run test

-    steps:
-      - name: Checkout Rust SDK
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Checkout Kotlin Rust Components project
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          repository: matrix-org/matrix-rust-components-kotlin
-          path: rust-components-kotlin
-          ref: main
-          persist-credentials: false
-
-      - name: Use JDK 17
-        uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
-        with:
-          distribution: 'temurin' # See 'Supported distributions' for available options
-          java-version: '17'
-
-      - name: Install android sdk
-        uses: malinskiy/action-android/install-sdk@fa103ef30331e95f266418a6a97e98f61f626887 # release/0.1.7
-
-      - name: Install android ndk
-        uses: nttld/setup-ndk@ed92fe6cadad69be94a966a7ee3271275e62f779 # v1
-        id: install-ndk
-        with:
-          ndk-version: r27
-
-      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
-        with:
-          toolchain: stable
-
-      # Cargo config can screw with caching and is only used for alias config
-      # and extra lints, which we don't care about here
-      - name: Delete cargo config
-        run: rm .cargo/config.toml
-
-      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
-
-      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-        with:
-          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
-
-      - name: Install Rust dependencies
-        run: |
-          rustup target add x86_64-linux-android
-          cargo install cargo-ndk
-
-      - name: Build SDK bindings for Android
-        # Building for x86_64-linux-android as it's the most prone to breaking and building for every arch is too much
-        run: |
-          echo "Building SDK for x86_64-linux-android and creating bindings"
-          target/debug/xtask kotlin build-android-library --package full-sdk --only-target x86_64-linux-android --src-dir rust-components-kotlin/sdk/sdk-android/src/main
-          echo "Copying the result binary to the Android project"
-          cd rust-components-kotlin
-          echo "Building the Kotlin bindings"
-          ./gradlew :sdk:sdk-android:assembleDebug
+      - name: Build the documentation
+        working-directory: ${{ env.MATRIX_SDK_CRYPTO_JS_PATH }}
+        run: npm run doc

  test-apple:
    name: matrix-rust-components-swift
-    needs: xtask
-    runs-on: macos-15
+    runs-on: macos-12
    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      # install protoc in case we end up rebuilding opentelemetry-proto
-      - name: Install protoc
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v2.75.10
-        with:
-          tool: protoc@3.20.3
+        uses: actions/checkout@v1

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
-          toolchain: stable
+          toolchain: nightly
+          profile: minimal
+          override: true

-      - name: Install aarch64-apple-ios target
-        run: rustup target install aarch64-apple-ios
-
-      # Cargo config can screw with caching and is only used for alias config
-      # and extra lints, which we don't care about here
-      - name: Delete cargo config
-        run: rm .cargo/config.toml
+      - name: Install targets
+        run: |
+          rustup target add aarch64-apple-ios-sim --toolchain nightly
+          rustup target add x86_64-apple-ios --toolchain nightly

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

-      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+      - name: Install Uniffi
+        uses: actions-rs/cargo@v1
        with:
-          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-macos }}"
-          fail-on-cache-miss: true
+          command: install
+          # keep in sync with uniffi dependency in Cargo.toml's
+          args: uniffi_bindgen --git https://github.com/mozilla/uniffi-rs --rev 091c3561656e72e1a4160412c83b36d98e556d06

-      - name: Build library & bindings
-        run: target/debug/xtask swift build-library
+      - name: Generate .xcframework
+        working-directory: bindings/apple
+        run: sh ./debug_build_xcframework.sh x86_64 ci

      - name: Run XCTests
        working-directory: bindings/apple
-        run: swift test
-
-      - name: Build Framework
-        run: target/debug/xtask swift build-framework --target=aarch64-apple-ios --profile=dev --ios-deployment-target=18.0
-
-  complement-crypto:
-    name: "Run Complement Crypto tests"
-    uses: matrix-org/complement-crypto/.github/workflows/single_sdk_tests.yml@399a1deeab0d7e4fa9604cbe83b1df6058c40193 # main
-    with:
-        use_rust_sdk: "." # use local checkout
-        use_complement_crypto: "MATCHING_BRANCH"
-
-  test-crypto-apple-framework-generation:
-    name: Generate Crypto FFI Apple XCFramework
-    runs-on: macos-15
-    if: github.event_name == 'push' || !github.event.pull_request.draft
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      # install protoc in case we end up rebuilding opentelemetry-proto
-      - name: Install protoc
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v2.75.10
-        with:
-          tool: protoc@3.20.3
-
-      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
-        with:
-          toolchain: stable
-
-      - name: Add rust targets
        run: |
-          rustup target add aarch64-apple-ios
-
-      # Cargo config can screw with caching and is only used for alias config
-      # and extra lints, which we don't care about here
-      - name: Delete cargo config
-        run: rm .cargo/config.toml
-
-      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
-
-      - name: Run the Build Framework script
-        run: ./bindings/apple/build_crypto_xcframework.sh -i
-
-      - name: Is XCFramework generated?
-        if: ${{ hashFiles('generated/MatrixSDKCryptoFFI.zip') != '' }}
-        run: echo "XCFramework exists"
+          xcodebuild test \
+            -scheme MatrixRustSDK \
+            -sdk iphonesimulator \
+            -destination 'platform=iOS Simulator,name=iPhone 13'
@@ -6,26 +6,57 @@ on:
    branches: [main]
  pull_request:
    branches: [main]
-
-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
+    types:
+      - opened
+      - reopened
+      - synchronize
+      - ready_for_review

 env:
  CARGO_TERM_COLOR: always
-  # Insta.rs is run directly via cargo test. We don't want insta.rs to create new snapshots files.
-  # Just want it to run the tests (option `no` instead of `auto`).
-  INSTA_UPDATE: no

 jobs:
+  cancel-others:
+    if: github.event_name == 'pull_request'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Cancel Previous Runs
+        uses: styfle/cancel-workflow-action@0.9.1
+        with:
+          access_token: ${{ github.token }}
+
  xtask:
-    uses: ./.github/workflows/xtask.yml
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v2
+
+      - name: Check xtask cache
+        uses: actions/cache@v3
+        id: xtask-cache
+        with:
+          path: target/debug/xtask
+          key: xtask-${{ hashFiles('xtask/**') }}
+
+      - name: Install rust stable toolchain
+        if: steps.xtask-cache.outputs.cache-hit != 'true'
+        uses: actions-rs/toolchain@v1
+        with:
+          profile: minimal
+          toolchain: stable
+          override: true
+
+      - name: Build
+        if: steps.xtask-cache.outputs.cache-hit != 'true'
+        uses: actions-rs/cargo@v1
+        with:
+          command: build
+          args: -p xtask

  test-matrix-sdk-features:
    name: 🐧 [m], ${{ matrix.name }}
    needs: xtask
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    runs-on: ubuntu-latest
    strategy:
@@ -33,140 +64,116 @@ jobs:
      matrix:
        name:
          - no-encryption
-          - no-sqlite
-          - no-encryption-and-sqlite
-          - sqlite-cryptostore
-          - experimental-encrypted-state-events
+          - no-sled
+          - no-encryption-and-sled
+          - sled-cryptostore
+          - rustls-tls
          - markdown
          - socks
          - sso-login
-          - search

    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v1

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
-
-      - name: Install libsqlite
-        run: |
-          sudo apt-get update
-          sudo apt-get install libsqlite3-dev
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          # use a separate cache for each job to work around
-          # https://github.com/Swatinem/rust-cache/issues/124
-          key: "${{ matrix.name }}"
-
-          # ... but only save the cache on the main branch
-          # cf https://github.com/Swatinem/rust-cache/issues/95
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Install nextest
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
-        with:
-          tool: nextest
+        uses: taiki-e/install-action@nextest

      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@v3
        with:
          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
+          key: xtask-${{ hashFiles('xtask/**') }}

      - name: Test
-        run: |
-          target/debug/xtask ci test-features ${{ matrix.name }}
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci test-features ${{ matrix.name }}

  test-matrix-sdk-examples:
    name: 🐧 [m]-examples
    needs: xtask
    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
      - name: Checkout the repo
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Install nextest
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
-        with:
-          tool: nextest
+        uses: taiki-e/install-action@nextest

      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@v3
        with:
          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
+          key: xtask-${{ hashFiles('xtask/**') }}

      - name: Test
-        run: |
-          target/debug/xtask ci examples
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci examples

  test-matrix-sdk-crypto:
    name: 🐧 [m]-crypto
    needs: xtask
    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
      - name: Checkout the repo
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Install libsqlite
-        run: |
-          sudo apt-get update
-          sudo apt-get install libsqlite3-dev
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
-          components: clippy
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Install nextest
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
-        with:
-          tool: nextest
+        uses: taiki-e/install-action@nextest

      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@v3
        with:
          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
+          key: xtask-${{ hashFiles('xtask/**') }}

      - name: Test
-        run: |
-          target/debug/xtask ci test-crypto
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci test-crypto

  test-all-crates:
    name: ${{ matrix.name }}
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    runs-on: ${{ matrix.os }}
    strategy:
@@ -187,48 +194,37 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v1

-      - name: Install protoc
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v2.75.10
-        with:
-          tool: protoc@3.20.3
-
-      - name: Install libsqlite
-        if: runner.os == 'Linux'
-        run: |
-          sudo apt-get update
-          sudo apt-get install libsqlite3-dev
-
-      - name: Install Rust toolchain
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: ${{ matrix.rust }}
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Install nextest
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
-        with:
-          tool: nextest
+        uses: taiki-e/install-action@nextest

      - name: Test
-        run: |
-          cargo nextest run --workspace \
-            --exclude matrix-sdk-integration-testing --features testing
+        uses: actions-rs/cargo@v1
+        with:
+          command: nextest
+          args: run --workspace --exclude matrix-sdk-integration-testing

      - name: Test documentation
-        run: |
-          cargo test --doc --features docsrs
+        uses: actions-rs/cargo@v1
+        with:
+          command: test
+          args: --doc

  test-wasm:
    name: 🕸️ ${{ matrix.name }}
    needs: xtask
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    runs-on: ubuntu-latest

@@ -245,189 +241,214 @@ jobs:
          - name: '[m]-common'
            cmd: matrix-sdk-common

-          - name: '[m], no-default'
+          - name: '[m]-indexeddb, no crypto'
+            cmd: indexeddb-no-crypto
+
+          - name: '[m]-indexeddb, with crypto'
+            cmd: indexeddb-with-crypto
+
+          - name: '[m], no-default, wasm-flags'
            cmd: matrix-sdk-no-default

-          - name: '[m]-ui'
-            cmd: matrix-sdk-ui
-            check_only: true
-
-          - name: '[m]-indexeddb'
-            cmd: indexeddb
-
          - name: '[m], indexeddb stores'
            cmd: matrix-sdk-indexeddb-stores

          - name: '[m], indexeddb stores, no crypto'
            cmd: matrix-sdk-indexeddb-stores-no-crypto

+          - name: '[m], wasm-example'
+            cmd: matrix-sdk-command-bot
+
    steps:
      - name: Checkout the repo
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
-          targets: wasm32-unknown-unknown
+          target: wasm32-unknown-unknown
          components: clippy
+          profile: minimal
+          override: true

      - name: Install wasm-pack
-        uses: qmaru/wasm-pack-action@785fe709cd17eb6a97607eda9b6f5dbebed2b89c # v0.5.3
-        if: '!matrix.check_only'
+        uses: jetli/wasm-pack-action@v0.3.0
        with:
-          version: v0.13.1
+          version: latest

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          # use a separate cache for each job to work around
-          # https://github.com/Swatinem/rust-cache/issues/124
-          key: "${{ matrix.cmd }}"
-
-          # ... but only save the cache on the main branch
-          # cf https://github.com/Swatinem/rust-cache/issues/95
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Install nextest
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
-        with:
-          tool: nextest
+        uses: taiki-e/install-action@nextest

      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@v3
        with:
          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
+          key: xtask-${{ hashFiles('xtask/**') }}

      - name: Rust Check
-        run: |
-          target/debug/xtask ci wasm ${{ matrix.cmd }}
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci wasm ${{ matrix.cmd }}

      - name: Wasm-Pack test
-        if: '!matrix.check_only'
-        run: |
-          target/debug/xtask ci wasm-pack ${{ matrix.cmd }}
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci wasm-pack ${{ matrix.cmd }}
+
+  test-appservice:
+    name: ${{ matrix.os-name }} [m]-appservice
+    needs: xtask
+    if: github.event_name == 'push' || !github.event.pull_request.draft
+
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: true
+      matrix:
+        include:
+          - os: ubuntu-latest
+            os-name: 🐧
+
+          - os: macos-latest
+            os-name: 🍏
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v1
+
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          profile: minimal
+          override: true
+
+      - name: Load cache
+        uses: Swatinem/rust-cache@v1
+
+      - name: Install nextest
+        uses: taiki-e/install-action@nextest
+
+      - name: Get xtask
+        uses: actions/cache@v3
+        with:
+          path: target/debug/xtask
+          key: xtask-${{ hashFiles('xtask/**') }}
+
+      - name: Run checks
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci test-appservice
+
+  formatting:
+    name: Check Formatting
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || !github.event.pull_request.draft
+
+    steps:
+      - name: Checkout the repo
+        uses: actions/checkout@v3
+
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: nightly
+          components: rustfmt
+          profile: minimal
+          override: true
+
+      - name: Cargo fmt
+        uses: actions-rs/cargo@v1
+        with:
+          command: fmt
+          args: -- --check

  typos:
    name: Spell Check with Typos
    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
      - name: Checkout Actions Repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
+        uses: actions/checkout@v3

      - name: Check the spelling of the files in our repo
-        uses: crate-ci/typos@cf5f1c29a8ac336af8568821ec41919923b05a83 # v1.45.1
+        uses: crate-ci/typos@master

-  lint:
-    name: Lint
+  clippy:
+    name: Run clippy
    needs: xtask
    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
      - name: Checkout the repo
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Install protoc
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v2.75.10
-        with:
-          tool: protoc@3.20.3
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
-          toolchain: nightly-2026-02-26
-          components: clippy, rustfmt
+          toolchain: nightly
+          components: clippy
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@v3
        with:
          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
-
-      - name: Check Formatting
-        run: |
-          target/debug/xtask ci style
+          key: xtask-${{ hashFiles('xtask/**') }}

      - name: Clippy
-        run: |
-          target/debug/xtask ci clippy
+        uses: actions-rs/cargo@v1
+        with:
+          command: run
+          args: -p xtask -- ci clippy

  integration-tests:
-    name: 'Integration test (features: ${{ matrix.feature }})'
+    name: Integration test
+    if: github.event_name == 'push' || !github.event.pull_request.draft
+
    runs-on: ubuntu-latest

-    # run several docker containers with the same networking stack so the hostname 'synapse'
-    # maps to the synapse container, etc.
-    services:
-      # tests need a synapse: this is a service and not michaelkaye/setup-matrix-synapse@main as the
-      # latter does not provide networking for services to communicate with it.
-      synapse:
-        image: ghcr.io/matrix-org/synapse-service:v1.117.0 # keep in sync with ./coverage.yml
-        env:
-            SYNAPSE_COMPLEMENT_DATABASE: sqlite
-            SERVER_NAME: synapse
-        ports:
-            - 8008:8008
-
-    strategy:
-      fail-fast: true
-      matrix:
-        feature:
-          - "default"
-          - "experimental-encrypted-state-events"
-
    steps:
      - name: Checkout the repo
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Install libsqlite
-        run: |
-          sudo apt-get update
-          sudo apt-get install libsqlite3-dev
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
+          profile: minimal
+          override: true

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      - name: Install nextest
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
+        uses: taiki-e/install-action@nextest
+
+      - uses: actions/setup-python@v4
        with:
-          tool: nextest
+          python-version: 3.8
+
+      - uses: michaelkaye/setup-matrix-synapse@main
+        with:
+          uploadLogs: true
+          httpPort: 8228
+          disableRateLimiting: true

      - name: Test
-        env:
-          RUST_LOG: "info,matrix_sdk=trace"
-          HOMESERVER_URL: "http://localhost:8008"
-          HOMESERVER_DOMAIN: "synapse"
-        run: |
-          cargo nextest run --profile ci -p matrix-sdk-integration-testing --features "${{ matrix.feature }}"
-
-      - name: Upload test results to Codecov
-        if: ${{ !cancelled() }}
-        uses: codecov/test-results-action@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3
+        uses: actions-rs/cargo@v1
        with:
-          files: ./target/nextest/ci/junit.xml
-          token: ${{ secrets.CODECOV_TOKEN }}
+          command: nextest
+          args: run -p matrix-sdk-integration-testing
@@ -1,4 +1,4 @@
-name: Code Coverage
+name: Code coverage

 on:
  push:
@@ -6,163 +6,54 @@ on:
  pull_request:
    branches: [main]

-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
 env:
  CARGO_TERM_COLOR: always
-  # without matrix_sdk=trace, expressions in `trace!` fields are not evaluated
-  # when the `trace!` statement is hit, and thus not covered
-  RUST_LOG: info,matrix_sdk=trace

 jobs:
-  xtask:
-    uses: ./.github/workflows/xtask.yml
-
  code_coverage:
    name: Code Coverage
-    needs: xtask
    runs-on: "ubuntu-latest"
-    permissions:
-      contents: read
-      id-token: write
-
-    # run several docker containers with the same networking stack so the hostname 'synapse'
-    # maps to the synapse container, etc.
-    services:
-      # tests need a synapse: this is a service and not michaelkaye/setup-matrix-synapse@main as the
-      # latter does not provide networking for services to communicate with it.
-      synapse:
-        image: ghcr.io/matrix-org/synapse-service:v1.117.0 # keep in sync with ./ci.yml
-        env:
-            SYNAPSE_COMPLEMENT_DATABASE: sqlite
-            SERVER_NAME: synapse
-        ports:
-            - 8008:8008
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
-      # This CI workflow can run into space issue, so we're cleaning up some
-      # space here.
-      - name: Create some more space
-        run: |
-          echo "Disk space before cleanup"
-          df -h
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}

-          cd /opt
-          find . -maxdepth 1 -mindepth 1 '!' -path ./containerd '!' -path ./actionarchivecache '!' -path ./runner '!' -path ./runner-cache -exec rm -rf '{}' ';'
-          rm -rf /opt/hostedtoolcache
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+        profile: minimal
+        override: true

-          # Get rid of binaries and libs we're not interested in.
-          sudo rm -rf \
-            /usr/local/julia* \
-            /usr/local/aws*
+    - name: Load cache
+      uses: Swatinem/rust-cache@v1

-          sudo rm -rf \
-            /usr/local/bin/minikube \
-            /usr/local/bin/node \
-            /usr/local/bin/stack \
-            /usr/local/bin/bicep \
-            /usr/local/bin/pulumi* \
-            /usr/local/bin/helm \
-            /usr/local/bin/azcopy \
-            /usr/local/bin/packer \
-            /usr/local/bin/cmake-gui \
-            /usr/local/bin/cpack
+    - name: Install tarpaulin
+      uses: actions-rs/cargo@v1
+      with:
+        command: install
+        args: cargo-tarpaulin

-          sudo rm -rf \
-            /usr/local/share/powershell \
-            /usr/local/share/chromium
+    # set up backend for integration tests
+    - uses: actions/setup-python@v4
+      with:
+        python-version: 3.8

-          sudo rm -rf /usr/local/lib/android
+    - uses: gnunicorn/setup-matrix-synapse@main
+      with:
+        uploadLogs: true
+        httpPort: 8228
+        disableRateLimiting: true
+        serverName: "matrix-sdk.rs"

-          echo "::group::/usr/local/bin/*"
-          du -hsc /usr/local/bin/* | sort -h
-          echo "::endgroup::"
+    - name: Run tarpaulin
+      uses: actions-rs/cargo@v1
+      with:
+        command: tarpaulin
+        args: --out Xml

-          echo "::group::/usr/local/share/*"
-          du -hsc /usr/local/share/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/usr/local/*"
-          du -hsc /usr/local/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/usr/local/lib/*"
-          du -hsc /usr/local/lib/* | sort -h
-          echo "::endgroup::"
-
-          echo "::group::/opt/*"
-          du -hsc /opt/* | sort -h
-          echo "::endgroup::"
-
-          echo "Disk space after cleanup"
-          df -h
-
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          persist-credentials: false
-
-      - name: Install libsqlite
-        run: |
-          sudo apt-get update
-          sudo apt-get install libsqlite3-dev
-          sudo apt-get clean
-          sudo rm -rf /var/lib/apt/lists/*
-
-      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
-        with:
-          toolchain: stable
-
-      # Cargo config can screw with caching and is only used for alias config
-      # and extra lints, which we don't care about here
-      - name: Delete cargo config
-        run: rm .cargo/config.toml
-
-      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          prefix-key: "coverage"
-          save-if: ${{ github.ref == 'refs/heads/main' }}
-
-      - name: Install nextest and llvm-cov
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v 2.75.10
-        with:
-          tool: nextest,cargo-llvm-cov
-
-      - name: Get xtask
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-        with:
-          path: target/debug/xtask
-          key: "${{ needs.xtask.outputs.cachekey-linux }}"
-          fail-on-cache-miss: true
-
-      - name: Check total disk space before running
-        run: |
-          df -h
-
-      - name: Create the coverage report
-        run: |
-          target/debug/xtask ci coverage -o codecov 
-        env:
-          CARGO_PROFILE_COV_INHERITS: 'dev'
-          CARGO_PROFILE_COV_DEBUG: 1
-          HOMESERVER_URL: "http://localhost:8008"
-          HOMESERVER_DOMAIN: "synapse"
-
-      - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2
-        with:
-          use_oidc: true
-
-      - name: Upload test results to Codecov
-        if: ${{ !cancelled() }}
-        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2
-        with:
-          use_oidc: true
-          report_type: "test_results"
+    - name: Upload to codecov.io
+      uses: codecov/codecov-action@v3
@@ -1,19 +0,0 @@
-name: Lint dependencies (for licences, allowed sources, banned dependencies, vulnerabilities)
-on:
-  pull_request:
-    paths:
-      - '**/Cargo.toml'
-  workflow_dispatch:
-  schedule:
-    - cron: '0 0 * * *'
-
-permissions: {}
-
-jobs:
-  cargo-deny:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      with:
-        persist-credentials: false
-    - uses: EmbarkStudios/cargo-deny-action@3fd3802e88374d3fe9159b834c7714ec57d6c979 # v2.0.15
@@ -1,39 +0,0 @@
-# Check if the path of changed file is longer than 260 characters
-# that windows filesystem allows
-
-name: Detect long path among changed files
-
-on:
-  workflow_dispatch:
-  pull_request: # focus on the changed files in current PR
-    branches: [main]
-
-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  long-path:
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-      - name: Check for changed files
-        id: changed-files
-        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
-      - name: Detect long path
-        env:
-          ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }} # ignore the deleted files
-          MAX_LENGTH: 120 # set max length to 120, considering the base path of app project that uses matrix-sdk
-        run: |
-          for file in ${ALL_CHANGED_FILES}; do
-            if [ ${#file} -gt $MAX_LENGTH ]; then
-              echo "File path is too long. Length: ${#file}, Path: $file"
-              exit 1
-            fi
-          done
-          exit 0
@@ -1,16 +0,0 @@
-name: Detects unused dependencies
-on:
-  pull_request: { branches: "*" }
-
-permissions: {}
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-      - name: Machete
-        uses: bnjbvr/cargo-machete@ac30a525c0a8d163a92d727b3ff079ee3f6ecb08
@@ -5,60 +5,67 @@ on:
    branches: [main]
  pull_request:

-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-permissions:
-  contents: read
-  pages: write
-  id-token: write
-
 jobs:
  docs:
    name: All crates
    runs-on: ubuntu-latest
+    if: github.event_name == 'push' || !github.event.pull_request.draft

    steps:
      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Install protoc
-        uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # v2.75.10
-        with:
-          tool: protoc@3.20.3
+        uses: actions/checkout@v3

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
+        uses: actions-rs/toolchain@v1
        with:
-          toolchain: nightly-2026-02-26
+          profile: minimal
+          toolchain: nightly
+          override: true

      - name: Install Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: actions/setup-node@v3
        with:
-          node-version: 20
+          node-version: 18

      - name: Load cache
-        uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
-        with:
-          save-if: ${{ github.ref == 'refs/heads/main' }}
+        uses: Swatinem/rust-cache@v1

      # Keep in sync with xtask docs
-      - name: Build documentation
+      - name: Build rust documentation
+        uses: actions-rs/cargo@v1
        env:
+          # Work around https://github.com/rust-lang/cargo/issues/10744
+          CARGO_TARGET_APPLIES_TO_HOST: "true"
          RUSTDOCFLAGS: "--enable-index-page -Zunstable-options --cfg docsrs -Dwarnings"
-        run:
-          cargo doc --no-deps --workspace --features docsrs --exclude=xtask
-
-      - name: Upload artifact
-        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-        uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0
        with:
-          path: './target/doc/'
+          command: doc
+          args: --no-deps --features docsrs

-      - name: Deploy to GitHub Pages
+      - name: Build `matrix-sdk-crypto-nodejs` doc
+        run: |
+          cd bindings/matrix-sdk-crypto-nodejs
+          npm install
+          npm run build && npm run doc
+
+      - name: Build `matrix-sdk-crypto-js` doc
+        run: |
+          cd bindings/matrix-sdk-crypto-js
+          npm install
+          npm run build && npm run doc
+
+      - name: Prepare the doc hierarchy
+        shell: bash
+        run: |
+          mkdir -p doc/bindings/matrix-sdk-crypto-nodejs/
+          mkdir -p doc/bindings/matrix-sdk-crypto-js/
+          mv target/doc/* doc/
+          mv bindings/matrix-sdk-crypto-nodejs/docs/* doc/bindings/matrix-sdk-crypto-nodejs/
+          mv bindings/matrix-sdk-crypto-js/docs/* doc/bindings/matrix-sdk-crypto-js/
+
+      - name: Deploy documentation
        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
-        id: deployment
-        uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0
+        uses: peaceiris/actions-gh-pages@v3
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./doc/
+          force_orphan: true
@@ -1,16 +0,0 @@
-name: Git Checks
-
-on: [pull_request]
-
-permissions: {}
-
-jobs:
-  block-fixup:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      with:
-        persist-credentials: false
-    - name: Block Fixup Commit Merge
-      uses: 13rac1/block-fixup-merge-action@bd5504fb9ca0253e109d98eb86b7debc01970cdc # v2.0.0
@@ -1,22 +0,0 @@
-name: Rust version
-
-on:
-  workflow_dispatch:
-  push:
-    branches: [main]
-  pull_request:
-    branches: [main]
-
-permissions: {}
-
-jobs:
-  msrv:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      with:
-        persist-credentials: false
-    - uses: taiki-e/install-action@85b24a67ef0c632dfefad70b9d5ce8fddb040754 # cargo-hack
-      with:
-        tool: cargo-hack
-    - run: cargo hack check --rust-version --workspace --all-targets
@@ -0,0 +1,117 @@
+name: Prepare Crypto-Node.js Release
+# 
+#  This is a helper workflow to craft a new Node.js release, trigger this via
+#  the Github Workflow UI by dispatching it manually. Provide the version, the 
+#  matrix-sdk-crypto-nodejs npm package should be set to, and a optionally the
+#  old version (as used in the git tag) this release should be compared to.
+#
+#  This will then:
+#    1. bump the npm version to the one you specified
+#    2. commit that change together with the changelog (if it changed, see below)
+#    3. create the appropriate tag on that commit
+#    4. create the Github draft release, including the changes (if given, see below)
+#    5. push these to a new branch, including tag, triggering the `release-crypto-nodejs` workflow
+#    6. create a PR to merge these back into `main`
+#
+#  Additionally, if you provide a tag to comapare this tag to, this will:
+#    1. create a changelog between the two releases, used for the github release
+#    2. update the Changelog.md and include it in the commit
+#
+#  The remaining tasks are done by the release-crypto-nodejs workflow.
+
+on:
+  workflow_dispatch:
+    inputs:
+      version:
+        description: 'New Node.js SemVer version to create'
+        required: true 
+        type: string
+      previous_version:
+        description: 'Create the changelog by comparing to this old SemVer Version (as used in the tag) '
+        type: string
+
+env:
+  PKG_PATH: "bindings/matrix-sdk-crypto-nodejs"
+  TAG_PREFIX: "matrix-sdk-crypto-nodejs-v"
+
+jobs:
+  prepare-release:
+    name: "Preparing crypto-nodejs release tag"
+    runs-on: ubuntu-latest
+    outputs:
+      tag: "${{ env.TAG_PREFIX }}${{ inputs.version }}"
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+
+      # Generate changelog since last tag, if given
+      - name: Generate a changelog for upload
+        if: inputs.previous_version
+        uses: orhun/git-cliff-action@v1
+        with:
+          config: "${{ env.PKG_PATH }}/cliff.toml"
+          args: --strip header "${{env.TAG_PREFIX}}${{ inputs.previous_version }}..HEAD"
+        env:
+          GIT_CLIFF_TAG: "Changes ${{ inputs.previous_version }} -> ${{ inputs.version }}"
+          GIT_CLIFF_OUTPUT: "${{ env.PKG_PATH }}/CHANGES-${{ inputs.version }}.md"
+
+      # Update changelog since last tag, if given
+      - name: Update existing Changelog
+        if: inputs.previous_version
+        uses: orhun/git-cliff-action@v1
+        with:
+          config: "${{ env.PKG_PATH }}/cliff.toml"
+          args: "${{ inputs.previous_version }}..HEAD"
+        env:
+          GIT_CLIFF_TAG: "${{ inputs.version }}"
+          GIT_CLIFF_PREPEND: "${{ env.PKG_PATH }}/CHANGELOG.md"
+
+      - name: Set version
+        id: package_version
+        working-directory: ${{ env.PKG_PATH }}
+        run: npm version ${{ inputs.version }}
+
+      - uses: EndBug/add-and-commit@v9
+        with:
+          default_author: github_actions
+          message: "Tagging Crypto-Node.js for release"
+          tag: "${{env.TAG_PREFIX}}${{ inputs.version }}"
+          new_branch: "gh-action/release-${{ env.TAG_PREFIX }}${{ inputs.version }}"
+          push: true
+          add: |
+            ${{ env.PKG_PATH }}/package.json
+            ${{ env.PKG_PATH }}/CHANGELOG.md
+
+      # if we have generated changes
+      - name: Update Github Release notes
+        if: inputs.previous_version
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          tag_name: ${{ env.TAG_PREFIX }}${{ inputs.version }}
+          body_path: "${{ env.PKG_PATH }}/CHANGES-${{ inputs.version }}.md"
+
+      # no changes, use the default changelog for the body
+      - name: Update Github Release notes
+        if: ${{!inputs.previous_version}}
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          tag_name: ${{ env.TAG_PREFIX }}${{ inputs.version }}
+          body_path: "${{ env.PKG_PATH }}/CHANGELOG.md"
+
+      # let's create a PR for all this, too
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@v4
+        with:
+          title: "Preparing Release ${{ env.TAG_PREFIX }}${{ inputs.version }}"
+          body: |
+            Automatic Pull-Request to merge release ${{ env.TAG_PREFIX }}${{ inputs.version }}
+
+  trigger-release:
+    # and trigger the tagging release workflow
+    uses: matrix-org/matrix-rust-sdk/.github/workflows/release-crypto-nodejs.yml@main
+    needs: ['prepare-release']
+    name: "Trigger release Workflow"
+    with:
+      tag: ${{needs.prepare-release.outputs.tag}}
@@ -0,0 +1,139 @@
+name: Release Crypto-Node.js
+#
+# This workflow releases the crypto-bindings for nodejs
+#
+# It is triggered when seeing a tag prefixed matching `matrix-sdk-crypto-nodejs-v[0-9]+.*`,
+# which then build the native bindings for linux, mac and windows via the CI and uploads
+# them to the corresponding Github Release tag. Once they are finished, this workflow will
+# package the npm tar.gz and uploads that to the Github Release tag as well, before publishing
+# it to npmjs.com automatically.
+#
+# The usual way to trigger this is by manually triggering the `prep-crypto-nodejs-release`
+# workflow. See its documentation for instructions how to use it.
+
+env:
+  PKG_PATH: "bindings/matrix-sdk-crypto-nodejs"
+  CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: 'aarch64-linux-gnu-gcc'
+  CARGO_TARGET_I686_UNKNOWN_LINUX_GNU_LINKER: 'i686-linux-gnu-gcc'
+  CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABIHF_LINKER: 'arm-linux-gnueabihf-gcc'
+
+on:
+  push:
+    tags:
+      - matrix-sdk-crypto-nodejs-v[0-9]+.*
+  workflow_call:
+    inputs:
+      tag:
+        description: "The tag to build with"
+        required: true
+        type: string
+jobs:
+  upload-assets:
+    name: "Upload prebuilt libraries"
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          # ----------------------------------- Linux
+          - target: x86_64-unknown-linux-gnu
+            os: ubuntu-latest
+          - target: i686-unknown-linux-gnu
+            apt_install: gcc-i686-linux-gnu g++-i686-linux-gnu
+            os: ubuntu-latest
+          - target: aarch64-unknown-linux-gnu
+            os: ubuntu-latest
+            apt_install: gcc-aarch64-linux-gnu g++-aarch64-linux-gnu
+          - target: arm-unknown-linux-gnueabihf
+            os: ubuntu-latest
+            apt_install: gcc-arm-linux-gnueabihf
+          - target: x86_64-unknown-linux-musl
+            os: ubuntu-latest
+          # ----------------------------------- macOS
+          - target: aarch64-apple-darwin
+            os: macos-latest
+          - target: x86_64-apple-darwin
+            os: macos-latest
+          # ----------------------------------- Windows
+          - target: x86_64-pc-windows-msvc
+            os: windows-latest
+          - target: i686-pc-windows-msvc
+            os: windows-latest
+          - target: aarch64-pc-windows-msvc
+            os: windows-latest
+    runs-on: ${{ matrix.os }}
+    steps:
+      # use the given tag
+      - uses: actions/checkout@v3
+        name: "Checking out ${{ inputs.tag }}"
+        if: "${{ inputs.tag }}"
+        with:
+          ref: ${{ inputs.tag }}
+      # use the default
+      - uses: actions/checkout@v3
+        if: "${{ !inputs.tag }}"
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: nightly
+          profile: minimal
+          target: ${{ matrix.target }}
+          override: true
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+      - name: Load cache
+        uses: Swatinem/rust-cache@v1
+      - if: ${{ matrix.apt_install }}
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y ${{ matrix.apt_install }}
+      - name: Build lib
+        working-directory: ${{env.PKG_PATH}}
+        run: |
+          npm install --ignore-scripts
+          npx napi build --platform --release --strip --target ${{ matrix.target }}
+      - name: Upload artifacts to release
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          files: ${{env.PKG_PATH}}/*.node
+
+  publish-nodejs-package:
+    name: "Package nodejs package"
+    runs-on: ubuntu-latest
+    needs:
+      - upload-assets
+    steps:
+      # use the given tag
+      - uses: actions/checkout@v3
+        name: "Checking out ${{ inputs.tag }}"
+        if: "${{ inputs.tag }}"
+        with:
+          ref: ${{ inputs.tag }}
+      # use the default
+      - uses: actions/checkout@v3
+        if: "${{ !inputs.tag }}"
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: nightly
+          profile: minimal
+          override: true
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+      - name: Build lib
+        working-directory: ${{env.PKG_PATH}}
+        run: |
+          npm install --ignore-scripts
+          npm run build
+          npm pack
+      - name: Upload npm package to release
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          files: ${{env.PKG_PATH}}/*tgz
+      - name: Publish to npmjs.com
+        uses: JS-DevTools/npm-publish@v1
+        with:
+          package: ${{env.PKG_PATH}}/package.json
+          access: public
+          token: ${{ secrets.NPM_TOKEN }}
@@ -0,0 +1,63 @@
+# This workflow releases the `matrix-sdk-crypto-js` project.
+#
+# It is triggered when a new tag appears that matches
+# `matrix-sdk-crypto-js-v[0-9]+.*`. This workflow builds the package
+# for the binding, run its tests to ensure everything is still
+# correct, and publish the package on NPM and on a newly created
+# Github release.
+
+
+name: Release `crypto-js`
+
+env:
+  CARGO_TERM_COLOR: always
+  PKG_PATH: "bindings/matrix-sdk-crypto-js"
+
+on:
+  push:
+    tags:
+      - matrix-sdk-crypto-js-v[0-9]+.*
+
+jobs:
+  publish-matrix-sdk-crypto-js:
+    name: Publish 🕸 [m]-crypto-js
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout the repo
+        uses: actions/checkout@v3
+
+      - name: Install Rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          target: wasm32-unknown-unknown
+          profile: minimal
+          override: true
+
+      - name: Load cache
+        uses: Swatinem/rust-cache@v1
+
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18.0
+
+      - name: Install NPM dependencies
+        working-directory: ${{ env.PKG_PATH }}
+        run: npm install
+
+      - name: Configure NPM auth token
+        working-directory: ${{ env.PKG_PATH }}
+        run: npm set "//registry.npmjs.org/:_authToken" "${{ secrets.NPM_TOKEN }}"
+
+      - name: Publish the WebAssembly + JavaScript binding (imply building + testing)
+        working-directory: ${{ env.PKG_PATH }}
+        run: npm run publish
+
+      - name: Create the Github release
+        uses: softprops/action-gh-release@v1
+        with:
+          draft: true
+          files: ${{ env.PKG_PATH }}/pkg/matrix-org-matrix-sdk-crypto-js-*.tgz
@@ -1,82 +0,0 @@
-# A reusable github actions workflow that will build xtask, if it is not
-# already cached.
-#
-# It will create a pair of GHA cache entries, if they do not already exist.
-# The cache keys take the form `xtask-{os}-{hash}`, where "{os}" is "linux"
-# or "macos", and "{hash}" is the hash of the xtask# directory.
-#
-# The cache keys are written to output variables named "cachekey-{os}".
-#
-
-name: Build xtask if necessary
-
-on:
-  workflow_call:
-    outputs:
-      cachekey-linux:
-        description: "The cache key for the linux build artifact"
-        value: "${{ jobs.xtask.outputs.cachekey-linux }}"
-      cachekey-macos:
-        description: "The cache key for the macos build artifact"
-        value: "${{ jobs.xtask.outputs.cachekey-macos }}"
-
-permissions: {}
-
-env:
-  CARGO_TERM_COLOR: always
-
-jobs:
-  xtask:
-    name: "xtask-${{ matrix.os-name }}"
-
-    strategy:
-      fail-fast: true
-      matrix:
-        include:
-          - os: ubuntu-latest
-            os-name: 🐧
-            cachekey-id: linux
-
-          - os: macos-15
-            os-name: 🍏
-            cachekey-id: macos
-
-    runs-on: "${{ matrix.os }}"
-
-    steps:
-      - name: Checkout repo
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-        with:
-          persist-credentials: false
-
-      - name: Calculate cache key
-        id: cachekey
-        # set a step output variable "cachekey-{os}" that can be referenced in
-        # the job outputs below.
-        run: |
-          echo "cachekey-${{ matrix.cachekey-id }}=xtask-${{ matrix.cachekey-id }}-${{ hashFiles('Cargo.toml', 'xtask/**') }}" >> $GITHUB_OUTPUT
-
-      - name: Check xtask cache
-        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-        id: xtask-cache
-        with:
-          path: target/debug/xtask
-          # use the cache key calculated in the step above. Bit of an awkward
-          # syntax
-          key: |
-            ${{ steps.cachekey.outputs[format('cachekey-{0}', matrix.cachekey-id)] }}
-
-      - name: Install Rust stable toolchain
-        if: steps.xtask-cache.outputs.cache-hit != 'true'
-        uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # v1
-        with:
-          toolchain: stable
-
-      - name: Build
-        if: steps.xtask-cache.outputs.cache-hit != 'true'
-        run: |
-          cargo build -p xtask
-
-    outputs:
-      "cachekey-linux": "${{ steps.cachekey.outputs.cachekey-linux }}"
-      "cachekey-macos": "${{ steps.cachekey.outputs.cachekey-macos }}"
@@ -1,24 +0,0 @@
-name: Lint GHA workflows with zizmor
-
-on:
-  push:
-    branches: ["main"]
-  pull_request:
-    branches: ["**"]
-
-permissions: {}
-
-jobs:
-  zizmor:
-    name: Run zizmor
-    runs-on: ubuntu-latest
-    permissions:
-      security-events: write # Required for upload-sarif (used by zizmor-action) to upload SARIF files.
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-        with:
-          persist-credentials: false
-
-      - name: Run zizmor
-        uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2
@@ -4,12 +4,6 @@ master.zip
 emsdk-*
 .idea/
 .env
-.envrc
-.build
-.swiftpm
-/Package.swift
-# code coverage report
-cobertura.xml

 ## User settings
 xcuserdata/
@@ -17,8 +11,3 @@ xcuserdata/

 ## OS garbage
 .DS_Store
-
-## Kotlin bindings generated files
-bindings/kotlin/.gradle/
-bindings/kotlin/buildSrc/build/
-bindings/kotlin/buildSrc/.gradle/
@@ -7,4 +7,4 @@ group_imports = "StdExternalCrate"
 format_code_in_doc_comments = true
 doc_comment_code_block_width = 80
 # Workaround for https://github.com/rust-lang/rust.vim/issues/464
-edition = "2024"
+edition = "2021"
@@ -1,44 +1,17 @@
-[default]
-extend-ignore-re = [
-    # base 58 strings with spaces every four chars.
-    # this would also match regular sentence parts with eight or more words of
-    # exactly four characters in row, but that doesn't really happen.
-    "[1-9A-Za-z]{4}( [1-9A-Za-z]{4}){7,}",
-    # some heuristics for base64 strings with no false matches found at the
-    # time of writing.
-    "[A-Za-z0-9+=]{72,}",
-    "([A-Za-z0-9+=]|\\\\\\s\\*){72,}",
-    "[0-9+][A-Za-z0-9+]{30,}[a-z0-9+]",
-    "\\$[A-Z0-9+][A-Za-z0-9+]{6,}[a-z0-9+]",
-    "\\b[a-z0-9+/=][A-Za-z0-9+/=]{7,}[a-z0-9+/=][A-Z]\\b",
-]
-
-[default.extend-identifiers]
-WeeChat = "WeeChat"
-
 [default.extend-words]
-# all of these are valid words, but should never appear in this repo
-bellow = "below"
-stat = "state"
-sing = "sign"
-singed = "signed"
-singing = "signing"
-# crate name
-ratatui = "ratatui"
-# path name
-consts = "consts"
-# base64 false positives
-Nd = "Nd"
-Abl = "Abl"
-Som = "Som"
-Ba = "Ba"
-Yur = "Yur" # as found in crates/matrix-sdk-indexeddb/src/crypto_store/migrations/mod.rs
-TYE = "TYE" # as found in testing/matrix-sdk-test/src/test_json/keys_query_sets.rs
+# Remove this once base64 gets correctly ignored by typos
+# Or if we're able to ignore certain lines.
+Fo = "Fo"
+BA = "BA"
+UE = "UE"
+Ure = "Ure"
+Ot = "Ot"
+# This is the thead html tag, remove this once typos is updated in the github
+# action. 1.3.1 seems to work correctly, while 1.11.0 on the CI seems to get
+# this wrong
+thead = "thead"

 [files]
-extend-exclude = [
-    # Our json files contain a bunch of base64 encoded ed25519 keys.
-    "*.json",
-    # Fuzzy match patterns that can be understood as typos confusingly.
-    "crates/matrix-sdk-ui/tests/integration/room_list_service.rs",
-]
+# Our json files contain a bunch of base64 encoded ed25519 keys which aren't
+# automatically ignored, we ignore them here.
+extend-exclude = ["*.json"]
@@ -1,3 +0,0 @@
-rules:
-  unpinned-uses:
-    severity: high
@@ -1,119 +0,0 @@
-# Architecture
-
-The SDK is split into multiple layers:
-
-```
-    WASM (external crate matrix-rust-sdk-crypto-wasm)
-      /
-     /     uniffi
-    /     /
-   /     bindings (matrix-sdk-ffi)
- crypto   |
-bindings  |
-   |      |
-   |     UI (matrix-sdk-ui)
-   |      \
-   |       \
-   |   main (matrix-sdk)
-   | /     /
-crypto    /
-     \   /
-      store (matrix-sdk-base, + all the store impls)
-        |
-      common (matrix-sdk-common)
-```
-
-Where the store implementations are `matrix-sdk-sqlite` and `matrix-sdk-indexeddb` as well as
-`MemoryStore` which is defined in `matrix-sdk-base`.
-
-## `crates/matrix-sdk`
-
-This is the main crate, and one that is expected to be used by most consumers. Notable data types
-include:
-
- the `Client`, which can run room-independent requests: logging in/out, creating rooms, running
-  sync, etc.
- the `Room`, which represents a room and its state (notably via the observable `RoomInfo`), and
-  allows running queries that are room-specific, notably sending events.
-
-## `crates/matrix-sdk-base`
-
-A *sans I/O* crate to represent the base data types persisted in the SDK. No network or storage I/O
-happens in this crate, although it defines traits (`StateStore` and `EventCacheStore`) representing
-storage backends, as well as dummy in-memory implementations of these traits.
-
-## `crates/matrix-sdk-common`
-
-Common helpers used by most of the other crates; almost a leaf in the dependency tree of our own
-crates (the only crate it's using is test helpers).
-
-## `crates/matrix-sdk-crypto`
-
-A *sans I/O* implementation of a state machine that handles end-to-end encryption for Matrix
-clients. It defines a `CryptoStore` trait representing storage backends that will perform the
-actual storage I/O later, as well as a dummy in-memory implementation of this trait.
-
-## `crates/matrix-sdk-indexeddb`
-
-Implementations of `EventCacheStore`, `StateStore` and `CryptoStore` for a
-indexeddb backend (for use in Web browsers, via WebAssembly).
-
-## `crates/matrix-sdk-qrcode`
-
-Implementation of QR codes for interactive verifications, used in the crypto crate.
-
-## `crates/matrix-sdk-sqlite`
-
-Implementations of `EventCacheStore`, `StateStore` and `CryptoStore` for a
-SQLite backend.
-
-## `crates/matrix-sdk-store-encryption`
-
-Low-level primitives for encrypting/decrypting/hashing values. Store implementations that
-implement encryption at rest can use those primitives.
-
-## `crates/matrix-sdk-ui`
-
-Very high-level primitives implementing the best practices and cutting-edge Matrix tech:
-
- `EncryptionSyncService`: a specialized service running simplified sliding sync (MSC4186) for
-  everything related to crypto and E2EE for the current `Client`.
- `RoomListService`: a specialized service running simplified sliding sync (MSC4186) for
-  retrieving the list of current rooms, and exposing its entries.
- `SyncService`: a wrapper for the two previous services, coordinating their running and shutting
-  down.
- `Timeline`: a high-level view for a `Room`'s timeline of events, grouping related events
-  (aggregations) into single timeline items.
-
-## `bindings/matrix-sdk-crypto-ffi/`
-
-FFI bindings for the crypto crate, used in a Web browser context via WebAssembly. These use
-`wasm-bindgen` to generate the bindings. These bindings are used in Element Web and the legacy
-Element apps, as of 2024-11-07.
-
-## `bindings/matrix-sdk-ffi/`
-
-FFI bindings for important concepts in `matrix-sdk-ui` and `matrix-sdk`, generated with
-[UniFFI](https://github.com/mozilla/uniffi-rs) and to be used from other languages like
-Swift/Go/Kotlin. These bindings are used in the ElementX apps, as of 2024-11-07.
-
-## `bindings/matrix-sdk-ffi-macros/`
-
-Macros used in `bindings/matrix-sdk-ffi`.
-
-## `testing/matrix-sdk-test/`
-
-Common test helpers, used by all the other crates.
-
-## `testing/matrix-sdk-test-macros/`
-
-Implementation of the `#[async_test]` test macro.
-
-## `testing/matrix-sdk-integration-testing/`
-
-Fully-fledged integration tests that require spawning a Synapse instance to run. A docker-compose
-setup is provided to ease running the tests, and it is compatible for running with Podman too.
-
-# Inspiration
-
-This document has been inspired by the reading of this [blog post](https://matklad.github.io/2021/02/06/ARCHITECTURE.md.html).
@@ -1,382 +0,0 @@
-# Contributing to `matrix-rust-sdk`
-
-## Chat rooms
-
-In addition to our [main Matrix room], we have a development room at
-[#matrix-rust-sdk-dev:flipdot.org]. Please use it to discuss potential changes,
-the overall direction of development and related topics.
-
-[main Matrix room]: https://matrix.to/#/#matrix-rust-sdk:matrix.org
-[#matrix-rust-sdk-dev:flipdot.org]: https://matrix.to/#/#matrix-rust-sdk-dev:flipdot.org
-
-## Testing
-
-You can run most of the tests that also happen in CI also using
-`cargo xtask ci`. This needs a few dependencies to be installed, as it also runs
-automatic WASM tests:
-
-```bash
-rustup component add clippy
-cargo install cargo-nextest typos-cli wasm-pack
-```
-
-If you want to execute only one part of CI, there are a few sub-commands (see
-`cargo xtask ci --help`).
-
-Some tests are not automatically run in `cargo xtask ci`, for example the
-integration tests that need a running synapse instance. These tests reside in
-`./testing/matrix-sdk-integration-testing`. See its
-[README](./testing/matrix-sdk-integration-testing/README.md) to easily set up a
-synapse for testing purposes.
-
-### Snapshot Testing
-
-You can add/review snapshot tests using [insta.rs](https://insta.rs)
-
-Every new struct/enum that derives `Serialize` `Deserialise` should have a
-snapshot test for it. Any code change that breaks serialisation will then break
-a test, the author will then have to decide how to handle migration and test it
-if needed.
-
-And for an improved review experience it's recommended (but not necessary) to
-install the `cargo-insta` tool:
-
-Unix:
-
-```shell
-curl -LsSf https://insta.rs/install.sh | sh
-```
-
-Windows:
-
-```shell
-powershell -c "irm https://insta.rs/install.ps1 | iex"
-```
-
-Usual flow is to first run the test, then review them.
-
-```shell
-cargo insta test
-cargo insta review
-```
-
-### Intermittent failure policy
-
-While we strive to add test coverage for as many features as we can, it
-sometimes happens that the tests will be intermittently failing in CI (such
-tests are sometimes called "flaky"). This can be caused by race conditions
-of all sorts, either in the test code itself, but sometimes in the underlying
-feature being tested too, and as such, it requires some investigation, usually
-from the original author of the test.
-
-Whenever such an intermittent failure happens, we try to open an issue to track
-the failures, adding the
-[`intermittent-failure`](https://github.com/matrix-org/matrix-rust-sdk/issues?q=is%3Aissue%20state%3Aopen%20label%3Aintermittent-failure)
-label to it, and commenting with links to CI runs where the failure happened.
-
-If a test has been intermittently failing for **two weeks** or more, and no one
-is actively working on fixing it, then we might decide to mark the test as
-`ignored` until it is fixed, to not cause unrelated failures in other
-contributors' pull requests and pushes.
-
-## Pull requests
-
-Ideally, a PR should have a _proper title_, with _atomic logical commits_, and
-each commit should have a _good commit message_.
-
-A _proper PR title_ would be a one-liner summary of the changes in the PR,
-following the same guidelines of a good commit message, including the
-area/feature prefix. Something like `FFI: Allow logs files to be pruned.` would
-be a good PR title.
-
-(An additional bad example of a bad PR title would be `mynickname/branch name`,
-that is, just the branch name.)
-
-## Writing changelog entries
-
-Our goal is to maintain clear, concise, and informative changelogs that
-accurately document changes in the project. Changelog entries should be written
-manually for each crate in the `/crates/$CRATE_NAME/Changelog.md` file.
-
-Be sure to include a link to the pull request for additional context. A
-well-written changelog entry should be understandable even to those who may not
-be deeply familiar with the project. Provide enough context to ensure clarity
-and ease of understanding.
-
-A couple of examples of bad changelog entry would look like:
-
-```markdown
- Fixed a panic.
-```
-
-```markdown
- Added the Bar function to Foo.
-```
-
-A good example of a changelog entry could look like the following:
-
-```markdown
- Use the inviter's server name and the server name from the room alias as
-  fallback values for the via parameter when requesting the room summary from
-  the homeserver. This ensures requests succeed even when the room being
-  previewed is hosted on a federated server.
-  ([#4357](https://github.com/matrix-org/matrix-rust-sdk/pull/4357))
-```
-
-For security-related changelog entries, please include the following additional
-details alongside the pull request number:
-
- Impact: Clearly describe the issue's potential impact on users or systems.
- CVE Number: If available, include the CVE (Common Vulnerabilities and
-  Exposures) identifier.
- GitHub Advisory Link: Provide a link to the corresponding GitHub security
-  advisory for further context.
-
-```markdown
- Use a constant-time Base64 encoder for secret key material to mitigate
-  side-channel attacks leaking secret key material
-  ([#156](https://github.com/matrix-org/vodozemac/pull/156)) (Low,
-  [CVE-2024-40640](https://www.cve.org/CVERecord?id=CVE-2024-40640),
-  [GHSA-j8cm-g7r6-hfpq](https://github.com/matrix-org/vodozemac/security/advisories/GHSA-j8cm-g7r6-hfpq)).
-```
-
-## Commit message format
-
-Commit messages should be formatted as Conventional Commits. In addition, some
-git trailers are supported and have special meaning (see below).
-
-### Conventional commits
-
-Conventional Commits are structured as follows:
-
-```text
-<type>(<scope>): <short summary>
-```
-
-The type of changes which will be included in changelogs is one of the
-following:
-
- `feat`: A new feature
- `fix`: A bugfix
- `doc`: Documentation changes
- `refactor`: Code refactoring
- `perf`: Performance improvements
- `ci`: Changes to CI configuration files and scripts
-
-The scope is optional and can specify the area of the codebase affected (e.g.,
-olm, cipher).
-
-### Security fixes
-
-Commits addressing security vulnerabilities must include specific trailers for
-vulnerability metadata, which should also be reflected in the corresponding
-changelog entry.
-
-The metadata must be included in the following git-trailers:
-
- `Security-Impact`: The magnitude of harm that can be expected, i.e.
-  low/moderate/high/critical.
- `CVE`: The CVE that was assigned to this issue.
- `GitHub-Advisory`: The GitHub advisory identifier.
-
-Please include all the fields that are available.
-
-Example:
-
-```text
-fix(crypto): Use a constant-time Base64 encoder for secret key material
-
-This patch fixes a security issue around a side-channel vulnerability[1]
-when decoding secret key material using Base64.
-
-In some circumstances an attacker can obtain information about secret
-secret key material via a controlled-channel and side-channel attack.
-
-This patch avoids the side-channel by switching to the base64ct crate
-for the encoding, and more importantly, the decoding of secret key
-material.
-
-Security-Impact: Low
-CVE: CVE-2024-40640
-GitHub-Advisory: GHSA-j8cm-g7r6-hfpq
-```
-
-## Review process
-
-To streamline the review process and make it easier for maintainers to review
-your contributions, follow these basic rules:
-
-1. Do not force push after a review has started. This helps maintainers track
-   incremental changes without confusion and makes it easier to follow the
-   evolution of the code.
-
-2. Do not mix moves and refactoring with functional changes. Keep these in
-   separate commits for clarity. This ensures that the purpose of each commit is
-   clear and easy to review.
-
-3. Each commit must compile. If commits don’t compile, git bisect becomes
-   unusable, which hampers the debugging process and makes it harder to identify
-   the source of issues.
-
-4. Commits should only introduce test failures if they are proving that a bug
-   exists. New features should never introduce test failures. Test failures
-   should only be used to demonstrate existing bugs, not as part of adding new
-   functionality.
-
-5. Keep PRs on topic and small. Large PRs are harder to review and more prone to
-   delays. Create small, focused commits that address a single topic. Use a
-   combination of [git add] -p or [git checkout] -p to split changes into
-   logical units. This makes your work easier to review and reduces the chance
-   of introducing unrelated changes.
-
-[git add]: https://git-scm.com/docs/git-add#Documentation/git-add.txt---patch
-[git checkout]: https://git-scm.com/docs/git-checkout#Documentation/git-checkout.txt---patch
-
-### Addressing review comments using fixup commits
-
-So you posted a PR and the maintainers aren't quite happy with it. Here are some
-guidelines to make the maintainers life easier and increase the chances that
-your PR will be reviewed swiftly.
-
-1. Use [fixup] commits. When addressing reviewer feedback, you can create fixup
-   commits. These commits mark your changes as corrections of specific previous
-   commits in the PR.
-
-Example:
-
-```shell
-git commit --fixup=<commit-hash>
-```
-
-This command creates a new commit that refers to an existing one, making it
-easier to rebase and squash later while showing reviewers the history of fixes.
-For extra points, link to the fixup commit in the thread where the change was
-requested.
-
-2. After all requested changes were addressed, feel free to re-request a review.
-   People might not notice that all changes were addressed.
-
-3. Once the PR has been approved, rebase your PR to squash all the fixup
-   commits, the [autosquash] option can help with this.
-
-```shell
-git rebase main --interactive --autosquash
-```
-
-[fixup]: https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---fixupamendrewordltcommitgt
-[autosquash]: https://git-scm.com/docs/git-rebase#Documentation/git-rebase.txt---autosquash
-
-## Sign off
-
-In order to have a concrete record that your contribution is intentional
-and you agree to license it under the same terms as the project's
-license, we've adopted the same lightweight approach that the [Linux
-Kernel](https://www.kernel.org/doc/Documentation/SubmittingPatches),
-[Docker](https://github.com/docker/docker/blob/master/CONTRIBUTING.md),
-and many other projects use: the DCO ([Developer Certificate of
-Origin](http://developercertificate.org/)). This is a simple declaration that
-you wrote the contribution or otherwise have the right to contribute it to
-Matrix:
-
-```text
-Developer Certificate of Origin
-Version 1.1
-
-Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
-660 York Street, Suite 102,
-San Francisco, CA 94110 USA
-
-Everyone is permitted to copy and distribute verbatim copies of this
-license document, but changing it is not allowed.
-
-Developer's Certificate of Origin 1.1
-
-By making a contribution to this project, I certify that:
-
-(a) The contribution was created in whole or in part by me and I
-    have the right to submit it under the open source license
-    indicated in the file; or
-
-(b) The contribution is based upon previous work that, to the best
-    of my knowledge, is covered under an appropriate open source
-    license and I have the right under that license to submit that
-    work with modifications, whether created in whole or in part
-    by me, under the same open source license (unless I am
-    permitted to submit under a different license), as indicated
-    in the file; or
-
-(c) The contribution was provided directly to me by some other
-    person who certified (a), (b) or (c) and I have not modified
-    it.
-
-(d) I understand and agree that this project and the contribution
-    are public and that a record of the contribution (including all
-    personal information I submit with it, including my sign-off) is
-    maintained indefinitely and may be redistributed consistent with
-    this project or the open source license(s) involved.
-```
-
-If you agree to this for your contribution, then all that's needed is to
-include the line in your commit or pull request comment:
-
-```text
-Signed-off-by: Your Name <your@email.example.org>
-```
-
-Git allows you to add this signoff automatically when using the `-s` flag to
-`git commit`, which uses the name and email set in your `user.name` and
-`user.email` git configs.
-
-If you forgot to sign off your commits before making your pull request and are
-on Git 2.17+ you can mass signoff using rebase:
-
-```text
-git rebase --signoff origin/main
-```
-
-## AI policy
-
-This policy is a copy of the [Forgejo's AI agreement][Forgejo].
-
-### Terminology
-
-This does not necessarily reflect the official or commonly used terminology.
-
-Software and services that heavily rely on large language model technology to
-generate their outcomes are referred to as _Artificial Intelligence_ (AI).
-Examples of products that fit this definition: GitHub Copilot, ChatGPT, Claude
-Sonnet, DeepSeek, Llama and Gemini.
-
-There is a distinction between _general_ and _narrow_ AI, all the aforementioned
-examples fall under general AI as they were not trained to execute a specific
-well-defined task. Narrow AI is trained to be used for specific well-defined
-tasks where the problem space is known in advance.
-
-_Vibe coding_ is the practice where AI creates a code change (feature, bugfix,
-tests, refactor) with a human that describes what needs to be implemented.
-
-_AI agents_ are AIs that are configured to perform interactions or make changes
-with little to no human supervision.
-
-### Agreement
-
-1. If content was made with the help of AI, you **must** convey that this is
-   the case. This includes content that you authored but was motivated by a
-   suggestion of AI.
-2. If at any point you used AI's work in your contribution you should make
-   an effort to **verify** that you can submit this under the license of the
-   repository.
-3. The **accountability** of using AI in a contribution lies with the person
-   that makes that contribution.
-4. All communication, that includes: commit messages, pull request messages,
-   documentation, code comments and issues (and comments on issues/pull
-   requests), that is intended to be read by people to understand your thoughts
-   and work **must not** have been generated with AI. We exclude machine
-   translation and tooling that helps with grammar and spelling check.
-5. Using general AI for review is **forbidden**. If the change contains changes
-   to the user experience it has to be approved by a human reviewer.
-6. It is **not allowed** to use AI in an autonomous-looking way to contribute to
-   the Matrix Rust SDK. This also applies when someone engages in _vibe coding_
-   or uses so-called _agent mode_.
-
-[Forgejo]: https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md
@@ -0,0 +1,120 @@
+# Conventional Commits
+
+This project uses [Conventional
+Commits](https://www.conventionalcommits.org/). Read the
+[Summary](https://www.conventionalcommits.org/en/v1.0.0/#summary) or
+the [Full
+Specification](https://www.conventionalcommits.org/en/v1.0.0/#specification)
+to learn more.
+
+## Types
+
+Conventional Commits defines _type_ (as in `type(scope):
+message`). This section aims at listing the types used inside this
+project:
+
+| Type | Definition |
+|-|-|
+| `feat` | About a new feature. |
+| `fix` | About a bug fix. |
+| `test` | About a test (suite, case, runner…). |
+| `doc` | About a documentation modification. |
+| `refactor` | About a refactoring. |
+| `ci` | About a Continuous Integration modification. |
+| `chore` | About some cleanup, or regular tasks. |
+
+## Scopes
+
+Conventional Commits defines _scope_ (as in `type(scope): message`). This
+section aims at listing all the scopes used inside this project:
+
+<table>
+  <thead>
+    <tr>
+      <th>Group</th>
+      <th>Scope</th>
+      <th>Definition</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td rowspan="10">Crates</td>
+      <td><code>sdk</code></td>
+      <td>About the <code>matrix-sdk</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>appservice</code></td>
+      <td>About the <code>matrix-sdk-appservice</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>base</code></td>
+      <td>About the <code>matrix-sdk-base</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>common</code></td>
+      <td>About the <code>matrix-sdk-common</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>crypto</code></td>
+      <td>About the <code>matrix-sdk-crypto</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>indexeddb</code></td>
+      <td>About the <code>matrix-sdk-indexeddb</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>qrcode</code></td>
+      <td>About the <code>matrix-sdk-qrcode</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>sled</code></td>
+      <td>About the <code>matrix-sdk-sled</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>store-encryption</code></td>
+      <td>About the <code>matrix-sdk-store-encryption</code> crate.</td>
+    </tr>
+    <tr>
+      <td><code>test</code></td>
+      <td>About the <code>matrix-sdk-test</code> and <code>matrix-sdk-test-macros</code> crate.</td>
+    </tr>
+    <tr>
+      <td rowspan="4">Bindings</td>
+      <td><code>apple</code></td>
+      <td>About the <code>matrix-rust-components-swift</code> binding.</td>
+    </tr>
+    <tr>
+      <td><code>crypto-nodejs</code></td>
+      <td>About the <code>matrix-sdk-crypto-nodejs</code> binding.</td>
+    </tr>
+    <tr>
+      <td><code>crypto-js</code></td>
+      <td>About the <code>matrix-sdk-crypto-js</code> binding.</td>
+    </tr>
+    <tr>
+      <td><code>crypto-ffi</code></td>
+      <td>About the <code>matrix-sdk-crypto-ffi</code> binding.</td>
+    </tr>
+    <tr>
+      <td>Labs</td>
+      <td><code>sled-state-inspector</code></td>
+      <td>About the <code>sled-state-inspector</code> project.</td>
+    </tr>
+    <tr>
+      <td>Continuous Integration</td>
+      <td><code>xtask</code></td>
+      <td>About the <code>xtask</code> project.</td>
+    </tr>
+  </tbody>
+</table>
+
+## Generating `CHANGELOG.md`
+
+The [`git-cliff`](https://github.com/orhun/git-cliff) project is used
+to generate `CHANGELOG.md` automatically. Hence the various
+`cliff.toml` files that are present in this project, or the
+`package.metadata.git-cliff` sections in various `Cargo.toml` files.
+
+Its companion,
+[`git-cliff-action`](https://github.com/orhun/git-cliff-action)
+project, is used inside Github Action workflows.
@@ -2,239 +2,30 @@
 members = [
    "benchmarks",
    "bindings/matrix-sdk-crypto-ffi",
+    "bindings/matrix-sdk-crypto-js",
+    "bindings/matrix-sdk-crypto-nodejs",
    "bindings/matrix-sdk-ffi",
    "crates/*",
+    "testing/*",
    "examples/*",
    "labs/*",
-    "testing/*",
-    "uniffi-bindgen",
    "xtask",
 ]
-exclude = ["testing/data"]
-# xtask, multiverse, testing and the bindings should only be built when invoked explicitly.
+# xtask, labs, testing and the bindings should only be built when invoked explicitly.
 default-members = ["benchmarks", "crates/*"]
-resolver = "3"
+resolver = "2"

-[workspace.package]
-rust-version = "1.93"
+[profile.release]
+lto = true

-[workspace.dependencies]
-anyhow = { version = "1.0.100", default-features = false }
-aquamarine = { version = "0.6.0", default-features = false }
-as_variant = { version = "1.3.0", default-features = false }
-assert-json-diff = { version = "2.0.2", default-features = false }
-assert_matches = { version = "1.5.0", default-features = false }
-assert_matches2 = { version = "0.1.2", default-features = false }
-async_cell = { version = "0.2.3", default-features = false }
-async-compat = { version = "0.2.5", default-features = false }
-async-once-cell = { version = "0.5.4", default-features = false }
-async-rx = { version = "0.2.0", default-features = false }
-# Bumping this to 0.3.6 produces a test failure because the semantic between the
-# versions changed subtly: https://github.com/matrix-org/matrix-rust-sdk/issues/4599
-async-stream = { version = "0.3.6", default-features = false }
-async-trait = { version = "0.1.89", default-features = false }
-base64 = { version = "0.22.1", default-features = false, features = ["std"] }
-bitflags = { version = "2.10.0", default-features = false }
-byteorder = { version = "1.5.0", default-features = false, features = ["std"] }
-cfg-if = { version = "1.0.4", default-features = false }
-clap = { version = "4.5.53", default-features = false, features = ["std", "help", "usage"] }
-chrono = { version = "0.4.42", default-features = false, features = ["clock", "std", "oldtime", "wasmbind"] }
-dirs = { version = "6.0.0", default-features = false }
-eyeball = { version = "0.8.8", default-features = false, features = ["tracing"] }
-eyeball-im = { version = "0.8.0", default-features = false, features = ["tracing"] }
-eyeball-im-util = { version = "0.10.0", default-features = false }
-futures-core = { version = "0.3.31", default-features = false, features = ["std"] }
-futures-executor = { version = "0.3.31", default-features = false, features = ["std"] }
-futures-util = { version = "0.3.31", default-features = false, features = ["std"] }
-getrandom = { version = "0.4.2", default-features = false }
-gloo-timers = { version = "0.3.0", default-features = false }
-gloo-utils = { version = "0.2.0", default-features = false, features = ["serde"] }
-growable-bloom-filter = { version = "2.1.1", default-features = false }
-hkdf = { version = "0.12.4", default-features = false }
-hmac = { version = "0.12.1", default-features = false }
-http = { version = "1.3.1", default-features = false }
-imbl = { version = "6.1.0", default-features = false }
-indexed_db_futures = { version = "0.7.0", package = "matrix_indexed_db_futures", default-features = false }
-indexmap = { version = "2.12.1", default-features = false }
-insta = { version = "1.44.1", features = ["json", "redactions"] }
-itertools = { version = "0.14.0", default-features = false, features = ["use_std"] }
-js-sys = { version = "0.3.82", default-features = false, features = ["std"] }
-mime = { version = "0.3.17", default-features = false }
-oauth2 = { version = "5.0.0", default-features = false, features = ["timing-resistant-secret-traits"] }
-oauth2-reqwest = { version = "0.1.0-alpha.3", default-features = false }
-pbkdf2 = { version = "0.12.2", default-features = false }
-pin-project-lite = { version = "0.2.16", default-features = false }
-proc-macro2 = { version = "1.0.106", default-features = false }
-proptest = { version = "1.9.0", default-features = false, features = ["std"] }
-quote = { version = "1.0.37", default-features = false }
-rand = { version = "0.10.1", default-features = false, features = ["std", "std_rng", "thread_rng"] }
-regex = { version = "1.12.2", default-features = false }
-reqwest = { version = "0.13.1", default-features = false }
-rmp-serde = { version = "1.3.0", default-features = false }
-ruma = { git = "https://github.com/ruma/ruma", rev = "7680eebd9586669e1a4e5b1fd1c2c691221369d4", features = [
-    "client-api-c",
-    "compat-unset-avatar",
-    "compat-upload-signatures",
-    "compat-arbitrary-length-ids",
-    "compat-tag-info",
-    "compat-encrypted-stickers",
-    "compat-lax-room-create-deser",
-    "compat-lax-room-topic-deser",
-    "unstable-msc3230",
-    "unstable-msc3401",
-    "unstable-msc3417",
-    "unstable-msc3488",
-    "unstable-msc3489",
-    "unstable-msc4075",
-    "unstable-msc4140",
-    "unstable-msc4143",
-    "unstable-msc4171",
-    "unstable-msc4278",
-    "unstable-msc4286",
-    "unstable-msc4306",
-    "unstable-msc4308",
-    "unstable-msc4310",
-] }
-sentry = { version = "0.47.0", default-features = false }
-sentry-tracing = { version = "0.47.0", default-features = false }
-serde = { version = "1.0.228", default-features = false, features = ["std", "rc", "derive"] }
-serde_html_form = { version = "0.2.8", default-features = false }
-serde_json = { version = "1.0.145", default-features = false, features = ["std"] }
-sha2 = { version = "0.10.9", default-features = false }
-similar-asserts = { version = "1.7.0", default-features = false }
-stream_assert = { version = "0.1.1", default-features = false }
-syn = { version = "2.0.43", default-features = false, features = ["derive", "parsing", "printing", "clone-impls"] }
-tempfile = { version = "3.23.0", default-features = false }
-thiserror = { version = "2.0.17", default-features = false }
-tokio = { version = "1.48.0", default-features = false, features = ["sync"] }
-tokio-stream = { version = "0.1.17", default-features = false }
-tracing = { version = "0.1.41", default-features = false, features = ["std"] }
-tracing-appender = { version = "0.2.3", default-features = false }
-tracing-core = { version = "0.1.34", default-features = false }
-tracing-subscriber = { version = "0.3.20", default-features = false, features = ["std", "smallvec", "fmt"] }
-unicode-normalization = { version = "0.1.25", default-features = false }
-unicode-segmentation = { version = "1.12.0", default-features = false }
-uniffi = { version = "0.31.0", default-features = false, features = ["cargo-metadata"] }
-uniffi_bindgen = { version = "0.31.0", default-features = false, features = ["cargo-metadata"] }
-url = { version = "2.5.7", default-features = false }
-uuid = { version = "1.18.1", default-features = false }
-vergen-gitcl = { version = "1.0.8", default-features = false }
-vodozemac = { version = "0.10.0", default-features = false, features = ["libolm-compat", "insecure-pk-encryption", "experimental-session-config"] }
-wasm-bindgen = { version = "0.2.105", default-features = false }
-wasm-bindgen-test = { version = "0.3.55", default-features = false, features = ["std"] }
-web-sys = { version = "0.3.82", default-features = false }
-wiremock = { version = "0.6.5", default-features = false }
-zeroize = { version = "1.8.2", default-features = false }
-
-matrix-sdk = { path = "crates/matrix-sdk", version = "0.16.0", default-features = false }
-matrix-sdk-base = { path = "crates/matrix-sdk-base", version = "0.16.0" }
-matrix-sdk-common = { path = "crates/matrix-sdk-common", version = "0.16.0" }
-matrix-sdk-crypto = { path = "crates/matrix-sdk-crypto", version = "0.16.0" }
-matrix-sdk-ffi-macros = { path = "bindings/matrix-sdk-ffi-macros", version = "0.7.0" }
-matrix-sdk-indexeddb = { path = "crates/matrix-sdk-indexeddb", version = "0.16.0", default-features = false }
-matrix-sdk-qrcode = { path = "crates/matrix-sdk-qrcode", version = "0.16.0" }
-matrix-sdk-sqlite = { path = "crates/matrix-sdk-sqlite", version = "0.16.0", default-features = false }
-matrix-sdk-store-encryption = { path = "crates/matrix-sdk-store-encryption", version = "0.16.0" }
-matrix-sdk-test = { path = "testing/matrix-sdk-test", version = "0.16.0" }
-matrix-sdk-test-utils = { path = "testing/matrix-sdk-test-utils", version = "0.16.0" }
-matrix-sdk-ui = { path = "crates/matrix-sdk-ui", version = "0.16.0", default-features = false }
-matrix-sdk-search = { path = "crates/matrix-sdk-search", version = "0.16.0" }
-
-[workspace.lints.rust]
-rust_2018_idioms = "warn"
-semicolon_in_expressions_from_macros = "warn"
-unexpected_cfgs = { level = "warn", check-cfg = [
-    'cfg(tarpaulin_include)', # Used by tarpaulin (code coverage)
-    'cfg(ruma_unstable_exhaustive_types)', # Used by Ruma's EventContent derive macro
-] }
-unused_extern_crates = "warn"
-unused_import_braces = "warn"
-unused_qualifications = "warn"
-trivial_casts = "warn"
-trivial_numeric_casts = "warn"
-
-[workspace.lints.clippy]
-assigning_clones = "allow"
-box_default = "allow"
-cloned_instead_of_copied = "warn"
-dbg_macro = "warn"
-inefficient_to_string = "warn"
-macro_use_imports = "warn"
-manual_let_else = "warn"
-mut_mut = "warn"
-needless_borrow = "warn"
-nonstandard_macro_braces = "warn"
-redundant_clone = "warn"
-str_to_string = "warn"
-todo = "warn"
-unnecessary_semicolon = "warn"
-unused_async = "warn"
-
-# Default development profile; default for most Cargo commands, otherwise
-# selected with `--debug`
 [profile.dev]
-# Saves a lot of disk space. If symbols are needed, use the dbg profile.
+# Copied from rust-analyzer. Saves a lot of disk space and hopefully
+# compilation time / mem usage too, at the expense of potentially having to
+# change this setting here when you want to use a debugger.
 debug = 0

-# Profile for debug builds with full optimization and minimal debug symbols.
-# This should be just enough to have proper backtraces, having way smaller binaries
-# (10% of the size with full debug symbols profile, like `reldbg`).
-# This profile differs from `reldbg` in not containing the debug symbols needed for
-# debugging with LLDB/GDB, trading that for binary size, allowing quick iterations
-# of building the bindings, installing in a real device, testing your changes, repeat.
-# It's also different from `dev` in having enough debug symbols to display backtraces.
-[profile.reldev]
-inherits = "dev"
-opt-level = 3
-debug = "line-tables-only"
-strip = "debuginfo"
-
 [profile.dev.package]
 # Optimize quote even in debug mode. Speeds up proc-macros enough to account
 # for the extra time of optimizing it for a clean build of matrix-sdk-ffi.
 quote = { opt-level = 2 }
 sha2 = { opt-level = 2 }
-# faster runs for insta.rs snapshot testing
-insta.opt-level = 3
-similar.opt-level = 3
-
-# Custom profile with full debugging info, use `--profile dbg` to select
-[profile.dbg]
-inherits = "dev"
-debug = 2
-
-# Custom profile for use in (debug) builds of the binding crates, use
-# `--profile reldbg` to select
-[profile.reldbg]
-inherits = "dbg"
-opt-level = 3
-
-[profile.dist]
-# Use release profile as a base
-inherits = "release"
-# Strip the minimal debug info, while still allowing us to have proper backtraces, but it will affect debuggers
-strip = "debuginfo"
-# Use link time optimizations
-lto = true
-# Use binary size optimization, since this is intended for distributed copies of the SDK
-opt-level = "s"
-
-[profile.profiling]
-inherits = "release"
-# LTO is too slow to compile.
-lto = false
-# Get symbol names for profiling purposes.
-debug = true
-
-[profile.bench]
-inherits = "release"
-lto = false
-
-[patch.crates-io]
-async-compat = { git = "https://github.com/element-hq/async-compat", rev = "5a27c8b290f1f1dcfc0c4ec22c464e38528aa591" }
-const_panic = { git = "https://github.com/jplatte/const_panic", rev = "e0b317a9a7bde2d48a7d15b6a60d70e4a41d3b5f" }
-# Needed to fix rotation log issue on Android (https://github.com/tokio-rs/tracing/issues/2937)
-tracing = { git = "https://github.com/tokio-rs/tracing.git", rev = "20f5b3d8ba057ca9c4ae00ad30dda3dce8a71c05" }
-tracing-core = { git = "https://github.com/tokio-rs/tracing.git", rev = "20f5b3d8ba057ca9c4ae00ad30dda3dce8a71c05" }
-tracing-subscriber = { git = "https://github.com/tokio-rs/tracing.git", rev = "20f5b3d8ba057ca9c4ae00ad30dda3dce8a71c05" }
-tracing-appender = { git = "https://github.com/tokio-rs/tracing.git", rev = "20f5b3d8ba057ca9c4ae00ad30dda3dce8a71c05" }
@@ -1,90 +1,47 @@
-<h1 align="center">Matrix Rust SDK</h1>
+![Build Status](https://img.shields.io/github/workflow/status/matrix-org/matrix-rust-sdk/CI?style=flat-square)
+[![codecov](https://img.shields.io/codecov/c/github/matrix-org/matrix-rust-sdk/main.svg?style=flat-square)](https://codecov.io/gh/matrix-org/matrix-rust-sdk)
+[![License](https://img.shields.io/badge/License-Apache%202.0-yellowgreen.svg?style=flat-square)](https://opensource.org/licenses/Apache-2.0)
+[![#matrix-rust-sdk](https://img.shields.io/badge/matrix-%23matrix--rust--sdk-blue?style=flat-square)](https://matrix.to/#/#matrix-rust-sdk:matrix.org)
+[![Docs - Main](https://img.shields.io/badge/docs-main-blue.svg?style=flat-square)](https://matrix-org.github.io/matrix-rust-sdk/matrix_sdk/)
+[![Docs - Stable](https://img.shields.io/crates/v/matrix-sdk?color=blue&label=docs&style=flat-square)](https://docs.rs/matrix-sdk)

-<div align="center">
-  <em>Your all-in-one toolkit for creating Matrix clients with Rust, from simple bots to full-featured apps.</em>
-  <br />
-  <img src="contrib/logo.svg">
-  <hr />
-  <a href="https://github.com/matrix-org/matrix-rust-sdk/releases">
-    <img src="https://img.shields.io/github/v/release/matrix-org/matrix-rust-sdk?style=flat&labelColor=1C2E27&color=66845F&logo=GitHub&logoColor=white"></a>
-  <a href="https://crates.io/crates/matrix-sdk/">
-    <img src="https://img.shields.io/crates/v/matrix-sdk?style=flat&labelColor=1C2E27&color=66845F&logo=Rust&logoColor=white"></a>
-  <a href="https://codecov.io/gh/matrix-org/matrix-rust-sdk">
-    <img src="https://img.shields.io/codecov/c/gh/matrix-org/matrix-rust-sdk?style=flat&labelColor=1C2E27&color=66845F&logo=Codecov&logoColor=white"></a>
-  <br />
-  <a href="https://docs.rs/matrix-sdk/">
-    <img src="https://img.shields.io/docsrs/matrix-sdk?style=flat&labelColor=1C2E27&color=66845F&logo=Rust&logoColor=white"></a>
-  <a href="https://github.com/matrix-org/matrix-rust-sdk/actions/workflows/ci.yml">
-    <img src="https://img.shields.io/github/actions/workflow/status/matrix-org/matrix-rust-sdk/ci.yml?style=flat&labelColor=1C2E27&color=66845F&logo=GitHub%20Actions&logoColor=white"></a>
-</div>
+# matrix-rust-sdk

-<div align="center">
+**matrix-rust-sdk** is an implementation of a [Matrix][] client-server library in [Rust][].

-The Matrix Rust SDK is a collection of libraries that make it easier to build [Matrix] clients in [Rust].
-<br />
-<br />
-
-<picture>
-  <source srcset="contrib/element-logo-light.png" media="(prefers-color-scheme: dark)">
-  <source srcset="contrib/element-logo-dark.png" media="(prefers-color-scheme: light)">
-  <img src="contrib/element-logo-fallback.png" alt="Element logo">
-</picture>
-
-<br />
-<br />
-
-Development of the SDK is proudly sponsored and maintained by [Element](https://element.io). Element uses the SDK in their next-generation mobile apps Element X on [iOS](https://github.com/element-hq/element-x-ios) and [Android](https://github.com/element-hq/element-x-android) and has plans to introduce it to the web and desktop clients as well.
-
-The SDK is also the basis for multiple Matrix projects and we welcome contributions from all.
-
-</div>
-
-## Purpose
-
-The SDK takes care of the low-level details like encryption,
-syncing, and room state, so you can focus on your app's logic and UI. Whether
-you're writing a small bot, a desktop client, or something in between, the SDK
-is designed to be flexible, async-friendly, and ready to use out of the box.
+[Matrix]: https://matrix.org/
+[Rust]: https://www.rust-lang.org/

 ## Project structure

-The Matrix Rust SDK is made up of several crates that build on top of each
-other. The following crates are expected to be usable as direct dependencies:
+The rust-sdk consists of multiple crates that can be picked at your convenience:

- [matrix-sdk-ui](https://docs.rs/matrix-sdk-ui/latest/matrix_sdk_ui/) – A high-level client library that makes it easy to build
-  full-featured UI clients with minimal setup. Check out our reference client,
-  [multiverse](https://github.com/matrix-org/matrix-rust-sdk/tree/main/labs/multiverse), for an example.
- [matrix-sdk](https://docs.rs/matrix-sdk/latest/matrix_sdk/) – A mid-level client library, ideal for building bots, custom
-  clients, or higher-level abstractions. You can find example usage in the
-  [examples directory](https://github.com/matrix-org/matrix-rust-sdk/tree/main/examples).
- [matrix-sdk-crypto](https://docs.rs/matrix-sdk-crypto/latest/matrix_sdk_crypto/) – A standalone encryption state machine with no network I/O,
-  providing end-to-end encryption support for Matrix clients and libraries.
-  See the [crypto tutorial](https://docs.rs/matrix-sdk-crypto/latest/matrix_sdk_crypto/tutorial/index.html)
-  for a step-by-step introduction.
+- **matrix-sdk** - High level client library, with batteries included, you're most likely
+  interested in this.
+- **matrix-sdk-base** - No (network) IO client state machine that can be used to embed a
+  Matrix client in your project or build a full fledged network enabled client
+  lib on top of it.
+- **matrix-sdk-crypto** - No (network) IO encryption state machine that can be
+  used to add Matrix E2EE support to your client or client library.

-All other crates are effectively internal-only and only structured as crates
-for organizational purposes and to improve compilation times. Direct usage of them is discouraged.
+## Minimum Supported Rust Version (MSRV)
+
+These crates are built with the Rust language version 2021 and require a minimum compiler version of `1.60`

 ## Status

-The library is considered production ready and backs multiple client
-implementations such as Element X
-[[1]](https://github.com/element-hq/element-x-ios)
-[[2]](https://github.com/element-hq/element-x-android),
-[Fractal](https://gitlab.gnome.org/World/fractal) and [iamb](https://github.com/ulyssa/iamb). Client developers should feel
-confident to build upon it.
+The library is in an alpha state, things that are implemented generally work but
+the API will change in breaking ways.
+
+If you are interested in using the matrix-sdk now is the time to try it out and
+provide feedback.

 ## Bindings

-The higher-level crates of the Matrix Rust SDK can be embedded in other
-environments such as Swift, Kotlin, JavaScript, and Node.js. Check out the
-[bindings/](./bindings/) directory to learn more about how to integrate the SDK
-into your language of choice.
+Some crates of the **matrix-rust-sdk** can be embedded inside other
+environments, like Swift, Kotlin, JavaScript, Node.js etc. Please,
+explore the [`bindings/`](./bindings/) directory to learn more.

 ## License

 [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0)
-
-
-[Matrix]: https://matrix.org/
-[Rust]: https://www.rust-lang.org/
@@ -1,48 +0,0 @@
-# Releasing and publishing the SDK
-
-While the release process can be handled manually, `cargo-release` has been
-configured to make it more convenient.
-
-By default, [`cargo-release`](https://github.com/crate-ci/cargo-release) assumes
-that no pull request is required to cut a release. However, since the SDK
-repo is set up so that each push requires a pull request, we need to slightly
-deviate from the default workflow. A `cargo-xtask` has been created to make the
-process as smooth as possible.
-
-The procedure is as follows:
-
-1. Switch to a release branch:
-
-   ```bash
-   git switch -c release-x.y.z
-   ```
-
-2. Prepare the release. This will update the `README.md`, set the versions in
-   the `CHANGELOG.md` file, and bump the version in the `Cargo.toml` file.
-
-   ```bash
-   cargo xtask release prepare --execute minor|patch|rc
-   ```
-
-3. Double-check and edit the `CHANGELOG.md` and `README.md` if necessary. Once you are
-   satisfied, push the branch and open a PR.
-
-   ```bash
-   git push --set-upstream origin/release-x.y.z
-   ```
-
-4. Pass the review and merge the branch as you would with any other branch.
-
-5. Create tags for your new release, publish the release on crates.io and push
-   the tags:
-
-   ```bash
-   # Switch to main first.
-   git switch main
-   # Pull in the now-merged release commit(s).
-   git pull
-   # Create tags, publish the release on crates.io, and push the tags.
-   cargo xtask release publish --execute
-   ```
-
-   For more information on cargo-release: https://github.com/crate-ci/cargo-release
@@ -0,0 +1,121 @@
+# Upgrades 0.5 ➜ 0.6 
+
+This is a rough migration guide to help you upgrade your code using matrix-sdk 0.5 to the newly released matrix-sdk 0.6 . While it won't cover all edge cases and problems, we are trying to get the most common issues covered. If you experience any other difficulties in upgrade or need support with using the matrix-sdk in general, please approach us in our [matrix-sdk channel on matrix.org][matrix-channel].
+
+## Minimum Supported Rust Version Update: `1.60`
+
+We have updated the minimal rust version you need in order to build `matrix-sdk`, as we require some new dependency resolving features from it:
+
+>  These crates are built with the Rust language version 2021 and require a minimum compiler version of 1.60
+
+## Dependencies
+
+Many dependencies have been upgraded. Most notably, we are using `ruma`  at version `0.7.0` now. It has seen some renamings and restructurings since our last release, so you might find that some Types have new names now.
+
+## Repo Structure Updates
+
+If you are looking at the repository itself, you will find we've rearranged the code quite a bit: we have split out any bindings-specific and testing related crates (and other things) into respective folders, and we've moved all `examples` into its own top-level-folder with each example as their own crate (rendering them easier to find and copy as starting points), all in all slimming down the `crates` folder to the core aspects.
+
+
+## Architecture Changes / API overall
+
+### Builder Pattern
+
+We are moving to the [builder pattern][] (familiar from e.g. `std::io:process:Command`) as the main configurable path for many aspects of the API, including to construct Matrix-Requests and workflows. This has been and is an on-going effort, and this release sees a lot of APIs transitioning to this pattern, you should already be familiar with from the `matrix_sdk::Client::builder()` in `0.5`. This pattern been extended onto:
+ - the [login configuration][login builder] and [login with sso][ssologin builder],
+ - [`SledStore` configuratiion][sled-store builder]
+ - [`Indexeddb` configuration][indexeddb builder]
+
+Most have fallback (though maybe with deprecation warning) support for an existing code path, but these are likely to be removed in upcoming releases.
+
+### Splitting of concerns: Media
+
+In an effort to declutter the `Client` API dedicated types have been created dealing with specific concerns in one place. In `0.5` we introduced `client.account()`, and `client.encryption()`, we are doing the same with `client.media()` to manage media and attachments in one place with the [`media::Media` type][media typ]  now.
+
+The signatures of media uploads, have also changed slightly: rather than expecting a reader `R: Read + Seek`, it now is a simple `&[u8]`. Which also means no more unnecessary `seek(0)` to reset the cursor, as we are just taking an immutable reference now.
+
+### Event Handling & sync updaes
+
+If you are using the `client.register_event_handler` function to receive updates on incoming sync events, you'll find yourself with a deprecation warning now. That is because we've refactored and redesigned the event handler logic to allowing `removing` of event handlers on the fly, too. For that the new `add_event_handler()` (and `add_room_event_handler`) will hand you an `EventHandlerHandle` (pardon the pun), which you can pass to `remove_event_handler`, or by using the convenient `client.event_handler_drop_guard` to create a `DropGuard` that will remove the handler when the guard is dropped. While the code still works, we recommend you switch to the new one, as we will be removing the `register_event_handler` and `register_event_handler_context` in a coming release.
+
+Secondly, you will find a new [`sync_with_result_callback` sync function][sync with result]. Other than the previous sync functions, this will pass the entire `Result` to your callback, allowing you to handle errors or even raise some yourself to stop the loop. Further more, it will propagate any unhandled errors (it still handles retries as before) to the outer caller, allowing the higher level to decide how to handle that (e.g. in case of a network failure). This result-returning-behavior also punshes through the existing `sync` and `sync_with_callback`-API, allowing you to handle them on a higher level now (rather than the futures just resolving). If you find that warning, just adding a `?` to the `.await` of the call is probably the quickest way to  move forward.
+
+### Refresh Tokens
+
+This release now [supports `refresh_token`s][refresh tokens PR] as part of the [`Session`][session]. It is implemented with a default-flag in serde so deserializing a previously serialized Session (e.g. in a store) will work as before. As part of `refresh_token` support, you can now configure the client via `ClientBuilder.request_refresh_token()` to refresh the access token automagically on certain failures or do it manually by calling `client.refresh_access_token()` yourself. Auto-refresh is _off_ by default.
+
+You can stay informed about updates on the access token by listening to `client.session_tokens_signal()`.
+
+### Further changes
+
+ - [`MessageOptions`][message options] has been updated to Matrix 1.3 by making the `from` parameter optional (and function signatures have been updated, too). You can now request the server sends you messages from the first one you are allowed to have received.
+ - `client.user_id()` is not a `future` anymore. Remove any `.await` you had behind it.
+ - `verified()`, `blacklisted()` and `deleted()` on `matrix_sdk::encryption::identities::Device` have been renamed with a `is_` prefix.
+ - `verified()` on `matrix_sdk::encryption::identities::UserIdentity`, too has been prefixed with `is_` and thus is onw called `is_verified()`.
+ - The top-level crypto and state-store types of Indexeddb and Sled have been renamed to unique types>
+ - `state_store` and `crypto_store` do not need to be boxed anymore when passed to the [`StoreConfig`][store config]
+ - Indexeddb's `SerializationError` is now `IndexedDBStoreError`
+ - Javascript specific features are now behind the `js` feature-gate
+ - The new experimental next generation of sync ("sliding sync"), with a totally revamped api, can be found behind the optional `sliding-sync`-feature-gate
+
+
+## Quick Troubleshooting
+
+You find yourself focussed with any of these, here are the steps to follow to upgrade your code accordingly:
+
+### warning: use of deprecated associated function `matrix_sdk::Client::register_event_handler`: Use [`Client::add_event_handler`](#method.add_event_handler) instead
+
+As it says on the tin: we have deprecated this function in favor of the newer removable handler approach (see above). You can still continue to use this `fn` for now, but it will be removed in a future release.
+
+### warning: use of deprecated associated function `matrix_sdk::Client::login`: Replaced by [`Client::login_username`](#method.login_username)
+
+We have replaced the login facilities with a `LoginBuilder` and recommend you use that from now on. This isn't an error yet, but the function will be removed in a future release. 
+
+### expected slice `[u8]`, found struct ...
+
+We've updated the `send_attachment` and `Media` signatures to use `&[u8]` rather than `reader: Read + Seek` as it is more convenient and common place for most architectures anyways. If you are using `File::open(path)?` to get that handler, you can just replace that with `std::fs::read(path)?`
+
+### no method named `verified` found for struct `matrix_sdk::encryption::identities::Device` in the current scope
+
+Boolean flags like `verified`, `deleted`, `blacklisted`, etc have been renamed with a `is_` prefix. So, just follow the cargo suggestion:
+```
+   |
+69 |             device.verified()
+   |                    ^^^^^^^^ help: there is an associated function with a similar name: `is_verified`
+ ```
+
+ ### unresolved import `matrix_sdk::ruma::events::AnySyncRoomEvent`
+
+ Ruma has been updated to `0.7.0`, you will find some ruma Events names have changed, most notably, the `AnySyncRoomEvent` is now named `AnySyncTimelineEvent` (and not `AnySyncStateEvent`, which cargo wrongly suggests). Just rename the import and usage of it.
+
+### `std::option::Option<&matrix_sdk::ruma::UserId>` is not a future
+
+You are seeing something along the lines of:
+```
+19 |     if room_member.state_key != client.user_id().await.unwrap() {
+   |                                                 ^^^^^^ `std::option::Option<&matrix_sdk::ruma::UserId>` is not a future
+   |
+   = help: the trait `Future` is not implemented for `std::option::Option<&matrix_sdk::ruma::UserId>`
+   = note: std::option::Option<&matrix_sdk::ruma::UserId> must be a future or must implement `IntoFuture` to be awaited
+   = note: required because of the requirements on the impl of `IntoFuture` for `std::option::Option<&matrix_sdk::ruma::UserId>`
+help: remove the `.await`
+   |
+19 -     if room_member.state_key != client.user_id().await.unwrap() {
+19 +     if room_member.state_key != client.user_id().unwrap() {
+```
+
+You are using `client.user_id().await` but `user_id()` is no longer `async`. Just follow the cargo suggestion and remove the `.await`, it is not necessary any longer.
+
+
+ [matrix-channel]: https://matrix.to/#/#matrix-rust-sdk:matrix.org
+ [builder pattern]: https://doc.rust-lang.org/1.0.0/style/ownership/builders.html
+ [login builder]: https://docs.rs/matrix-sdk/latest/matrix_sdk/struct.LoginBuilder.html
+ [ssologin builder]: https://docs.rs/matrix-sdk/latest/matrix_sdk/struct.SsoLoginBuilder.html
+ [sled-store builder]: https://docs.rs/matrix-sdk-sled/latest/matrix_sdk_sled/struct.SledStateStoreBuilder.html
+ [indexeddb builder]: https://docs.rs/matrix-sdk-indexeddb/latest/matrix_sdk_indexeddb/struct.IndexeddbStateStoreBuilder.html
+ [media type]: https://docs.rs/matrix-sdk/latest/matrix_sdk//media/struct.Media.html
+ [sync with result]: https://docs.rs/matrix-sdk/latest/matrix_sdk/struct.Client.html#method.sync_with_result_callback
+ [session]: https://docs.rs/matrix-sdk/latest/matrix_sdk/struct.Session.html
+ [refresh tokens PR]: https://github.com/matrix-org/matrix-rust-sdk/pull/892
+ [store config]:  https://docs.rs/matrix-sdk-base/latest/matrix_sdk_base/store/struct.StoreConfig.html
+ [message options]: https://docs.rs/matrix-sdk/latest/matrix_sdk/room/struct.MessagesOptions.html
@@ -1,60 +1,25 @@
 [package]
 name = "benchmarks"
 description = "Matrix SDK benchmarks"
-edition = "2024"
+edition = "2021"
 license = "Apache-2.0"
-rust-version.workspace = true
+rust-version = "1.56"
 version = "1.0.0"
 publish = false

-[package.metadata.release]
-release = false
-
-[features]
-codspeed = []
-
 [dependencies]
-assert_matches.workspace = true
-criterion = { version = "4.2.1", features = ["async", "async_tokio", "html_reports"], package = "codspeed-criterion-compat" }
-futures-util.workspace = true
-matrix-sdk = { workspace = true, features = ["e2e-encryption", "sqlite", "testing"] }
-matrix-sdk-base.workspace = true
-matrix-sdk-crypto.workspace = true
-matrix-sdk-sqlite = { workspace = true, features = ["crypto-store"] }
-matrix-sdk-test.workspace = true
-matrix-sdk-ui.workspace = true
-rand.workspace = true
-ruma.workspace = true
-serde.workspace = true
-serde_json.workspace = true
-tempfile.workspace = true
-tokio = { workspace = true, features = ["rt-multi-thread"] }
-wiremock.workspace = true
+criterion = { version = "0.3.5", features = ["async", "async_tokio", "html_reports"] }
+matrix-sdk-crypto = { path = "../crates/matrix-sdk-crypto", version = "0.6.0"}
+matrix-sdk-sled = { path = "../crates/matrix-sdk-sled", version = "0.2.0", default-features = false, features = ["crypto-store"] }
+matrix-sdk-test = { path = "../testing/matrix-sdk-test", version = "0.6.0"}
+ruma = "0.7.0"
+serde_json = "1.0.79"
+tempfile = "3.3.0"
+tokio = { version = "1.17.0", default-features = false, features = ["rt-multi-thread"] }
+
+[target.'cfg(target_os = "linux")'.dependencies]
+pprof = { version = "0.10.0", features = ["flamegraph", "criterion"] }

 [[bench]]
 name = "crypto_bench"
 harness = false
-
-[[bench]]
-name = "linked_chunk"
-harness = false
-
-[[bench]]
-name = "store_bench"
-harness = false
-
-[[bench]]
-name = "room_bench"
-harness = false
-
-[[bench]]
-name = "timeline"
-harness = false
-
-[[bench]]
-name = "event_cache"
-harness = false
-
-[[bench]]
-name = "room_list"
-harness = false
@@ -8,7 +8,7 @@ can be found [here](https://bheisler.github.io/criterion.rs/book/criterion_rs.ht

 ## Running the benchmarks

-The benchmark can be run by using the `bench` command of `cargo`:
+The benchmark can be simply run by using the `bench` command of `cargo`:

 ```bash
 $ cargo bench
@@ -16,13 +16,6 @@ $ cargo bench

 This will work from the workspace directory of the rust-sdk.

-To lower compile times, you might be interested in using the `profiling` profile, that's optimized
-for a fair tradeoff between compile times and runtime performance:
-
-```bash
-$ cargo bench --profile profiling
-```
-
 If you want to pass options to the benchmark [you'll need to specify the name of
 the benchmark](https://bheisler.github.io/criterion.rs/book/faq.html#cargo-bench-gives-unrecognized-option-errors-for-valid-command-line-options):

@@ -30,7 +23,7 @@ the benchmark](https://bheisler.github.io/criterion.rs/book/faq.html#cargo-bench
 $ cargo bench --bench crypto_bench -- # Your options go here
 ```

-If you want to run only a specific benchmark, pass the name of the
+If you want to run only a specific benchmark, simply pass the name of the
 benchmark as an argument:

 ```bash
@@ -72,7 +65,7 @@ permisive value is `-1`:
 $ echo -1 | sudo tee /proc/sys/kernel/perf_event_paranoid
 ```

-To generate flame graphs feature, enable the profiling mode using the
+To generate flame graphs feature simply enable the profiling mode using the
 `--profile-time` command line flag:

 ```bash
@@ -1,16 +1,18 @@
 use std::{ops::Deref, sync::Arc};

-use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
+use criterion::*;
 use matrix_sdk_crypto::{EncryptionSettings, OlmMachine};
-use matrix_sdk_sqlite::SqliteCryptoStore;
-use matrix_sdk_test::ruma_response_from_json;
+use matrix_sdk_sled::SledCryptoStore;
+use matrix_sdk_test::response_from_file;
 use ruma::{
-    DeviceId, OwnedUserId, TransactionId, UserId,
-    api::client::{
-        keys::{claim_keys, get_keys},
-        to_device::send_event_to_device::v3::Response as ToDeviceResponse,
+    api::{
+        client::{
+            keys::{claim_keys, get_keys},
+            to_device::send_event_to_device::v3::Response as ToDeviceResponse,
+        },
+        IncomingResponse,
    },
-    device_id, room_id, user_id,
+    device_id, room_id, user_id, DeviceId, OwnedUserId, TransactionId, UserId,
 };
 use serde_json::Value;
 use tokio::runtime::Builder;
@@ -26,19 +28,25 @@ fn alice_device_id() -> &'static DeviceId {
 fn keys_query_response() -> get_keys::v3::Response {
    let data = include_bytes!("crypto_bench/keys_query.json");
    let data: Value = serde_json::from_slice(data).unwrap();
-    ruma_response_from_json(&data)
+    let data = response_from_file(&data);
+    get_keys::v3::Response::try_from_http_response(data)
+        .expect("Can't parse the keys upload response")
 }

 fn keys_claim_response() -> claim_keys::v3::Response {
    let data = include_bytes!("crypto_bench/keys_claim.json");
    let data: Value = serde_json::from_slice(data).unwrap();
-    ruma_response_from_json(&data)
+    let data = response_from_file(&data);
+    claim_keys::v3::Response::try_from_http_response(data)
+        .expect("Can't parse the keys upload response")
 }

 fn huge_keys_query_response() -> get_keys::v3::Response {
    let data = include_bytes!("crypto_bench/keys_query_2000_members.json");
    let data: Value = serde_json::from_slice(data).unwrap();
-    ruma_response_from_json(&data)
+    let data = response_from_file(&data);
+    get_keys::v3::Response::try_from_http_response(data)
+        .expect("Can't parse the keys query response")
 }

 pub fn keys_query(c: &mut Criterion) {
@@ -57,44 +65,24 @@ pub fn keys_query(c: &mut Criterion) {

    let name = format!("{count} device and cross signing keys");

-    // Benchmark memory store.
-
-    group.bench_with_input(
-        BenchmarkId::new("Device keys query [memory]", &name),
-        &response,
-        |b, response| {
-            b.to_async(&runtime)
-                .iter(|| async { machine.mark_request_as_sent(&txn_id, response).await.unwrap() })
-        },
-    );
-
-    // Benchmark sqlite store.
+    group.bench_with_input(BenchmarkId::new("memory store", &name), &response, |b, response| {
+        b.to_async(&runtime)
+            .iter(|| async { machine.mark_request_as_sent(&txn_id, response).await.unwrap() })
+    });

    let dir = tempfile::tempdir().unwrap();
-    let store = Arc::new(runtime.block_on(SqliteCryptoStore::open(dir.path(), None)).unwrap());
-    let machine = runtime
-        .block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store, None))
-        .unwrap();
+    let store = Arc::new(SledCryptoStore::open_with_passphrase(dir.path(), None).unwrap());
+    let machine =
+        runtime.block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store)).unwrap();

-    group.bench_with_input(
-        BenchmarkId::new("Device keys query [SQLite]", &name),
-        &response,
-        |b, response| {
-            b.to_async(&runtime)
-                .iter(|| async { machine.mark_request_as_sent(&txn_id, response).await.unwrap() })
-        },
-    );
-
-    {
-        let _guard = runtime.enter();
-        drop(machine);
-    }
+    group.bench_with_input(BenchmarkId::new("sled store", &name), &response, |b, response| {
+        b.to_async(&runtime)
+            .iter(|| async { machine.mark_request_as_sent(&txn_id, response).await.unwrap() })
+    });

    group.finish()
 }

-/// This test panics on the CI, not sure why so we're disabling it for now.
-#[cfg(not(feature = "codspeed"))]
 pub fn keys_claiming(c: &mut Criterion) {
    let runtime = Builder::new_multi_thread().build().expect("Can't create runtime");

@@ -110,65 +98,43 @@ pub fn keys_claiming(c: &mut Criterion) {

    let name = format!("{count} one-time keys");

-    group.bench_with_input(
-        BenchmarkId::new("One-time keys claiming [memory]", &name),
-        &response,
-        |b, response| {
-            b.iter_batched(
-                || {
-                    let machine = runtime.block_on(OlmMachine::new(alice_id(), alice_device_id()));
-                    runtime
-                        .block_on(machine.mark_request_as_sent(&txn_id, &keys_query_response))
-                        .unwrap();
-                    (machine, &runtime, &txn_id)
-                },
-                move |(machine, runtime, txn_id)| {
-                    runtime.block_on(async {
-                        machine.mark_request_as_sent(txn_id, response).await.unwrap();
-                        drop(machine);
-                    })
-                },
-                criterion::BatchSize::SmallInput,
-            )
-        },
-    );
+    group.bench_with_input(BenchmarkId::new("memory store", &name), &response, |b, response| {
+        b.iter_batched(
+            || {
+                let machine = runtime.block_on(OlmMachine::new(alice_id(), alice_device_id()));
+                runtime
+                    .block_on(machine.mark_request_as_sent(&txn_id, &keys_query_response))
+                    .unwrap();
+                (machine, &runtime, &txn_id)
+            },
+            move |(machine, runtime, txn_id)| {
+                runtime.block_on(machine.mark_request_as_sent(txn_id, response)).unwrap()
+            },
+            BatchSize::SmallInput,
+        )
+    });

-    group.bench_with_input(
-        BenchmarkId::new("One-time keys claiming [SQLite]", &name),
-        &response,
-        |b, response| {
-            b.iter_batched(
-                || {
-                    let dir = tempfile::tempdir().unwrap();
-                    let store = Arc::new(
-                        runtime.block_on(SqliteCryptoStore::open(dir.path(), None)).unwrap(),
-                    );
+    group.bench_with_input(BenchmarkId::new("sled store", &name), &response, |b, response| {
+        b.iter_batched(
+            || {
+                let dir = tempfile::tempdir().unwrap();
+                let store =
+                    Arc::new(SledCryptoStore::open_with_passphrase(dir.path(), None).unwrap());

-                    let machine = runtime
-                        .block_on(OlmMachine::with_store(
-                            alice_id(),
-                            alice_device_id(),
-                            store,
-                            None,
-                        ))
-                        .unwrap();
-                    runtime
-                        .block_on(machine.mark_request_as_sent(&txn_id, &keys_query_response))
-                        .unwrap();
-                    (machine, &runtime, &txn_id)
-                },
-                move |(machine, runtime, txn_id)| {
-                    runtime.block_on(async {
-                        machine.mark_request_as_sent(txn_id, response).await.unwrap();
-                    });
-
-                    let _ = runtime.enter();
-                    drop(machine);
-                },
-                criterion::BatchSize::SmallInput,
-            )
-        },
-    );
+                let machine = runtime
+                    .block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store))
+                    .unwrap();
+                runtime
+                    .block_on(machine.mark_request_as_sent(&txn_id, &keys_query_response))
+                    .unwrap();
+                (machine, &runtime, &txn_id)
+            },
+            move |(machine, runtime, txn_id)| {
+                runtime.block_on(machine.mark_request_as_sent(txn_id, response)).unwrap()
+            },
+            BatchSize::SmallInput,
+        )
+    });

    group.finish()
 }
@@ -194,9 +160,7 @@ pub fn room_key_sharing(c: &mut Criterion) {
    group.throughput(Throughput::Elements(count as u64));
    let name = format!("{count} devices");

-    // Benchmark memory store.
-
-    group.bench_function(BenchmarkId::new("Room key sharing [memory]", &name), |b| {
+    group.bench_function(BenchmarkId::new("memory store", &name), |b| {
        b.to_async(&runtime).iter(|| async {
            let requests = machine
                .share_room_key(
@@ -213,22 +177,18 @@ pub fn room_key_sharing(c: &mut Criterion) {
                machine.mark_request_as_sent(&request.txn_id, &to_device_response).await.unwrap();
            }

-            machine.discard_room_key(room_id).await.unwrap();
+            machine.invalidate_group_session(room_id).await.unwrap();
        })
    });
-
-    // Benchmark sqlite store.
-
    let dir = tempfile::tempdir().unwrap();
-    let store = Arc::new(runtime.block_on(SqliteCryptoStore::open(dir.path(), None)).unwrap());
+    let store = Arc::new(SledCryptoStore::open_with_passphrase(dir.path(), None).unwrap());

-    let machine = runtime
-        .block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store, None))
-        .unwrap();
+    let machine =
+        runtime.block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store)).unwrap();
    runtime.block_on(machine.mark_request_as_sent(&txn_id, &keys_query_response)).unwrap();
    runtime.block_on(machine.mark_request_as_sent(&txn_id, &response)).unwrap();

-    group.bench_function(BenchmarkId::new("Room key sharing [SQLite]", &name), |b| {
+    group.bench_function(BenchmarkId::new("sled store", &name), |b| {
        b.to_async(&runtime).iter(|| async {
            let requests = machine
                .share_room_key(
@@ -245,15 +205,10 @@ pub fn room_key_sharing(c: &mut Criterion) {
                machine.mark_request_as_sent(&request.txn_id, &to_device_response).await.unwrap();
            }

-            machine.discard_room_key(room_id).await.unwrap();
+            machine.invalidate_group_session(room_id).await.unwrap();
        })
    });

-    {
-        let _guard = runtime.enter();
-        drop(machine);
-    }
-
    group.finish()
 }

@@ -274,51 +229,44 @@ pub fn devices_missing_sessions_collecting(c: &mut Criterion) {

    runtime.block_on(machine.mark_request_as_sent(&txn_id, &response)).unwrap();

-    // Benchmark memory store.
-
-    group.bench_function(BenchmarkId::new("Devices collecting [memory]", &name), |b| {
+    group.bench_function(BenchmarkId::new("memory store", &name), |b| {
        b.to_async(&runtime).iter_with_large_drop(|| async {
            machine.get_missing_sessions(users.iter().map(Deref::deref)).await.unwrap()
        })
    });

-    // Benchmark sqlite store.
-
    let dir = tempfile::tempdir().unwrap();
-    let store = Arc::new(runtime.block_on(SqliteCryptoStore::open(dir.path(), None)).unwrap());
+    let store = Arc::new(SledCryptoStore::open_with_passphrase(dir.path(), None).unwrap());

-    let machine = runtime
-        .block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store, None))
-        .unwrap();
+    let machine =
+        runtime.block_on(OlmMachine::with_store(alice_id(), alice_device_id(), store)).unwrap();

    runtime.block_on(machine.mark_request_as_sent(&txn_id, &response)).unwrap();

-    group.bench_function(BenchmarkId::new("Devices collecting [SQLite]", &name), |b| {
+    group.bench_function(BenchmarkId::new("sled store", &name), |b| {
        b.to_async(&runtime).iter(|| async {
            machine.get_missing_sessions(users.iter().map(Deref::deref)).await.unwrap()
        })
    });

-    {
-        let _guard = runtime.enter();
-        drop(machine);
-    }
-
    group.finish()
 }

-#[cfg(not(feature = "codspeed"))]
+fn criterion() -> Criterion {
+    #[cfg(target_os = "linux")]
+    let criterion = Criterion::default().with_profiler(pprof::criterion::PProfProfiler::new(
+        100,
+        pprof::criterion::Output::Flamegraph(None),
+    ));
+    #[cfg(not(target_os = "linux"))]
+    let criterion = Criterion::default();
+
+    criterion
+}
+
 criterion_group! {
    name = benches;
-    config = Criterion::default();
+    config = criterion();
    targets = keys_query, keys_claiming, room_key_sharing, devices_missing_sessions_collecting,
 }
-
-#[cfg(feature = "codspeed")]
-criterion_group! {
-    name = benches;
-    config = Criterion::default();
-    targets = keys_query, room_key_sharing, devices_missing_sessions_collecting,
-}
-
 criterion_main!(benches);
@@ -1,361 +0,0 @@
-use std::{pin::Pin, sync::Arc};
-
-use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
-use matrix_sdk::{
-    RoomInfo, RoomState, SqliteEventCacheStore, StateStore,
-    cross_process_lock::CrossProcessLockConfig,
-    store::StoreConfig,
-    sync::{JoinedRoomUpdate, RoomUpdates},
-    test_utils::client::MockClientBuilder,
-};
-use matrix_sdk_base::event_cache::store::{DynEventCacheStore, IntoEventCacheStore, MemoryStore};
-use matrix_sdk_test::{ALICE, base64_sha256_hash, event_factory::EventFactory};
-use ruma::{
-    OwnedRoomId, RoomId,
-    events::{relation::RelationType, room::message::RoomMessageEventContentWithoutRelation},
-    room_id,
-};
-use tempfile::tempdir;
-use tokio::runtime::Builder;
-
-type StoreBuilder = Box<dyn Fn() -> Pin<Box<dyn Future<Output = Arc<DynEventCacheStore>>>>>;
-
-fn handle_room_updates(c: &mut Criterion) {
-    // Create a new asynchronous runtime.
-    let runtime = Builder::new_multi_thread()
-        .enable_time()
-        .enable_io()
-        .build()
-        .expect("Failed to create an asynchronous runtime");
-
-    let mut group = c.benchmark_group("Event cache room updates");
-    group.sample_size(10);
-
-    const NUM_EVENTS: usize = 1000;
-
-    for num_rooms in [1, 10, 100] {
-        // Add some joined rooms, each with NUM_EVENTS in it, to the sync response.
-        let mut room_updates = RoomUpdates::default();
-
-        let mut changes = matrix_sdk::StateChanges::default();
-
-        for i in 0..num_rooms {
-            // Synapse's room IDs for rooms v1 to v11 have an 18 characters localpart.
-            let raw_room_id = format!("!firstbatchroom{i:04}:example.com");
-
-            let room_id = if i % 10 == 9 {
-                // Make 1 in 10 rooms use a room v12 ID, which is a base64 hash similar to an
-                // event ID.
-                RoomId::new_v2(&base64_sha256_hash(raw_room_id.as_bytes())).unwrap()
-            } else {
-                OwnedRoomId::try_from(raw_room_id).unwrap()
-            };
-            let event_factory = EventFactory::new().room(&room_id).sender(&ALICE);
-
-            let mut joined_room_update = JoinedRoomUpdate::default();
-            for j in 0..NUM_EVENTS {
-                let event = event_factory.text_msg(format!("Message {j}")).into();
-                joined_room_update.timeline.events.push(event);
-            }
-            room_updates.joined.insert(room_id.clone(), joined_room_update);
-
-            changes.add_room(RoomInfo::new(&room_id, RoomState::Joined));
-        }
-
-        // Declare new stores for this set of events.
-        let temp_dir = Arc::new(tempdir().unwrap());
-
-        let store_builders: Vec<(_, StoreBuilder)> = vec![
-            (
-                "memory",
-                Box::new(|| Box::pin(async { MemoryStore::default().into_event_cache_store() })),
-            ),
-            (
-                "SQLite",
-                Box::new(move || {
-                    let temp_dir = temp_dir.clone();
-                    Box::pin(async move {
-                        // Remove all the files in the temp_dir, to reset the event cache state.
-                        for entry in temp_dir.path().read_dir().unwrap() {
-                            let entry = entry.unwrap();
-                            let path = entry.path();
-                            if path.is_dir() {
-                                // If it's a directory, remove it recursively.
-                                std::fs::remove_dir_all(path).unwrap();
-                            } else {
-                                std::fs::remove_file(path).unwrap();
-                            }
-                        }
-
-                        // Recreate a new store.
-                        SqliteEventCacheStore::open(temp_dir.path().join("bench"), None)
-                            .await
-                            .unwrap()
-                            .into_event_cache_store()
-                    })
-                }),
-            ),
-        ];
-
-        let state_store = runtime.block_on(async {
-            let state_store = matrix_sdk::MemoryStore::new();
-            state_store.save_changes(&changes).await.unwrap();
-            Arc::new(state_store)
-        });
-
-        for (store_name, store_builder) in &store_builders {
-            let client = runtime.block_on(async {
-                let event_cache_store = store_builder().await;
-
-                let client = MockClientBuilder::new(None)
-                    .on_builder(|builder| {
-                        builder.store_config(
-                            StoreConfig::new(CrossProcessLockConfig::multi_process(
-                                "cross-process-store-locks-holder-name",
-                            ))
-                            .state_store(state_store.clone())
-                            .event_cache_store(event_cache_store.clone()),
-                        )
-                    })
-                    .build()
-                    .await;
-
-                client.event_cache().subscribe().unwrap();
-
-                client
-            });
-
-            // Define a state store with all rooms known in it.
-            // Define the throughput.
-            group.throughput(Throughput::Elements(num_rooms));
-
-            // Bench the handling of room updates.
-            group.bench_function(
-                BenchmarkId::new(
-                    format!("Event cache room updates[{store_name}]"),
-                    format!("room count: {num_rooms}"),
-                ),
-                |bencher| {
-                    bencher.to_async(&runtime).iter(
-                        // The routine itself.
-                        || {
-                            let room_updates = room_updates.clone();
-                            let client = client.clone();
-
-                            async move {
-                                client.event_cache().clear_all_rooms().await.unwrap();
-
-                                client
-                                    .event_cache()
-                                    .handle_room_updates(room_updates.clone())
-                                    .await
-                                    .unwrap();
-                            }
-                        },
-                    )
-                },
-            );
-        }
-    }
-
-    group.finish()
-}
-
-fn find_event_relations(c: &mut Criterion) {
-    // Number of other events to saturate the DB, but that will not be affected by
-    // the benchmark. A small multiple of this number will be added.
-    // When running locally, run with more events than in Codespeed CI.
-    #[cfg(feature = "codspeed")]
-    const NUM_OTHER_EVENTS: usize = 100;
-    #[cfg(not(feature = "codspeed"))]
-    const NUM_OTHER_EVENTS: usize = 1000;
-
-    // Create a new asynchronous runtime.
-    let runtime = Builder::new_multi_thread()
-        .enable_time()
-        .enable_io()
-        .build()
-        .expect("Failed to create an asynchronous runtime");
-
-    let mut group = c.benchmark_group("Event cache room updates");
-    group.sample_size(10);
-
-    // Room v1-v11 ID.
-    let room_id = room_id!("!initialtestingroom:ben.ch");
-    // Room v12 ID.
-    let other_room_id = room_id!("!ICMDdumUm6RRX_eWYY2wMb2w0CY0Z_5OvlY2gBR6ELc");
-
-    // Make the state store aware of the room, so that `client.get_room()` works
-    // with it.
-    let mut changes = matrix_sdk::StateChanges::default();
-    changes.add_room(RoomInfo::new(room_id, RoomState::Joined));
-    changes.add_room(RoomInfo::new(other_room_id, RoomState::Joined));
-    let state_store = runtime.block_on(async {
-        let state_store = matrix_sdk::MemoryStore::new();
-        state_store.save_changes(&changes).await.unwrap();
-        Arc::new(state_store)
-    });
-
-    for num_related_events in [10, 100, 1000] {
-        // Prefill the event cache store with one event and N related events.
-        let mut room_updates = RoomUpdates::default();
-
-        let event_factory = EventFactory::new().room(room_id).sender(&ALICE);
-
-        let mut joined_room_update = JoinedRoomUpdate::default();
-
-        // Add the target event.
-        let target_event = event_factory.text_msg("hello world").into_event();
-        let target_event_id =
-            { &target_event.event_id().expect("generated event has an event ID") };
-        joined_room_update.timeline.events.push(target_event);
-
-        // Add the numerous edits.
-        for i in 0..num_related_events {
-            let event = event_factory
-                .text_msg(format!("* edit {i}"))
-                .edit(
-                    target_event_id,
-                    RoomMessageEventContentWithoutRelation::text_plain(format!("edit {i}")),
-                )
-                .into();
-            joined_room_update.timeline.events.push(event);
-        }
-
-        // Add other events, in the same room, without a relation.
-        for i in 0..NUM_OTHER_EVENTS {
-            let event = event_factory.text_msg(format!("unrelated message {i}")).into();
-            joined_room_update.timeline.events.push(event);
-        }
-
-        // Add other events, in the same room, related to other events.
-        let other_target_event = event_factory.text_msg("hello world").into_event();
-        let other_target_event_id =
-            other_target_event.event_id().expect("generated event has an event ID");
-        joined_room_update.timeline.events.push(other_target_event);
-
-        for _i in 0..NUM_OTHER_EVENTS {
-            let event = event_factory.reaction(&other_target_event_id, "👍").into();
-            joined_room_update.timeline.events.push(event);
-        }
-
-        room_updates.joined.insert(room_id.to_owned(), joined_room_update);
-
-        // Add other events, in another room.
-        let mut other_joined_room_update = JoinedRoomUpdate::default();
-        let event_factory = event_factory.room(other_room_id);
-        for i in 0..NUM_OTHER_EVENTS {
-            let event = event_factory.text_msg(format!("hi {i}")).into();
-            other_joined_room_update.timeline.events.push(event);
-        }
-        room_updates.joined.insert(other_room_id.to_owned(), other_joined_room_update);
-
-        changes.add_room(RoomInfo::new(room_id, RoomState::Joined));
-
-        // Declare new stores for this set of events.
-        let temp_dir = Arc::new(tempdir().unwrap());
-
-        let stores = vec![
-            ("memory", MemoryStore::default().into_event_cache_store()),
-            (
-                "SQLite",
-                runtime.block_on(async {
-                    SqliteEventCacheStore::open(temp_dir.path().join("bench"), None)
-                        .await
-                        .unwrap()
-                        .into_event_cache_store()
-                }),
-            ),
-        ];
-
-        for (store_name, event_cache_store) in stores {
-            let (client, room_event_cache, _drop_handles) = runtime.block_on(async {
-                let client = MockClientBuilder::new(None)
-                    .on_builder(|builder| {
-                        builder.store_config(
-                            StoreConfig::new(CrossProcessLockConfig::multi_process(
-                                "cross-process-store-locks-holder-name",
-                            ))
-                            .state_store(state_store.clone())
-                            .event_cache_store(event_cache_store),
-                        )
-                    })
-                    .build()
-                    .await;
-
-                client.event_cache().subscribe().unwrap();
-
-                // Sync the updates before starting the benchmark.
-                let mut update_recv = client.event_cache().subscribe_to_room_generic_updates();
-
-                client.event_cache().handle_room_updates(room_updates.clone()).await.unwrap();
-
-                // Wait for the event cache to notify us of the room updates.
-                let update = update_recv.recv().await.unwrap();
-                assert!(update.room_id == room_id || update.room_id == other_room_id);
-
-                let update = update_recv.recv().await.unwrap();
-                assert!(update.room_id == room_id || update.room_id == other_room_id);
-
-                let room = client.get_room(room_id).unwrap();
-                let room_event_cache = room.event_cache().await.unwrap();
-
-                (client, room_event_cache.0, room_event_cache.1)
-            });
-
-            // Define the throughput.
-            group.throughput(Throughput::Elements(num_related_events));
-
-            for filter in [None, Some(vec![RelationType::Replacement])] {
-                group.bench_function(
-                    BenchmarkId::new(
-                        format!("Event cache find_event_relations[{store_name}]"),
-                        format!(
-                            "{num_related_events} events, {} filter",
-                            if filter.is_some() { "edits" } else { "#no" },
-                        ),
-                    ),
-                    |bencher| {
-                        bencher.to_async(&runtime).iter_batched(
-                            // The setup.
-                            || (room_event_cache.clone(), filter.clone()),
-                            // The routine itself.
-                            |(room_event_cache, filter)| async move {
-                                let (target, relations) = room_event_cache
-                                    .find_event_with_relations(target_event_id, filter)
-                                    .await
-                                    .unwrap()
-                                    .unwrap();
-                                assert_eq!(target.event_id().unwrap(), *target_event_id);
-                                assert_eq!(relations.len(), num_related_events as usize);
-                            },
-                            criterion::BatchSize::PerIteration,
-                        )
-                    },
-                );
-            }
-
-            {
-                let _guard = runtime.enter();
-                drop(room_event_cache);
-                drop(client);
-                drop(_drop_handles);
-            }
-        }
-    }
-
-    {
-        let _guard = runtime.enter();
-        drop(state_store);
-    }
-
-    group.finish()
-}
-
-criterion_group! {
-    name = event_cache;
-    config = Criterion::default();
-    targets = handle_room_updates, find_event_relations,
-}
-
-criterion_main!(event_cache);
@@ -1,263 +0,0 @@
-use std::{sync::Arc, time::Duration};
-
-use criterion::{BatchSize, BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
-use matrix_sdk::{
-    SqliteEventCacheStore,
-    linked_chunk::{LinkedChunk, LinkedChunkId, Update, lazy_loader},
-};
-use matrix_sdk_base::event_cache::{
-    Event, Gap,
-    store::{DEFAULT_CHUNK_CAPACITY, DynEventCacheStore, IntoEventCacheStore, MemoryStore},
-};
-use matrix_sdk_test::{ALICE, event_factory::EventFactory};
-use ruma::room_id;
-use tempfile::tempdir;
-use tokio::runtime::Builder;
-
-#[derive(Clone, Debug)]
-enum Operation {
-    PushItemsBack(Vec<Event>),
-    PushGapBack(Gap),
-}
-
-#[cfg(not(feature = "codspeed"))]
-const NUMBER_OF_EVENTS: &[u64] = &[10, 100, 1000, 10_000, 100_000];
-#[cfg(feature = "codspeed")]
-const NUMBER_OF_EVENTS: &[u64] = &[10, 100, 1000];
-
-fn writing(c: &mut Criterion) {
-    // Create a new asynchronous runtime.
-    let runtime = Builder::new_multi_thread()
-        .enable_time()
-        .enable_io()
-        .build()
-        .expect("Failed to create an asynchronous runtime");
-
-    let room_id = room_id!("!fabricandofitfaber:bar.baz");
-    let linked_chunk_id = LinkedChunkId::Room(room_id);
-    let event_factory = EventFactory::new().room(room_id).sender(&ALICE);
-
-    let mut group = c.benchmark_group("Linked chunk writing");
-    group.sample_size(10).measurement_time(Duration::from_secs(30));
-
-    for &number_of_events in NUMBER_OF_EVENTS {
-        let sqlite_temp_dir = tempdir().unwrap();
-
-        // Declare new stores for this set of events.
-        let stores: [(&str, Option<Arc<DynEventCacheStore>>); 3] = [
-            ("none", None),
-            ("memory store", Some(MemoryStore::default().into_event_cache_store())),
-            (
-                "sqlite store",
-                runtime.block_on(async {
-                    Some(
-                        SqliteEventCacheStore::open(sqlite_temp_dir.path().join("bench"), None)
-                            .await
-                            .unwrap()
-                            .into_event_cache_store(),
-                    )
-                }),
-            ),
-        ];
-
-        for (store_name, store) in stores {
-            // Create the operations we want to bench.
-            let mut operations = Vec::new();
-
-            {
-                let mut events = (0..number_of_events)
-                    .map(|nth| event_factory.text_msg(format!("foo {nth}")).into_event())
-                    .peekable();
-
-                let mut gap_nth = 0;
-
-                while events.peek().is_some() {
-                    {
-                        let events_to_push_back = events.by_ref().take(80).collect::<Vec<_>>();
-
-                        if events_to_push_back.is_empty() {
-                            break;
-                        }
-
-                        operations.push(Operation::PushItemsBack(events_to_push_back));
-                    }
-
-                    {
-                        operations
-                            .push(Operation::PushGapBack(Gap { token: format!("gap{gap_nth}") }));
-                        gap_nth += 1;
-                    }
-                }
-            }
-
-            // Define the throughput.
-            group.throughput(Throughput::Elements(number_of_events));
-
-            // Get a bencher.
-            group.bench_with_input(
-                BenchmarkId::new(format!("Linked chunk writing [{store_name}]"), number_of_events),
-                &operations,
-                |bencher, operations| {
-                    // Bench the routine.
-                    bencher.to_async(&runtime).iter_batched(
-                        || operations.clone(),
-                        |operations| async {
-                            // The routine to bench!
-
-                            let mut linked_chunk = LinkedChunk::<DEFAULT_CHUNK_CAPACITY, Event, Gap>::new_with_update_history();
-
-                            for operation in operations {
-                                match operation {
-                                    Operation::PushItemsBack(events) => linked_chunk.push_items_back(events),
-                                    Operation::PushGapBack(gap) => linked_chunk.push_gap_back(gap),
-                                }
-                            }
-
-                            if let Some(store) = &store {
-                                let updates = linked_chunk.updates().unwrap().take();
-                                store.handle_linked_chunk_updates(linked_chunk_id, updates).await.unwrap();
-                                // Empty the store.
-                                store.handle_linked_chunk_updates(linked_chunk_id, vec![Update::Clear]).await.unwrap();
-                            }
-
-                        },
-                        BatchSize::SmallInput
-                    )
-                },
-            );
-
-            {
-                let _guard = runtime.enter();
-                drop(store);
-            }
-        }
-    }
-
-    group.finish()
-}
-
-fn reading(c: &mut Criterion) {
-    // Create a new asynchronous runtime.
-    let runtime = Builder::new_multi_thread()
-        .enable_time()
-        .enable_io()
-        .build()
-        .expect("Failed to create an asynchronous runtime");
-
-    let room_id = room_id!("!fabricandofitfaber:bar.baz");
-    let linked_chunk_id = LinkedChunkId::Room(room_id);
-    let event_factory = EventFactory::new().room(room_id).sender(&ALICE);
-
-    let mut group = c.benchmark_group("Linked chunk reading");
-    group.sample_size(10);
-
-    for &num_events in NUMBER_OF_EVENTS {
-        let sqlite_temp_dir = tempdir().unwrap();
-
-        // Declare new stores for this set of events.
-        let stores: [(&str, Arc<DynEventCacheStore>); 2] = [
-            ("memory store", MemoryStore::default().into_event_cache_store()),
-            (
-                "sqlite store",
-                runtime.block_on(async {
-                    SqliteEventCacheStore::open(sqlite_temp_dir.path().join("bench"), None)
-                        .await
-                        .unwrap()
-                        .into_event_cache_store()
-                }),
-            ),
-        ];
-
-        for (store_name, store) in stores {
-            // Store some events and gap chunks in the store.
-            {
-                let mut events = (0..num_events)
-                    .map(|nth| event_factory.text_msg(format!("foo {nth}")).into_event())
-                    .peekable();
-
-                let mut lc =
-                    LinkedChunk::<DEFAULT_CHUNK_CAPACITY, Event, Gap>::new_with_update_history();
-                let mut num_gaps = 0;
-
-                while events.peek().is_some() {
-                    let events_chunk = events.by_ref().take(80).collect::<Vec<_>>();
-
-                    if events_chunk.is_empty() {
-                        break;
-                    }
-
-                    lc.push_items_back(events_chunk);
-                    lc.push_gap_back(Gap { token: format!("gap{num_gaps}") });
-
-                    num_gaps += 1;
-                }
-
-                // Now persist the updates to recreate this full linked chunk.
-                let updates = lc.updates().unwrap().take();
-                runtime
-                    .block_on(store.handle_linked_chunk_updates(linked_chunk_id, updates))
-                    .unwrap();
-            }
-
-            // Define the throughput.
-            group.throughput(Throughput::Elements(num_events));
-
-            // Bench the lazy loader.
-            group.bench_function(
-                BenchmarkId::new(format!("Linked chunk lazy loader[{store_name}]"), num_events),
-                |bencher| {
-                    // Bench the routine.
-                    bencher.to_async(&runtime).iter(|| async {
-                        // Load the last chunk first,
-                        let (last_chunk, chunk_id_gen) =
-                            store.load_last_chunk(linked_chunk_id).await.unwrap();
-
-                        let mut lc =
-                            lazy_loader::from_last_chunk::<128, _, _>(last_chunk, chunk_id_gen)
-                                .expect("no error when reconstructing the linked chunk")
-                                .expect("there is a linked chunk in the store");
-
-                        // Then load until the start of the linked chunk.
-                        let mut cur_chunk_id = lc.chunks().next().unwrap().identifier();
-                        while let Some(prev) =
-                            store.load_previous_chunk(linked_chunk_id, cur_chunk_id).await.unwrap()
-                        {
-                            cur_chunk_id = prev.identifier;
-                            lazy_loader::insert_new_first_chunk(&mut lc, prev)
-                                .expect("no error when linking the previous lazy-loaded chunk");
-                        }
-                    })
-                },
-            );
-
-            // Bench the metadata loader.
-            group.bench_function(
-                BenchmarkId::new(format!("Linked chunk metadata loader[{store_name}]"), num_events),
-                |bencher| {
-                    // Bench the routine.
-                    bencher.to_async(&runtime).iter(|| async {
-                        let _metadata = store
-                            .load_all_chunks_metadata(linked_chunk_id)
-                            .await
-                            .expect("metadata must load");
-                    })
-                },
-            );
-
-            {
-                let _guard = runtime.enter();
-                drop(store);
-            }
-        }
-    }
-
-    group.finish()
-}
-
-criterion_group! {
-    name = event_cache;
-    config = Criterion::default();
-    targets = writing, reading,
-}
-
-criterion_main!(event_cache);
@@ -1,207 +0,0 @@
-use std::time::Duration;
-
-use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
-use matrix_sdk::{
-    cross_process_lock::CrossProcessLockConfig, store::RoomLoadSettings,
-    test_utils::mocks::MatrixMockServer,
-};
-use matrix_sdk_base::{
-    BaseClient, RoomInfo, RoomState, SessionMeta, StateChanges, StateStore, ThreadingSupport,
-    store::StoreConfig,
-};
-use matrix_sdk_sqlite::SqliteStateStore;
-use matrix_sdk_test::{JoinedRoomBuilder, base64_sha256_hash, event_factory::EventFactory};
-use matrix_sdk_ui::timeline::{TimelineBuilder, TimelineFocus};
-use ruma::{
-    EventId, MilliSecondsSinceUnixEpoch, OwnedEventId, OwnedUserId,
-    api::client::membership::get_member_events,
-    events::room::member::{MembershipState, RoomMemberEvent},
-    mxc_uri, owned_device_id, owned_room_id, owned_user_id,
-    serde::Raw,
-};
-use tokio::runtime::Builder;
-use wiremock::{Request, ResponseTemplate};
-
-pub fn receive_all_members_benchmark(c: &mut Criterion) {
-    const MEMBERS_IN_ROOM: usize = 100000;
-
-    let runtime = Builder::new_multi_thread().build().expect("Can't create runtime");
-    let room_id = owned_room_id!("!homohominilupusest:example.com");
-
-    let f = EventFactory::new().room(&room_id);
-    let mut member_events: Vec<Raw<RoomMemberEvent>> = Vec::with_capacity(MEMBERS_IN_ROOM);
-    for i in 0..MEMBERS_IN_ROOM {
-        let user_id = OwnedUserId::try_from(format!("@user_{i}:matrix.org")).unwrap();
-        let event = f
-            .member(&user_id)
-            .membership(MembershipState::Join)
-            .avatar_url(mxc_uri!("mxc://example.org/SEsfnsuifSDFSSEF"))
-            .display_name("Alice Margatroid")
-            .reason("Looking for support")
-            .into_raw();
-        member_events.push(event);
-    }
-
-    // Create a fake list of changes, and a session to recover from.
-    let mut changes = StateChanges::default();
-    changes.add_room(RoomInfo::new(&room_id, RoomState::Joined));
-    for member_event in member_events.iter() {
-        let event = member_event.clone().cast();
-        changes.add_state_event(&room_id, event.deserialize().unwrap(), event);
-    }
-
-    // Sqlite
-    let sqlite_dir = tempfile::tempdir().unwrap();
-    let sqlite_store = runtime.block_on(SqliteStateStore::open(sqlite_dir.path(), None)).unwrap();
-    runtime
-        .block_on(sqlite_store.save_changes(&changes))
-        .expect("initial filling of sqlite failed");
-
-    let base_client = BaseClient::new(
-        StoreConfig::new(CrossProcessLockConfig::multi_process(
-            "cross-process-store-locks-holder-name",
-        ))
-        .state_store(sqlite_store),
-        ThreadingSupport::Disabled,
-    );
-
-    runtime
-        .block_on(base_client.activate(
-            SessionMeta {
-                user_id: owned_user_id!("@somebody:example.com"),
-                device_id: owned_device_id!("DEVICE_ID"),
-            },
-            RoomLoadSettings::default(),
-            None,
-        ))
-        .expect("Could not set session meta");
-
-    base_client.get_or_create_room(&room_id, RoomState::Joined);
-
-    let request = get_member_events::v3::Request::new(room_id.clone());
-    let response = get_member_events::v3::Response::new(member_events);
-
-    let count = MEMBERS_IN_ROOM;
-    let name = format!("{count} members");
-    let mut group = c.benchmark_group("Test");
-    group.throughput(Throughput::Elements(count as u64));
-    group.sample_size(50);
-
-    group.bench_function(BenchmarkId::new("Handle /members request [SQLite]", name), |b| {
-        b.to_async(&runtime).iter(|| async {
-            base_client.receive_all_members(&room_id, &request, &response).await.unwrap();
-        });
-    });
-
-    {
-        let _guard = runtime.enter();
-        drop(base_client);
-    }
-
-    group.finish();
-}
-
-pub fn load_pinned_events_benchmark(c: &mut Criterion) {
-    const PINNED_EVENTS_COUNT: usize = 100;
-
-    let runtime = Builder::new_multi_thread().enable_all().build().expect("Can't create runtime");
-    let room_id = owned_room_id!("!homohominilupusest:example.com");
-    let sender_id = owned_user_id!("@sender:example.com");
-
-    let f = EventFactory::new().room(&room_id).sender(&sender_id);
-
-    let mut joined_room_builder =
-        JoinedRoomBuilder::new(&room_id).add_state_event(f.room_encryption());
-
-    let pinned_event_ids: Vec<OwnedEventId> = (0..PINNED_EVENTS_COUNT)
-        .map(|i| {
-            EventId::new_v2_or_v3(&base64_sha256_hash(format!("${i}").as_bytes()))
-                .expect("Invalid event id")
-        })
-        .collect();
-    joined_room_builder =
-        joined_room_builder.add_state_bulk(vec![f.room_pinned_events(pinned_event_ids).into()]);
-
-    let (server, client, room) = runtime.block_on(async move {
-        let server = MatrixMockServer::new().await;
-        let client = server.client_builder().build().await;
-
-        let room = server.sync_room(&client, joined_room_builder).await;
-
-        server
-            .mock_room_event()
-            .respond_with(move |r: &Request| {
-                let segments: Vec<&str> = r.url.path_segments().expect("Invalid path").collect();
-                let event_id_str = segments[6];
-                let event_id = EventId::parse(event_id_str).expect("Invalid event id in response");
-                let event = f
-                    .text_msg(format!("Message {event_id_str}"))
-                    .event_id(&event_id)
-                    .server_ts(MilliSecondsSinceUnixEpoch::now())
-                    .into_raw_sync();
-                ResponseTemplate::new(200)
-                    .set_delay(Duration::from_millis(50))
-                    .set_body_json(event.json())
-            })
-            .mount()
-            .await;
-
-        client.event_cache().subscribe().unwrap();
-
-        (server, client, room)
-    });
-
-    let pinned_event_ids = room.pinned_event_ids().unwrap_or_default();
-    assert!(!pinned_event_ids.is_empty());
-    assert_eq!(pinned_event_ids.len(), PINNED_EVENTS_COUNT);
-
-    let count = PINNED_EVENTS_COUNT;
-    let name = format!("{count} pinned events");
-    let mut group = c.benchmark_group("Load pinned events");
-    group.throughput(Throughput::Elements(count as u64));
-    group.sample_size(10);
-
-    group.bench_function(BenchmarkId::new("Load pinned events [memory]", name), |b| {
-        b.to_async(&runtime).iter(|| async {
-            let pinned_event_ids = room.pinned_event_ids().unwrap_or_default();
-            assert!(!pinned_event_ids.is_empty());
-            assert_eq!(pinned_event_ids.len(), PINNED_EVENTS_COUNT);
-
-            // Reset cache so it always loads the events from the mocked endpoint
-            client
-                .event_cache_store()
-                .lock()
-                .await
-                .unwrap()
-                .as_clean()
-                .unwrap()
-                .clear_all_linked_chunks()
-                .await
-                .unwrap();
-
-            let timeline = TimelineBuilder::new(&room)
-                .with_focus(TimelineFocus::PinnedEvents)
-                .build()
-                .await
-                .expect("Could not create timeline");
-
-            let (items, _) = timeline.subscribe().await;
-            assert_eq!(items.len(), PINNED_EVENTS_COUNT + 1);
-            timeline.clear().await;
-        });
-    });
-
-    {
-        let _guard = runtime.enter();
-        drop(server);
-    }
-
-    group.finish();
-}
-
-criterion_group! {
-    name = room;
-    config = Criterion::default();
-    targets = receive_all_members_benchmark, load_pinned_events_benchmark,
-}
-criterion_main!(room);
@@ -1,101 +0,0 @@
-use assert_matches::assert_matches;
-use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
-use futures_util::pin_mut;
-use matrix_sdk::{stream::StreamExt, test_utils::mocks::MatrixMockServer};
-use matrix_sdk_test::{JoinedRoomBuilder, base64_sha256_hash, event_factory::EventFactory};
-use matrix_sdk_ui::{
-    RoomListService, eyeball_im::VectorDiff, room_list_service::filters::new_filter_non_left,
-};
-use rand::{distr::Uniform, prelude::Distribution};
-use ruma::{OwnedRoomId, RoomId, owned_user_id};
-use tokio::runtime::Builder;
-
-/// Benchmark the time it takes to create a room list.
-pub fn create(c: &mut Criterion) {
-    const NUMBER_OF_ROOMS: usize = 1000;
-    const NUMBER_OF_EVENTS_PER_ROOM: usize = 1000;
-
-    let runtime = Builder::new_multi_thread().enable_all().build().expect("Can't create runtime");
-
-    let (server, client) = runtime.block_on(async {
-        let server = MatrixMockServer::new().await;
-        let client = server.client_builder().build().await;
-        client.event_cache().subscribe().unwrap();
-
-        (server, client)
-    });
-
-    let sender_id = owned_user_id!("@mnt_io:matrix.org");
-    let mut rand = rand::rng();
-    let server_ts_range = Uniform::try_from(100..1000).unwrap();
-
-    for room_nth in 0..NUMBER_OF_ROOMS {
-        // Synapse's room IDs for rooms v1 to v11 have an 18 characters localpart.
-        let raw_room_id = format!("!arsgratiaartis{room_nth:04}:example.com");
-
-        let room_id = if room_nth % 10 == 9 {
-            // Make 1 in 10 rooms use a room v12 ID, which is a base64 hash similar to an
-            // event ID.
-            RoomId::new_v2(&base64_sha256_hash(raw_room_id.as_bytes())).unwrap()
-        } else {
-            OwnedRoomId::try_from(raw_room_id).unwrap()
-        };
-
-        let first_server_ts = server_ts_range.sample(&mut rand);
-        let event_factory = EventFactory::new().room(&room_id).server_ts(first_server_ts);
-
-        let events = (0..NUMBER_OF_EVENTS_PER_ROOM)
-            .map(|event_nth| {
-                event_factory
-                    .text_msg(format!("a {room_nth}_{event_nth}"))
-                    .sender(&sender_id)
-                    .into_raw_sync()
-            })
-            .collect::<Vec<_>>();
-
-        let _room = runtime.block_on(async {
-            server
-                .sync_room(&client, JoinedRoomBuilder::new(&room_id).add_timeline_bulk(events))
-                .await
-        });
-    }
-
-    let mut group = c.benchmark_group("RoomList");
-    group.throughput(Throughput::Elements(NUMBER_OF_ROOMS.try_into().unwrap()));
-
-    group.bench_function(
-        BenchmarkId::new(
-            "Create",
-            format!("{NUMBER_OF_ROOMS} rooms × {NUMBER_OF_EVENTS_PER_ROOM} events"),
-        ),
-        |bencher| {
-            bencher.to_async(&runtime).iter(|| async {
-                let room_list_service = RoomListService::new(client.clone())
-                    .await
-                    .expect("build the room list service");
-                let room_list = room_list_service.all_rooms().await.expect("fetch `all_rooms`");
-                let (entries_stream, entries_controller) =
-                    room_list.entries_with_dynamic_adapters(20);
-
-                // Setting the filter will trigger the entries stream computation.
-                entries_controller.set_filter(Box::new(new_filter_non_left()));
-
-                pin_mut!(entries_stream);
-                let update = entries_stream.next().await.expect("receiving the reset update");
-                assert_eq!(update.len(), 1);
-                assert_matches!(&update[0], VectorDiff::Reset { values } => {
-                    assert_eq!(values.len(), 20);
-                });
-            });
-        },
-    );
-
-    group.finish();
-}
-
-criterion_group! {
-    name = room_list;
-    config = Criterion::default();
-    targets = create
-}
-criterion_main!(room_list);
@@ -1,139 +0,0 @@
-use std::sync::Arc;
-
-use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
-use matrix_sdk::{
-    Client, RoomInfo, RoomState, SessionTokens, StateChanges,
-    authentication::matrix::MatrixSession, config::StoreConfig,
-    cross_process_lock::CrossProcessLockConfig,
-};
-use matrix_sdk_base::{SessionMeta, StateStore as _, store::MemoryStore};
-use matrix_sdk_sqlite::SqliteStateStore;
-use matrix_sdk_test::base64_sha256_hash;
-use ruma::{OwnedRoomId, RoomId, owned_device_id, owned_user_id};
-use tokio::runtime::Builder;
-
-/// Number of joined rooms in the benchmark.
-const NUM_JOINED_ROOMS: usize = 10000;
-
-/// Number of stripped rooms in the benchmark.
-const NUM_STRIPPED_JOINED_ROOMS: usize = 10000;
-
-pub fn restore_session(c: &mut Criterion) {
-    let runtime = Builder::new_multi_thread().enable_time().build().expect("Can't create runtime");
-
-    // Create a fake list of changes, and a session to recover from.
-    let mut changes = StateChanges::default();
-
-    for i in 0..NUM_JOINED_ROOMS {
-        // Synapse's room IDs for rooms v1 to v11 have an 18 characters localpart.
-        let raw_room_id = format!("!joinedchamber{i:05}:example.com");
-
-        let room_id = if i % 20 == 19 {
-            // Make 1 in 20 rooms use a room v12 ID, which is a base64 hash similar to an
-            // event ID.
-            RoomId::new_v2(&base64_sha256_hash(raw_room_id.as_bytes())).unwrap()
-        } else {
-            OwnedRoomId::try_from(raw_room_id).unwrap()
-        };
-        changes.add_room(RoomInfo::new(&room_id, RoomState::Joined));
-    }
-
-    for i in 0..NUM_STRIPPED_JOINED_ROOMS {
-        // Synapse's room IDs for rooms v1 to v11 have an 18 characters localpart.
-        let raw_room_id = format!("!strippedlodge{i:05}:example.com");
-
-        let room_id = if i % 20 == 19 {
-            // Make 1 in 20 rooms use a room v12 ID, which is a base64 hash similar to an
-            // event ID.
-            RoomId::new_v2(&base64_sha256_hash(raw_room_id.as_bytes())).unwrap()
-        } else {
-            OwnedRoomId::try_from(raw_room_id).unwrap()
-        };
-        changes.add_room(RoomInfo::new(&room_id, RoomState::Invited));
-    }
-
-    let session = MatrixSession {
-        meta: SessionMeta {
-            user_id: owned_user_id!("@somebody:example.com"),
-            device_id: owned_device_id!("DEVICE_ID"),
-        },
-        tokens: SessionTokens { access_token: "OHEY".to_owned(), refresh_token: None },
-    };
-
-    // Start the benchmark.
-
-    let mut group = c.benchmark_group("Client reload");
-    group.throughput(Throughput::Elements(100));
-
-    // Memory
-    let mem_store = Arc::new(MemoryStore::new());
-    runtime.block_on(mem_store.save_changes(&changes)).expect("initial filling of mem failed");
-
-    group.bench_with_input("Restore session [memory store]", &mem_store, |b, store| {
-        b.to_async(&runtime).iter(|| async {
-            let client = Client::builder()
-                .homeserver_url("https://matrix.example.com")
-                .store_config(
-                    StoreConfig::new(CrossProcessLockConfig::multi_process(
-                        "cross-process-store-locks-holder-name",
-                    ))
-                    .state_store(store.clone()),
-                )
-                .build()
-                .await
-                .expect("Can't build client");
-            client.restore_session(session.clone()).await.expect("couldn't restore session");
-        })
-    });
-
-    for encryption_password in [None, Some("hunter2")] {
-        let encrypted_suffix = if encryption_password.is_some() { "encrypted" } else { "clear" };
-
-        // Sqlite
-        let sqlite_dir = tempfile::tempdir().unwrap();
-        let sqlite_store = runtime
-            .block_on(SqliteStateStore::open(sqlite_dir.path(), encryption_password))
-            .unwrap();
-        runtime
-            .block_on(sqlite_store.save_changes(&changes))
-            .expect("initial filling of sqlite failed");
-
-        group.bench_with_input(
-            BenchmarkId::new("Restore session [SQLite]", encrypted_suffix),
-            &sqlite_store,
-            |b, store| {
-                b.to_async(&runtime).iter(|| async {
-                    let client = Client::builder()
-                        .homeserver_url("https://matrix.example.com")
-                        .store_config(
-                            StoreConfig::new(CrossProcessLockConfig::multi_process(
-                                "cross-process-store-locks-holder-name",
-                            ))
-                            .state_store(store.clone()),
-                        )
-                        .build()
-                        .await
-                        .expect("Can't build client");
-                    client
-                        .restore_session(session.clone())
-                        .await
-                        .expect("couldn't restore session");
-                })
-            },
-        );
-
-        {
-            let _guard = runtime.enter();
-            drop(sqlite_store);
-        }
-    }
-
-    group.finish()
-}
-
-criterion_group! {
-    name = benches;
-    config = Criterion::default();
-    targets = restore_session
-}
-criterion_main!(benches);
@@ -1,123 +0,0 @@
-use criterion::{BenchmarkId, Criterion, Throughput, criterion_group, criterion_main};
-use matrix_sdk::test_utils::mocks::MatrixMockServer;
-use matrix_sdk_test::{JoinedRoomBuilder, event_factory::EventFactory};
-use matrix_sdk_ui::timeline::{TimelineBuilder, TimelineReadReceiptTracking};
-use ruma::{
-    OwnedEventId, events::room::message::RoomMessageEventContentWithoutRelation, owned_room_id,
-    owned_user_id,
-};
-use tokio::runtime::Builder;
-
-/// Benchmark the time it takes to create a timeline (with read receipt
-/// support), when there are many initial events at rest in the event cache.
-///
-/// `NUM_EVENTS` is the number of events that will be stored initially in the
-/// event cache. It will be a mix of messages, reactions, edits and redactions,
-/// so there are some aggregations to take into account by the timeline as well.
-pub fn create_timeline_with_initial_events(c: &mut Criterion) {
-    const NUM_EVENTS: usize = 10000;
-
-    let runtime = Builder::new_multi_thread().enable_all().build().expect("Can't create runtime");
-    let room_id = owned_room_id!("!fortesfortunajuvat:example.com");
-
-    let sender_id = owned_user_id!("@sender:example.com");
-    let other_sender_id = owned_user_id!("@other_sender:example.com");
-    let another_sender_id = owned_user_id!("@another_sender:example.com");
-
-    let f = EventFactory::new().room(&room_id);
-
-    let mut events = Vec::new();
-    for i in 0..NUM_EVENTS {
-        let sender = match i % 3 {
-            0 => &sender_id,
-            1 => &other_sender_id,
-            2 => &another_sender_id,
-            _ => unreachable!("math genius over here"),
-        };
-
-        let j = i % 10;
-        if j < 6 {
-            // Messages.
-            events.push(f.text_msg(format!("Message {i}")).sender(sender).into_raw_sync());
-        } else if j < 8 {
-            // Reactions.
-            let prev_event_id = events[i - 2]
-                .get_field::<OwnedEventId>("event_id")
-                .expect("invalid event ID")
-                .expect("missing event ID");
-            events.push(f.reaction(&prev_event_id, "👍").sender(sender).into_raw_sync());
-        } else if j == 8 {
-            // Edit.
-            // Note: (i-3)%3 is the same as i%3 -> same sender!
-            let prev_event_id = events[i - 3]
-                .get_field::<OwnedEventId>("event_id")
-                .expect("invalid event ID")
-                .expect("missing event ID");
-            events.push(
-                f.text_msg(format!("* Message {}v2", i - 3))
-                    .edit(
-                        &prev_event_id,
-                        RoomMessageEventContentWithoutRelation::text_plain(format!(
-                            "Message {}v2",
-                            i - 3
-                        )),
-                    )
-                    .sender(sender)
-                    .into_raw_sync(),
-            );
-        } else if j == 9 {
-            // Redaction.
-            // Note: (i-6)%3 is the same as i%6 -> same sender!
-            let prev_event_id = events[i - 6]
-                .get_field::<OwnedEventId>("event_id")
-                .expect("invalid event ID")
-                .expect("missing event ID");
-            events.push(f.redaction(&prev_event_id).sender(sender).into_raw_sync());
-        }
-    }
-
-    let builder = JoinedRoomBuilder::new(&room_id)
-        .add_state_event(f.room_encryption().sender(&sender_id))
-        .add_timeline_bulk(events);
-
-    let room = runtime.block_on(async move {
-        let server = MatrixMockServer::new().await;
-        let client = server.client_builder().build().await;
-
-        client.event_cache().subscribe().unwrap();
-
-        let room = server.sync_room(&client, builder).await;
-        drop(server);
-
-        room
-    });
-
-    let mut group = c.benchmark_group("Create a timeline");
-    group.throughput(Throughput::Elements(NUM_EVENTS as _));
-    group.sample_size(10);
-
-    group.bench_function(
-        BenchmarkId::new("Create a timeline with initial events", format!("{NUM_EVENTS} events")),
-        |b| {
-            b.to_async(&runtime).iter(|| async {
-                let timeline = TimelineBuilder::new(&room)
-                    .track_read_marker_and_receipts(TimelineReadReceiptTracking::AllEvents)
-                    .build()
-                    .await
-                    .expect("Could not create timeline");
-
-                let (items, _) = timeline.subscribe().await;
-                assert_eq!(items.len(), 20);
-            });
-        },
-    );
-
-    group.finish();
-}
-
-criterion_group! {
-    name = room;
-    config = Criterion::default();
-    targets = create_timeline_with_initial_events
-}
-criterion_main!(room);
@@ -1,41 +0,0 @@
-## Introduction
-**matrix-rust-sdk** leverages [UniFFI](https://mozilla.github.io/uniffi-rs/) to generate bindings for host languages (eg. Swift and Kotlin).
-
-Rust code related with bindings live in the [matrix-rust-sdk/bindings](https://github.com/matrix-org/matrix-rust-sdk/tree/main/bindings) folder.
-
-Developers can expose Rust code to UniFFI using two different approaches:
- Using an `.udl` file. When a crate has one, you find it under the `src` folder (an example is [here](https://github.com/matrix-org/matrix-rust-sdk/blob/main/bindings/matrix-sdk-ffi/src/api.udl)).
- Add UniFFI directivies as Rust attributes. In this case Rust source files (`.rs`) contain attributes related to UniFFI (e.g. `#[uniffi::export]`). Attributes are preferred, where applicable.
- 
-
-## Expose Rust definitions to UniFFI
-
-### Check if the API is already on UniFFI
-
-First of all check if the Rust definition you are looking for exists on UniFFI already. Most of exposed matrix definitions are collected in the crate [matrix-sdk-ffi](https://github.com/matrix-org/matrix-rust-sdk/tree/main/bindings/matrix-sdk-ffi).
-This crate contains mainly small Rust wrappers around the actual Rust SDK (e.g. the crate [matrix-sdk](https://github.com/matrix-org/matrix-rust-sdk/tree/main/crates/matrix-sdk))
-
-If the Rust definition is on UniFFI already, you either:
- find it in a `.udl` file like [matrix-sdk-ffi/src/api.udl](https://github.com/matrix-org/matrix-rust-sdk/blob/main/bindings/matrix-sdk-ffi/src/api.udl)
- see it marked with a proper UniFFI Rust attribute like this `#[uniffi::export]`
-
-
-### Adding a missing matrix API
-
-1. Unless you want to contribute on the crypto side, you probably need to add some code in the [matrix-sdk-ffi](https://github.com/matrix-org/matrix-rust-sdk/tree/main/bindings/matrix-sdk-ffi) crate. After you find the crate you need to understand which file is best to contain the new Rust definition. When exposing new matrix API often (but not always) you need to touch the file [client.rs](https://github.com/matrix-org/matrix-rust-sdk/blob/main/bindings/matrix-sdk-ffi/src/client.rs)
-
-2. Identify the API to expose in the target Rust crate (typically in [matrix-sdk](https://github.com/matrix-org/matrix-rust-sdk/tree/main/crates/matrix-sdk). If you can’t find it, you probably need to touch the actual Rust SDK as well. In this case you typically just need to write some code around [ruma](https://github.com/ruma/ruma) (a Rust SDK’s dependency) which already implements most of the matrix protocol
-
-3. After you got (by finding or writing) the required Rust code, you need to expose to UniFFI. To do that just write a small Rust wrapper in the related UniFFI crate (most of the time is **matrix-sdk-ffi**) you found on step 1.
-
-4. When your new (wrapping) Rust definition is ready, remember to expose it to UniFFI.
-It’s best to do it using UniFFI Rust attributes (e.g. `#[uniffi::export]`). Otherwise add the new definition in the crate’s `.udl` file. For the **matrix-sdk-ffi** crate the definition file is [api.udl](https://github.com/matrix-org/matrix-rust-sdk/blob/main/bindings/matrix-sdk-ffi/src/api.udl). **Remember**: the language inside a `.udl` file isn’t Rust. To learn more about how map Rust into UDL read [here](https://mozilla.github.io/uniffi-rs/udl_file_spec.html)
-
-## FAQ
-
-**Q**: I wrote my Rust code and exposed it to UniFFI. How can I check if the compiler is happy?\
-**A**: Run `cargo build` in the crate you touched (e.g. matrix-sdk-ffi). The compiler will complain if the Rust code and/or the `.udl` is wrong.
-
-
-**Q**: The compiler is happy with my code but the CI is failing on GitHub. How can I fix it?\
-**A**: The CI may fail for different reasons, you need to have a look on the failing GitHub workflow. One common reason though is that the linter ([Clippy](https://github.com/rust-lang/rust-clippy)) isn’t happy with your code. If this is the case, you can run `cargo clippy` in the crate you touched to see what’s wrong and fix it accordingly.
@@ -5,26 +5,18 @@ maintained by the owners of the Matrix Rust SDK project.

 * [`apple`] or `matrix-rust-components-swift`, Swift bindings of the
  [`matrix-sdk`] crate via [`matrix-sdk-ffi`],
-* [`matrix-sdk-crypto-ffi`], UniFFI (Kotlin, Swift, Python, Ruby) bindings of the [`matrix-sdk-crypto`]
+* [`matrix-sdk-crypto-ffi`], bindings of the [`matrix-sdk-crypto`]
  crate,
-* [`matrix-sdk-ffi`], UniFFI bindings of the [`matrix-sdk`] crate.
-
-There are also external bindings in other repositories:
-
-* [`matrix-sdk-crypto-wasm`], JavaScript / WebAssembly bindings of the
+* [`matrix-sdk-crypto-js`], JavaScript bindings of the
  [`matrix-sdk-crypto`] crate,
 * [`matrix-sdk-crypto-nodejs`], Node.js bindings of the
-  [`matrix-sdk-crypto`] crate
+  [`matrix-sdk-crypto`] crate,
+* [`matrix-sdk-ffi`], bindings of the [`matrix-sdk`] crate,

 [`apple`]: ./apple
 [`matrix-sdk-crypto-ffi`]: ./matrix-sdk-crypto-ffi
+[`matrix-sdk-crypto-js`]: ../crates/matrix-sdk-crypto
+[`matrix-sdk-crypto-nodejs`]: ../crates/matrix-sdk-crypto
 [`matrix-sdk-crypto`]: ../crates/matrix-sdk-crypto
 [`matrix-sdk-ffi`]: ./matrix-sdk-ffi
 [`matrix-sdk`]: ../crates/matrix-sdk
-
-[`matrix-sdk-crypto-wasm`]: https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm
-[`matrix-sdk-crypto-nodejs`]: https://github.com/matrix-org/matrix-rust-sdk-crypto-nodejs
-
-## Contributing
-
-To contribute read this [guide](./CONTRIBUTING.md).
@@ -1,8 +0,0 @@
-// swift-tools-version:5.6
-
-// A package manifest for local development. This file will be copied
-// into the root of the repo when generating an XCFramework.
-
-import PackageDescription
-
-let package = Package()
@@ -1,25 +0,0 @@
-// swift-tools-version:5.7
-
-// A package manifest for local development. This file will be copied
-// into the root of the repo when generating an XCFramework.
-
-import PackageDescription
-
-let package = Package(
-    name: "MatrixRustSDK",
-    platforms: [
-        .iOS(.v16),
-        .macOS(.v12)
-    ],
-    products: [
-        .library(name: "MatrixRustSDK",
-                 type: .dynamic,
-                 targets: ["MatrixRustSDK"]),
-    ],
-    targets: [
-        .binaryTarget(name: "MatrixSDKFFI", path: "bindings/apple/generated/MatrixSDKFFI.xcframework"),
-        .target(name: "MatrixRustSDK",
-                dependencies: [.target(name: "MatrixSDKFFI")],
-                path: "bindings/apple/generated/swift")
-    ]
-)
@@ -1,21 +0,0 @@
-# Podspec file for local-development only, which points to local version of generated framework instead of github release
-# To use this, the file needs to be copied to the root of `matrix-rust-sdk` in order to have access to the source files.`
-Pod::Spec.new do |s|
-
-    s.name                  = "MatrixSDKCrypto"
-    s.version               = "0.4.1"
-    s.summary               = "Uniffi based bindings for the Rust SDK crypto crate."
-    s.homepage              = "https://github.com/matrix-org/matrix-rust-sdk"
-    s.license               = { :type => "Apache License, Version 2.0", :file => "LICENSE" }
-    s.author                = { "matrix.org" => "support@matrix.org" }
- 
-    s.ios.deployment_target = "13.0"
-    s.osx.deployment_target = "10.15"
-
-    s.swift_versions = ['5.1', '5.2']
-
-    s.source                = { :git => "Not Published", :tag => "Cocoapods/#{s.name}/#{s.version}" }
-    s.vendored_frameworks   = "generated/MatrixSDKCryptoFFI.xcframework"
-    s.source_files          = "generated/Sources/**/*.{swift}"
-    s.resources             = ["bindings/matrix-sdk-crypto-ffi/src/**/*.rs", "crates/matrix-sdk-crypto/src/**/*.rs"]
-end
@@ -1,16 +1,14 @@
 Pod::Spec.new do |s|

    s.name                  = "MatrixSDKCrypto"
-    s.version               = "0.4.1" # Version is only incremented manually and locally before pushing to CocoaPods
+    s.version               = "0.1.0"
    s.summary               = "Uniffi based bindings for the Rust SDK crypto crate."
    s.homepage              = "https://github.com/matrix-org/matrix-rust-sdk"
    s.license               = { :type => "Apache License, Version 2.0", :file => "LICENSE" }
    s.author                = { "matrix.org" => "support@matrix.org" }

-    s.ios.deployment_target = "13.0"
-    s.osx.deployment_target = "10.15"
-
-    s.swift_versions = ['5.1', '5.2']
+    s.ios.deployment_target = "11.0"
+    s.swift_versions = ['5.0']

    s.source                = { :http => "https://github.com/matrix-org/matrix-rust-sdk/releases/download/matrix-sdk-crypto-ffi-#{s.version}/MatrixSDKCryptoFFI.zip" }
    s.vendored_frameworks   = "MatrixSDKCryptoFFI.xcframework"
@@ -1,33 +1,21 @@
-// swift-tools-version: 5.7
+// swift-tools-version: 5.6
 // The swift-tools-version declares the minimum version of Swift required to build this package.

 import PackageDescription

 let package = Package(
    name: "MatrixRustSDK",
-    platforms: [
-        .iOS(.v16),
-        .macOS(.v12)
-    ],
+    platforms: [.iOS(.v15)],
    products: [
        .library(name: "MatrixRustSDK",
                 targets: ["MatrixRustSDK"]),
    ],
    targets: [
+        .binaryTarget(name: "MatrixSDKFFI", path: "generated/MatrixSDKFFI.xcframework"),
        .target(name: "MatrixRustSDK",
-                path: "generated/swift",
-                swiftSettings: [
-                    .unsafeFlags(["-I", "./generated/matrix_sdk_ffi"])
-                ]),
+                dependencies: [.target(name: "MatrixSDKFFI")],
+                path: "generated/swift"),
        .testTarget(name: "MatrixRustSDKTests",
-                    dependencies: ["MatrixRustSDK"],
-                    swiftSettings: [
-                        .unsafeFlags(["-I", "./generated/matrix_sdk_ffi"])
-                    ],
-                    linkerSettings: [
-                        .linkedLibrary("matrix_sdk_ffi", .when(platforms: [.macOS])),
-                        .linkedLibrary("matrix_sdk_ffiFFI", .when(platforms: [.linux])),
-                        .unsafeFlags(["-L./generated/matrix_sdk_ffi"])
-                    ])
+                    dependencies: ["MatrixRustSDK"]),
    ]
 )
@@ -2,37 +2,32 @@

 This project and build script demonstrate how to create an XCFramework that can be imported into an Xcode project and run on Apple platforms. It can compile and bundle an [entire SDK](#Building-the-SDK), or only a smaller [Crypto module](#Building-only-the-Crypto-SDK) that provides end-to-end encryption for clients that already depend on an SDK (e.g. [Matrix iOS SDK](https://github.com/matrix-org/matrix-ios-sdk))

-## Building
+## Prerequisites for building universal frameworks

-### Prerequisites for building universal frameworks
+* the Rust toolchain
+* UniFFI - `cargo install uniffi_bindgen`
+* Apple targets (e.g. `rustup target add aarch64-apple-ios`)
+* `xcodebuild` command line tool from [Apple](https://developer.apple.com/library/archive/technotes/tn2339/_index.html)
+* `lipo` for creating the fat static libs

- the Rust toolchain
- Apple targets (e.g. `rustup target add aarch64-apple-ios aarch64-apple-ios-sim x86_64-apple-ios aarch64-apple-darwin x86_64-apple-darwin`)
- `xcodebuild` command line tool from [Apple](https://developer.apple.com/library/archive/technotes/tn2339/_index.html)
- `lipo` for creating the fat static libs
-
-### Building the SDK
+## Building the SDK

 ```
-cargo xtask swift build-framework
+sh build_xcframework.sh
 ```

-The `build-framework` task will go through all the steps required to generate a fully usable `.xcframework`:
+The `build_xcframework.sh` script will go through all the steps required to generate a fully usable `.xcframework`:

-1. compile `matrix-sdk-ffi` libraries for iOS, the iOS simulator and macOS under `/target`. Some targets are not part of the standard library and they will be built using the nightly toolchain.
+1. compile `matrix-sdk-ffi` libraries for iOS, the iOS simulator, MacOS, and Mac Catalyst under `/target`. Some targets are not part of the standard library and they will be built using the nightly toolchain. 
 2. `lipo` together the libraries for the same platform under `/generated`
 3. run `uniffi` and generate the C header, module map and swift files
 4. `xcodebuild` an `xcframework` from the fat static libs and the original iOS one, and add the header and module map to it under `generated/MatrixSDKFFI.xcframework`
 5. cleanup and delete the generated files except the .xcframework and the swift sources (that aren't part of the framework)

-For development purposes, it will additionally generate a `Package.swift` file in the root of the repo that can be used to add the framework to your project and enable debugging through the use of [rust-xcode-plugin](https://github.com/BrainiumLLC/rust-xcode-plugin) (make sure to run the task with the argument `--profile=reldbg`).
-
-When building the SDK for release you should pass the `--release` argument to the task, which will strip away any symbols and optimise the created binary.
-
-### Building only the Crypto SDK
+## Building only the Crypto SDK

 ```
-build_crypto_xcframework.sh
+sh build_crypto_xcframework.sh
 ```

 The `build_crypto_xcframework.sh` script will go through all the steps required to generate a fully usable `.xcframework`:
@@ -43,31 +38,16 @@ The `build_crypto_xcframework.sh` script will go through all the steps required
 4. `xcodebuild` an `xcframework` from the fat static libs and the original iOS one, and add the header and module map to it under `generated/MatrixSDKCryptoFFI.xcframework`
 5. cleanup and delete the generated files except the .xcframework and the swift sources (that aren't part of the framework)

-### Building & testing the Swift package
+## Running the Xcode project

-The `Package.swift` file in this directory provides a simple example on how to integrate everything together but also a place to run unit and integration tests from.
+The Xcode project is meant to provide a simple example on how to integrate everything together but also a place to run unit and integration tests from.

-It's pre-configured to link to the generated static lib and .swift files so successfully running `cargo xtask swift build-library` first is necessary for it to compile. Afterwards you can execute the tests with `swift test`. Note that for the moment this only works on macOS but we're planning to add Linux support in the future.
+It's pre-configured to link to the generated .xcframework and .swift files so successfully running the script first is necessary for it to compile.
+
+It makes the compiled code available to swift by importing the C header through its bridging header.
+
+Once all the generated components are available running it should be as easy as choosing a platform and clicking run.

 ## Distribution

-The generated framework and Swift code can be distributed and integrated directly but in order to make things simpler we bundle them together as a [Swift package](https://github.com/matrix-org/matrix-rust-components-swift/) in the case of SDK, and as a CocoaPods podspec in the case of Crypto SDK.
-
-### Publishing MatrixSDKCrypto
-
-1. Navigate into `bindings/apple` and run [`build_crypto_xcframework.sh`](#building-only-the-crypto-sdk) script which generates a .zip file with the framework in `./generated` folder
-
-   Note that whilst you can run this command from any git branch, if you want to make a public release, ensure you are building from latest `main`
-
-2. Tag the commit you just used to build the release and push the tag to GitHub
-
-   Use `matrix-sdk-crypto-ffi-<major>.<minor>.<patch>` tag name
-
-3. Create a new [GitHub release](https://github.com/matrix-org/matrix-rust-sdk/releases) using this tag (see [example](https://github.com/matrix-org/matrix-rust-sdk/releases/tag/matrix-sdk-crypto-ffi-0.3.4))
-4. Upload the previously generated .zip file to this release
-5. Increment the version in [`MatrixSDKCrypto.podspec`](./MatrixSDKCrypto.podspec)
-
-   Note that this is not automated and is a local-only change. To determine the most recent published version, run `pod repo update && pod search MatrixSDKCrypto`
-   or check git tags via `git tag | grep matrix-sdk-crypto-ffi`
-
-6. Push new Podspec version to Cocoapods via `pod trunk push MatrixSDKCrypto.podspec --allow-warnings`
+The generated framework and Swift code can be distributed and integrated directly but in order to make things simpler we bundle them together as a Swift package available [TBD](here) in the case of SDK, and as CocoaPods podspec in the case of Crypto SDK.
@@ -2,35 +2,34 @@ import XCTest
@testable import MatrixRustSDK

 final class ClientTests: XCTestCase {
-    func testBuildingWithHomeserverURL() async {
+    func testBuildingWithHomeserverURL() {
        do {
-            _ = try await ClientBuilder()
+            _ = try ClientBuilder()
                .homeserverUrl(url: "https://localhost:8008")
                .build()
        } catch {
            XCTFail("The client should build successfully when given a homeserver.")
        }
    }
-
-    func testBuildingWithHomeserverURLAndUserAgent() async {
+    
+    func testBuildingWithUsername() {
        do {
-            _ = try await ClientBuilder()
-                .homeserverUrl(url: "https://localhost:8008")
-                .userAgent(userAgent: "golden-eye/007")
+            _ = try ClientBuilder()
+                .username(username: "@test:matrix.org")
                .build()
        } catch {
-            XCTFail("The client should build successfully when given a homeserver and user agent.")
+            XCTFail("The client should build successfully when given a username.")
        }
    }
    
-    func testBuildingWithInvalidUsername() async {
+    func testBuildingWithInvalidUsername() {
        do {
-            _ = try await ClientBuilder()
+            _ = try ClientBuilder()
                .username(username: "@test:invalid")
                .build()
            
            XCTFail("The client should not build when given an invalid username.")
-        } catch ClientBuildError.ServerUnreachable(let message) {
+        } catch ClientError.Generic(let message) {
            XCTAssertTrue(message.contains(".well-known"), "The client should fail to do the well-known lookup.")
        } catch {
            XCTFail("Not expecting any other kind of exception")
@@ -1,22 +1,6 @@
 #!/usr/bin/env bash
 set -eEu

-helpFunction() {
-  echo ""
-  echo "Usage: $0 -only_ios"
-  echo -e "\t-i Option to build only for iOS. Default will build for all targets."
-  exit 1
-}
-
-only_ios='false'
-
-while getopts ':i' 'opt'; do
-  case ${opt} in
-  'i') only_ios='true' ;;
-  ?) helpFunction ;;
-  esac
-done
-
 cd "$(dirname "$0")"

 # Path to the repo root
@@ -26,7 +10,7 @@ TARGET_DIR="${SRC_ROOT}/target"

 GENERATED_DIR="${SRC_ROOT}/generated"
 if [ -d "${GENERATED_DIR}" ]; then rm -rf "${GENERATED_DIR}"; fi
-mkdir -p ${GENERATED_DIR}/{macos,simulator}
+mkdir -p ${GENERATED_DIR}

 REL_FLAG="--release"
 REL_TYPE_DIR="release"
@@ -35,66 +19,31 @@ TARGET_CRATE=matrix-sdk-crypto-ffi

 # Build static libs for all the different architectures

-# Required by olm-sys crate
-export IOS_SDK_PATH=`xcrun --show-sdk-path --sdk iphoneos`
+# iOS
+cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "aarch64-apple-ios"

-if ${only_ios}; then
-  # iOS
-  echo -e "Building only for iOS"
-  cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "aarch64-apple-ios"
-else
-  # iOS
-  echo -e "Building for iOS [1/5]"
-  cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "aarch64-apple-ios"
+# iOS Simulator
+cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "aarch64-apple-ios-sim"
+cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "x86_64-apple-ios"

-  # MacOS
-  echo -e "\nBuilding for macOS (Apple Silicon) [2/5]"
-  cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "aarch64-apple-darwin"
-  echo -e "\nBuilding for macOS (Intel) [3/5]"
-  cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "x86_64-apple-darwin"
-
-  # iOS Simulator
-  echo -e "\nBuilding for iOS Simulator (Apple Silicon) [4/5]"
-  cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "aarch64-apple-ios-sim"
-  echo -e "\nBuilding for iOS Simulator (Intel) [5/5]"
-  cargo build -p ${TARGET_CRATE} ${REL_FLAG} --target "x86_64-apple-ios"
-fi
-
-echo -e "\nCreating XCFramework"
 # Lipo together the libraries for the same platform

-if ! ${only_ios}; then
-  echo "Lipo together the libraries for the same platform"
-  # MacOS
-  lipo -create \
-    "${TARGET_DIR}/x86_64-apple-darwin/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-    "${TARGET_DIR}/aarch64-apple-darwin/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-    -output "${GENERATED_DIR}/macos/libmatrix_sdk_crypto_ffi.a"
-
-  # iOS Simulator
-  lipo -create \
-    "${TARGET_DIR}/x86_64-apple-ios/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-    "${TARGET_DIR}/aarch64-apple-ios-sim/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-    -output "${GENERATED_DIR}/simulator/libmatrix_sdk_crypto_ffi.a"
-fi
+# iOS Simulator
+lipo -create \
+  "${TARGET_DIR}/x86_64-apple-ios/${REL_TYPE_DIR}/libmatrix_crypto_ffi.a" \
+  "${TARGET_DIR}/aarch64-apple-ios-sim/${REL_TYPE_DIR}/libmatrix_crypto_ffi.a" \
+  -output "${GENERATED_DIR}/libmatrix_crypto_ffi.a"

 # Generate uniffi files
-cd ../matrix-sdk-crypto-ffi && cargo run --bin matrix_sdk_crypto_ffi generate \
-  --language swift \
-  --library "${TARGET_DIR}/aarch64-apple-ios/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-  --out-dir ${GENERATED_DIR}
+uniffi-bindgen generate "${SRC_ROOT}/bindings/${TARGET_CRATE}/src/olm.udl" --language swift --config "${SRC_ROOT}/bindings/${TARGET_CRATE}/uniffi.toml" --out-dir ${GENERATED_DIR}

 # Move headers to the right place
 HEADERS_DIR=${GENERATED_DIR}/headers
 mkdir -p ${HEADERS_DIR}
 mv ${GENERATED_DIR}/*.h ${HEADERS_DIR}

-# Rename and merge the modulemap files into a single file to the right place
-for f in ${GENERATED_DIR}/*.modulemap
-do 
-  cat $f; echo; 
-done > ${HEADERS_DIR}/module.modulemap
-rm ${GENERATED_DIR}/*.modulemap
+# Rename and move modulemap to the right place
+mv ${GENERATED_DIR}/*.modulemap ${HEADERS_DIR}/module.modulemap

 # Move source files to the right place
 SWIFT_DIR="${GENERATED_DIR}/Sources"
@@ -104,31 +53,21 @@ mv ${GENERATED_DIR}/*.swift ${SWIFT_DIR}
 # Build the xcframework

 if [ -d "${GENERATED_DIR}/MatrixSDKCryptoFFI.xcframework" ]; then rm -rf "${GENERATED_DIR}/MatrixSDKCryptoFFI.xcframework"; fi
-if ${only_ios}; then
-  xcodebuild -create-xcframework \
-    -library "${TARGET_DIR}/aarch64-apple-ios/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-    -headers ${HEADERS_DIR} \
-    -output "${GENERATED_DIR}/MatrixSDKCryptoFFI.xcframework"
-else
-  xcodebuild -create-xcframework \
-    -library "${TARGET_DIR}/aarch64-apple-ios/${REL_TYPE_DIR}/libmatrix_sdk_crypto_ffi.a" \
-    -headers ${HEADERS_DIR} \
-    -library "${GENERATED_DIR}/macos/libmatrix_sdk_crypto_ffi.a" \
-    -headers ${HEADERS_DIR} \
-    -library "${GENERATED_DIR}/simulator/libmatrix_sdk_crypto_ffi.a" \
-    -headers ${HEADERS_DIR} \
-    -output "${GENERATED_DIR}/MatrixSDKCryptoFFI.xcframework"
-fi
+
+xcodebuild -create-xcframework \
+  -library "${TARGET_DIR}/aarch64-apple-ios/${REL_TYPE_DIR}/libmatrix_crypto_ffi.a" \
+  -headers ${HEADERS_DIR} \
+  -library "${GENERATED_DIR}/libmatrix_crypto_ffi.a" \
+  -headers ${HEADERS_DIR} \
+  -output "${GENERATED_DIR}/MatrixSDKCryptoFFI.xcframework"

 # Cleanup
-if [ -d "${GENERATED_DIR}/macos" ]; then rm -rf "${GENERATED_DIR}/macos"; fi
-if [ -d "${GENERATED_DIR}/simulator" ]; then rm -rf "${GENERATED_DIR}/simulator"; fi
+
+if [ -f "${TARGET_DIR}/aarch64-apple-ios-sim/${REL_TYPE_DIR}/libmatrix_crypto_ffi.a" ]; then rm -rf "${TARGET_DIR}/aarch64-apple-ios-sim/${REL_TYPE_DIR}/libmatrix_crypto_ffi.a"; fi
+if [ -f "${GENERATED_DIR}/libmatrix_crypto_ffi.a" ]; then rm -rf "${GENERATED_DIR}/libmatrix_crypto_ffi.a"; fi
 if [ -d ${HEADERS_DIR} ]; then rm -rf ${HEADERS_DIR}; fi

 # Zip up framework, sources and LICENSE, ready to be uploaded to GitHub Releases and used by MatrixSDKCrypto.podspec
 cp ${SRC_ROOT}/LICENSE $GENERATED_DIR
 cd $GENERATED_DIR
 zip -r MatrixSDKCryptoFFI.zip MatrixSDKCryptoFFI.xcframework Sources LICENSE
-rm LICENSE
-
-echo "XCFramework is ready 🚀"
@@ -0,0 +1,90 @@
+#!/usr/bin/env bash
+set -eEu
+
+cd "$(dirname "$0")"
+
+# Path to the repo root
+SRC_ROOT=../..
+
+TARGET_DIR="${SRC_ROOT}/target"
+
+GENERATED_DIR="${SRC_ROOT}/generated"
+mkdir -p ${GENERATED_DIR}
+
+REL_FLAG="--release"
+REL_TYPE_DIR="release"
+
+# Build static libs for all the different architectures
+
+# iOS
+echo -e "Building for iOS [1/5]"
+cargo build -p matrix-sdk-ffi ${REL_FLAG} --target "aarch64-apple-ios"
+
+# MacOS
+echo -e "\nBuilding for macOS (Apple Silicon) [2/5]"
+cargo build -p matrix-sdk-ffi ${REL_FLAG} --target "aarch64-apple-darwin"
+echo -e "\nBuilding for macOS (Intel) [3/5]"
+cargo build -p matrix-sdk-ffi ${REL_FLAG} --target "x86_64-apple-darwin"
+
+# iOS Simulator
+echo -e "\nBuilding for iOS Simulator (Apple Silicon) [4/5]"
+cargo build -p matrix-sdk-ffi ${REL_FLAG} --target "aarch64-apple-ios-sim"
+echo -e "\nBuilding for iOS Simulator (Intel) [5/5]"
+cargo build -p matrix-sdk-ffi ${REL_FLAG} --target "x86_64-apple-ios"
+
+echo -e "\nCreating XCFramework"
+# Lipo together the libraries for the same platform
+
+# MacOS
+lipo -create \
+  "${TARGET_DIR}/x86_64-apple-darwin/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  "${TARGET_DIR}/aarch64-apple-darwin/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  -output "${GENERATED_DIR}/libmatrix_sdk_ffi_macos.a"
+
+# iOS Simulator
+lipo -create \
+  "${TARGET_DIR}/x86_64-apple-ios/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  "${TARGET_DIR}/aarch64-apple-ios-sim/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  -output "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a"
+
+
+# Generate uniffi files
+# Architecture for the .a file argument doesn't matter, since the API is the same on all
+uniffi-bindgen generate \
+  --language swift \
+  --lib-file "${TARGET_DIR}/x86_64-apple-darwin/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  --out-dir ${GENERATED_DIR} \
+  "${SRC_ROOT}/bindings/matrix-sdk-ffi/src/api.udl"
+
+# Move them to the right place
+HEADERS_DIR=${GENERATED_DIR}/headers
+mkdir -p ${HEADERS_DIR}
+
+mv ${GENERATED_DIR}/*.h ${HEADERS_DIR}
+
+# Rename and move modulemap to the right place
+mv ${GENERATED_DIR}/*.modulemap ${HEADERS_DIR}/module.modulemap
+
+SWIFT_DIR="${GENERATED_DIR}/swift"
+mkdir -p ${SWIFT_DIR}
+
+mv ${GENERATED_DIR}/*.swift ${SWIFT_DIR}
+
+# Build the xcframework
+
+if [ -d "${GENERATED_DIR}/MatrixSDKFFI.xcframework" ]; then rm -rf "${GENERATED_DIR}/MatrixSDKFFI.xcframework"; fi
+
+xcodebuild -create-xcframework \
+  -library "${GENERATED_DIR}/libmatrix_sdk_ffi_macos.a" \
+  -headers ${HEADERS_DIR} \
+  -library "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a" \
+  -headers ${HEADERS_DIR} \
+  -library "${TARGET_DIR}/aarch64-apple-ios/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  -headers ${HEADERS_DIR} \
+  -output "${GENERATED_DIR}/MatrixSDKFFI.xcframework"
+
+# Cleanup
+
+if [ -f "${GENERATED_DIR}/libmatrix_sdk_ffi_macos.a" ]; then rm -rf "${GENERATED_DIR}/libmatrix_sdk_ffi_macos.a"; fi
+if [ -f "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a" ]; then rm -rf "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a"; fi
+if [ -d ${HEADERS_DIR} ]; then rm -rf ${HEADERS_DIR}; fi
@@ -0,0 +1,90 @@
+#!/usr/bin/env bash
+set -eEu
+
+cd "$(dirname "$0")"
+
+IS_CI=false
+ACTIVE_ARCH="arm64"
+
+if [ $# -eq 2 ]; then
+  echo "Running CI build"
+  IS_CI=true
+  ARCHS=( $1 )
+  ACTIVE_ARCH=${ARCHS[0]}
+elif [ $# -eq 1 ]; then
+  echo "Running debug build"
+  ARCHS=( $1 )
+  ACTIVE_ARCH=${ARCHS[0]}
+else
+  echo "Running debug build"
+fi
+
+echo "Active architecture ${ACTIVE_ARCH}"
+
+# Path to the repo root
+SRC_ROOT=../..
+
+TARGET_DIR="${SRC_ROOT}/target"
+
+GENERATED_DIR="${SRC_ROOT}/bindings/apple/generated"
+mkdir -p ${GENERATED_DIR}
+
+REL_FLAG=""
+REL_TYPE_DIR="debug"
+
+# iOS Simulator arm64
+if [ "$ACTIVE_ARCH" = "arm64" ]; then
+  TARGET="aarch64-apple-ios-sim"
+# iOS Simulator intel
+else
+  TARGET="x86_64-apple-ios"
+fi
+
+cargo build -p matrix-sdk-ffi ${REL_FLAG} --target "$TARGET"
+
+lipo -create \
+  "${TARGET_DIR}/$TARGET/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  -output "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a"
+
+# Generate uniffi files
+uniffi-bindgen generate \
+  --language swift \
+  --lib-file "${TARGET_DIR}/$TARGET/${REL_TYPE_DIR}/libmatrix_sdk_ffi.a" \
+  --out-dir ${GENERATED_DIR} \
+  "${SRC_ROOT}/bindings/matrix-sdk-ffi/src/api.udl"
+
+# Move them to the right place
+HEADERS_DIR=${GENERATED_DIR}/headers
+mkdir -p ${HEADERS_DIR}
+
+mv ${GENERATED_DIR}/*.h ${HEADERS_DIR}
+
+# Rename and move modulemap to the right place
+mv ${GENERATED_DIR}/*.modulemap ${HEADERS_DIR}/module.modulemap
+
+SWIFT_DIR="${GENERATED_DIR}/swift"
+mkdir -p ${SWIFT_DIR}
+
+mv ${GENERATED_DIR}/*.swift ${SWIFT_DIR}
+
+# Build the xcframework
+
+if [ -d "${GENERATED_DIR}/MatrixSDKFFI.xcframework" ]; then rm -rf "${GENERATED_DIR}/MatrixSDKFFI.xcframework"; fi
+
+xcodebuild -create-xcframework \
+  -library "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a" \
+  -headers ${HEADERS_DIR} \
+  -output "${GENERATED_DIR}/MatrixSDKFFI.xcframework"
+
+# Cleanup
+
+if [ -f "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a" ]; then rm -rf "${GENERATED_DIR}/libmatrix_sdk_ffi_iossimulator.a"; fi
+if [ -d ${HEADERS_DIR} ]; then rm -rf ${HEADERS_DIR}; fi
+
+if [ "$IS_CI" = false ] ; then
+  echo "Preparing matrix-rust-components-swift"
+
+  # Debug -> Copy generated files over to ../../../matrix-rust-components-swift
+  rsync -a --delete "${GENERATED_DIR}/MatrixSDKFFI.xcframework" "${SRC_ROOT}/../matrix-rust-components-swift/"
+  rsync -a --delete "${GENERATED_DIR}/swift/" "${SRC_ROOT}/../matrix-rust-components-swift/Sources/MatrixRustSDK"
+fi
@@ -2,77 +2,64 @@
 name = "matrix-sdk-crypto-ffi"
 version = "0.1.0"
 authors = ["Damir Jelić <poljar@termina.org.uk>"]
-edition = "2024"
-rust-version.workspace = true
+edition = "2021"
+rust-version = "1.60"
 description = "Uniffi based bindings for the Rust SDK crypto crate"
 repository = "https://github.com/matrix-org/matrix-rust-sdk"
 license = "Apache-2.0"
 publish = false

-[package.metadata.release]
-release = false
-
 [lib]
 crate-type = ["cdylib", "staticlib"]
-
-[[bin]]
-name = "matrix_sdk_crypto_ffi"
-path = "uniffi-bindgen.rs"
-
-[features]
-default = ["bundled-sqlite"]
-bundled-sqlite = ["matrix-sdk-sqlite/bundled"]
-
-# Enable experimental support for encrypting state events; see
-# https://github.com/matrix-org/matrix-rust-sdk/issues/5397.
-experimental-encrypted-state-events = [
-    "matrix-sdk-crypto/experimental-encrypted-state-events",
-]
+name = "matrix_crypto_ffi"

 [dependencies]
-anyhow.workspace = true
-futures-util.workspace = true
-hmac.workspace = true
-http.workspace = true
-matrix-sdk-common = { workspace = true, features = ["uniffi"] }
-matrix-sdk-ffi-macros.workspace = true
-pbkdf2.workspace = true
-rand.workspace = true
-ruma.workspace = true
-serde.workspace = true
-serde_json.workspace = true
-sha2.workspace = true
-thiserror.workspace = true
-tracing-subscriber = { workspace = true, features = ["env-filter"] }
+anyhow = "1.0.57"
+base64 = "0.13.0"
+hmac = "0.12.1"
+http = "0.2.6"
+pbkdf2 = "0.11.0"
+rand = "0.8.5"
+ruma = { version = "0.7.0", features = ["client-api-c"] }
+serde = "1.0.136"
+serde_json = "1.0.79"
+sha2 = "0.10.2"
+thiserror = "1.0.30"
+tracing = "0.1.34"
+tracing-subscriber = { version = "0.3.11", features = ["env-filter"] }
 # keep in sync with uniffi dependency in matrix-sdk-ffi, and uniffi_bindgen in ffi CI job
-uniffi = { workspace = true, features = ["cli"] }
-vodozemac.workspace = true
-zeroize = { workspace = true, features = ["zeroize_derive"] }
+uniffi = { git = "https://github.com/mozilla/uniffi-rs", rev = "091c3561656e72e1a4160412c83b36d98e556d06" }
+zeroize = { version = "1.3.0", features = ["zeroize_derive"] }

 [dependencies.js_int]
 version = "0.2.2"
-default-features = false
 features = ["lax_deserialize"]

-[dependencies.matrix-sdk-crypto]
-workspace = true
-features = ["qrcode", "automatic-room-key-forwarding", "uniffi"]
+[dependencies.matrix-sdk-common]
+path = "../../crates/matrix-sdk-common"
+version = "0.6.0"

-[dependencies.matrix-sdk-sqlite]
-workspace = true
+[dependencies.matrix-sdk-crypto]
+path = "../../crates/matrix-sdk-crypto"
+version = "0.6.0"
+features = ["qrcode", "backups_v1"]
+
+[dependencies.matrix-sdk-sled]
+path = "../../crates/matrix-sdk-sled"
+version = "0.2.0"
+default_features = false
 features = ["crypto-store"]

 [dependencies.tokio]
-workspace = true
+version = "1.17.0"
+default_features = false
 features = ["rt-multi-thread"]

+[dependencies.vodozemac]
+version = "0.3.0"
+
 [build-dependencies]
-uniffi = { workspace = true, default-features = false, features = ["build"] }
-vergen-gitcl = { workspace = true, default-features = false, features = ["build"] }
+uniffi_build = { git = "https://github.com/mozilla/uniffi-rs", rev = "091c3561656e72e1a4160412c83b36d98e556d06", features = ["builtin-bindgen"] }

 [dev-dependencies]
-assert_matches2.workspace = true
-tempfile.workspace = true
-
-[lints]
-workspace = true
+tempfile = "3.3.0"
@@ -5,8 +5,6 @@ README mainly describes how to build and integrate the bindings into a Kotlin
 based Android project, but the Android specific bits can be skipped if you are
 targeting an x86 Linux project.

-To build and distribute bindings for iOS projects, see a [dedicated page](../apple/README.md)
-
 ## Prerequisites

 ### Rust
@@ -33,22 +31,15 @@ Rust supports many different [targets], you'll have to make sure to pick the
 right one for your device or emulator.

 After this is done, we'll have to configure [Cargo] to use the correct linker
-for our target, by providing the Cargo setting of
-[target.<triple>.linker](https://doc.rust-lang.org/cargo/reference/config.html#targettriplelinker)
-with a value of the path to an appropriate linker in your NDK installation.
-
-This may be set through an environment variable:
-
-```
-$ export CARGO_TARGET_AARCH64_LINUX_ANDROID_LINKER="<path-to-ndk-installation>/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android30-clang"
-```
-
-Alternatively, it may be set in the `.cargo/config.toml` file in the current directory,
-any parent directory, or your home directory:
+for our target. Cargo is configured using a TOML file that will be found in
+`%USERPROFILE%\.cargo\config.toml` on Windows or `$HOME/.cargo/config` on Unix
+platforms. More details and configuration options for Cargo can be found in the
+official docs over [here](https://doc.rust-lang.org/cargo/reference/config.html).

 ```
 [target.aarch64-linux-android]
-linker = "<path-to-ndk-installation>/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android30-clang"
+ar = "NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64/bin/ar"
+linker = "NDK_HOME/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android30-clang"
 ```

 ## Building
@@ -58,13 +49,7 @@ we'll need to set the `ANDROID_NDK` environment variable to the location of our
 Android NDK installation.

 ```
-$ export ANDROID_NDK=$HOME/Android/Sdk/ndk/<some-installed-version>
-```
-
-Also, include the NDK tools directory in your `PATH`:
-
-```
-$ export PATH="$ANDROID_NDK/toolchains/llvm/prebuilt/linux-x86_64/bin:$PATH"
+$ export ANDROID_NDK=$HOME/Android/Sdk/ndk/22.0.7026061/
 ```

 ### Building for a target
@@ -75,16 +60,19 @@ The bindings can built for the `aarch64` target with:
 $ cargo build --target aarch64-linux-android
 ```

-After that, a dynamic library can be found in the `target/aarch64-linux-android/debug` directory,
-under the repository root directory.
-The library will be called `libmatrix_sdk_crypto_ffi.so` and needs to be renamed and
+After that, a dynamic library can be found in the `target/aarch64-linux-android/debug` directory.
+The library will be called `libmatrix_crypto.so` and needs to be renamed and
 copied into the `jniLibs` directory of your Android project, for Element Android:

 ```
-$ cp ../../target/aarch64-linux-android/debug/libmatrix_sdk_crypto_ffi.so \
+$ cp ../../target/aarch64-linux-android/debug/libmatrix_crypto.so \
     /home/example/matrix-sdk-android/src/main/jniLibs/aarch64/libuniffi_olm.so
 ```

+## Minimum Supported Rust Version (MSRV)
+
+These crates are built with the Rust language version 2021 and require a minimum compiler version of `1.60`.
+
 ## License

 [Apache-2.0](https://www.apache.org/licenses/LICENSE-2.0)
@@ -1,66 +1,3 @@
-use std::{
-    env,
-    error::Error,
-    path::{Path, PathBuf},
-    process::Command,
-};
-
-use vergen_gitcl::{Emitter, GitclBuilder};
-
-/// Adds a temporary workaround for an issue with the Rust compiler and Android
-/// in x86_64 devices: https://github.com/rust-lang/rust/issues/109717.
-/// The workaround is based on: https://github.com/mozilla/application-services/pull/5442
-///
-/// IMPORTANT: if you modify this, make sure to modify
-/// [../matrix-sdk-ffi/build.rs] too!
-fn setup_x86_64_android_workaround() {
-    let target_os = env::var("CARGO_CFG_TARGET_OS").expect("CARGO_CFG_TARGET_OS not set");
-    let target_arch = env::var("CARGO_CFG_TARGET_ARCH").expect("CARGO_CFG_TARGET_ARCH not set");
-    if target_arch == "x86_64" && target_os == "android" {
-        // Configure rust to statically link against the `libclang_rt.builtins` supplied
-        // with clang.
-
-        // cargo-ndk sets CC_x86_64-linux-android to the path to `clang`, within the
-        // Android NDK.
-        let clang_path = PathBuf::from(
-            env::var("CC_x86_64-linux-android").expect("CC_x86_64-linux-android not set"),
-        );
-
-        // clang_path should now look something like
-        // `.../sdk/ndk/28.0.12674087/toolchains/llvm/prebuilt/linux-x86_64/bin/clang`.
-        // We strip `/bin/clang` from the end to get the toolchain path.
-        let toolchain_path = clang_path
-            .ancestors()
-            .nth(2)
-            .expect("could not find NDK toolchain path")
-            .to_str()
-            .expect("NDK toolchain path is not valid UTF-8");
-
-        let clang_version = get_clang_major_version(&clang_path);
-
-        println!("cargo:rustc-link-search={toolchain_path}/lib/clang/{clang_version}/lib/linux/");
-        println!("cargo:rustc-link-lib=static=clang_rt.builtins-x86_64-android");
-    }
-}
-
-/// Run the clang binary at `clang_path`, and return its major version number
-fn get_clang_major_version(clang_path: &Path) -> String {
-    let clang_output =
-        Command::new(clang_path).arg("-dumpversion").output().expect("failed to start clang");
-
-    if !clang_output.status.success() {
-        panic!("failed to run clang: {}", String::from_utf8_lossy(&clang_output.stderr));
-    }
-
-    let clang_version = String::from_utf8(clang_output.stdout).expect("clang output is not utf8");
-    clang_version.split('.').next().expect("could not parse clang output").to_owned()
-}
-
-fn main() -> Result<(), Box<dyn Error>> {
-    setup_x86_64_android_workaround();
-
-    let git_config = GitclBuilder::default().sha(true).describe(true, false, None).build()?;
-    Emitter::default().add_instructions(&git_config)?.emit()?;
-
-    Ok(())
+fn main() {
+    uniffi_build::generate_scaffolding("./src/olm.udl").unwrap();
 }
@@ -1,35 +1,32 @@
-use std::{collections::HashMap, iter, ops::DerefMut, sync::Arc};
+use std::{collections::HashMap, iter, ops::DerefMut};

 use hmac::Hmac;
 use matrix_sdk_crypto::{
-    backups::DecryptionError,
-    store::{CryptoStoreError as InnerStoreError, types::BackupDecryptionKey},
+    backups::OlmPkDecryptionError,
+    store::{CryptoStoreError as InnerStoreError, RecoveryKey},
 };
 use pbkdf2::pbkdf2;
-use rand::{RngExt, distr::Alphanumeric, rng};
+use rand::{distributions::Alphanumeric, thread_rng, Rng};
 use sha2::Sha512;
 use thiserror::Error;
 use zeroize::Zeroize;

 /// The private part of the backup key, the one used for recovery.
-#[derive(uniffi::Object)]
 pub struct BackupRecoveryKey {
-    pub(crate) inner: BackupDecryptionKey,
+    pub(crate) inner: RecoveryKey,
    pub(crate) passphrase_info: Option<PassphraseInfo>,
 }

 /// Error type for the decryption of backed up room keys.
-#[derive(Debug, Error, uniffi::Error)]
-#[uniffi(flat_error)]
+#[derive(Debug, Error)]
 pub enum PkDecryptionError {
    /// An internal libolm error happened during decryption.
    #[error("Error decryption a PkMessage {0}")]
-    Olm(#[from] DecryptionError),
+    Olm(#[from] OlmPkDecryptionError),
 }

 /// Error type for the decoding and storing of the backup key.
-#[derive(Debug, Error, uniffi::Error)]
-#[uniffi(flat_error)]
+#[derive(Debug, Error)]
 pub enum DecodeError {
    /// An error happened while decoding the recovery key.
    #[error(transparent)]
@@ -42,7 +39,7 @@ pub enum DecodeError {

 /// Struct containing info about the way the backup key got derived from a
 /// passphrase.
-#[derive(Debug, Clone, uniffi::Record)]
+#[derive(Debug, Clone)]
 pub struct PassphraseInfo {
    /// The salt that was used during key derivation.
    pub private_key_salt: String,
@@ -51,7 +48,6 @@ pub struct PassphraseInfo {
 }

 /// The public part of the backup key.
-#[derive(uniffi::Record)]
 pub struct MegolmV1BackupKey {
    /// The actual base64 encoded public key.
    pub public_key: String,
@@ -67,33 +63,30 @@ impl BackupRecoveryKey {
    const KEY_SIZE: usize = 32;
    const SALT_SIZE: usize = 32;
    const PBKDF_ROUNDS: i32 = 500_000;
-}

-#[matrix_sdk_ffi_macros::export]
-impl BackupRecoveryKey {
    /// Create a new random [`BackupRecoveryKey`].
    #[allow(clippy::new_without_default)]
-    #[uniffi::constructor]
-    pub fn new() -> Arc<Self> {
-        Arc::new(Self { inner: BackupDecryptionKey::new(), passphrase_info: None })
+    pub fn new() -> Self {
+        Self {
+            inner: RecoveryKey::new()
+                .expect("Can't gather enough randomness to create a recovery key"),
+            passphrase_info: None,
+        }
    }

    /// Try to create a [`BackupRecoveryKey`] from a base 64 encoded string.
-    #[uniffi::constructor]
-    pub fn from_base64(key: String) -> Result<Arc<Self>, DecodeError> {
-        Ok(Arc::new(Self { inner: BackupDecryptionKey::from_base64(&key)?, passphrase_info: None }))
+    pub fn from_base64(key: String) -> Result<Self, DecodeError> {
+        Ok(Self { inner: RecoveryKey::from_base64(&key)?, passphrase_info: None })
    }

    /// Try to create a [`BackupRecoveryKey`] from a base 58 encoded string.
-    #[uniffi::constructor]
-    pub fn from_base58(key: String) -> Result<Arc<Self>, DecodeError> {
-        Ok(Arc::new(Self { inner: BackupDecryptionKey::from_base58(&key)?, passphrase_info: None }))
+    pub fn from_base58(key: String) -> Result<Self, DecodeError> {
+        Ok(Self { inner: RecoveryKey::from_base58(&key)?, passphrase_info: None })
    }

    /// Create a new [`BackupRecoveryKey`] from the given passphrase.
-    #[uniffi::constructor]
-    pub fn new_from_passphrase(passphrase: String) -> Arc<Self> {
-        let mut rng = rng();
+    pub fn new_from_passphrase(passphrase: String) -> Self {
+        let mut rng = thread_rng();
        let salt: String = iter::repeat(())
            .map(|()| rng.sample(Alphanumeric))
            .map(char::from)
@@ -104,28 +97,41 @@ impl BackupRecoveryKey {
    }

    /// Restore a [`BackupRecoveryKey`] from the given passphrase.
-    #[uniffi::constructor]
-    pub fn from_passphrase(passphrase: String, salt: String, rounds: i32) -> Arc<Self> {
+    pub fn from_passphrase(passphrase: String, salt: String, rounds: i32) -> Self {
        let mut key = Box::new([0u8; Self::KEY_SIZE]);
        let rounds = rounds as u32;

-        pbkdf2::<Hmac<Sha512>>(passphrase.as_bytes(), salt.as_bytes(), rounds, key.deref_mut())
-            .expect(
-                "We should be able to expand a passphrase of any length due to \
-                 HMAC being able to be initialized with any input size",
-            );
+        pbkdf2::<Hmac<Sha512>>(passphrase.as_bytes(), salt.as_bytes(), rounds, key.deref_mut());

-        let backup_decryption_key = BackupDecryptionKey::from_bytes(&key);
+        let recovery_key = RecoveryKey::from_bytes(&key);

        key.zeroize();

-        Arc::new(Self {
-            inner: backup_decryption_key,
+        Self {
+            inner: recovery_key,
            passphrase_info: Some(PassphraseInfo {
                private_key_salt: salt,
                private_key_iterations: rounds as i32,
            }),
-        })
+        }
+    }
+
+    /// Get the public part of the backup key.
+    pub fn megolm_v1_public_key(&self) -> MegolmV1BackupKey {
+        let public_key = self.inner.megolm_v1_public_key();
+
+        let signatures: HashMap<String, HashMap<String, String>> = public_key
+            .signatures()
+            .into_iter()
+            .map(|(k, v)| (k.to_string(), v.into_iter().map(|(k, v)| (k.to_string(), v)).collect()))
+            .collect();
+
+        MegolmV1BackupKey {
+            public_key: public_key.to_base64(),
+            signatures,
+            passphrase_info: self.passphrase_info.clone(),
+            backup_algorithm: public_key.backup_algorithm().to_owned(),
+        }
    }

    /// Convert the recovery key to a base 58 encoded string.
@@ -138,39 +144,6 @@ impl BackupRecoveryKey {
        self.inner.to_base64()
    }

-    /// Get the public part of the backup key.
-    pub fn megolm_v1_public_key(&self) -> MegolmV1BackupKey {
-        let public_key = self.inner.megolm_v1_public_key();
-
-        let signatures: HashMap<String, HashMap<String, String>> = public_key
-            .signatures()
-            .into_iter()
-            .map(|(k, v)| {
-                (
-                    k.to_string(),
-                    v.into_iter()
-                        .map(|(k, v)| {
-                            (
-                                k.to_string(),
-                                match v {
-                                    Ok(s) => s.to_base64(),
-                                    Err(s) => s.source,
-                                },
-                            )
-                        })
-                        .collect(),
-                )
-            })
-            .collect();
-
-        MegolmV1BackupKey {
-            public_key: public_key.to_base64(),
-            signatures,
-            passphrase_info: self.passphrase_info.clone(),
-            backup_algorithm: public_key.backup_algorithm().to_owned(),
-        }
-    }
-
    /// Try to decrypt a message that was encrypted using the public part of the
    /// backup key.
    pub fn decrypt_v1(
@@ -179,51 +152,6 @@ impl BackupRecoveryKey {
        mac: String,
        ciphertext: String,
    ) -> Result<String, PkDecryptionError> {
-        self.inner.decrypt_v1(&ephemeral_key, &mac, &ciphertext).map_err(|e| e.into())
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use ruma::api::client::backup::KeyBackupData;
-    use serde_json::json;
-
-    use super::BackupRecoveryKey;
-
-    #[test]
-    fn test_decrypt_key() {
-        let recovery_key = BackupRecoveryKey::from_base64(
-            "Ha9cklU/9NqFo9WKdVfGzmqUL/9wlkdxfEitbSIPVXw".to_owned(),
-        )
-        .unwrap();
-
-        let data = json!({
-            "first_message_index": 0,
-            "forwarded_count": 0,
-            "is_verified": false,
-            "session_data": {
-                "ephemeral": "HlLi76oV6wxHz3PCqE/bxJi6yF1HnYz5Dq3T+d/KpRw",
-                "ciphertext": "MuM8E3Yc6TSAvhVGb77rQ++jE6p9dRepx63/3YPD2wACKAppkZHeFrnTH6wJ/HSyrmzo\
-                               7HfwqVl6tKNpfooSTHqUf6x1LHz+h4B/Id5ITO1WYt16AaI40LOnZqTkJZCfSPuE2oxa\
-                               lwEHnCS3biWybutcnrBFPR3LMtaeHvvkb+k3ny9l5ZpsU9G7vCm3XoeYkWfLekWXvDhb\
-                               qWrylXD0+CNUuaQJ/S527TzLd4XKctqVjjO/cCH7q+9utt9WJAfK8LGaWT/mZ3AeWjf5\
-                               kiqOpKKf5Cn4n5SSil5p/pvGYmjnURvZSEeQIzHgvunIBEPtzK/MYEPOXe/P5achNGlC\
-                               x+5N19Ftyp9TFaTFlTWCTi0mpD7ePfCNISrwpozAz9HZc0OhA8+1aSc7rhYFIeAYXFU3\
-                               26NuFIFHI5pvpSxjzPQlOA+mavIKmiRAtjlLw11IVKTxgrdT4N8lXeMr4ndCSmvIkAzF\
-                               Mo1uZA4fzjiAdQJE4/2WeXFNNpvdfoYmX8Zl9CAYjpSO5HvpwkAbk4/iLEH3hDfCVUwD\
-                               fMh05PdGLnxeRpiEFWSMSsJNp+OWAA+5JsF41BoRGrxoXXT+VKqlUDONd+O296Psu8Q+\
-                               d8/S618",
-                "mac": "GtMrurhDTwo"
-            }
-        });
-
-        let key_backup_data: KeyBackupData = serde_json::from_value(data).unwrap();
-        let ephemeral = key_backup_data.session_data.ephemeral.encode();
-        let ciphertext = key_backup_data.session_data.ciphertext.encode();
-        let mac = key_backup_data.session_data.mac.encode();
-
-        let _ = recovery_key
-            .decrypt_v1(ephemeral, mac, ciphertext)
-            .expect("The backed up key should be decrypted successfully");
+        self.inner.decrypt_v1(ephemeral_key, mac, ciphertext).map_err(|e| e.into())
    }
 }
@@ -1,256 +0,0 @@
-use std::{mem::ManuallyDrop, sync::Arc};
-
-use matrix_sdk_common::executor::Handle;
-use matrix_sdk_crypto::{
-    DecryptionSettings,
-    dehydrated_devices::{
-        DehydratedDevice as InnerDehydratedDevice, DehydratedDevices as InnerDehydratedDevices,
-        RehydratedDevice as InnerRehydratedDevice,
-    },
-    store::types::DehydratedDeviceKey as InnerDehydratedDeviceKey,
-};
-use ruma::{OwnedDeviceId, api::client::dehydrated_device, events::AnyToDeviceEvent, serde::Raw};
-use serde_json::json;
-
-use crate::{CryptoStoreError, DehydratedDeviceKey};
-
-#[derive(Debug, thiserror::Error, uniffi::Error)]
-#[uniffi(flat_error)]
-pub enum DehydrationError {
-    #[error(transparent)]
-    Pickle(#[from] matrix_sdk_crypto::vodozemac::DehydratedDeviceError),
-    #[error(transparent)]
-    LegacyPickle(#[from] matrix_sdk_crypto::vodozemac::LibolmPickleError),
-    #[error(transparent)]
-    MissingSigningKey(#[from] matrix_sdk_crypto::SignatureError),
-    #[error(transparent)]
-    Json(#[from] serde_json::Error),
-    #[error(transparent)]
-    Store(#[from] matrix_sdk_crypto::CryptoStoreError),
-    #[error("The pickle key has an invalid length, expected 32 bytes, got {0}")]
-    PickleKeyLength(usize),
-}
-
-impl From<matrix_sdk_crypto::dehydrated_devices::DehydrationError> for DehydrationError {
-    fn from(value: matrix_sdk_crypto::dehydrated_devices::DehydrationError) -> Self {
-        match value {
-            matrix_sdk_crypto::dehydrated_devices::DehydrationError::Json(e) => Self::Json(e),
-            matrix_sdk_crypto::dehydrated_devices::DehydrationError::Pickle(e) => Self::Pickle(e),
-            matrix_sdk_crypto::dehydrated_devices::DehydrationError::LegacyPickle(e) => {
-                Self::LegacyPickle(e)
-            }
-            matrix_sdk_crypto::dehydrated_devices::DehydrationError::MissingSigningKey(e) => {
-                Self::MissingSigningKey(e)
-            }
-            matrix_sdk_crypto::dehydrated_devices::DehydrationError::Store(e) => Self::Store(e),
-            matrix_sdk_crypto::dehydrated_devices::DehydrationError::PickleKeyLength(l) => {
-                Self::PickleKeyLength(l)
-            }
-        }
-    }
-}
-
-#[derive(uniffi::Object)]
-pub struct DehydratedDevices {
-    pub(crate) runtime: Handle,
-    pub(crate) inner: ManuallyDrop<InnerDehydratedDevices>,
-}
-
-impl Drop for DehydratedDevices {
-    fn drop(&mut self) {
-        // See the drop implementation for the `crate::OlmMachine` for an explanation.
-        let _guard = self.runtime.enter();
-        unsafe {
-            ManuallyDrop::drop(&mut self.inner);
-        }
-    }
-}
-
-#[matrix_sdk_ffi_macros::export]
-impl DehydratedDevices {
-    pub fn create(&self) -> Result<Arc<DehydratedDevice>, DehydrationError> {
-        let inner = self.runtime.block_on(self.inner.create())?;
-
-        Ok(Arc::new(DehydratedDevice {
-            inner: ManuallyDrop::new(inner),
-            runtime: self.runtime.to_owned(),
-        }))
-    }
-
-    pub fn rehydrate(
-        &self,
-        pickle_key: &DehydratedDeviceKey,
-        device_id: String,
-        device_data: String,
-    ) -> Result<Arc<RehydratedDevice>, DehydrationError> {
-        let device_data: Raw<_> = serde_json::from_str(&device_data)?;
-        let device_id: OwnedDeviceId = device_id.into();
-
-        let key = InnerDehydratedDeviceKey::from_slice(&pickle_key.inner)?;
-
-        let ret = RehydratedDevice {
-            runtime: self.runtime.to_owned(),
-            inner: ManuallyDrop::new(self.runtime.block_on(self.inner.rehydrate(
-                &key,
-                &device_id,
-                device_data,
-            ))?),
-        }
-        .into();
-
-        Ok(ret)
-    }
-
-    /// Get the cached dehydrated device pickle key if any.
-    ///
-    /// None if the key was not previously cached (via
-    /// [`Self::save_dehydrated_device_pickle_key`]).
-    ///
-    /// Should be used to periodically rotate the dehydrated device to avoid
-    /// OTK exhaustion and accumulation of to_device messages.
-    pub fn get_dehydrated_device_key(
-        &self,
-    ) -> Result<Option<crate::DehydratedDeviceKey>, CryptoStoreError> {
-        Ok(self
-            .runtime
-            .block_on(self.inner.get_dehydrated_device_pickle_key())?
-            .map(crate::DehydratedDeviceKey::from))
-    }
-
-    /// Store the dehydrated device pickle key in the crypto store.
-    ///
-    /// This is useful if the client wants to periodically rotate dehydrated
-    /// devices to avoid OTK exhaustion and accumulated to_device problems.
-    pub fn save_dehydrated_device_key(
-        &self,
-        pickle_key: &crate::DehydratedDeviceKey,
-    ) -> Result<(), CryptoStoreError> {
-        let pickle_key = InnerDehydratedDeviceKey::from_slice(&pickle_key.inner)?;
-        Ok(self.runtime.block_on(self.inner.save_dehydrated_device_pickle_key(&pickle_key))?)
-    }
-
-    /// Deletes the previously stored dehydrated device pickle key.
-    pub fn delete_dehydrated_device_key(&self) -> Result<(), CryptoStoreError> {
-        Ok(self.runtime.block_on(self.inner.delete_dehydrated_device_pickle_key())?)
-    }
-}
-
-#[derive(uniffi::Object)]
-pub struct RehydratedDevice {
-    inner: ManuallyDrop<InnerRehydratedDevice>,
-    runtime: Handle,
-}
-
-impl Drop for RehydratedDevice {
-    fn drop(&mut self) {
-        // See the drop implementation for the `crate::OlmMachine` for an explanation.
-        let _guard = self.runtime.enter();
-        unsafe {
-            ManuallyDrop::drop(&mut self.inner);
-        }
-    }
-}
-
-#[matrix_sdk_ffi_macros::export]
-impl RehydratedDevice {
-    pub fn receive_events(
-        &self,
-        events: String,
-        decryption_settings: &DecryptionSettings,
-    ) -> Result<(), crate::CryptoStoreError> {
-        let events: Vec<Raw<AnyToDeviceEvent>> = serde_json::from_str(&events)?;
-        self.runtime.block_on(self.inner.receive_events(events, decryption_settings))?;
-
-        Ok(())
-    }
-}
-
-#[derive(uniffi::Object)]
-pub struct DehydratedDevice {
-    pub(crate) runtime: Handle,
-    pub(crate) inner: ManuallyDrop<InnerDehydratedDevice>,
-}
-
-impl Drop for DehydratedDevice {
-    fn drop(&mut self) {
-        // See the drop implementation for the `crate::OlmMachine` for an explanation.
-        let _guard = self.runtime.enter();
-        unsafe {
-            ManuallyDrop::drop(&mut self.inner);
-        }
-    }
-}
-
-#[matrix_sdk_ffi_macros::export]
-impl DehydratedDevice {
-    pub fn keys_for_upload(
-        &self,
-        device_display_name: String,
-        pickle_key: &DehydratedDeviceKey,
-    ) -> Result<UploadDehydratedDeviceRequest, DehydrationError> {
-        let key = InnerDehydratedDeviceKey::from_slice(&pickle_key.inner)?;
-
-        let request =
-            self.runtime.block_on(self.inner.keys_for_upload(device_display_name, &key))?;
-
-        Ok(request.into())
-    }
-}
-
-#[derive(Debug, uniffi::Record)]
-pub struct UploadDehydratedDeviceRequest {
-    /// The serialized JSON body of the request.
-    body: String,
-}
-
-impl From<dehydrated_device::put_dehydrated_device::unstable::Request>
-    for UploadDehydratedDeviceRequest
-{
-    fn from(value: dehydrated_device::put_dehydrated_device::unstable::Request) -> Self {
-        let body = json!({
-            "device_id": value.device_id,
-            "device_data": value.device_data,
-            "initial_device_display_name": value.initial_device_display_name,
-            "device_keys": value.device_keys,
-            "one_time_keys": value.one_time_keys,
-            "fallback_keys": value.fallback_keys,
-        });
-
-        let body = serde_json::to_string(&body)
-            .expect("We should be able to serialize the PUT dehydrated devices request body");
-
-        Self { body }
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use crate::{DehydratedDeviceKey, dehydrated_devices::DehydrationError};
-
-    #[test]
-    fn test_creating_dehydrated_key() {
-        let dehydrated_device_key = DehydratedDeviceKey::new();
-        let base_64 = dehydrated_device_key.to_base64();
-        let inner_bytes = dehydrated_device_key.inner;
-
-        let copy = DehydratedDeviceKey::from_slice(&inner_bytes).unwrap();
-
-        assert_eq!(base_64, copy.to_base64());
-    }
-
-    #[test]
-    fn test_creating_dehydrated_key_failure() {
-        let bytes = [0u8; 24];
-
-        let pickle_key = DehydratedDeviceKey::from_slice(&bytes);
-
-        assert!(pickle_key.is_err());
-
-        match pickle_key {
-            Err(DehydrationError::PickleKeyLength(pickle_key_length)) => {
-                assert_eq!(bytes.len(), pickle_key_length);
-            }
-            _ => panic!("Should have failed!"),
-        }
-    }
-}
@@ -3,7 +3,6 @@ use std::collections::HashMap;
 use matrix_sdk_crypto::Device as InnerDevice;

 /// An E2EE capable Matrix device.
-#[derive(uniffi::Record)]
 pub struct Device {
    /// The device owner.
    pub user_id: String,
@@ -25,11 +24,6 @@ pub struct Device {
    /// Is our cross signing identity trusted and does the identity trust the
    /// device.
    pub cross_signing_trusted: bool,
-    /// The first time this device was seen in local timestamp, milliseconds
-    /// since epoch.
-    pub first_time_seen_ts: u64,
-    /// Whether or not the device is a dehydrated device.
-    pub dehydrated: bool,
 }

 impl From<InnerDevice> for Device {
@@ -43,8 +37,6 @@ impl From<InnerDevice> for Device {
            is_blocked: d.is_blacklisted(),
            locally_trusted: d.is_locally_trusted(),
            cross_signing_trusted: d.is_cross_signing_trusted(),
-            first_time_seen_ts: d.first_time_seen_ts().0.into(),
-            dehydrated: d.is_dehydrated(),
        }
    }
 }
@@ -1,15 +1,12 @@
 #![allow(missing_docs)]

 use matrix_sdk_crypto::{
-    KeyExportError, MegolmError, OlmError, SecretImportError as RustSecretImportError,
-    SignatureError as InnerSignatureError,
-    store::{CryptoStoreError as InnerStoreError, DehydrationError as InnerDehydrationError},
+    store::CryptoStoreError as InnerStoreError, KeyExportError, MegolmError, OlmError,
+    SecretImportError as RustSecretImportError, SignatureError as InnerSignatureError,
 };
-use matrix_sdk_sqlite::OpenStoreError;
 use ruma::{IdParseError, OwnedUserId};

-#[derive(Debug, thiserror::Error, uniffi::Error)]
-#[uniffi(flat_error)]
+#[derive(Debug, thiserror::Error)]
 pub enum KeyImportError {
    #[error(transparent)]
    Export(#[from] KeyExportError),
@@ -19,8 +16,7 @@ pub enum KeyImportError {
    Json(#[from] serde_json::Error),
 }

-#[derive(Debug, thiserror::Error, uniffi::Error)]
-#[uniffi(flat_error)]
+#[derive(Debug, thiserror::Error)]
 pub enum SecretImportError {
    #[error(transparent)]
    CryptoStore(#[from] InnerStoreError),
@@ -28,8 +24,7 @@ pub enum SecretImportError {
    Import(#[from] RustSecretImportError),
 }

-#[derive(Debug, thiserror::Error, uniffi::Error)]
-#[uniffi(flat_error)]
+#[derive(Debug, thiserror::Error)]
 pub enum SignatureError {
    #[error(transparent)]
    Signature(#[from] InnerSignatureError),
@@ -43,11 +38,8 @@ pub enum SignatureError {
    UnknownUserIdentity(String),
 }

-#[derive(Debug, thiserror::Error, uniffi::Error)]
-#[uniffi(flat_error)]
+#[derive(Debug, thiserror::Error)]
 pub enum CryptoStoreError {
-    #[error("Failed to open the store")]
-    OpenStore(#[from] OpenStoreError),
    #[error(transparent)]
    CryptoStore(#[from] InnerStoreError),
    #[error(transparent)]
@@ -58,115 +50,14 @@ pub enum CryptoStoreError {
    InvalidUserId(String, IdParseError),
    #[error(transparent)]
    Identifier(#[from] IdParseError),
-    #[error(transparent)]
-    DehydrationError(#[from] InnerDehydrationError),
 }

-#[derive(Debug, thiserror::Error, uniffi::Error)]
+#[derive(Debug, thiserror::Error)]
 pub enum DecryptionError {
-    #[error("serialization error: {error}")]
-    Serialization { error: String },
-    #[error("identifier parsing error: {error}")]
-    Identifier { error: String },
-    #[error("megolm error: {error}")]
-    Megolm { error: String },
-    #[error("missing room key: {error}")]
-    MissingRoomKey { error: String, withheld_code: Option<String> },
-    #[error("store error: {error}")]
-    Store { error: String },
-}
-
-/// Error describing what went wrong when exporting a [`SecretsBundle`].
-///
-/// The [`SecretsBundle`] can only be exported if we have all cross-signing
-/// private keys in the store.
-#[derive(Debug, thiserror::Error, uniffi::Error)]
-pub enum SecretsBundleExportError {
-    /// The store itself had an error.
    #[error(transparent)]
-    CryptoStore(CryptoStoreError),
-    /// We're missing one or more cross-signing keys.
-    #[error("The store doesn't contain all the cross-signing keys")]
-    MissingCrossSigningKeys,
-    /// We have a backup key stored, but we don't know the version of the
-    /// backup.
-    #[error("The store contains a backup key, but no backup version")]
-    MissingBackupVersion,
-    #[error("serialization error: {error}")]
-    Serialization { error: String },
-}
-
-impl From<matrix_sdk_crypto::store::SecretsBundleExportError> for SecretsBundleExportError {
-    fn from(value: matrix_sdk_crypto::store::SecretsBundleExportError) -> Self {
-        match value {
-            matrix_sdk_crypto::store::SecretsBundleExportError::Store(e) => {
-                Self::CryptoStore(e.into())
-            }
-            matrix_sdk_crypto::store::SecretsBundleExportError::MissingCrossSigningKey(_)
-            | matrix_sdk_crypto::store::SecretsBundleExportError::MissingCrossSigningKeys => {
-                Self::MissingCrossSigningKeys
-            }
-            matrix_sdk_crypto::store::SecretsBundleExportError::MissingBackupVersion => {
-                Self::MissingBackupVersion
-            }
-        }
-    }
-}
-
-impl From<serde_json::Error> for SecretsBundleExportError {
-    fn from(err: serde_json::Error) -> Self {
-        Self::Serialization { error: err.to_string() }
-    }
-}
-
-impl From<MegolmError> for DecryptionError {
-    fn from(value: MegolmError) -> Self {
-        match &value {
-            MegolmError::MissingRoomKey(withheld_code) => Self::MissingRoomKey {
-                error: value.to_string(),
-                withheld_code: withheld_code.as_ref().map(|w| w.as_str().to_owned()),
-            },
-            _ => Self::Megolm { error: value.to_string() },
-        }
-    }
-}
-
-impl From<serde_json::Error> for DecryptionError {
-    fn from(err: serde_json::Error) -> Self {
-        Self::Serialization { error: err.to_string() }
-    }
-}
-
-impl From<IdParseError> for DecryptionError {
-    fn from(err: IdParseError) -> Self {
-        Self::Identifier { error: err.to_string() }
-    }
-}
-
-impl From<InnerStoreError> for DecryptionError {
-    fn from(err: InnerStoreError) -> Self {
-        Self::Store { error: err.to_string() }
-    }
-}
-
-#[cfg(test)]
-mod tests {
-    use assert_matches2::assert_let;
-    use matrix_sdk_crypto::MegolmError;
-
-    use super::DecryptionError;
-
-    #[test]
-    fn test_withheld_error_mapping() {
-        use matrix_sdk_common::deserialized_responses::WithheldCode;
-
-        let inner_error = MegolmError::MissingRoomKey(Some(WithheldCode::Unverified));
-
-        let binding_error: DecryptionError = inner_error.into();
-
-        assert_let!(
-            DecryptionError::MissingRoomKey { error: _, withheld_code: Some(code) } = binding_error
-        );
-        assert_eq!("m.unverified", code)
-    }
+    Serialization(#[from] serde_json::Error),
+    #[error(transparent)]
+    Identifier(#[from] IdParseError),
+    #[error(transparent)]
+    Megolm(#[from] MegolmError),
 }
@@ -3,11 +3,10 @@ use std::{
    sync::{Arc, Mutex},
 };

-use tracing_subscriber::{EnvFilter, fmt::MakeWriter};
+use tracing_subscriber::{fmt::MakeWriter, EnvFilter};

 /// Trait that can be used to forward Rust logs over FFI to a language specific
 /// logger.
-#[matrix_sdk_ffi_macros::export(callback_interface)]
 pub trait Logger: Send {
    /// Called every time the Rust side wants to post a log line.
    fn log(&self, log_line: String);
@@ -42,22 +41,16 @@ pub struct LoggerWrapper {
 }

 /// Set the logger that should be used to forward Rust logs over FFI.
-#[matrix_sdk_ffi_macros::export]
 pub fn set_logger(logger: Box<dyn Logger>) {
    let logger = LoggerWrapper { inner: Arc::new(Mutex::new(logger)) };

-    let filter = EnvFilter::from_default_env()
-        .add_directive(
-            "matrix_sdk_crypto=trace".parse().expect("Can't parse logging filter directive"),
-        )
-        .add_directive(
-            "matrix_sdk_sqlite=debug".parse().expect("Can't parse logging filter directive"),
-        );
+    let filter = EnvFilter::from_default_env().add_directive(
+        "matrix_sdk_crypto=trace".parse().expect("Can't parse logging filter directive"),
+    );

    let _ = tracing_subscriber::fmt()
        .with_writer(logger)
        .with_env_filter(filter)
-        .with_ansi(false)
        .without_time()
        .try_init();
 }
@@ -0,0 +1,483 @@
+namespace olm {
+    void set_logger(Logger logger);
+    [Throws=MigrationError]
+    void migrate(
+        MigrationData data,
+        [ByRef] string path,
+        string? passphrase,
+        ProgressListener progress_listener
+    );
+};
+
+[Error]
+interface MigrationError {
+  Generic(string error_message);
+};
+
+callback interface Logger {
+    void log(string logLine);
+};
+
+callback interface ProgressListener {
+    void on_progress(i32 progress, i32 total);
+};
+
+[Error]
+enum PkDecryptionError {
+    "Olm",
+};
+
+[Error]
+enum KeyImportError {
+    "Export",
+    "CryptoStore",
+    "Json",
+};
+
+[Error]
+enum SignatureError {
+    "Signature",
+    "Identifier",
+    "CryptoStore",
+    "UnknownDevice",
+    "UnknownUserIdentity",
+};
+
+[Error]
+enum SecretImportError {
+    "Import",
+    "CryptoStore",
+};
+
+
+[Error]
+enum CryptoStoreError {
+    "CryptoStore",
+    "OlmError",
+    "Serialization",
+    "Identifier",
+    "InvalidUserId",
+};
+
+[Error]
+enum DecryptionError {
+    "Identifier",
+    "Serialization",
+    "Megolm",
+};
+
+dictionary DeviceLists {
+    sequence<string> changed;
+    sequence<string> left;
+};
+
+dictionary KeysImportResult {
+    i64 imported;
+    i64 total;
+    record<DOMString, record<DOMString, sequence<string>>> keys;
+};
+
+dictionary DecryptedEvent {
+    string clear_event;
+    string sender_curve25519_key;
+    string? claimed_ed25519_key;
+    sequence<string> forwarding_curve25519_chain;
+};
+
+dictionary Device {
+    string user_id;
+    string device_id;
+    record<DOMString, string> keys;
+    sequence<string> algorithms;
+    string? display_name;
+    boolean is_blocked;
+    boolean locally_trusted;
+    boolean cross_signing_trusted;
+};
+
+[Enum]
+interface UserIdentity {
+    Own(
+        string user_id,
+        boolean trusts_our_own_device,
+        string master_key,
+        string self_signing_key,
+        string user_signing_key
+    );
+    Other(
+        string user_id,
+        string master_key,
+        string self_signing_key
+    );
+};
+
+dictionary CrossSigningStatus {
+    boolean has_master;
+    boolean has_self_signing;
+    boolean has_user_signing;
+};
+
+dictionary CrossSigningKeyExport {
+    string? master_key;
+    string? self_signing_key;
+    string? user_signing_key;
+};
+
+dictionary UploadSigningKeysRequest {
+    string master_key;
+    string self_signing_key;
+    string user_signing_key;
+};
+
+dictionary BootstrapCrossSigningResult {
+   UploadSigningKeysRequest upload_signing_keys_request;
+   SignatureUploadRequest signature_request;
+};
+
+dictionary CancelInfo {
+    string cancel_code;
+    string reason;
+    boolean cancelled_by_us;
+};
+
+dictionary StartSasResult {
+    Sas sas;
+    OutgoingVerificationRequest request;
+};
+
+dictionary Sas {
+    string other_user_id;
+    string other_device_id;
+    string flow_id;
+    string? room_id;
+    boolean we_started;
+    boolean has_been_accepted;
+    boolean can_be_presented;
+    boolean supports_emoji;
+    boolean have_we_confirmed;
+    boolean is_done;
+    boolean is_cancelled;
+    CancelInfo? cancel_info;
+};
+
+dictionary ScanResult {
+    QrCode qr;
+    OutgoingVerificationRequest request;
+};
+
+dictionary QrCode {
+    string other_user_id;
+    string other_device_id;
+    string flow_id;
+    string? room_id;
+    boolean we_started;
+    boolean other_side_scanned;
+    boolean has_been_confirmed;
+    boolean reciprocated;
+    boolean is_done;
+    boolean is_cancelled;
+    CancelInfo? cancel_info;
+};
+
+dictionary VerificationRequest {
+    string other_user_id;
+    string? other_device_id;
+    string flow_id;
+    string? room_id;
+    boolean we_started;
+    boolean is_ready;
+    boolean is_passive;
+    boolean is_done;
+    boolean is_cancelled;
+    CancelInfo? cancel_info;
+    sequence<string>? their_methods;
+    sequence<string>? our_methods;
+
+};
+
+dictionary RequestVerificationResult {
+    VerificationRequest verification;
+    OutgoingVerificationRequest request;
+};
+
+dictionary ConfirmVerificationResult {
+    sequence<OutgoingVerificationRequest> requests;
+    SignatureUploadRequest? signature_request;
+};
+
+[Enum]
+interface Verification {
+    SasV1(Sas sas);
+    QrCodeV1(QrCode qrcode);
+};
+
+dictionary KeyRequestPair {
+    Request? cancellation;
+    Request key_request;
+};
+
+[Enum]
+interface OutgoingVerificationRequest {
+    ToDevice(string request_id, string event_type, string body);
+    InRoom(string request_id, string room_id, string event_type, string content);
+};
+
+[Enum]
+interface Request {
+    ToDevice(string request_id, string event_type, string body);
+    KeysUpload(string request_id, string body);
+    KeysQuery(string request_id, sequence<string> users);
+    KeysClaim(string request_id, record<DOMString, record<DOMString, string>> one_time_keys);
+    KeysBackup(string request_id, string version, string rooms);
+    RoomMessage(string request_id, string room_id, string event_type, string content);
+    SignatureUpload(string request_id, string body);
+};
+
+dictionary SignatureUploadRequest {
+    string body;
+};
+
+enum RequestType {
+    "KeysQuery",
+    "KeysClaim",
+    "KeysUpload",
+    "ToDevice",
+    "SignatureUpload",
+    "KeysBackup",
+    "RoomMessage",
+};
+
+interface OlmMachine {
+    [Throws=CryptoStoreError]
+    constructor(
+        [ByRef] string user_id,
+        [ByRef] string device_id,
+        [ByRef] string path,
+        string? passphrase
+    );
+
+    record<DOMString, string> identity_keys();
+    string user_id();
+    string device_id();
+
+    [Throws=CryptoStoreError]
+    string receive_sync_changes([ByRef] string events,
+                              DeviceLists device_changes,
+                              record<DOMString, i32> key_counts,
+                              sequence<string>? unused_fallback_keys);
+    [Throws=CryptoStoreError]
+    sequence<Request> outgoing_requests();
+    [Throws=CryptoStoreError]
+    void mark_request_as_sent(
+        [ByRef] string request_id,
+        RequestType request_type,
+        [ByRef] string response
+    );
+
+    [Throws=DecryptionError]
+    DecryptedEvent decrypt_room_event([ByRef] string event, [ByRef] string room_id);
+    [Throws=CryptoStoreError]
+    string encrypt([ByRef] string room_id, [ByRef] string event_type, [ByRef] string content);
+
+    [Throws=CryptoStoreError]
+    UserIdentity? get_identity([ByRef] string user_id, u32 timeout);
+    [Throws=SignatureError]
+    SignatureUploadRequest verify_identity([ByRef] string user_id);
+    [Throws=CryptoStoreError]
+    Device? get_device([ByRef] string user_id, [ByRef] string device_id, u32 timeout);
+    [Throws=CryptoStoreError]
+    void mark_device_as_trusted([ByRef] string user_id, [ByRef] string device_id);
+    [Throws=SignatureError]
+    SignatureUploadRequest verify_device([ByRef] string user_id, [ByRef] string device_id);
+    [Throws=CryptoStoreError]
+    sequence<Device> get_user_devices([ByRef] string user_id, u32 timeout);
+
+    [Throws=CryptoStoreError]
+    boolean is_user_tracked([ByRef] string user_id);
+    void update_tracked_users(sequence<string> users);
+    [Throws=CryptoStoreError]
+    Request? get_missing_sessions(sequence<string> users);
+    [Throws=CryptoStoreError]
+    sequence<Request> share_room_key([ByRef] string room_id, sequence<string> users);
+
+    [Throws=CryptoStoreError]
+    void receive_unencrypted_verification_event([ByRef] string event, [ByRef] string room_id);
+    sequence<VerificationRequest> get_verification_requests([ByRef] string user_id);
+    VerificationRequest? get_verification_request([ByRef] string user_id, [ByRef] string flow_id);
+    Verification? get_verification([ByRef] string user_id, [ByRef] string flow_id);
+
+    [Throws=CryptoStoreError]
+    VerificationRequest? request_verification(
+        [ByRef] string user_id,
+        [ByRef] string room_id,
+        [ByRef] string event_id,
+        sequence<string> methods
+    );
+    [Throws=CryptoStoreError]
+    string? verification_request_content(
+        [ByRef] string user_id,
+        sequence<string> methods
+    );
+    [Throws=CryptoStoreError]
+    RequestVerificationResult? request_self_verification(sequence<string> methods);
+    [Throws=CryptoStoreError]
+    RequestVerificationResult? request_verification_with_device(
+        [ByRef] string user_id,
+        [ByRef] string device_id,
+        sequence<string> methods
+    );
+
+    OutgoingVerificationRequest? accept_verification_request(
+        [ByRef] string user_id,
+        [ByRef] string flow_id,
+        sequence<string> methods
+    );
+
+    [Throws=CryptoStoreError]
+    ConfirmVerificationResult? confirm_verification([ByRef] string user_id, [ByRef] string flow_id);
+    OutgoingVerificationRequest? cancel_verification(
+        [ByRef] string user_id,
+        [ByRef] string flow_id,
+        [ByRef] string cancel_code
+    );
+
+    [Throws=CryptoStoreError]
+    StartSasResult? start_sas_with_device([ByRef] string user_id, [ByRef] string device_id);
+    [Throws=CryptoStoreError]
+    StartSasResult? start_sas_verification([ByRef] string user_id, [ByRef] string flow_id);
+    OutgoingVerificationRequest? accept_sas_verification([ByRef] string user_id, [ByRef] string flow_id);
+    sequence<i32>? get_emoji_index([ByRef] string user_id, [ByRef] string flow_id);
+    sequence<i32>? get_decimals([ByRef] string user_id, [ByRef] string flow_id);
+
+    [Throws=CryptoStoreError]
+    QrCode? start_qr_verification([ByRef] string user_id, [ByRef] string flow_id);
+    ScanResult? scan_qr_code([ByRef] string user_id, [ByRef] string flow_id, [ByRef] string data);
+    string? generate_qr_code([ByRef] string user_id, [ByRef] string flow_id);
+
+    [Throws=DecryptionError]
+    KeyRequestPair request_room_key([ByRef] string event, [ByRef] string room_id);
+
+    [Throws=CryptoStoreError]
+    string export_room_keys([ByRef] string passphrase, i32 rounds);
+    [Throws=KeyImportError]
+    KeysImportResult import_room_keys(
+        [ByRef] string keys,
+        [ByRef] string passphrase,
+        ProgressListener progress_listener
+    );
+    [Throws=KeyImportError]
+    KeysImportResult import_decrypted_room_keys(
+        [ByRef] string keys,
+        ProgressListener progress_listener
+    );
+    [Throws=CryptoStoreError]
+    void discard_room_key([ByRef] string room_id);
+
+    CrossSigningStatus cross_signing_status();
+    [Throws=CryptoStoreError]
+    BootstrapCrossSigningResult bootstrap_cross_signing();
+    CrossSigningKeyExport? export_cross_signing_keys();
+    [Throws=SecretImportError]
+    void import_cross_signing_keys(CrossSigningKeyExport export);
+    [Throws=CryptoStoreError]
+    boolean is_identity_verified([ByRef] string user_id);
+
+    record<DOMString, record<DOMString, string>> sign([ByRef] string message);
+    [Throws=DecodeError]
+    void enable_backup_v1(MegolmV1BackupKey key, string version);
+    [Throws=CryptoStoreError]
+    void disable_backup();
+    [Throws=CryptoStoreError]
+    Request? backup_room_keys();
+    [Throws=CryptoStoreError]
+    void save_recovery_key(BackupRecoveryKey? key, string? version);
+    [Throws=CryptoStoreError]
+    RoomKeyCounts room_key_counts();
+    [Throws=CryptoStoreError]
+    BackupKeys? get_backup_keys();
+    boolean backup_enabled();
+    [Throws=CryptoStoreError]
+    boolean verify_backup([ByRef] string auth_data);
+};
+
+dictionary PassphraseInfo {
+    string private_key_salt;
+    i32 private_key_iterations;
+};
+
+dictionary MegolmV1BackupKey {
+    string public_key;
+    record<DOMString, record<DOMString, string>> signatures;
+    PassphraseInfo? passphrase_info;
+    string backup_algorithm;
+};
+
+interface BackupKeys {
+    BackupRecoveryKey recovery_key();
+    string backup_version();
+};
+
+dictionary RoomKeyCounts {
+    i64 total;
+    i64 backed_up;
+};
+
+[Error]
+enum DecodeError {
+    "Decode",
+    "CryptoStore",
+};
+
+interface BackupRecoveryKey {
+    constructor();
+    [Name=from_passphrase]
+    constructor(string passphrase, string salt, i32 rounds);
+    [Name=new_from_passphrase]
+    constructor(string passphrase);
+    [Name=from_base64, Throws=DecodeError]
+    constructor(string key);
+    [Name=from_base58, Throws=DecodeError]
+    constructor(string key);
+    string to_base58();
+    string to_base64();
+    MegolmV1BackupKey megolm_v1_public_key();
+    [Throws=PkDecryptionError]
+    string decrypt_v1(string ephemeral_key, string mac, string ciphertext);
+};
+
+dictionary MigrationData {
+    PickledAccount account;
+    sequence<PickledSession> sessions;
+    sequence<PickledInboundGroupSession> inbound_group_sessions;
+    string? backup_version;
+    string? backup_recovery_key;
+    sequence<u8> pickle_key;
+    CrossSigningKeyExport cross_signing;
+    sequence<string> tracked_users;
+};
+
+dictionary PickledAccount {
+    string user_id;
+    string device_id;
+    string pickle;
+    boolean shared;
+    i64 uploaded_signed_key_count;
+};
+
+dictionary PickledSession {
+    string pickle;
+    string sender_key;
+    boolean created_using_fallback_key;
+    string creation_time;
+    string last_use_time;
+};
+
+dictionary PickledInboundGroupSession {
+    string pickle;
+    string sender_key;
+    record<DOMString, string> signing_key;
+    string room_id;
+    sequence<string> forwarding_chains;
+    boolean imported;
+    boolean backed_up;
+};
@@ -4,15 +4,10 @@ use std::collections::HashMap;

 use http::Response;
 use matrix_sdk_crypto::{
-    CrossSigningBootstrapRequests,
-    types::requests::{
-        AnyIncomingResponse, KeysBackupRequest, OutgoingRequest,
-        OutgoingVerificationRequest as SdkVerificationRequest, RoomMessageRequest, ToDeviceRequest,
-        UploadSigningKeysRequest as RustUploadSigningKeysRequest,
-    },
+    IncomingResponse, OutgoingRequest, OutgoingVerificationRequest as SdkVerificationRequest,
+    RoomMessageRequest, ToDeviceRequest, UploadSigningKeysRequest as RustUploadSigningKeysRequest,
 };
 use ruma::{
-    OwnedTransactionId, UserId,
    api::client::{
        backup::add_backup_keys::v3::Response as KeysBackupResponse,
        keys::{
@@ -24,15 +19,15 @@ use ruma::{
            },
        },
        message::send_message_event::v3::Response as RoomMessageResponse,
-        sync::sync_events::DeviceLists as RumaDeviceLists,
+        sync::sync_events::v3::DeviceLists as RumaDeviceLists,
        to_device::send_event_to_device::v3::Response as ToDeviceResponse,
    },
    assign,
-    events::MessageLikeEventContent,
+    events::EventContent,
+    OwnedTransactionId, UserId,
 };
 use serde_json::json;

-#[derive(uniffi::Record)]
 pub struct SignatureUploadRequest {
    pub body: String,
 }
@@ -46,7 +41,6 @@ impl From<RustSignatureUploadRequest> for SignatureUploadRequest {
    }
 }

-#[derive(uniffi::Record)]
 pub struct UploadSigningKeysRequest {
    pub master_key: String,
    pub self_signing_key: String,
@@ -72,30 +66,22 @@ impl From<RustUploadSigningKeysRequest> for UploadSigningKeysRequest {
    }
 }

-#[derive(uniffi::Record)]
 pub struct BootstrapCrossSigningResult {
-    /// Optional request to upload some device keys alongside.
-    ///
-    /// Must be sent first if present, and marked with `mark_request_as_sent`.
-    pub upload_keys_request: Option<Request>,
-    /// Request to upload the signing keys. Must be sent second.
    pub upload_signing_keys_request: UploadSigningKeysRequest,
-    /// Request to upload the keys signatures, including for the signing keys
-    /// and optionally for the device keys. Must be sent last.
-    pub upload_signature_request: SignatureUploadRequest,
+    pub signature_request: SignatureUploadRequest,
 }

-impl From<CrossSigningBootstrapRequests> for BootstrapCrossSigningResult {
-    fn from(requests: CrossSigningBootstrapRequests) -> Self {
+impl From<(RustUploadSigningKeysRequest, RustSignatureUploadRequest)>
+    for BootstrapCrossSigningResult
+{
+    fn from(requests: (RustUploadSigningKeysRequest, RustSignatureUploadRequest)) -> Self {
        Self {
-            upload_signing_keys_request: requests.upload_signing_keys_req.into(),
-            upload_keys_request: requests.upload_keys_req.map(Request::from),
-            upload_signature_request: requests.upload_signatures_req.into(),
+            upload_signing_keys_request: requests.0.into(),
+            signature_request: requests.1.into(),
        }
    }
 }

-#[derive(uniffi::Enum)]
 pub enum OutgoingVerificationRequest {
    ToDevice { request_id: String, event_type: String, body: String },
    InRoom { request_id: String, room_id: String, event_type: String, content: String },
@@ -126,20 +112,20 @@ impl From<ToDeviceRequest> for OutgoingVerificationRequest {
    }
 }

-#[derive(Debug, uniffi::Enum)]
+#[derive(Debug)]
 pub enum Request {
    ToDevice { request_id: String, event_type: String, body: String },
    KeysUpload { request_id: String, body: String },
    KeysQuery { request_id: String, users: Vec<String> },
    KeysClaim { request_id: String, one_time_keys: HashMap<String, HashMap<String, String>> },
-    KeysBackup { request_id: String, version: String, rooms: String },
    RoomMessage { request_id: String, room_id: String, event_type: String, content: String },
    SignatureUpload { request_id: String, body: String },
+    KeysBackup { request_id: String, version: String, rooms: String },
 }

 impl From<OutgoingRequest> for Request {
    fn from(r: OutgoingRequest) -> Self {
-        use matrix_sdk_crypto::types::requests::AnyOutgoingRequest::*;
+        use matrix_sdk_crypto::OutgoingRequests::*;

        match r.request() {
            KeysUpload(u) => {
@@ -152,7 +138,7 @@ impl From<OutgoingRequest> for Request {
                Request::KeysUpload {
                    request_id: r.request_id().to_string(),
                    body: serde_json::to_string(&body)
-                        .expect("Can't serialize `/keys/upload` request"),
+                        .expect("Can't serialize keys upload request"),
                }
            }
            KeysQuery(k) => {
@@ -167,6 +153,12 @@ impl From<OutgoingRequest> for Request {
            },
            RoomMessage(r) => Request::from(r),
            KeysClaim(c) => (r.request_id().to_owned(), c.clone()).into(),
+            KeysBackup(b) => Request::KeysBackup {
+                request_id: r.request_id().to_string(),
+                version: b.version.to_owned(),
+                rooms: serde_json::to_string(&b.rooms)
+                    .expect("Can't serialize keys backup request"),
+            },
        }
    }
 }
@@ -201,19 +193,6 @@ impl From<(OwnedTransactionId, KeysClaimRequest)> for Request {
    }
 }

-impl From<(OwnedTransactionId, KeysBackupRequest)> for Request {
-    fn from(request_tuple: (OwnedTransactionId, KeysBackupRequest)) -> Self {
-        let (request_id, request) = request_tuple;
-
-        Request::KeysBackup {
-            request_id: request_id.to_string(),
-            version: request.version.to_owned(),
-            rooms: serde_json::to_string(&request.rooms)
-                .expect("Can't serialize keys backup request"),
-        }
-    }
-}
-
 impl From<&ToDeviceRequest> for Request {
    fn from(r: &ToDeviceRequest) -> Self {
        Request::ToDevice {
@@ -224,8 +203,8 @@ impl From<&ToDeviceRequest> for Request {
    }
 }

-impl From<&Box<RoomMessageRequest>> for Request {
-    fn from(r: &Box<RoomMessageRequest>) -> Self {
+impl From<&RoomMessageRequest> for Request {
+    fn from(r: &RoomMessageRequest) -> Self {
        Self::RoomMessage {
            request_id: r.txn_id.to_string(),
            room_id: r.room_id.to_string(),
@@ -242,7 +221,6 @@ pub(crate) fn response_from_string(body: &str) -> Response<Vec<u8>> {
        .expect("Can't create HTTP response")
 }

-#[derive(uniffi::Enum)]
 pub enum RequestType {
    KeysQuery,
    KeysClaim,
@@ -253,7 +231,6 @@ pub enum RequestType {
    RoomMessage,
 }

-#[derive(uniffi::Record)]
 pub struct DeviceLists {
    pub changed: Vec<String>,
    pub left: Vec<String>,
@@ -276,7 +253,6 @@ impl From<DeviceLists> for RumaDeviceLists {
    }
 }

-#[derive(uniffi::Record)]
 pub struct KeysImportResult {
    /// The number of room keys that were imported.
    pub imported: i64,
@@ -341,16 +317,16 @@ impl From<RoomMessageResponse> for OwnedResponse {
    }
 }

-impl<'a> From<&'a OwnedResponse> for AnyIncomingResponse<'a> {
+impl<'a> From<&'a OwnedResponse> for IncomingResponse<'a> {
    fn from(r: &'a OwnedResponse) -> Self {
        match r {
-            OwnedResponse::KeysClaim(r) => AnyIncomingResponse::KeysClaim(r),
-            OwnedResponse::KeysQuery(r) => AnyIncomingResponse::KeysQuery(r),
-            OwnedResponse::KeysUpload(r) => AnyIncomingResponse::KeysUpload(r),
-            OwnedResponse::ToDevice(r) => AnyIncomingResponse::ToDevice(r),
-            OwnedResponse::SignatureUpload(r) => AnyIncomingResponse::SignatureUpload(r),
-            OwnedResponse::KeysBackup(r) => AnyIncomingResponse::KeysBackup(r),
-            OwnedResponse::RoomMessage(r) => AnyIncomingResponse::RoomMessage(r),
+            OwnedResponse::KeysClaim(r) => IncomingResponse::KeysClaim(r),
+            OwnedResponse::KeysQuery(r) => IncomingResponse::KeysQuery(r),
+            OwnedResponse::KeysUpload(r) => IncomingResponse::KeysUpload(r),
+            OwnedResponse::ToDevice(r) => IncomingResponse::ToDevice(r),
+            OwnedResponse::SignatureUpload(r) => IncomingResponse::SignatureUpload(r),
+            OwnedResponse::KeysBackup(r) => IncomingResponse::KeysBackup(r),
+            OwnedResponse::RoomMessage(r) => IncomingResponse::RoomMessage(r),
        }
    }
 }
@@ -1,10 +1,9 @@
-use matrix_sdk_crypto::{UserIdentity as SdkUserIdentity, types::CrossSigningKey};
+use matrix_sdk_crypto::{types::CrossSigningKey, UserIdentities};

 use crate::CryptoStoreError;

-/// Enum representing cross signing identity of our own user or some other
+/// Enum representing cross signing identities of our own user or some other
 /// user.
-#[derive(uniffi::Enum)]
 pub enum UserIdentity {
    /// Our own user identity.
    Own {
@@ -18,8 +17,6 @@ pub enum UserIdentity {
        user_signing_key: String,
        /// The public self-signing key of our identity.
        self_signing_key: String,
-        /// True if this identity was verified at some point but is not anymore.
-        has_verification_violation: bool,
    },
    /// The user identity of other users.
    Other {
@@ -29,15 +26,13 @@ pub enum UserIdentity {
        master_key: String,
        /// The public self-signing key of our identity.
        self_signing_key: String,
-        /// True if this identity was verified at some point but is not anymore.
-        has_verification_violation: bool,
    },
 }

 impl UserIdentity {
-    pub(crate) async fn from_rust(i: SdkUserIdentity) -> Result<Self, CryptoStoreError> {
+    pub(crate) async fn from_rust(i: UserIdentities) -> Result<Self, CryptoStoreError> {
        Ok(match i {
-            SdkUserIdentity::Own(i) => {
+            UserIdentities::Own(i) => {
                let master: CrossSigningKey = i.master_key().as_ref().to_owned();
                let user_signing: CrossSigningKey = i.user_signing_key().as_ref().to_owned();
                let self_signing: CrossSigningKey = i.self_signing_key().as_ref().to_owned();
@@ -48,10 +43,9 @@ impl UserIdentity {
                    master_key: serde_json::to_string(&master)?,
                    user_signing_key: serde_json::to_string(&user_signing)?,
                    self_signing_key: serde_json::to_string(&self_signing)?,
-                    has_verification_violation: i.has_verification_violation(),
                }
            }
-            SdkUserIdentity::Other(i) => {
+            UserIdentities::Other(i) => {
                let master: CrossSigningKey = i.master_key().as_ref().to_owned();
                let self_signing: CrossSigningKey = i.self_signing_key().as_ref().to_owned();

@@ -59,7 +53,6 @@ impl UserIdentity {
                    user_id: i.user_id().to_string(),
                    master_key: serde_json::to_string(&master)?,
                    self_signing_key: serde_json::to_string(&self_signing)?,
-                    has_verification_violation: i.has_verification_violation(),
                }
            }
        })
@@ -1,466 +1,105 @@
-use std::sync::Arc;
-
-use futures_util::{Stream, StreamExt};
-use matrix_sdk_common::executor::Handle;
 use matrix_sdk_crypto::{
-    CancelInfo as RustCancelInfo, QrVerification as InnerQr, QrVerificationState, Sas as InnerSas,
-    SasState as RustSasState, Verification as InnerVerification,
+    CancelInfo as RustCancelInfo, QrVerification as InnerQr, Sas as InnerSas,
    VerificationRequest as InnerVerificationRequest,
-    VerificationRequestState as RustVerificationRequestState,
-    matrix_sdk_qrcode::QrVerificationData,
 };
-use ruma::events::key::verification::VerificationMethod;
-use vodozemac::{base64_decode, base64_encode};

-use crate::{CryptoStoreError, OutgoingVerificationRequest, SignatureUploadRequest};
-
-/// Listener that will be passed over the FFI to report changes to a SAS
-/// verification.
-#[matrix_sdk_ffi_macros::export(callback_interface)]
-pub trait SasListener: Send {
-    /// The callback that should be called on the Rust side
-    ///
-    /// # Arguments
-    ///
-    /// * `state` - The current state of the SAS verification.
-    fn on_change(&self, state: SasState);
-}
-
-/// An Enum describing the state the SAS verification is in.
-#[derive(uniffi::Enum)]
-pub enum SasState {
-    /// The verification has been created, the protocols that should be used
-    /// have been proposed to the other party.
-    Created,
-    /// The verification has been started, the other party proposed the
-    /// protocols that should be used and that can be accepted.
-    Started,
-    /// The verification has been accepted and both sides agreed to a set of
-    /// protocols that will be used for the verification process.
-    Accepted,
-    /// The public keys have been exchanged and the short auth string can be
-    /// presented to the user.
-    KeysExchanged {
-        /// The emojis that represent the short auth string, will be `None` if
-        /// the emoji SAS method wasn't one of accepted protocols.
-        emojis: Option<Vec<i32>>,
-        /// The list of decimals that represent the short auth string.
-        decimals: Vec<i32>,
-    },
-    /// The verification process has been confirmed from our side, we're waiting
-    /// for the other side to confirm as well.
-    Confirmed,
-    /// The verification process has been successfully concluded.
-    Done,
-    /// The verification process has been cancelled.
-    Cancelled {
-        /// Information about the reason of the cancellation.
-        cancel_info: CancelInfo,
-    },
-}
-
-impl From<RustSasState> for SasState {
-    fn from(s: RustSasState) -> Self {
-        match s {
-            RustSasState::Created { .. } => Self::Created,
-            RustSasState::Started { .. } => Self::Started,
-            RustSasState::Accepted { .. } => Self::Accepted,
-            RustSasState::KeysExchanged { emojis, decimals } => Self::KeysExchanged {
-                emojis: emojis.map(|e| e.indices.map(|i| i as i32).to_vec()),
-                decimals: [decimals.0.into(), decimals.1.into(), decimals.2.into()].to_vec(),
-            },
-            RustSasState::Confirmed => Self::Confirmed,
-            RustSasState::Done { .. } => Self::Done,
-            RustSasState::Cancelled(c) => Self::Cancelled { cancel_info: c.into() },
-        }
-    }
-}
+use crate::{OutgoingVerificationRequest, SignatureUploadRequest};

 /// Enum representing the different verification flows we support.
-#[derive(uniffi::Object)]
-pub struct Verification {
-    pub(crate) inner: InnerVerification,
-    pub(crate) runtime: Handle,
-}
-
-#[matrix_sdk_ffi_macros::export]
-impl Verification {
-    /// Try to represent the `Verification` as an `Sas` verification object,
-    /// returns `None` if the verification is not a `Sas` verification.
-    pub fn as_sas(&self) -> Option<Arc<Sas>> {
-        if let InnerVerification::SasV1(sas) = &self.inner {
-            Some(Sas { inner: sas.clone(), runtime: self.runtime.to_owned() }.into())
-        } else {
-            None
-        }
-    }
-
-    /// Try to represent the `Verification` as an `QrCode` verification object,
-    /// returns `None` if the verification is not a `QrCode` verification.
-    pub fn as_qr(&self) -> Option<Arc<QrCode>> {
-        if let InnerVerification::QrV1(qr) = &self.inner {
-            Some(QrCode { inner: qr.clone(), runtime: self.runtime.to_owned() }.into())
-        } else {
-            None
-        }
-    }
+pub enum Verification {
+    /// The `m.sas.v1` verification flow.
+    SasV1 {
+        #[allow(missing_docs)]
+        sas: Sas,
+    },
+    /// The `m.qr_code.scan.v1`, `m.qr_code.show.v1`, and `m.reciprocate.v1`
+    /// verification flow.
+    QrCodeV1 {
+        #[allow(missing_docs)]
+        qrcode: QrCode,
+    },
 }

 /// The `m.sas.v1` verification flow.
-#[derive(uniffi::Object)]
 pub struct Sas {
-    pub(crate) inner: Box<InnerSas>,
-    pub(crate) runtime: Handle,
-}
-
-#[matrix_sdk_ffi_macros::export]
-impl Sas {
-    /// Get the user id of the other side.
-    pub fn other_user_id(&self) -> String {
-        self.inner.other_user_id().to_string()
-    }
-
-    /// Get the device ID of the other side.
-    pub fn other_device_id(&self) -> String {
-        self.inner.other_device_id().to_string()
-    }
-
-    /// Get the unique ID that identifies this SAS verification flow.
-    pub fn flow_id(&self) -> String {
-        self.inner.flow_id().as_str().to_owned()
-    }
-
-    /// Get the room id if the verification is happening inside a room.
-    pub fn room_id(&self) -> Option<String> {
-        self.inner.room_id().map(|r| r.to_string())
-    }
-
-    /// Is the SAS flow done.
-    pub fn is_done(&self) -> bool {
-        self.inner.is_done()
-    }
-
-    /// Did we initiate the verification flow.
-    pub fn we_started(&self) -> bool {
-        self.inner.we_started()
-    }
-
-    /// Accept that we're going forward with the short auth string verification.
-    pub fn accept(&self) -> Option<OutgoingVerificationRequest> {
-        self.inner.accept().map(|r| r.into())
-    }
-
-    /// Confirm a verification was successful.
-    ///
-    /// This method should be called if a short auth string should be confirmed
-    /// as matching.
-    pub fn confirm(&self) -> Result<Option<ConfirmVerificationResult>, CryptoStoreError> {
-        let (requests, signature_request) = self.runtime.block_on(self.inner.confirm())?;
-
-        let requests = requests.into_iter().map(|r| r.into()).collect();
-
-        Ok(Some(ConfirmVerificationResult {
-            requests,
-            signature_request: signature_request.map(|s| s.into()),
-        }))
-    }
-
-    /// Cancel the SAS verification using the given cancel code.
-    ///
-    /// # Arguments
-    ///
-    /// * `cancel_code` - The error code for why the verification was cancelled,
-    ///   manual cancellatio usually happens with `m.user` cancel code. The full
-    ///   list of cancel codes can be found in the [spec]
-    ///
-    /// [spec]: https://spec.matrix.org/unstable/client-server-api/#mkeyverificationcancel
-    pub fn cancel(&self, cancel_code: String) -> Option<OutgoingVerificationRequest> {
-        self.inner.cancel_with_code(cancel_code.into()).map(|r| r.into())
-    }
-
-    /// Get a list of emoji indices of the emoji representation of the short
-    /// auth string.
-    ///
-    /// *Note*: A SAS verification needs to be started and in the presentable
-    /// state for this to return the list of emoji indices, otherwise returns
-    /// `None`.
-    pub fn get_emoji_indices(&self) -> Option<Vec<i32>> {
-        self.inner.emoji_index().map(|v| v.iter().map(|i| (*i).into()).collect())
-    }
-
-    /// Get the decimal representation of the short auth string.
-    ///
-    /// *Note*: A SAS verification needs to be started and in the presentable
-    /// state for this to return the list of decimals, otherwise returns
-    /// `None`.
-    pub fn get_decimals(&self) -> Option<Vec<i32>> {
-        self.inner.decimals().map(|v| [v.0.into(), v.1.into(), v.2.into()].to_vec())
-    }
-
-    /// Set a listener for changes in the SAS verification process.
-    ///
-    /// The given callback will be called whenever the state changes.
-    ///
-    /// This method can be used to react to changes in the state of the
-    /// verification process, or rather the method can be used to handle
-    /// each step of the verification process.
-    ///
-    /// This method will spawn a tokio task on the Rust side, once we reach the
-    /// Done or Cancelled state, the task will stop listening for changes.
-    ///
-    /// # Flowchart
-    ///
-    /// The flow of the verification process is pictured below. Please note
-    /// that the process can be cancelled at each step of the process.
-    /// Either side can cancel the process.
-    ///
-    /// ```text
-    ///                ┌───────┐
-    ///                │Started│
-    ///                └───┬───┘
-    ///                    │
-    ///               ┌────⌄───┐
-    ///               │Accepted│
-    ///               └────┬───┘
-    ///                    │
-    ///            ┌───────⌄──────┐
-    ///            │Keys Exchanged│
-    ///            └───────┬──────┘
-    ///                    │
-    ///            ________⌄________
-    ///           ╱                 ╲       ┌─────────┐
-    ///          ╱   Does the short  ╲______│Cancelled│
-    ///          ╲ auth string match ╱ no   └─────────┘
-    ///           ╲_________________╱
-    ///                    │yes
-    ///                    │
-    ///               ┌────⌄────┐
-    ///               │Confirmed│
-    ///               └────┬────┘
-    ///                    │
-    ///                ┌───⌄───┐
-    ///                │  Done │
-    ///                └───────┘
-    /// ```
-    pub fn set_changes_listener(&self, listener: Box<dyn SasListener>) {
-        let stream = self.inner.changes();
-
-        self.runtime.spawn(Self::changes_listener(stream, listener));
-    }
-
-    /// Get the current state of the SAS verification process.
-    pub fn state(&self) -> SasState {
-        self.inner.state().into()
-    }
-}
-
-impl Sas {
-    async fn changes_listener(
-        mut stream: impl Stream<Item = RustSasState> + std::marker::Unpin,
-        listener: Box<dyn SasListener>,
-    ) {
-        while let Some(state) = stream.next().await {
-            // If we receive a done or a cancelled state we're at the end of our road, we
-            // break out of the loop to deallocate the stream and finish the
-            // task.
-            let should_break =
-                matches!(state, RustSasState::Done { .. } | RustSasState::Cancelled { .. });
-
-            listener.on_change(state.into());
-
-            if should_break {
-                break;
-            }
-        }
-    }
-}
-
-/// Listener that will be passed over the FFI to report changes to a QrCode
-/// verification.
-#[matrix_sdk_ffi_macros::export(callback_interface)]
-pub trait QrCodeListener: Send {
-    /// The callback that should be called on the Rust side
-    ///
-    /// # Arguments
-    ///
-    /// * `state` - The current state of the QrCode verification.
-    fn on_change(&self, state: QrCodeState);
-}
-
-/// An Enum describing the state the QrCode verification is in.
-#[derive(uniffi::Enum)]
-pub enum QrCodeState {
-    /// The QR verification has been started.
-    Started,
-    /// The QR verification has been scanned by the other side.
-    Scanned,
-    /// The scanning of the QR code has been confirmed by us.
-    Confirmed,
-    /// We have successfully scanned the QR code and are able to send a
-    /// reciprocation event.
-    Reciprocated,
-    /// The verification process has been successfully concluded.
-    Done,
-    /// The verification process has been cancelled.
-    Cancelled {
-        /// Information about the reason of the cancellation.
-        cancel_info: CancelInfo,
-    },
-}
-
-impl From<QrVerificationState> for QrCodeState {
-    fn from(value: QrVerificationState) -> Self {
-        match value {
-            QrVerificationState::Started => Self::Started,
-            QrVerificationState::Scanned => Self::Scanned,
-            QrVerificationState::Confirmed => Self::Confirmed,
-            QrVerificationState::Reciprocated => Self::Reciprocated,
-            QrVerificationState::Done { .. } => Self::Done,
-            QrVerificationState::Cancelled(c) => Self::Cancelled { cancel_info: c.into() },
-        }
-    }
+    /// The other user that is participating in the verification flow
+    pub other_user_id: String,
+    /// The other user's device that is participating in the verification flow
+    pub other_device_id: String,
+    /// The unique ID of this verification flow, will be a random string for
+    /// to-device events or a event ID for in-room events.
+    pub flow_id: String,
+    /// The room ID where this verification is happening, will be `None` if the
+    /// verification is going through to-device messages
+    pub room_id: Option<String>,
+    /// Did we initiate the verification flow
+    pub we_started: bool,
+    /// Has the non-initiating side accepted the verification flow
+    pub has_been_accepted: bool,
+    /// Can the short auth string be presented
+    pub can_be_presented: bool,
+    /// Does the flow support the emoji representation of the short auth string
+    pub supports_emoji: bool,
+    /// Have we confirmed that the short auth strings match
+    pub have_we_confirmed: bool,
+    /// Has the verification completed successfully
+    pub is_done: bool,
+    /// Has the flow been cancelled
+    pub is_cancelled: bool,
+    /// Information about the cancellation of the flow, will be `None` if the
+    /// flow hasn't been cancelled
+    pub cancel_info: Option<CancelInfo>,
 }

 /// The `m.qr_code.scan.v1`, `m.qr_code.show.v1`, and `m.reciprocate.v1`
 /// verification flow.
-#[derive(uniffi::Object)]
 pub struct QrCode {
-    pub(crate) inner: Box<InnerQr>,
-    pub(crate) runtime: Handle,
+    /// The other user that is participating in the verification flow
+    pub other_user_id: String,
+    /// The other user's device that is participating in the verification flow
+    pub other_device_id: String,
+    /// The unique ID of this verification flow, will be a random string for
+    /// to-device events or a event ID for in-room events.
+    pub flow_id: String,
+    /// The room ID where this verification is happening, will be `None` if the
+    /// verification is going through to-device messages
+    pub room_id: Option<String>,
+    /// Did we initiate the verification flow
+    pub we_started: bool,
+    /// Has the QR code been scanned by the other side
+    pub other_side_scanned: bool,
+    /// Has the scanning of the QR code been confirmed by us
+    pub has_been_confirmed: bool,
+    /// Did we scan the QR code and sent out a reciprocation
+    pub reciprocated: bool,
+    /// Has the verification completed successfully
+    pub is_done: bool,
+    /// Has the flow been cancelled
+    pub is_cancelled: bool,
+    /// Information about the cancellation of the flow, will be `None` if the
+    /// flow hasn't been cancelled
+    pub cancel_info: Option<CancelInfo>,
 }

-#[matrix_sdk_ffi_macros::export]
-impl QrCode {
-    /// Get the user id of the other side.
-    pub fn other_user_id(&self) -> String {
-        self.inner.other_user_id().to_string()
-    }
-
-    /// Get the device ID of the other side.
-    pub fn other_device_id(&self) -> String {
-        self.inner.other_device_id().to_string()
-    }
-
-    /// Get the unique ID that identifies this QR code verification flow.
-    pub fn flow_id(&self) -> String {
-        self.inner.flow_id().as_str().to_owned()
-    }
-
-    /// Get the room id if the verification is happening inside a room.
-    pub fn room_id(&self) -> Option<String> {
-        self.inner.room_id().map(|r| r.to_string())
-    }
-
-    /// Is the QR code verification done.
-    pub fn is_done(&self) -> bool {
-        self.inner.is_done()
-    }
-
-    /// Has the verification flow been cancelled.
-    pub fn is_cancelled(&self) -> bool {
-        self.inner.is_cancelled()
-    }
-
-    /// Did we initiate the verification flow.
-    pub fn we_started(&self) -> bool {
-        self.inner.we_started()
-    }
-
-    /// Get the CancelInfo of this QR code verification object.
-    ///
-    /// Will be `None` if the flow has not been cancelled.
-    pub fn cancel_info(&self) -> Option<CancelInfo> {
-        self.inner.cancel_info().map(|c| c.into())
-    }
-
-    /// Has the QR verification been scanned by the other side.
-    ///
-    /// When the verification object is in this state it's required that the
-    /// user confirms that the other side has scanned the QR code.
-    pub fn has_been_scanned(&self) -> bool {
-        self.inner.has_been_scanned()
-    }
-
-    /// Have we successfully scanned the QR code and are able to send a
-    /// reciprocation event.
-    pub fn reciprocated(&self) -> bool {
-        self.inner.reciprocated()
-    }
-
-    /// Cancel the QR code verification using the given cancel code.
-    ///
-    /// # Arguments
-    ///
-    /// * `cancel_code` - The error code for why the verification was cancelled,
-    ///   manual cancellatio usually happens with `m.user` cancel code. The full
-    ///   list of cancel codes can be found in the [spec]
-    ///
-    /// [spec]: https://spec.matrix.org/unstable/client-server-api/#mkeyverificationcancel
-    pub fn cancel(&self, cancel_code: String) -> Option<OutgoingVerificationRequest> {
-        self.inner.cancel_with_code(cancel_code.into()).map(|r| r.into())
-    }
-
-    /// Confirm a verification was successful.
-    ///
-    /// This method should be called if we want to confirm that the other side
-    /// has scanned our QR code.
-    pub fn confirm(&self) -> Option<ConfirmVerificationResult> {
-        self.inner.confirm_scanning().map(|r| ConfirmVerificationResult {
-            requests: vec![r.into()],
-            signature_request: None,
-        })
-    }
-
-    /// Generate data that should be encoded as a QR code.
-    ///
-    /// This method should be called right before a QR code should be displayed,
-    /// the returned data is base64 encoded (without padding) and needs to be
-    /// decoded on the other side before it can be put through a QR code
-    /// generator.
-    pub fn generate_qr_code(&self) -> Option<String> {
-        self.inner.to_bytes().map(base64_encode).ok()
-    }
-
-    /// Set a listener for changes in the QrCode verification process.
-    ///
-    /// The given callback will be called whenever the state changes.
-    pub fn set_changes_listener(&self, listener: Box<dyn QrCodeListener>) {
-        let stream = self.inner.changes();
-
-        self.runtime.spawn(Self::changes_listener(stream, listener));
-    }
-
-    /// Get the current state of the QrCode verification process.
-    pub fn state(&self) -> QrCodeState {
-        self.inner.state().into()
-    }
-}
-
-impl QrCode {
-    async fn changes_listener(
-        mut stream: impl Stream<Item = QrVerificationState> + std::marker::Unpin,
-        listener: Box<dyn QrCodeListener>,
-    ) {
-        while let Some(state) = stream.next().await {
-            // If we receive a done or a cancelled state we're at the end of our road, we
-            // break out of the loop to deallocate the stream and finish the
-            // task.
-            let should_break = matches!(
-                state,
-                QrVerificationState::Done { .. } | QrVerificationState::Cancelled { .. }
-            );
-
-            listener.on_change(state.into());
-
-            if should_break {
-                break;
-            }
+impl From<InnerQr> for QrCode {
+    fn from(qr: InnerQr) -> Self {
+        Self {
+            other_user_id: qr.other_user_id().to_string(),
+            flow_id: qr.flow_id().as_str().to_owned(),
+            is_cancelled: qr.is_cancelled(),
+            is_done: qr.is_done(),
+            cancel_info: qr.cancel_info().map(|c| c.into()),
+            reciprocated: qr.reciprocated(),
+            we_started: qr.we_started(),
+            other_side_scanned: qr.has_been_scanned(),
+            has_been_confirmed: qr.has_been_confirmed(),
+            other_device_id: qr.other_device_id().to_string(),
+            room_id: qr.room_id().map(|r| r.to_string()),
        }
    }
 }

 /// Information on why a verification flow has been cancelled and by whom.
-#[derive(uniffi::Record)]
 pub struct CancelInfo {
    /// The textual representation of the cancel reason
    pub reason: String,
@@ -481,37 +120,52 @@ impl From<RustCancelInfo> for CancelInfo {
 }

 /// A result type for starting SAS verifications.
-#[derive(uniffi::Record)]
 pub struct StartSasResult {
    /// The SAS verification object that got created.
-    pub sas: Arc<Sas>,
+    pub sas: Sas,
    /// The request that needs to be sent out to notify the other side that a
    /// SAS verification should start.
    pub request: OutgoingVerificationRequest,
 }

 /// A result type for scanning QR codes.
-#[derive(uniffi::Record)]
 pub struct ScanResult {
    /// The QR code verification object that got created.
-    pub qr: Arc<QrCode>,
+    pub qr: QrCode,
    /// The request that needs to be sent out to notify the other side that a
    /// QR code verification should start.
    pub request: OutgoingVerificationRequest,
 }

+impl From<InnerSas> for Sas {
+    fn from(sas: InnerSas) -> Self {
+        Self {
+            other_user_id: sas.other_user_id().to_string(),
+            other_device_id: sas.other_device_id().to_string(),
+            flow_id: sas.flow_id().as_str().to_owned(),
+            is_cancelled: sas.is_cancelled(),
+            is_done: sas.is_done(),
+            can_be_presented: sas.can_be_presented(),
+            supports_emoji: sas.supports_emoji(),
+            have_we_confirmed: sas.have_we_confirmed(),
+            we_started: sas.we_started(),
+            room_id: sas.room_id().map(|r| r.to_string()),
+            has_been_accepted: sas.has_been_accepted(),
+            cancel_info: sas.cancel_info().map(|c| c.into()),
+        }
+    }
+}
+
 /// A result type for requesting verifications.
-#[derive(uniffi::Record)]
 pub struct RequestVerificationResult {
    /// The verification request object that got created.
-    pub verification: Arc<VerificationRequest>,
+    pub verification: VerificationRequest,
    /// The request that needs to be sent out to notify the other side that
    /// we're requesting verification to begin.
    pub request: OutgoingVerificationRequest,
 }

 /// A result type for confirming verifications.
-#[derive(uniffi::Record)]
 pub struct ConfirmVerificationResult {
    /// The requests that needs to be sent out to notify the other side that we
    /// confirmed the verification.
@@ -521,287 +175,58 @@ pub struct ConfirmVerificationResult {
    pub signature_request: Option<SignatureUploadRequest>,
 }

-/// Listener that will be passed over the FFI to report changes to a
-/// verification request.
-#[matrix_sdk_ffi_macros::export(callback_interface)]
-pub trait VerificationRequestListener: Send {
-    /// The callback that should be called on the Rust side
-    ///
-    /// # Arguments
-    ///
-    /// * `state` - The current state of the verification request.
-    fn on_change(&self, state: VerificationRequestState);
-}
-
-/// An Enum describing the state the QrCode verification is in.
-#[derive(uniffi::Enum)]
-pub enum VerificationRequestState {
-    /// The verification request was sent
-    Requested,
-    /// The verification request is ready to start a verification flow.
-    Ready {
-        /// The verification methods supported by the other side.
-        their_methods: Vec<String>,
-
-        /// The verification methods supported by the us.
-        our_methods: Vec<String>,
-    },
-    /// The verification flow that was started with this request has finished.
-    Done,
-    /// The verification process has been cancelled.
-    Cancelled {
-        /// Information about the reason of the cancellation.
-        cancel_info: CancelInfo,
-    },
-}
-
 /// The verificatoin request object which then can transition into some concrete
 /// verification method
-#[derive(uniffi::Object)]
 pub struct VerificationRequest {
-    pub(crate) inner: InnerVerificationRequest,
-    pub(crate) runtime: Handle,
+    /// The other user that is participating in the verification flow
+    pub other_user_id: String,
+    /// The other user's device that is participating in the verification flow
+    pub other_device_id: Option<String>,
+    /// The unique ID of this verification flow, will be a random string for
+    /// to-device events or a event ID for in-room events.
+    pub flow_id: String,
+    /// The room ID where this verification is happening, will be `None` if the
+    /// verification is going through to-device messages
+    pub room_id: Option<String>,
+    /// Did we initiate the verification flow
+    pub we_started: bool,
+    /// Did both parties aggree to verification
+    pub is_ready: bool,
+    /// Did another device respond to the verification request
+    pub is_passive: bool,
+    /// Has the verification completed successfully
+    pub is_done: bool,
+    /// Has the flow been cancelled
+    pub is_cancelled: bool,
+    /// The list of verification methods that the other side advertised as
+    /// supported
+    pub their_methods: Option<Vec<String>>,
+    /// The list of verification methods that we advertised as supported
+    pub our_methods: Option<Vec<String>>,
+    /// Information about the cancellation of the flow, will be `None` if the
+    /// flow hasn't been cancelled
+    pub cancel_info: Option<CancelInfo>,
 }

-#[matrix_sdk_ffi_macros::export]
-impl VerificationRequest {
-    /// The id of the other user that is participating in this verification
-    /// request.
-    pub fn other_user_id(&self) -> String {
-        self.inner.other_user().to_string()
-    }
-
-    /// The id of the other device that is participating in this verification.
-    pub fn other_device_id(&self) -> Option<String> {
-        self.inner.other_device_id().map(|d| d.to_string())
-    }
-
-    /// Get the unique ID of this verification request
-    pub fn flow_id(&self) -> String {
-        self.inner.flow_id().as_str().to_owned()
-    }
-
-    /// Get the room id if the verification is happening inside a room.
-    pub fn room_id(&self) -> Option<String> {
-        self.inner.room_id().map(|r| r.to_string())
-    }
-
-    /// Has the verification flow that was started with this request finished.
-    pub fn is_done(&self) -> bool {
-        self.inner.is_done()
-    }
-
-    /// Is the verification request ready to start a verification flow.
-    pub fn is_ready(&self) -> bool {
-        self.inner.is_ready()
-    }
-
-    /// Did we initiate the verification request
-    pub fn we_started(&self) -> bool {
-        self.inner.we_started()
-    }
-
-    /// Has the verification request been answered by another device.
-    pub fn is_passive(&self) -> bool {
-        self.inner.is_passive()
-    }
-
-    /// Has the verification flow that been cancelled.
-    pub fn is_cancelled(&self) -> bool {
-        self.inner.is_cancelled()
-    }
-
-    /// Get info about the cancellation if the verification request has been
-    /// cancelled.
-    pub fn cancel_info(&self) -> Option<CancelInfo> {
-        self.inner.cancel_info().map(|v| v.into())
-    }
-
-    /// Get the supported verification methods of the other side.
-    ///
-    /// Will be present only if the other side requested the verification or if
-    /// we're in the ready state.
-    pub fn their_supported_methods(&self) -> Option<Vec<String>> {
-        self.inner.their_supported_methods().map(|m| m.iter().map(|m| m.to_string()).collect())
-    }
-
-    /// Get our own supported verification methods that we advertised.
-    ///
-    /// Will be present only we requested the verification or if we're in the
-    /// ready state.
-    pub fn our_supported_methods(&self) -> Option<Vec<String>> {
-        self.inner.our_supported_methods().map(|m| m.iter().map(|m| m.to_string()).collect())
-    }
-
-    /// Accept a verification requests that we share with the given user with
-    /// the given flow id.
-    ///
-    /// This will move the verification request into the ready state.
-    ///
-    /// # Arguments
-    ///
-    /// * `user_id` - The ID of the user for which we would like to accept the
-    ///   verification requests.
-    ///
-    /// * `flow_id` - The ID that uniquely identifies the verification flow.
-    ///
-    /// * `methods` - A list of verification methods that we want to advertise
-    ///   as supported.
-    pub fn accept(&self, methods: Vec<String>) -> Option<OutgoingVerificationRequest> {
-        let methods = methods.into_iter().map(VerificationMethod::from).collect();
-        self.inner.accept_with_methods(methods).map(|r| r.into())
-    }
-
-    /// Cancel a verification for the given user with the given flow id using
-    /// the given cancel code.
-    pub fn cancel(&self) -> Option<OutgoingVerificationRequest> {
-        self.inner.cancel().map(|r| r.into())
-    }
-
-    /// Transition from a verification request into short auth string based
-    /// verification.
-    ///
-    /// # Arguments
-    ///
-    /// * `user_id` - The ID of the user for which we would like to start the
-    ///   SAS verification.
-    ///
-    /// * `flow_id` - The ID of the verification request that initiated the
-    ///   verification flow.
-    pub fn start_sas_verification(&self) -> Result<Option<StartSasResult>, CryptoStoreError> {
-        Ok(self.runtime.block_on(self.inner.start_sas())?.map(|(sas, r)| StartSasResult {
-            sas: Arc::new(Sas { inner: Box::new(sas), runtime: self.runtime.clone() }),
-            request: r.into(),
-        }))
-    }
-
-    /// Transition from a verification request into QR code verification.
-    ///
-    /// This method should be called when one wants to display a QR code so the
-    /// other side can scan it and move the QR code verification forward.
-    ///
-    /// # Arguments
-    ///
-    /// * `user_id` - The ID of the user for which we would like to start the QR
-    ///   code verification.
-    ///
-    /// * `flow_id` - The ID of the verification request that initiated the
-    ///   verification flow.
-    pub fn start_qr_verification(&self) -> Result<Option<Arc<QrCode>>, CryptoStoreError> {
-        Ok(self
-            .runtime
-            .block_on(self.inner.generate_qr_code())?
-            .map(|qr| QrCode { inner: Box::new(qr), runtime: self.runtime.clone() }.into()))
-    }
-
-    /// Pass data from a scanned QR code to an active verification request and
-    /// transition into QR code verification.
-    ///
-    /// This requires an active `VerificationRequest` to succeed, returns `None`
-    /// if no `VerificationRequest` is found or if the QR code data is invalid.
-    ///
-    /// # Arguments
-    ///
-    /// * `user_id` - The ID of the user for which we would like to start the QR
-    ///   code verification.
-    ///
-    /// * `flow_id` - The ID of the verification request that initiated the
-    ///   verification flow.
-    ///
-    /// * `data` - The data that was extracted from the scanned QR code as an
-    ///   base64 encoded string, without padding.
-    pub fn scan_qr_code(&self, data: String) -> Option<ScanResult> {
-        let data = base64_decode(data).ok()?;
-        let data = QrVerificationData::from_bytes(data).ok()?;
-
-        if let Some(qr) = self.runtime.block_on(self.inner.scan_qr_code(data)).ok()? {
-            let request = qr.reciprocate()?;
-
-            Some(ScanResult {
-                qr: QrCode { inner: Box::new(qr), runtime: self.runtime.clone() }.into(),
-                request: request.into(),
-            })
-        } else {
-            None
-        }
-    }
-
-    /// Set a listener for changes in the verification request
-    ///
-    /// The given callback will be called whenever the state changes.
-    pub fn set_changes_listener(&self, listener: Box<dyn VerificationRequestListener>) {
-        let stream = self.inner.changes();
-
-        self.runtime.spawn(Self::changes_listener(self.inner.to_owned(), stream, listener));
-    }
-
-    /// Get the current state of the verification request.
-    pub fn state(&self) -> VerificationRequestState {
-        Self::convert_verification_request(&self.inner, self.inner.state())
-    }
-}
-
-impl VerificationRequest {
-    fn convert_verification_request(
-        request: &InnerVerificationRequest,
-        value: RustVerificationRequestState,
-    ) -> VerificationRequestState {
-        match value {
-            // The clients do not need to distinguish `Created` and `Requested` state
-            RustVerificationRequestState::Created { .. } => VerificationRequestState::Requested,
-            RustVerificationRequestState::Requested { .. } => VerificationRequestState::Requested,
-            RustVerificationRequestState::Ready {
-                their_methods,
-                our_methods,
-                other_device_data: _,
-            } => VerificationRequestState::Ready {
-                their_methods: their_methods.iter().map(|m| m.to_string()).collect(),
-                our_methods: our_methods.iter().map(|m| m.to_string()).collect(),
-            },
-            RustVerificationRequestState::Done => VerificationRequestState::Done,
-            RustVerificationRequestState::Transitioned { .. } => {
-                let their_methods = request
-                    .their_supported_methods()
-                    .expect("The transitioned state should know the other side's methods")
-                    .into_iter()
-                    .map(|m| m.to_string())
-                    .collect();
-                let our_methods = request
-                    .our_supported_methods()
-                    .expect("The transitioned state should know our own supported methods")
-                    .iter()
-                    .map(|m| m.to_string())
-                    .collect();
-                VerificationRequestState::Ready { their_methods, our_methods }
-            }
-
-            RustVerificationRequestState::Cancelled(c) => {
-                VerificationRequestState::Cancelled { cancel_info: c.into() }
-            }
-        }
-    }
-
-    async fn changes_listener(
-        request: InnerVerificationRequest,
-        mut stream: impl Stream<Item = RustVerificationRequestState> + std::marker::Unpin,
-        listener: Box<dyn VerificationRequestListener>,
-    ) {
-        while let Some(state) = stream.next().await {
-            // If we receive a done or a cancelled state we're at the end of our road, we
-            // break out of the loop to deallocate the stream and finish the
-            // task.
-            let should_break = matches!(
-                state,
-                RustVerificationRequestState::Done | RustVerificationRequestState::Cancelled { .. }
-            );
-
-            let state = Self::convert_verification_request(&request, state);
-
-            listener.on_change(state);
-
-            if should_break {
-                break;
-            }
+impl From<InnerVerificationRequest> for VerificationRequest {
+    fn from(v: InnerVerificationRequest) -> Self {
+        Self {
+            other_user_id: v.other_user().to_string(),
+            other_device_id: v.other_device_id().map(|d| d.to_string()),
+            flow_id: v.flow_id().as_str().to_owned(),
+            is_cancelled: v.is_cancelled(),
+            is_done: v.is_done(),
+            is_ready: v.is_ready(),
+            room_id: v.room_id().map(|r| r.to_string()),
+            we_started: v.we_started(),
+            is_passive: v.is_passive(),
+            cancel_info: v.cancel_info().map(|c| c.into()),
+            their_methods: v
+                .their_supported_methods()
+                .map(|v| v.into_iter().map(|m| m.to_string()).collect()),
+            our_methods: v
+                .our_supported_methods()
+                .map(|v| v.into_iter().map(|m| m.to_string()).collect()),
        }
    }
 }
@@ -1,3 +0,0 @@
-fn main() {
-    uniffi::uniffi_bindgen_main()
-}
@@ -1,6 +1,2 @@
-[bindings.kotlin]
-package_name = "org.matrix.rustcomponents.sdk.crypto"
-cdylib_name = "matrix_sdk_crypto_ffi"
-
 [bindings.swift]
 module_name = "MatrixSDKCrypto"
@@ -0,0 +1,2 @@
+[build]
+target = "wasm32-unknown-unknown"
@@ -0,0 +1,3 @@
+/docs
+/node_modules
+/package-lock.json
@@ -0,0 +1,45 @@
+[package]
+name = "matrix-sdk-crypto-js"
+description = "Matrix encryption library, for JavaScript"
+authors = ["Ivan Enderlin <ivane@element.io>"]
+edition = "2021"
+homepage = "https://github.com/matrix-org/matrix-rust-sdk"
+keywords = ["matrix", "chat", "messaging", "ruma", "nio"]
+license = "Apache-2.0"
+readme = "README.md"
+repository = "https://github.com/matrix-org/matrix-rust-sdk"
+rust-version = "1.60"
+version = "0.1.0-alpha.0"
+publish = false
+
+[package.metadata.docs.rs]
+rustdoc-args = ["--cfg", "docsrs"]
+
+[package.metadata.wasm-pack.profile.release]
+wasm-opt = ['-Oz']
+
+[lib]
+crate-type = ["cdylib"]
+
+[features]
+default = ["tracing", "qrcode"]
+qrcode = ["matrix-sdk-crypto/qrcode", "dep:matrix-sdk-qrcode"]
+tracing = []
+
+[dependencies]
+matrix-sdk-common = { version = "0.6.0", path = "../../crates/matrix-sdk-common", features = ["js"] }
+matrix-sdk-crypto = { version = "0.6.0", path = "../../crates/matrix-sdk-crypto", features = ["js"] }
+matrix-sdk-indexeddb = { version = "0.2.0", path = "../../crates/matrix-sdk-indexeddb", features = ["experimental-nodejs"] }
+matrix-sdk-qrcode = { version = "0.4.0", path = "../../crates/matrix-sdk-qrcode", optional = true }
+ruma = { version = "0.7.0", features = ["client-api-c", "js", "rand", "unstable-msc2676", "unstable-msc2677"] }
+vodozemac = { version = "0.3.0", features = ["js"] }
+wasm-bindgen = "0.2.80"
+wasm-bindgen-futures = "0.4.30"
+js-sys = "0.3.49"
+console_error_panic_hook = "0.1.7"
+serde_json = "1.0.79"
+http = "0.2.6"
+anyhow = "1.0.58"
+tracing = { version = "0.1.35", default-features = false, features = ["attributes"] }
+tracing-subscriber = { version = "0.3.14", default-features = false, features = ["registry", "std"] }
+zeroize = "1.3.0"
@@ -0,0 +1,59 @@
+# `matrix-sdk-crypto-js`
+
+Welcome to the [WebAssembly] + JavaScript binding for the Rust
+[`matrix-sdk-crypto`] library! WebAssembly can run anywhere, but these
+bindings are designed to run on a JavaScript host. These bindings are
+part of the [`matrix-rust-sdk`] project, which is a library
+implementation of a [Matrix] client-server.
+
+`matrix-sdk-crypto` is a no-network-IO implementation of a state
+machine, named `OlmMachine`, that handles E2EE ([End-to-End
+Encryption](https://en.wikipedia.org/wiki/End-to-end_encryption)) for
+[Matrix] clients.
+
+## Usage
+
+These WebAssembly bindings are written in [Rust]. To build them, you
+need to install the Rust compiler, see [the Install Rust
+Page](https://www.rust-lang.org/tools/install). Then, the workflow is
+pretty classical by using [npm], see [the Downloading and installing
+Node.js and npm
+Page](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm).
+
+Once the Rust compiler, Node.js and npm are installed, you can run the
+following commands:
+
+```sh
+$ npm install
+$ npm run build
+$ npm run test
+```
+
+A `matrix_sdk_crypto.js`, `matrix_sdk_crypto.d.ts` and a
+`matrix_sdk_crypto_bg.wasm` files should be generated in the `pkg/`
+directory.
+
+TBD
+
+## Documentation
+
+[The documentation can be found
+online](https://matrix-org.github.io/matrix-rust-sdk/bindings/matrix-sdk-crypto-js/).
+
+To generate the documentation locally, please run the following
+command:
+
+```sh
+$ npm run doc
+```
+
+The documentation is generated in the `./docs` directory.
+
+
+
+[WebAssembly]: https://webassembly.org/
+[`matrix-sdk-crypto`]: https://github.com/matrix-org/matrix-rust-sdk/tree/main/crates/matrix-sdk-crypto
+[`matrix-rust-sdk`]: https://github.com/matrix-org/matrix-rust-sdk
+[Matrix]: https://matrix.org/
+[Rust]: https://www.rust-lang.org/
+[npm]: https://www.npmjs.com/
@@ -0,0 +1,61 @@
+# configuration file for git-cliff (0.1.0)
+
+[changelog]
+# changelog header
+header = """
+# Matrix SDK Crypto JavaScript Changelog\n
+All notable changes to this project will be documented in this file.\n
+"""
+# template for the changelog body
+# https://tera.netlify.app/docs/#introduction
+body = """
+{% if version %}\
+    ## [{{ version | trim_start_matches(pat="v") }}] - {{ timestamp | date(format="%Y-%m-%d") }}
+{% else %}\
+    ## [unreleased]
+{% endif %}\
+{% for group, commits in commits | filter(attribute="scope", value="crypto-js") | group_by(attribute="group") %}
+    ### {{ group | upper_first }}
+    {% for commit in commits %}
+        - {% if commit.breaking %}[**breaking**] {% endif %}{{ commit.message | upper_first }}\
+    {% endfor %}
+{% endfor %}\n
+"""
+# remove the leading and trailing whitespace from the template
+trim = true
+# changelog footer
+footer = """
+"""
+
+[git]
+# parse the commits based on https://www.conventionalcommits.org
+conventional_commits = true
+# filter out the commits that are not conventional
+filter_unconventional = true
+# regex for preprocessing the commit messages
+commit_preprocessors = [
+    { pattern = '\((\w+\s)?#([0-9]+)\)', replace = "([#${2}](https://github.com/matrix-org/matrix-rust-sdk/issues/${2}))"},
+]
+# regex for parsing and grouping commits
+commit_parsers = [
+    { message = "^feat", group = "Features"},
+    { message = "^fix", group = "Bug Fixes"},
+    { message = "^test", group = "Testing"},
+    { message = "^doc", group = "Documentation"},
+    { message = "^refactor", group = "Refactoring"},
+    { message = "^ci", group = "Continuous Integration"},
+    { message = "^chore", group = "Miscellaneous Tasks"},
+    { body = ".*security", group = "Security"},
+]
+# filter out the commits that are not matched by commit parsers
+filter_commits = false
+# glob pattern for matching git tags
+tag_pattern = "v[0-9]*"
+# regex for skipping tags
+skip_tags = ""
+# regex for ignoring tags
+ignore_tags = ""
+# sort the tags chronologically
+date_order = false
+# sort the commits inside sections by oldest/newest order
+sort_commits = "oldest"
@@ -0,0 +1,48 @@
+{
+    "name": "@matrix-org/matrix-sdk-crypto-js",
+    "version": "0.1.0-alpha.0",
+    "homepage": "https://github.com/matrix-org/matrix-rust-sdk",
+    "description": "Matrix encryption library, for JavaScript",
+    "license": "Apache-2.0",
+    "collaborators": [
+        "Ivan Enderlin <ivane@element.io>"
+    ],
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/matrix-org/matrix-rust-sdk"
+    },
+    "keywords": [
+        "matrix",
+        "chat",
+        "messaging",
+        "ruma",
+        "nio"
+    ],
+    "main": "matrix_sdk_crypto.js",
+    "types": "pkg/matrix_sdk_crypto.d.ts",
+    "files": [
+        "pkg/matrix_sdk_crypto_bg.wasm",
+        "pkg/matrix_sdk_crypto.js",
+        "pkg/matrix_sdk_crypto.d.ts"
+    ],
+    "devDependencies": {
+        "cross-env": "^7.0.3",
+        "fake-indexeddb": "^4.0",
+        "jest": "^28.1.0",
+        "typedoc": "^0.22.17",
+        "wasm-pack": "^0.10.2",
+        "yargs-parser": "~21.0.1"
+    },
+    "engines": {
+        "node": ">= 10"
+    },
+    "scripts": {
+        "build": "cross-env RUSTFLAGS='-C opt-level=z' wasm-pack build --release --target nodejs --scope matrix-org --out-dir ./pkg",
+        "test": "jest --verbose",
+        "doc": "typedoc --tsconfig .",
+        "prepack": "npm run build && npm run test",
+        "pack": "wasm-pack pack",
+        "prepublish": "npm run pack",
+        "publish": "wasm-pack publish"
+    }
+}
@@ -0,0 +1,124 @@
+//! Attachment API.
+
+use std::io::{Cursor, Read};
+
+use wasm_bindgen::prelude::*;
+
+/// A type to encrypt and to decrypt anything that can fit in an
+/// `Uint8Array`, usually big buffer.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct Attachment;
+
+#[wasm_bindgen]
+impl Attachment {
+    /// Encrypt the content of the `Uint8Array`.
+    ///
+    /// It produces an `EncryptedAttachment`, which can be used to
+    /// retrieve the media encryption information, or the encrypted
+    /// data.
+    #[wasm_bindgen]
+    pub fn encrypt(array: &[u8]) -> Result<EncryptedAttachment, JsError> {
+        let mut cursor = Cursor::new(array);
+        let mut encryptor = matrix_sdk_crypto::AttachmentEncryptor::new(&mut cursor);
+
+        let mut encrypted_data = Vec::new();
+        encryptor.read_to_end(&mut encrypted_data)?;
+
+        let media_encryption_info = Some(encryptor.finish());
+
+        Ok(EncryptedAttachment { encrypted_data, media_encryption_info })
+    }
+
+    /// Decrypt an `EncryptedAttachment`.
+    ///
+    /// The encrypted attachment can be created manually, or from the
+    /// `encrypt` method.
+    ///
+    /// **Warning**: The encrypted attachment can be used only
+    /// **once**! The encrypted data will still be present, but the
+    /// media encryption info (which contain secrets) will be
+    /// destroyed. It is still possible to get a JSON-encoded backup
+    /// by calling `EncryptedAttachment.mediaEncryptionInfo`.
+    pub fn decrypt(attachment: &mut EncryptedAttachment) -> Result<Vec<u8>, JsError> {
+        let media_encryption_info = match attachment.media_encryption_info.take() {
+            Some(media_encryption_info) => media_encryption_info,
+            None => {
+                return Err(JsError::new(
+                    "The media encryption info are absent from the given encrypted attachment",
+                ))
+            }
+        };
+
+        let encrypted_data: &[u8] = attachment.encrypted_data.as_slice();
+
+        let mut cursor = Cursor::new(encrypted_data);
+        let mut decryptor =
+            matrix_sdk_crypto::AttachmentDecryptor::new(&mut cursor, media_encryption_info)?;
+
+        let mut decrypted_data = Vec::new();
+        decryptor.read_to_end(&mut decrypted_data)?;
+
+        Ok(decrypted_data)
+    }
+}
+
+/// An encrypted attachment, usually created from `Attachment.encrypt`.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct EncryptedAttachment {
+    media_encryption_info: Option<matrix_sdk_crypto::MediaEncryptionInfo>,
+    encrypted_data: Vec<u8>,
+}
+
+#[wasm_bindgen]
+impl EncryptedAttachment {
+    /// Create a new encrypted attachment manually.
+    ///
+    /// It needs encrypted data, stored in an `Uint8Array`, and a
+    /// [media encryption
+    /// information](https://docs.rs/matrix-sdk-crypto/latest/matrix_sdk_crypto/struct.MediaEncryptionInfo.html),
+    /// as a JSON-encoded string.
+    ///
+    /// The media encryption information aren't stored as a string:
+    /// they are parsed, validated and fully deserialized.
+    ///
+    /// See [the specification to learn
+    /// more](https://spec.matrix.org/unstable/client-server-api/#extensions-to-mroommessage-msgtypes).
+    #[wasm_bindgen(constructor)]
+    pub fn new(
+        encrypted_data: Vec<u8>,
+        media_encryption_info: &str,
+    ) -> Result<EncryptedAttachment, JsError> {
+        Ok(Self {
+            encrypted_data,
+            media_encryption_info: Some(serde_json::from_str(media_encryption_info)?),
+        })
+    }
+
+    /// The actual encrypted data.
+    ///
+    /// **Warning**: It returns a **copy** of the entire encrypted
+    /// data; be nice with your memory.
+    #[wasm_bindgen(getter, js_name = "encryptedData")]
+    pub fn encrypted_data(&self) -> Vec<u8> {
+        self.encrypted_data.clone()
+    }
+
+    /// Return the media encryption info as a JSON-encoded string. The
+    /// structure is fully valid.
+    ///
+    /// If the media encryption info have been consumed already, it
+    /// will return `null`.
+    #[wasm_bindgen(getter, js_name = "mediaEncryptionInfo")]
+    pub fn media_encryption_info(&self) -> Option<String> {
+        serde_json::to_string(self.media_encryption_info.as_ref()?).ok()
+    }
+
+    /// Check whether the media encryption info has been consumed by
+    /// `Attachment.decrypt` already.
+    #[wasm_bindgen(getter, js_name = "hasMediaEncryptionInfoBeenConsumed")]
+    pub fn has_media_encryption_info_been_consumed(&self) -> bool {
+        self.media_encryption_info.is_none()
+    }
+}
@@ -0,0 +1,249 @@
+//! Types for a `Device`.
+
+use js_sys::{Array, Map, Promise};
+use wasm_bindgen::prelude::*;
+
+use crate::{
+    future::future_to_promise,
+    identifiers::{self, DeviceId, UserId},
+    impl_from_to_inner,
+    js::try_array_to_vec,
+    types, verification, vodozemac,
+};
+
+/// A device represents a E2EE capable client of an user.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct Device {
+    pub(crate) inner: matrix_sdk_crypto::Device,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::Device => Device);
+
+#[wasm_bindgen]
+impl Device {
+    /// Request an interactive verification with this device.
+    #[wasm_bindgen(js_name = "requestVerification")]
+    pub fn request_verification(&self, methods: Option<Array>) -> Result<Promise, JsError> {
+        let methods =
+            methods.map(try_array_to_vec::<verification::VerificationMethod, _>).transpose()?;
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            let tuple = Array::new();
+            let (verification_request, outgoing_verification_request) = match methods {
+                Some(methods) => me.request_verification_with_methods(methods).await,
+                None => me.request_verification().await,
+            };
+
+            tuple.set(0, verification::VerificationRequest::from(verification_request).into());
+            tuple.set(
+                1,
+                verification::OutgoingVerificationRequest::from(outgoing_verification_request)
+                    .try_into()?,
+            );
+
+            Ok(tuple)
+        }))
+    }
+
+    /// Is this device considered to be verified.
+    ///
+    /// This method returns true if either the `is_locally_trusted`
+    /// method returns `true` or if the `is_cross_signing_trusted`
+    /// method returns `true`.
+    #[wasm_bindgen(js_name = "isVerified")]
+    pub fn is_verified(&self) -> bool {
+        self.inner.is_verified()
+    }
+
+    /// Is this device considered to be verified using cross signing.
+    #[wasm_bindgen(js_name = "isCrossSigningTrusted")]
+    pub fn is_cross_signing_trusted(&self) -> bool {
+        self.inner.is_cross_signing_trusted()
+    }
+
+    /// Set the local trust state of the device to the given state.
+    ///
+    /// This won’t affect any cross signing trust state, this only
+    /// sets a flag marking to have the given trust state.
+    ///
+    /// `trust_state` represents the new trust state that should be
+    /// set for the device.
+    #[wasm_bindgen(js_name = "setLocalTrust")]
+    pub fn set_local_trust(&self, local_state: LocalTrust) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            me.set_local_trust(local_state.into()).await?;
+
+            Ok(JsValue::NULL)
+        })
+    }
+
+    /// The user ID of the device owner.
+    #[wasm_bindgen(getter, js_name = "userId")]
+    pub fn user_id(&self) -> UserId {
+        self.inner.user_id().to_owned().into()
+    }
+
+    /// The unique ID of the device.
+    #[wasm_bindgen(getter, js_name = "deviceId")]
+    pub fn device_id(&self) -> DeviceId {
+        self.inner.device_id().to_owned().into()
+    }
+
+    /// Get the human readable name of the device.
+    #[wasm_bindgen(getter, js_name = "displayName")]
+    pub fn display_name(&self) -> Option<String> {
+        self.inner.display_name().map(ToOwned::to_owned)
+    }
+
+    /// Get the key of the given key algorithm belonging to this device.
+    #[wasm_bindgen(js_name = "getKey")]
+    pub fn get_key(
+        &self,
+        algorithm: identifiers::DeviceKeyAlgorithmName,
+    ) -> Result<Option<vodozemac::DeviceKey>, JsError> {
+        Ok(self.inner.get_key(algorithm.try_into()?).cloned().map(Into::into))
+    }
+
+    /// Get the Curve25519 key of the given device.
+    #[wasm_bindgen(getter, js_name = "curve25519Key")]
+    pub fn curve25519_key(&self) -> Option<vodozemac::Curve25519PublicKey> {
+        self.inner.curve25519_key().map(Into::into)
+    }
+
+    /// Get the Ed25519 key of the given device.
+    #[wasm_bindgen(getter, js_name = "ed25519Key")]
+    pub fn ed25519_key(&self) -> Option<vodozemac::Ed25519PublicKey> {
+        self.inner.ed25519_key().map(Into::into)
+    }
+
+    /// Get a map containing all the device keys.
+    #[wasm_bindgen(getter)]
+    pub fn keys(&self) -> Map {
+        let map = Map::new();
+
+        for (device_key_id, device_key) in self.inner.keys() {
+            map.set(
+                &identifiers::DeviceKeyId::from(device_key_id.clone()).into(),
+                &vodozemac::DeviceKey::from(device_key.clone()).into(),
+            );
+        }
+
+        map
+    }
+
+    /// Get a map containing all the device signatures.
+    #[wasm_bindgen(getter)]
+    pub fn signatures(&self) -> types::Signatures {
+        self.inner.signatures().clone().into()
+    }
+
+    /// Get the trust state of the device.
+    #[wasm_bindgen(getter, js_name = "localTrustState")]
+    pub fn local_trust_state(&self) -> LocalTrust {
+        self.inner.local_trust_state().into()
+    }
+
+    /// Is the device locally marked as trusted?
+    #[wasm_bindgen(js_name = "isLocallyTrusted")]
+    pub fn is_locally_trusted(&self) -> bool {
+        self.inner.is_locally_trusted()
+    }
+
+    /// Is the device locally marked as blacklisted?
+    ///
+    /// Blacklisted devices won’t receive any group sessions.
+    #[wasm_bindgen(js_name = "isBlacklisted")]
+    pub fn is_blacklisted(&self) -> bool {
+        self.inner.is_blacklisted()
+    }
+
+    /// Is the device deleted?
+    #[wasm_bindgen(js_name = "isDeleted")]
+    pub fn is_deleted(&self) -> bool {
+        self.inner.is_deleted()
+    }
+}
+
+/// The local trust state of a device.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub enum LocalTrust {
+    /// The device has been verified and is trusted.
+    Verified,
+
+    /// The device been blacklisted from communicating.
+    BlackListed,
+
+    /// The trust state of the device is being ignored.
+    Ignored,
+
+    /// The trust state is unset.
+    Unset,
+}
+
+impl From<matrix_sdk_crypto::LocalTrust> for LocalTrust {
+    fn from(value: matrix_sdk_crypto::LocalTrust) -> Self {
+        use matrix_sdk_crypto::LocalTrust::*;
+
+        match value {
+            Verified => Self::Verified,
+            BlackListed => Self::BlackListed,
+            Ignored => Self::Ignored,
+            Unset => Self::Unset,
+        }
+    }
+}
+
+impl From<LocalTrust> for matrix_sdk_crypto::LocalTrust {
+    fn from(value: LocalTrust) -> Self {
+        use LocalTrust::*;
+
+        match value {
+            Verified => Self::Verified,
+            BlackListed => Self::BlackListed,
+            Ignored => Self::Ignored,
+            Unset => Self::Unset,
+        }
+    }
+}
+
+/// A read only view over all devices belonging to a user.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct UserDevices {
+    pub(crate) inner: matrix_sdk_crypto::UserDevices,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::UserDevices => UserDevices);
+
+#[wasm_bindgen]
+impl UserDevices {
+    /// Get the specific device with the given device ID.
+    pub fn get(&self, device_id: &DeviceId) -> Option<Device> {
+        self.inner.get(&device_id.inner).map(Into::into)
+    }
+
+    /// Returns true if there is at least one devices of this user
+    /// that is considered to be verified, false otherwise.
+    ///
+    /// This won't consider your own device as verified, as your own
+    /// device is always implicitly verified.
+    #[wasm_bindgen(js_name = "isAnyVerified")]
+    pub fn is_any_verified(&self) -> bool {
+        self.inner.is_any_verified()
+    }
+
+    /// Array over all the device IDs of the user devices.
+    pub fn keys(&self) -> Array {
+        self.inner.keys().map(ToOwned::to_owned).map(DeviceId::from).map(JsValue::from).collect()
+    }
+
+    /// Iterator over all the devices of the user devices.
+    pub fn devices(&self) -> Array {
+        self.inner.devices().map(Device::from).map(JsValue::from).collect()
+    }
+}
@@ -0,0 +1,135 @@
+//! Encryption types & siblings.
+
+use std::time::Duration;
+
+use wasm_bindgen::prelude::*;
+
+use crate::events;
+
+/// Settings for an encrypted room.
+///
+/// This determines the algorithm and rotation periods of a group
+/// session.
+#[wasm_bindgen(getter_with_clone)]
+#[derive(Debug, Clone)]
+pub struct EncryptionSettings {
+    /// The encryption algorithm that should be used in the room.
+    pub algorithm: EncryptionAlgorithm,
+
+    /// How long the session should be used before changing it,
+    /// expressed in microseconds.
+    #[wasm_bindgen(js_name = "rotationPeriod")]
+    pub rotation_period: u64,
+
+    /// How many messages should be sent before changing the session.
+    #[wasm_bindgen(js_name = "rotationPeriodMessages")]
+    pub rotation_period_messages: u64,
+
+    /// The history visibility of the room when the session was
+    /// created.
+    #[wasm_bindgen(js_name = "historyVisibility")]
+    pub history_visibility: events::HistoryVisibility,
+
+    /// Should untrusted devices receive the room key, or should they be
+    /// excluded from the conversation.
+    #[wasm_bindgen(js_name = "onlyAllowTrustedDevices")]
+    pub only_allow_trusted_devices: bool,
+}
+
+impl Default for EncryptionSettings {
+    fn default() -> Self {
+        let default = matrix_sdk_crypto::olm::EncryptionSettings::default();
+
+        Self {
+            algorithm: default.algorithm.into(),
+            rotation_period: default.rotation_period.as_micros().try_into().unwrap(),
+            rotation_period_messages: default.rotation_period_msgs,
+            history_visibility: default.history_visibility.into(),
+            only_allow_trusted_devices: default.only_allow_trusted_devices,
+        }
+    }
+}
+
+#[wasm_bindgen]
+impl EncryptionSettings {
+    /// Create a new `EncryptionSettings` with default values.
+    #[wasm_bindgen(constructor)]
+    pub fn new() -> EncryptionSettings {
+        Self::default()
+    }
+}
+
+impl From<&EncryptionSettings> for matrix_sdk_crypto::olm::EncryptionSettings {
+    fn from(value: &EncryptionSettings) -> Self {
+        let algorithm = value.algorithm.clone().into();
+
+        Self {
+            algorithm,
+            rotation_period: Duration::from_micros(value.rotation_period),
+            rotation_period_msgs: value.rotation_period_messages,
+            history_visibility: value.history_visibility.clone().into(),
+            only_allow_trusted_devices: value.only_allow_trusted_devices,
+        }
+    }
+}
+
+/// An encryption algorithm to be used to encrypt messages sent to a
+/// room.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub enum EncryptionAlgorithm {
+    /// Olm version 1 using Curve25519, AES-256, and SHA-256.
+    OlmV1Curve25519AesSha2,
+
+    /// Megolm version 1 using AES-256 and SHA-256.
+    MegolmV1AesSha2,
+}
+
+impl From<EncryptionAlgorithm> for matrix_sdk_crypto::types::EventEncryptionAlgorithm {
+    fn from(value: EncryptionAlgorithm) -> Self {
+        use EncryptionAlgorithm::*;
+
+        match value {
+            OlmV1Curve25519AesSha2 => Self::OlmV1Curve25519AesSha2,
+            MegolmV1AesSha2 => Self::MegolmV1AesSha2,
+        }
+    }
+}
+
+impl From<matrix_sdk_crypto::types::EventEncryptionAlgorithm> for EncryptionAlgorithm {
+    fn from(value: matrix_sdk_crypto::types::EventEncryptionAlgorithm) -> Self {
+        use matrix_sdk_crypto::types::EventEncryptionAlgorithm::*;
+
+        match value {
+            OlmV1Curve25519AesSha2 => Self::OlmV1Curve25519AesSha2,
+            MegolmV1AesSha2 => Self::MegolmV1AesSha2,
+            _ => unreachable!("Unknown variant"),
+        }
+    }
+}
+
+/// The verification state of the device that sent an event to us.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub enum VerificationState {
+    /// The device is trusted.
+    Trusted,
+
+    /// The device is not trusted.
+    Untrusted,
+
+    /// The device is not known to us.
+    UnknownDevice,
+}
+
+impl From<&matrix_sdk_common::deserialized_responses::VerificationState> for VerificationState {
+    fn from(value: &matrix_sdk_common::deserialized_responses::VerificationState) -> Self {
+        use matrix_sdk_common::deserialized_responses::VerificationState::*;
+
+        match value {
+            Trusted => Self::Trusted,
+            Untrusted => Self::Untrusted,
+            UnknownDevice => Self::UnknownDevice,
+        }
+    }
+}
@@ -0,0 +1,61 @@
+//! Types related to events.
+
+use ruma::events::room::history_visibility::HistoryVisibility as RumaHistoryVisibility;
+use wasm_bindgen::prelude::*;
+
+/// Who can see a room's history.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub enum HistoryVisibility {
+    /// Previous events are accessible to newly joined members from
+    /// the point they were invited onwards.
+    ///
+    /// Events stop being accessible when the member's state changes
+    /// to something other than *invite* or *join*.
+    Invited,
+
+    /// Previous events are accessible to newly joined members from
+    /// the point they joined the room onwards.
+    ///
+    /// Events stop being accessible when the member's state changes
+    /// to something other than *join*.
+    Joined,
+
+    /// Previous events are always accessible to newly joined members.
+    ///
+    /// All events in the room are accessible, even those sent when
+    /// the member was not a part of the room.
+    Shared,
+
+    /// All events while this is the `HistoryVisibility` value may be
+    /// shared by any participating homeserver with anyone, regardless
+    /// of whether they have ever joined the room.
+    WorldReadable,
+}
+
+impl From<HistoryVisibility> for RumaHistoryVisibility {
+    fn from(value: HistoryVisibility) -> Self {
+        use HistoryVisibility::*;
+
+        match value {
+            Invited => Self::Invited,
+            Joined => Self::Joined,
+            Shared => Self::Shared,
+            WorldReadable => Self::WorldReadable,
+        }
+    }
+}
+
+impl From<RumaHistoryVisibility> for HistoryVisibility {
+    fn from(value: RumaHistoryVisibility) -> Self {
+        use RumaHistoryVisibility::*;
+
+        match value {
+            Invited => Self::Invited,
+            Joined => Self::Joined,
+            Shared => Self::Shared,
+            WorldReadable => Self::WorldReadable,
+            _ => unreachable!("Unknown variant"),
+        }
+    }
+}
@@ -0,0 +1,26 @@
+use std::future::Future;
+
+use js_sys::Promise;
+use wasm_bindgen::{JsValue, UnwrapThrowExt};
+use wasm_bindgen_futures::spawn_local;
+
+pub(crate) fn future_to_promise<F, T>(future: F) -> Promise
+where
+    F: Future<Output = Result<T, anyhow::Error>> + 'static,
+    T: Into<JsValue>,
+{
+    let mut future = Some(future);
+
+    Promise::new(&mut |resolve, reject| {
+        let future = future.take().unwrap_throw();
+
+        spawn_local(async move {
+            match future.await {
+                Ok(value) => resolve.call1(&JsValue::UNDEFINED, &value.into()).unwrap_throw(),
+                Err(value) => {
+                    reject.call1(&JsValue::UNDEFINED, &value.to_string().into()).unwrap_throw()
+                }
+            };
+        });
+    })
+}
@@ -0,0 +1,321 @@
+//! Types for [Matrix](https://matrix.org/) identifiers for devices,
+//! events, keys, rooms, servers, users and URIs.
+
+use wasm_bindgen::prelude::*;
+
+use crate::impl_from_to_inner;
+
+/// A Matrix [user ID].
+///
+/// [user ID]: https://spec.matrix.org/v1.2/appendices/#user-identifiers
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct UserId {
+    pub(crate) inner: ruma::OwnedUserId,
+}
+
+impl_from_to_inner!(ruma::OwnedUserId => UserId);
+
+#[wasm_bindgen]
+impl UserId {
+    /// Parse/validate and create a new `UserId`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: &str) -> Result<UserId, JsError> {
+        Ok(Self::from(ruma::UserId::parse(id)?))
+    }
+
+    /// Returns the user's localpart.
+    #[wasm_bindgen(getter)]
+    pub fn localpart(&self) -> String {
+        self.inner.localpart().to_owned()
+    }
+
+    /// Returns the server name of the user ID.
+    #[wasm_bindgen(getter, js_name = "serverName")]
+    pub fn server_name(&self) -> ServerName {
+        ServerName { inner: self.inner.server_name().to_owned() }
+    }
+
+    /// Whether this user ID is a historical one.
+    ///
+    /// A historical user ID is one that doesn't conform to the latest
+    /// specification of the user ID grammar but is still accepted
+    /// because it was previously allowed.
+    #[wasm_bindgen(js_name = "isHistorical")]
+    pub fn is_historical(&self) -> bool {
+        self.inner.is_historical()
+    }
+
+    /// Return the user ID as a string.
+    #[wasm_bindgen(js_name = "toString")]
+    #[allow(clippy::inherent_to_string)]
+    pub fn to_string(&self) -> String {
+        self.inner.as_str().to_owned()
+    }
+}
+
+/// A Matrix key ID.
+///
+/// Device identifiers in Matrix are completely opaque character
+/// sequences. This type is provided simply for its semantic value.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct DeviceId {
+    pub(crate) inner: ruma::OwnedDeviceId,
+}
+
+impl_from_to_inner!(ruma::OwnedDeviceId => DeviceId);
+
+#[wasm_bindgen]
+impl DeviceId {
+    /// Create a new `DeviceId`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: &str) -> DeviceId {
+        Self::from(ruma::OwnedDeviceId::from(id))
+    }
+
+    /// Return the device ID as a string.
+    #[wasm_bindgen(js_name = "toString")]
+    #[allow(clippy::inherent_to_string)]
+    pub fn to_string(&self) -> String {
+        self.inner.as_str().to_owned()
+    }
+}
+
+/// A Matrix device key ID.
+///
+/// A key algorithm and a device ID, combined with a ‘:’.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct DeviceKeyId {
+    pub(crate) inner: ruma::OwnedDeviceKeyId,
+}
+
+impl_from_to_inner!(ruma::OwnedDeviceKeyId => DeviceKeyId);
+
+#[wasm_bindgen]
+impl DeviceKeyId {
+    /// Parse/validate and create a new `DeviceKeyId`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: String) -> Result<DeviceKeyId, JsError> {
+        Ok(Self::from(ruma::DeviceKeyId::parse(id.as_str())?))
+    }
+
+    /// Returns key algorithm of the device key ID.
+    #[wasm_bindgen(getter)]
+    pub fn algorithm(&self) -> DeviceKeyAlgorithm {
+        self.inner.algorithm().into()
+    }
+
+    /// Returns device ID of the device key ID.
+    #[wasm_bindgen(getter, js_name = "deviceId")]
+    pub fn device_id(&self) -> DeviceId {
+        self.inner.device_id().to_owned().into()
+    }
+
+    /// Return the device key ID as a string.
+    #[wasm_bindgen(js_name = "toString")]
+    #[allow(clippy::inherent_to_string)]
+    pub fn to_string(&self) -> String {
+        self.inner.to_string()
+    }
+}
+
+/// The basic key algorithms in the specification.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct DeviceKeyAlgorithm {
+    pub(crate) inner: ruma::DeviceKeyAlgorithm,
+}
+
+impl_from_to_inner!(ruma::DeviceKeyAlgorithm => DeviceKeyAlgorithm);
+
+#[wasm_bindgen]
+impl DeviceKeyAlgorithm {
+    /// Read the device key algorithm's name. If the name is
+    /// `Unknown`, one may be interested by the `to_string` method to
+    /// read the original name.
+    #[wasm_bindgen(getter)]
+    pub fn name(&self) -> DeviceKeyAlgorithmName {
+        self.inner.clone().into()
+    }
+
+    /// Return the device key algorithm as a string.
+    #[wasm_bindgen(js_name = "toString")]
+    #[allow(clippy::inherent_to_string)]
+    pub fn to_string(&self) -> String {
+        self.inner.to_string()
+    }
+}
+
+/// The basic key algorithm names in the specification.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub enum DeviceKeyAlgorithmName {
+    /// The Ed25519 signature algorithm.
+    Ed25519,
+
+    /// The Curve25519 ECDH algorithm.
+    Curve25519,
+
+    /// The Curve25519 ECDH algorithm, but the key also contains
+    /// signatures.
+    SignedCurve25519,
+
+    /// An unknown device key algorithm.
+    Unknown,
+}
+
+impl TryFrom<DeviceKeyAlgorithmName> for ruma::DeviceKeyAlgorithm {
+    type Error = JsError;
+
+    fn try_from(value: DeviceKeyAlgorithmName) -> Result<Self, Self::Error> {
+        use DeviceKeyAlgorithmName::*;
+
+        Ok(match value {
+            Ed25519 => Self::Ed25519,
+            Curve25519 => Self::Curve25519,
+            SignedCurve25519 => Self::SignedCurve25519,
+            Unknown => {
+                return Err(JsError::new(
+                    "The `DeviceKeyAlgorithmName.Unknown` variant cannot be converted",
+                ))
+            }
+        })
+    }
+}
+
+impl From<ruma::DeviceKeyAlgorithm> for DeviceKeyAlgorithmName {
+    fn from(value: ruma::DeviceKeyAlgorithm) -> Self {
+        use ruma::DeviceKeyAlgorithm::*;
+
+        match value {
+            Ed25519 => Self::Ed25519,
+            Curve25519 => Self::Curve25519,
+            SignedCurve25519 => Self::SignedCurve25519,
+            _ => Self::Unknown,
+        }
+    }
+}
+
+/// A Matrix [room ID].
+///
+/// [room ID]: https://spec.matrix.org/v1.2/appendices/#room-ids-and-event-ids
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct RoomId {
+    pub(crate) inner: ruma::OwnedRoomId,
+}
+
+impl_from_to_inner!(ruma::OwnedRoomId => RoomId);
+
+#[wasm_bindgen]
+impl RoomId {
+    /// Parse/validate and create a new `RoomId`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: &str) -> Result<RoomId, JsError> {
+        Ok(Self::from(ruma::RoomId::parse(id)?))
+    }
+
+    /// Returns the user's localpart.
+    #[wasm_bindgen(getter)]
+    pub fn localpart(&self) -> String {
+        self.inner.localpart().to_owned()
+    }
+
+    /// Returns the server name of the room ID.
+    #[wasm_bindgen(getter, js_name = "serverName")]
+    pub fn server_name(&self) -> ServerName {
+        ServerName { inner: self.inner.server_name().to_owned() }
+    }
+
+    /// Return the room ID as a string.
+    #[wasm_bindgen(js_name = "toString")]
+    #[allow(clippy::inherent_to_string)]
+    pub fn to_string(&self) -> String {
+        self.inner.as_str().to_owned()
+    }
+}
+
+/// A Matrix-spec compliant [server name].
+///
+/// It consists of a host and an optional port (separated by a colon if
+/// present).
+///
+/// [server name]: https://spec.matrix.org/v1.2/appendices/#server-name
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct ServerName {
+    inner: ruma::OwnedServerName,
+}
+
+#[wasm_bindgen]
+impl ServerName {
+    /// Parse/validate and create a new `ServerName`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(name: &str) -> Result<ServerName, JsError> {
+        Ok(Self { inner: ruma::ServerName::parse(name)? })
+    }
+
+    /// Returns the host of the server name.
+    ///
+    /// That is: Return the part of the server before `:<port>` or the
+    /// full server name if there is no port.
+    #[wasm_bindgen(getter)]
+    pub fn host(&self) -> String {
+        self.inner.host().to_owned()
+    }
+
+    /// Returns the port of the server name if any.
+    #[wasm_bindgen(getter)]
+    pub fn port(&self) -> Option<u16> {
+        self.inner.port()
+    }
+
+    /// Returns true if and only if the server name is an IPv4 or IPv6
+    /// address.
+    #[wasm_bindgen(js_name = "isIpLiteral")]
+    pub fn is_ip_literal(&self) -> bool {
+        self.inner.is_ip_literal()
+    }
+}
+
+/// A Matrix [event ID].
+///
+/// An `EventId` is generated randomly or converted from a string
+/// slice, and can be converted back into a string as needed.
+///
+/// [event ID]: https://spec.matrix.org/v1.2/appendices/#room-ids-and-event-ids
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct EventId {
+    pub(crate) inner: ruma::OwnedEventId,
+}
+
+#[wasm_bindgen]
+impl EventId {
+    /// Parse/validate and create a new `EventId`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: &str) -> Result<EventId, JsError> {
+        Ok(Self { inner: <&ruma::EventId>::try_from(id)?.to_owned() })
+    }
+
+    /// Returns the event's localpart.
+    #[wasm_bindgen(getter)]
+    pub fn localpart(&self) -> String {
+        self.inner.localpart().to_owned()
+    }
+
+    /// Returns the server name of the event ID.
+    #[wasm_bindgen(getter, js_name = "serverName")]
+    pub fn server_name(&self) -> Option<ServerName> {
+        Some(ServerName { inner: self.inner.server_name()?.to_owned() })
+    }
+
+    /// Return the event ID as a string.
+    #[wasm_bindgen(js_name = "toString")]
+    #[allow(clippy::inherent_to_string)]
+    pub fn to_string(&self) -> String {
+        self.inner.as_str().to_owned()
+    }
+}
@@ -0,0 +1,172 @@
+//! User identities.
+
+use js_sys::{Array, Promise};
+use wasm_bindgen::prelude::*;
+
+use crate::{
+    future::future_to_promise, identifiers, impl_from_to_inner, js::try_array_to_vec, requests,
+    verification,
+};
+
+pub(crate) struct UserIdentities {
+    inner: matrix_sdk_crypto::UserIdentities,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::UserIdentities => UserIdentities);
+
+impl From<UserIdentities> for JsValue {
+    fn from(user_identities: UserIdentities) -> Self {
+        use matrix_sdk_crypto::UserIdentities::*;
+
+        match user_identities.inner {
+            Own(own) => JsValue::from(OwnUserIdentity::from(own)),
+            Other(other) => JsValue::from(UserIdentity::from(other)),
+        }
+    }
+}
+
+/// Struct representing a cross signing identity of a user.
+///
+/// This is the user identity of a user that is our own.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct OwnUserIdentity {
+    inner: matrix_sdk_crypto::OwnUserIdentity,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::OwnUserIdentity => OwnUserIdentity);
+
+#[wasm_bindgen]
+impl OwnUserIdentity {
+    /// Mark our user identity as verified.
+    ///
+    /// This will mark the identity locally as verified and sign it with our own
+    /// device.
+    ///
+    /// Returns a signature upload request that needs to be sent out.
+    pub fn verify(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            Ok(requests::SignatureUploadRequest::try_from(&me.verify().await?)?)
+        })
+    }
+
+    /// Send a verification request to our other devices.
+    #[wasm_bindgen(js_name = "requestVerification")]
+    pub fn request_verification(&self, methods: Option<Array>) -> Result<Promise, JsError> {
+        let methods =
+            methods.map(try_array_to_vec::<verification::VerificationMethod, _>).transpose()?;
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            let tuple = Array::new();
+            let (verification_request, outgoing_verification_request) = match methods {
+                Some(methods) => me.request_verification_with_methods(methods).await?,
+                None => me.request_verification().await?,
+            };
+
+            tuple.set(0, verification::VerificationRequest::from(verification_request).into());
+            tuple.set(
+                1,
+                verification::OutgoingVerificationRequest::from(outgoing_verification_request)
+                    .try_into()?,
+            );
+
+            Ok(tuple)
+        }))
+    }
+
+    /// Does our user identity trust our own device, i.e. have we signed our own
+    /// device keys with our self-signing key?
+    #[wasm_bindgen(js_name = "trustsOurOwnDevice")]
+    pub fn trusts_our_own_device(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move { Ok(me.trusts_our_own_device().await?) })
+    }
+}
+
+/// Struct representing a cross signing identity of a user.
+///
+/// This is the user identity of a user that isn't our own. Other users will
+/// only contain a master key and a self signing key, meaning that only device
+/// signatures can be checked with this identity.
+///
+/// This struct wraps a read-only version of the struct and allows verifications
+/// to be requested to verify our own device with the user identity.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct UserIdentity {
+    inner: matrix_sdk_crypto::UserIdentity,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::UserIdentity => UserIdentity);
+
+#[wasm_bindgen]
+impl UserIdentity {
+    /// Is this user identity verified?
+    #[wasm_bindgen(js_name = "isVerified")]
+    pub fn is_verified(&self) -> bool {
+        self.inner.is_verified()
+    }
+
+    /// Manually verify this user.
+    ///
+    /// This method will attempt to sign the user identity using our private
+    /// cross signing key.
+    ///
+    /// This method fails if we don't have the private part of our user-signing
+    /// key.
+    ///
+    /// Returns a request that needs to be sent out for the user to be marked as
+    /// verified.
+    pub fn verify(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            Ok(requests::SignatureUploadRequest::try_from(&me.verify().await?)?)
+        })
+    }
+
+    /// Create a `VerificationRequest` object after the verification
+    /// request content has been sent out.  }
+    #[wasm_bindgen(js_name = "requestVerification")]
+    pub fn request_verification(
+        &self,
+        room_id: &identifiers::RoomId,
+        request_event_id: &identifiers::EventId,
+        methods: Option<Array>,
+    ) -> Result<Promise, JsError> {
+        let me = self.inner.clone();
+        let room_id = room_id.inner.clone();
+        let request_event_id = request_event_id.inner.clone();
+        let methods =
+            methods.map(try_array_to_vec::<verification::VerificationMethod, _>).transpose()?;
+
+        Ok(future_to_promise::<_, verification::VerificationRequest>(async move {
+            Ok(me
+                .request_verification(room_id.as_ref(), request_event_id.as_ref(), methods)
+                .await
+                .into())
+        }))
+    }
+
+    /// Send a verification request to the given user.
+    ///
+    /// The returned content needs to be sent out into a DM room with the given
+    /// user.
+    ///
+    /// After the content has been sent out a VerificationRequest can be started
+    /// with the `request_verification` method.
+    #[wasm_bindgen(js_name = "verificationRequestContent")]
+    pub fn verification_request_content(&self, methods: Option<Array>) -> Result<Promise, JsError> {
+        let me = self.inner.clone();
+        let methods =
+            methods.map(try_array_to_vec::<verification::VerificationMethod, _>).transpose()?;
+
+        Ok(future_to_promise(async move {
+            Ok(serde_json::to_string(&me.verification_request_content(methods).await)?)
+        }))
+    }
+}
@@ -0,0 +1,40 @@
+use js_sys::{Array, Object, Reflect};
+use wasm_bindgen::{convert::RefFromWasmAbi, prelude::*};
+
+/// A really hacky and dirty code to downcast a `JsValue` to `T:
+/// RefFromWasmAbi`, inspired by
+/// https://github.com/rustwasm/wasm-bindgen/issues/2231#issuecomment-656293288.
+///
+/// The returned value is likely to be a `wasm_bindgen::__ref::Ref<T>`.
+pub(crate) fn downcast<T>(value: &JsValue, classname: &str) -> Result<T::Anchor, JsError>
+where
+    T: RefFromWasmAbi<Abi = u32>,
+{
+    let constructor_name = Object::get_prototype_of(value).constructor().name();
+
+    if constructor_name == classname {
+        let pointer = Reflect::get(value, &JsValue::from_str("ptr"))
+            .map_err(|_| JsError::new("Failed to read the `JsValue` pointer"))?;
+        let pointer = pointer
+            .as_f64()
+            .ok_or_else(|| JsError::new("Failed to read the `JsValue` pointer as a `f64`"))?
+            as u32;
+
+        Ok(unsafe { T::ref_from_abi(pointer) })
+    } else {
+        Err(JsError::new(&format!(
+            "Expect an `{classname}` instance, received `{constructor_name}` instead",
+        )))
+    }
+}
+
+/// Transform a value `JS` from JavaScript to a Rust wrapper, to a
+/// Rust wrapped type.
+pub(crate) fn try_array_to_vec<JS, Rust>(
+    array: Array,
+) -> Result<Vec<Rust>, <JS as TryFrom<JsValue>>::Error>
+where
+    JS: TryFrom<JsValue> + Into<Rust>,
+{
+    array.iter().map(|item| JS::try_from(item).map(Into::into)).collect()
+}
@@ -0,0 +1,50 @@
+// Copyright 2022 The Matrix.org Foundation C.I.C.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#![doc = include_str!("../README.md")]
+#![cfg_attr(docsrs, feature(doc_auto_cfg))]
+#![warn(missing_docs, missing_debug_implementations)]
+#![allow(clippy::drop_non_drop)] // triggered by wasm_bindgen code
+
+pub mod attachment;
+pub mod device;
+pub mod encryption;
+pub mod events;
+mod future;
+pub mod identifiers;
+pub mod identities;
+mod js;
+pub mod machine;
+mod macros;
+pub mod olm;
+pub mod requests;
+pub mod responses;
+pub mod store;
+pub mod sync_events;
+mod tracing;
+pub mod types;
+pub mod verification;
+pub mod vodozemac;
+
+use wasm_bindgen::prelude::*;
+
+/// Run some stuff when the Wasm module is instantiated.
+///
+/// Right now, it does the following:
+///
+/// * Redirect Rust panics to JavaScript console.
+#[wasm_bindgen(start)]
+pub fn start() {
+    console_error_panic_hook::set_once();
+}
@@ -0,0 +1,731 @@
+//! The crypto specific Olm objects.
+
+use std::collections::BTreeMap;
+
+use js_sys::{Array, Function, Map, Promise, Set};
+use ruma::{serde::Raw, DeviceKeyAlgorithm, OwnedTransactionId, UInt};
+use serde_json::{json, Value as JsonValue};
+use wasm_bindgen::prelude::*;
+
+use crate::{
+    device, encryption,
+    future::future_to_promise,
+    identifiers, identities,
+    js::downcast,
+    olm, requests,
+    requests::OutgoingRequest,
+    responses::{self, response_from_string},
+    store, sync_events, types, verification, vodozemac,
+};
+
+/// State machine implementation of the Olm/Megolm encryption protocol
+/// used for Matrix end to end encryption.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct OlmMachine {
+    inner: matrix_sdk_crypto::OlmMachine,
+}
+
+#[wasm_bindgen]
+impl OlmMachine {
+    /// Create a new memory based `OlmMachine`.
+    ///
+    /// The created machine will keep the encryption keys only in
+    /// memory and once the objects is dropped, the keys will be lost.
+    ///
+    /// `user_id` represents the unique ID of the user that owns this
+    /// machine. `device_id` represents the unique ID of the device
+    /// that owns this machine.
+    ///
+    /// `store_name` and `store_passphrase` are both optional, but
+    /// must be both set to have an effect. If they are both set, the
+    /// state of the machine will persist in a database named
+    /// `store_name` where its content is encrypted by the passphrase
+    /// given by `store_passphrase`. If they are not both set, the
+    /// created machine will keep the encryption keys only in memory,
+    /// and once the object is dropped, the keys will be lost.
+    #[wasm_bindgen(constructor)]
+    #[allow(clippy::new_ret_no_self)]
+    pub fn new(
+        user_id: &identifiers::UserId,
+        device_id: &identifiers::DeviceId,
+        store_name: Option<String>,
+        store_passphrase: Option<String>,
+    ) -> Promise {
+        let user_id = user_id.inner.clone();
+        let device_id = device_id.inner.clone();
+
+        future_to_promise(async move {
+            let store = match (store_name, store_passphrase) {
+                // We need this `#[cfg]` because `IndexeddbCryptoStore`
+                // implements `CryptoStore` only on `target_arch =
+                // "wasm32"`. Without that, we could have a compilation
+                // error when checking the entire workspace. In
+                // practise, it doesn't impact this crate because it's
+                // always compiled for `wasm32`.
+                #[cfg(target_arch = "wasm32")]
+                (Some(store_name), Some(mut store_passphrase)) => {
+                    use std::sync::Arc;
+                    use zeroize::Zeroize;
+
+                    let store = Some(
+                        matrix_sdk_indexeddb::IndexeddbCryptoStore::open_with_passphrase(
+                            &store_name,
+                            &store_passphrase,
+                        )
+                        .await
+                        .map(Arc::new)?,
+                    );
+
+                    store_passphrase.zeroize();
+
+                    store
+                }
+
+                (Some(_), None) => return Err(anyhow::Error::msg("The `store_name` has been set, and so, it expects a `store_passphrase`, which is not set; please provide one")),
+
+                (None, Some(_)) => return Err(anyhow::Error::msg("The `store_passphrase` has been set, but it has an effect only if `store_name` is set, which is not; please provide one")),
+
+                _ => None,
+            };
+
+            Ok(OlmMachine {
+                inner: match store {
+                    Some(store) => {
+                        matrix_sdk_crypto::OlmMachine::with_store(
+                            user_id.as_ref(),
+                            device_id.as_ref(),
+                            store,
+                        )
+                        .await?
+                    }
+                    None => {
+                        matrix_sdk_crypto::OlmMachine::new(user_id.as_ref(), device_id.as_ref())
+                            .await
+                    }
+                },
+            })
+        })
+    }
+
+    /// The unique user ID that owns this `OlmMachine` instance.
+    #[wasm_bindgen(getter, js_name = "userId")]
+    pub fn user_id(&self) -> identifiers::UserId {
+        identifiers::UserId::from(self.inner.user_id().to_owned())
+    }
+
+    /// The unique device ID that identifies this `OlmMachine`.
+    #[wasm_bindgen(getter, js_name = "deviceId")]
+    pub fn device_id(&self) -> identifiers::DeviceId {
+        identifiers::DeviceId::from(self.inner.device_id().to_owned())
+    }
+
+    /// Get the public parts of our Olm identity keys.
+    #[wasm_bindgen(getter, js_name = "identityKeys")]
+    pub fn identity_keys(&self) -> vodozemac::IdentityKeys {
+        self.inner.identity_keys().into()
+    }
+
+    /// Get the display name of our own device.
+    #[wasm_bindgen(getter, js_name = "displayName")]
+    pub fn display_name(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move { Ok(me.display_name().await?) })
+    }
+
+    /// Get all the tracked users of our own device.
+    ///
+    /// Returns a `Set<UserId>`.
+    #[wasm_bindgen(js_name = "trackedUsers")]
+    pub fn tracked_users(&self) -> Set {
+        let set = Set::new(&JsValue::UNDEFINED);
+
+        for user in self.inner.tracked_users() {
+            set.add(&identifiers::UserId::from(user).into());
+        }
+
+        set
+    }
+
+    /// Update the tracked users.
+    ///
+    /// `users` is an iterator over user IDs that should be marked for
+    /// tracking.
+    ///
+    /// This will mark users that weren't seen before for a key query
+    /// and tracking.
+    ///
+    /// If the user is already known to the Olm machine, it will not
+    /// be considered for a key query.
+    #[wasm_bindgen(js_name = "updateTrackedUsers")]
+    pub fn update_tracked_users(&self, users: &Array) -> Result<Promise, JsError> {
+        let users = users
+            .iter()
+            .map(|user| Ok(downcast::<identifiers::UserId>(&user, "UserId")?.inner.clone()))
+            .collect::<Result<Vec<ruma::OwnedUserId>, JsError>>()?;
+
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            me.update_tracked_users(users.iter().map(AsRef::as_ref)).await;
+            Ok(JsValue::UNDEFINED)
+        }))
+    }
+
+    /// Handle to-device events and one-time key counts from a sync
+    /// response.
+    ///
+    /// This will decrypt and handle to-device events returning the
+    /// decrypted versions of them.
+    ///
+    /// To decrypt an event from the room timeline call
+    /// `decrypt_room_event`.
+    #[wasm_bindgen(js_name = "receiveSyncChanges")]
+    pub fn receive_sync_changes(
+        &self,
+        to_device_events: &str,
+        changed_devices: &sync_events::DeviceLists,
+        one_time_key_counts: &Map,
+        unused_fallback_keys: &Set,
+    ) -> Result<Promise, JsError> {
+        let to_device_events = serde_json::from_str(to_device_events)?;
+        let changed_devices = changed_devices.inner.clone();
+        let one_time_key_counts: BTreeMap<DeviceKeyAlgorithm, UInt> = one_time_key_counts
+            .entries()
+            .into_iter()
+            .filter_map(|js_value| {
+                let pair = Array::from(&js_value.ok()?);
+                let (key, value) = (
+                    DeviceKeyAlgorithm::from(pair.at(0).as_string()?),
+                    UInt::new(pair.at(1).as_f64()? as u64)?,
+                );
+
+                Some((key, value))
+            })
+            .collect();
+        let unused_fallback_keys: Option<Vec<DeviceKeyAlgorithm>> = Some(
+            unused_fallback_keys
+                .values()
+                .into_iter()
+                .filter_map(|js_value| Some(DeviceKeyAlgorithm::from(js_value.ok()?.as_string()?)))
+                .collect(),
+        );
+
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            Ok(serde_json::to_string(
+                &me.receive_sync_changes(
+                    to_device_events,
+                    &changed_devices,
+                    &one_time_key_counts,
+                    unused_fallback_keys.as_deref(),
+                )
+                .await?,
+            )?)
+        }))
+    }
+
+    /// Get the outgoing requests that need to be sent out.
+    ///
+    /// This returns a list of `JsValue` to represent either:
+    ///   * `KeysUploadRequest`,
+    ///   * `KeysQueryRequest`,
+    ///   * `KeysClaimRequest`,
+    ///   * `ToDeviceRequest`,
+    ///   * `SignatureUploadRequest`,
+    ///   * `RoomMessageRequest` or
+    ///   * `KeysBackupRequest`.
+    ///
+    /// Those requests need to be sent out to the server and the
+    /// responses need to be passed back to the state machine using
+    /// `mark_request_as_sent`.
+    #[wasm_bindgen(js_name = "outgoingRequests")]
+    pub fn outgoing_requests(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            Ok(me
+                .outgoing_requests()
+                .await?
+                .into_iter()
+                .map(OutgoingRequest)
+                .map(TryFrom::try_from)
+                .collect::<Result<Vec<JsValue>, _>>()?
+                .into_iter()
+                .collect::<Array>())
+        })
+    }
+
+    /// Mark the request with the given request ID as sent (see
+    /// `outgoing_requests`).
+    ///
+    /// Arguments are:
+    ///
+    /// * `request_id` represents the unique ID of the request that was sent
+    ///   out. This is needed to couple the response with the now sent out
+    ///   request.
+    /// * `response_type` represents the type of the request that was sent out.
+    /// * `response` represents the response that was received from the server
+    ///   after the outgoing request was sent out.
+    #[wasm_bindgen(js_name = "markRequestAsSent")]
+    pub fn mark_request_as_sent(
+        &self,
+        request_id: &str,
+        request_type: requests::RequestType,
+        response: &str,
+    ) -> Result<Promise, JsError> {
+        let transaction_id = OwnedTransactionId::from(request_id);
+        let response = response_from_string(response)?;
+        let incoming_response = responses::OwnedResponse::try_from((request_type, response))?;
+
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            Ok(me.mark_request_as_sent(&transaction_id, &incoming_response).await.map(|_| true)?)
+        }))
+    }
+
+    /// Encrypt a room message for the given room.
+    ///
+    /// Beware that a room key needs to be shared before this
+    /// method can be called using the `share_room_key` method.
+    ///
+    /// `room_id` is the ID of the room for which the message should
+    /// be encrypted. `event_type` is the type of the event. `content`
+    /// is the plaintext content of the message that should be
+    /// encrypted.
+    ///
+    /// # Panics
+    ///
+    /// Panics if a group session for the given room wasn't shared
+    /// beforehand.
+    #[wasm_bindgen(js_name = "encryptRoomEvent")]
+    pub fn encrypt_room_event(
+        &self,
+        room_id: &identifiers::RoomId,
+        event_type: String,
+        content: &str,
+    ) -> Result<Promise, JsError> {
+        let room_id = room_id.inner.clone();
+        let content: JsonValue = serde_json::from_str(content)?;
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            Ok(serde_json::to_string(
+                &me.encrypt_room_event_raw(&room_id, content, event_type.as_ref()).await?,
+            )?)
+        }))
+    }
+
+    /// Decrypt an event from a room timeline.
+    ///
+    /// # Arguments
+    ///
+    /// * `event`, the event that should be decrypted.
+    /// * `room_id`, the ID of the room where the event was sent to.
+    #[wasm_bindgen(js_name = "decryptRoomEvent")]
+    pub fn decrypt_room_event(
+        &self,
+        event: &str,
+        room_id: &identifiers::RoomId,
+    ) -> Result<Promise, JsError> {
+        let event: Raw<_> = serde_json::from_str(event)?;
+        let room_id = room_id.inner.clone();
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            let room_event = me.decrypt_room_event(&event, room_id.as_ref()).await?;
+
+            Ok(responses::DecryptedRoomEvent::from(room_event))
+        }))
+    }
+
+    /// Get the status of the private cross signing keys.
+    ///
+    /// This can be used to check which private cross signing keys we
+    /// have stored locally.
+    #[wasm_bindgen(js_name = "crossSigningStatus")]
+    pub fn cross_signing_status(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise::<_, olm::CrossSigningStatus>(async move {
+            Ok(me.cross_signing_status().await.into())
+        })
+    }
+
+    /// Export all the private cross signing keys we have.
+    ///
+    /// The export will contain the seed for the ed25519 keys as a
+    /// unpadded base64 encoded string.
+    ///
+    /// This method returns None if we don’t have any private cross
+    /// signing keys.
+    #[wasm_bindgen(js_name = "exportCrossSigningKeys")]
+    pub fn export_cross_signing_keys(&self) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            Ok(me.export_cross_signing_keys().await.map(store::CrossSigningKeyExport::from))
+        })
+    }
+
+    /// Import our private cross signing keys.
+    ///
+    /// The export needs to contain the seed for the ed25519 keys as
+    /// an unpadded base64 encoded string.
+    #[wasm_bindgen(js_name = "importCrossSigningKeys")]
+    pub fn import_cross_signing_keys(&self, export: store::CrossSigningKeyExport) -> Promise {
+        let me = self.inner.clone();
+        let export = export.inner;
+
+        future_to_promise(async move {
+            Ok(me.import_cross_signing_keys(export).await.map(olm::CrossSigningStatus::from)?)
+        })
+    }
+
+    /// Create a new cross signing identity and get the upload request
+    /// to push the new public keys to the server.
+    ///
+    /// Warning: This will delete any existing cross signing keys that
+    /// might exist on the server and thus will reset the trust
+    /// between all the devices.
+    ///
+    /// Uploading these keys will require user interactive auth.
+    #[wasm_bindgen(js_name = "bootstrapCrossSigning")]
+    pub fn bootstrap_cross_signing(&self, reset: bool) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            let (upload_signing_keys_request, upload_signatures_request) =
+                me.bootstrap_cross_signing(reset).await?;
+
+            let tuple = Array::new();
+            tuple.set(
+                0,
+                requests::SigningKeysUploadRequest::try_from(&upload_signing_keys_request)?.into(),
+            );
+            tuple.set(
+                1,
+                requests::SignatureUploadRequest::try_from(&upload_signatures_request)?.into(),
+            );
+
+            Ok(tuple)
+        })
+    }
+
+    /// Get the cross signing user identity of a user.
+    #[wasm_bindgen(js_name = "getIdentity")]
+    pub fn get_identity(&self, user_id: &identifiers::UserId) -> Promise {
+        let me = self.inner.clone();
+        let user_id = user_id.inner.clone();
+
+        future_to_promise(async move {
+            Ok(me.get_identity(user_id.as_ref(), None).await?.map(identities::UserIdentities::from))
+        })
+    }
+
+    /// Sign the given message using our device key and if available
+    /// cross-signing master key.
+    pub fn sign(&self, message: String) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise::<_, types::Signatures>(async move { Ok(me.sign(&message).await.into()) })
+    }
+
+    /// Invalidate the currently active outbound group session for the
+    /// given room.
+    ///
+    /// Returns true if a session was invalidated, false if there was
+    /// no session to invalidate.
+    #[wasm_bindgen(js_name = "invalidateGroupSession")]
+    pub fn invalidate_group_session(&self, room_id: &identifiers::RoomId) -> Promise {
+        let room_id = room_id.inner.clone();
+        let me = self.inner.clone();
+
+        future_to_promise(async move { Ok(me.invalidate_group_session(&room_id).await?) })
+    }
+
+    /// Get to-device requests to share a room key with users in a room.
+    ///
+    /// `room_id` is the room ID. `users` is an array of `UserId`
+    /// objects. `encryption_settings` are an `EncryptionSettings`
+    /// object.
+    #[wasm_bindgen(js_name = "shareRoomKey")]
+    pub fn share_room_key(
+        &self,
+        room_id: &identifiers::RoomId,
+        users: &Array,
+        encryption_settings: &encryption::EncryptionSettings,
+    ) -> Result<Promise, JsError> {
+        let room_id = room_id.inner.clone();
+        let users = users
+            .iter()
+            .map(|user| Ok(downcast::<identifiers::UserId>(&user, "UserId")?.inner.clone()))
+            .collect::<Result<Vec<ruma::OwnedUserId>, JsError>>()?;
+        let encryption_settings =
+            matrix_sdk_crypto::olm::EncryptionSettings::from(encryption_settings);
+
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            Ok(serde_json::to_string(
+                &me.share_room_key(&room_id, users.iter().map(AsRef::as_ref), encryption_settings)
+                    .await?,
+            )?)
+        }))
+    }
+
+    /// Get the a key claiming request for the user/device pairs that
+    /// we are missing Olm sessions for.
+    ///
+    /// Returns `NULL` if no key claiming request needs to be sent
+    /// out, otherwise it returns an `Array` where the first key is
+    /// the transaction ID as a string, and the second key is the keys
+    /// claim request serialized to JSON.
+    ///
+    /// Sessions need to be established between devices so group
+    /// sessions for a room can be shared with them.
+    ///
+    /// This should be called every time a group session needs to be
+    /// shared as well as between sync calls. After a sync some
+    /// devices may request room keys without us having a valid Olm
+    /// session with them, making it impossible to server the room key
+    /// request, thus it’s necessary to check for missing sessions
+    /// between sync as well.
+    ///
+    /// Note: Care should be taken that only one such request at a
+    /// time is in flight, e.g. using a lock.
+    ///
+    /// The response of a successful key claiming requests needs to be
+    /// passed to the `OlmMachine` with the `mark_request_as_sent`.
+    ///
+    /// `users` represents the list of users that we should check if
+    /// we lack a session with one of their devices. This can be an
+    /// empty iterator when calling this method between sync requests.
+    #[wasm_bindgen(js_name = "getMissingSessions")]
+    pub fn get_missing_sessions(&self, users: &Array) -> Result<Promise, JsError> {
+        let users = users
+            .iter()
+            .map(|user| Ok(downcast::<identifiers::UserId>(&user, "UserId")?.inner.clone()))
+            .collect::<Result<Vec<ruma::OwnedUserId>, JsError>>()?;
+
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            match me.get_missing_sessions(users.iter().map(AsRef::as_ref)).await? {
+                Some((transaction_id, keys_claim_request)) => {
+                    Ok(JsValue::from(requests::KeysClaimRequest::try_from((
+                        transaction_id.to_string(),
+                        &keys_claim_request,
+                    ))?))
+                }
+
+                None => Ok(JsValue::NULL),
+            }
+        }))
+    }
+
+    /// Get a map holding all the devices of a user.
+    ///
+    /// `user_id` represents the unique ID of the user that the
+    /// devices belong to.
+    #[wasm_bindgen(js_name = "getUserDevices")]
+    pub fn get_user_devices(&self, user_id: &identifiers::UserId) -> Promise {
+        let user_id = user_id.inner.clone();
+
+        let me = self.inner.clone();
+
+        future_to_promise::<_, device::UserDevices>(async move {
+            Ok(me.get_user_devices(&user_id, None).await.map(Into::into)?)
+        })
+    }
+
+    /// Get a specific device of a user if one is found and the crypto store
+    /// didn't throw an error.
+    ///
+    /// `user_id` represents the unique ID of the user that the
+    /// identity belongs to. `device_id` represents the unique ID of
+    /// the device.
+    #[wasm_bindgen(js_name = "getDevice")]
+    pub fn get_device(
+        &self,
+        user_id: &identifiers::UserId,
+        device_id: &identifiers::DeviceId,
+    ) -> Promise {
+        let user_id = user_id.inner.clone();
+        let device_id = device_id.inner.clone();
+
+        let me = self.inner.clone();
+
+        future_to_promise::<_, Option<device::Device>>(async move {
+            Ok(me.get_device(&user_id, &device_id, None).await?.map(Into::into))
+        })
+    }
+
+    /// Get a verification object for the given user ID with the given
+    /// flow ID (a to-device request ID if the verification has been
+    /// requested by a to-device request, or a room event ID if the
+    /// verification has been requested by a room event).
+    ///
+    /// It returns a “`Verification` object”, which is either a `Sas`
+    /// or `Qr` object.
+    #[wasm_bindgen(js_name = "getVerification")]
+    pub fn get_verification(
+        &self,
+        user_id: &identifiers::UserId,
+        flow_id: &str,
+    ) -> Result<JsValue, JsError> {
+        self.inner
+            .get_verification(&user_id.inner, flow_id)
+            .map(verification::Verification)
+            .map(JsValue::try_from)
+            .transpose()
+            .map(JsValue::from)
+    }
+
+    /// Get a verification request object with the given flow ID.
+    #[wasm_bindgen(js_name = "getVerificationRequest")]
+    pub fn get_verification_request(
+        &self,
+        user_id: &identifiers::UserId,
+        flow_id: &str,
+    ) -> Option<verification::VerificationRequest> {
+        self.inner.get_verification_request(&user_id.inner, flow_id).map(Into::into)
+    }
+
+    /// Get all the verification requests of a given user.
+    #[wasm_bindgen(js_name = "getVerificationRequests")]
+    pub fn get_verification_requests(&self, user_id: &identifiers::UserId) -> Array {
+        self.inner
+            .get_verification_requests(&user_id.inner)
+            .into_iter()
+            .map(verification::VerificationRequest::from)
+            .map(JsValue::from)
+            .collect()
+    }
+
+    /// Receive an unencrypted verification event.
+    ///
+    /// This method can be used to pass verification events that are
+    /// happening in unencrypted rooms to the `OlmMachine`.
+    ///
+    /// Note: This does not need to be called for encrypted events
+    /// since those will get passed to the `OlmMachine` during
+    /// decryption.
+    #[wasm_bindgen(js_name = "receiveUnencryptedVerificationEvent")]
+    pub fn receive_unencrypted_verification_event(&self, event: &str) -> Result<Promise, JsError> {
+        let event: ruma::events::AnyMessageLikeEvent = serde_json::from_str(event)?;
+        let me = self.inner.clone();
+
+        Ok(future_to_promise(async move {
+            Ok(me
+                .receive_unencrypted_verification_event(&event)
+                .await
+                .map(|_| JsValue::UNDEFINED)?)
+        }))
+    }
+
+    /// Export the keys that match the given predicate.
+    ///
+    /// `predicate` is a closure that will be called for every known
+    /// `InboundGroupSession`, which represents a room key. If the closure
+    /// returns `true`, the `InboundGroupSession` will be included in the
+    /// export, otherwise it won't.
+    #[wasm_bindgen(js_name = "exportRoomKeys")]
+    pub fn export_room_keys(&self, predicate: Function) -> Promise {
+        let me = self.inner.clone();
+
+        future_to_promise(async move {
+            Ok(serde_json::to_string(
+                &me.export_room_keys(|session| {
+                    let session = session.clone();
+
+                    predicate
+                        .call1(&JsValue::NULL, &olm::InboundGroupSession::from(session).into())
+                        .expect("Predicate function passed to `export_room_keys` failed")
+                        .as_bool()
+                        .unwrap_or(false)
+                })
+                .await?,
+            )?)
+        })
+    }
+
+    /// Import the given room keys into our store.
+    ///
+    /// `exported_keys` is a list of previously exported keys that should be
+    /// imported into our store. If we already have a better version of a key,
+    /// the key will _not_ be imported.
+    ///
+    /// `progress_listener` is a closure that takes 2 arguments: `progress` and
+    /// `total`, and returns nothing.
+    #[wasm_bindgen(js_name = "importRoomKeys")]
+    pub fn import_room_keys(
+        &self,
+        exported_room_keys: &str,
+        progress_listener: Function,
+    ) -> Result<Promise, JsError> {
+        let me = self.inner.clone();
+        let exported_room_keys: Vec<matrix_sdk_crypto::olm::ExportedRoomKey> =
+            serde_json::from_str(exported_room_keys)?;
+
+        Ok(future_to_promise(async move {
+            let matrix_sdk_crypto::RoomKeyImportResult { imported_count, total_count, keys } = me
+                .import_room_keys(exported_room_keys, false, |progress, total| {
+                    let progress: u64 = progress.try_into().unwrap();
+                    let total: u64 = total.try_into().unwrap();
+
+                    progress_listener
+                        .call2(&JsValue::NULL, &JsValue::from(progress), &JsValue::from(total))
+                        .expect("Progress listener passed to `import_room_keys` failed");
+                })
+                .await?;
+
+            Ok(serde_json::to_string(&json!({
+                "imported_count": imported_count,
+                "total_count": total_count,
+                "keys": keys,
+            }))?)
+        }))
+    }
+
+    /// Encrypt the list of exported room keys using the given passphrase.
+    ///
+    /// `exported_room_keys` is a list of sessions that should be encrypted
+    /// (it's generally returned by `export_room_keys`). `passphrase` is the
+    /// passphrase that will be used to encrypt the exported room keys. And
+    /// `rounds` is the number of rounds that should be used for the key
+    /// derivation when the passphrase gets turned into an AES key. More rounds
+    /// are increasingly computationnally intensive and as such help against
+    /// brute-force attacks. Should be at least `10_000`, while values in the
+    /// `100_000` ranges should be preferred.
+    #[wasm_bindgen(js_name = "encryptExportedRoomKeys")]
+    pub fn encrypt_exported_room_keys(
+        exported_room_keys: &str,
+        passphrase: &str,
+        rounds: u32,
+    ) -> Result<String, JsError> {
+        let exported_room_keys: Vec<matrix_sdk_crypto::olm::ExportedRoomKey> =
+            serde_json::from_str(exported_room_keys)?;
+
+        Ok(matrix_sdk_crypto::encrypt_room_key_export(&exported_room_keys, passphrase, rounds)?)
+    }
+
+    /// Try to decrypt a reader into a list of exported room keys.
+    ///
+    /// `encrypted_exported_room_keys` is the result from
+    /// `encrypt_exported_room_keys`. `passphrase` is the passphrase that was
+    /// used when calling `encrypt_exported_room_keys`.
+    #[wasm_bindgen(js_name = "decryptExportedRoomKeys")]
+    pub fn decrypt_exported_room_keys(
+        encrypted_exported_room_keys: &str,
+        passphrase: &str,
+    ) -> Result<String, JsError> {
+        Ok(serde_json::to_string(&matrix_sdk_crypto::decrypt_room_key_export(
+            encrypted_exported_room_keys.as_bytes(),
+            passphrase,
+        )?)?)
+    }
+}
@@ -0,0 +1,33 @@
+/// We have the following pattern quite often in our code:
+///
+/// ```rust
+/// struct Foo {
+///     inner: Bar,
+/// }
+///
+/// impl From<Bar> for Foo {
+///     fn from(inner: Bar) -> Self {
+///         Self { inner }
+///     }
+/// }
+/// ```
+///
+/// Because I feel lazy, let's do a macro to write this:
+///
+/// ```rust
+/// struct Foo {
+///     inner: Bar,
+/// }
+///
+/// impl_from_to_inner!(Bar => Foo);
+/// ```
+#[macro_export]
+macro_rules! impl_from_to_inner {
+    ($from:ty => $to:ty) => {
+        impl From<$from> for $to {
+            fn from(inner: $from) -> Self {
+                Self { inner }
+            }
+        }
+    };
+}
@@ -0,0 +1,72 @@
+//! Olm types.
+
+use wasm_bindgen::prelude::*;
+
+use crate::{identifiers, impl_from_to_inner};
+
+/// Struct representing the state of our private cross signing keys,
+/// it shows which private cross signing keys we have locally stored.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct CrossSigningStatus {
+    inner: matrix_sdk_crypto::olm::CrossSigningStatus,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::olm::CrossSigningStatus => CrossSigningStatus);
+
+#[wasm_bindgen]
+impl CrossSigningStatus {
+    /// Do we have the master key?
+    #[wasm_bindgen(getter, js_name = "hasMaster")]
+    pub fn has_master(&self) -> bool {
+        self.inner.has_master
+    }
+
+    /// Do we have the self signing key? This one is necessary to sign
+    /// our own devices.
+    #[wasm_bindgen(getter, js_name = "hasSelfSigning")]
+    pub fn has_self_signing(&self) -> bool {
+        self.inner.has_self_signing
+    }
+
+    /// Do we have the user signing key? This one is necessary to sign
+    /// other users.
+    #[wasm_bindgen(getter, js_name = "hasUserSigning")]
+    pub fn has_user_signing(&self) -> bool {
+        self.inner.has_user_signing
+    }
+}
+
+/// Inbound group session.
+///
+/// Inbound group sessions are used to exchange room messages between a group of
+/// participants. Inbound group sessions are used to decrypt the room messages.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct InboundGroupSession {
+    inner: matrix_sdk_crypto::olm::InboundGroupSession,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::olm::InboundGroupSession => InboundGroupSession);
+
+#[wasm_bindgen]
+impl InboundGroupSession {
+    /// The room where this session is used in.
+    #[wasm_bindgen(getter, js_name = "roomId")]
+    pub fn room_id(&self) -> identifiers::RoomId {
+        self.inner.room_id().to_owned().into()
+    }
+
+    /// Returns the unique identifier for this session.
+    #[wasm_bindgen(getter, js_name = "sessionId")]
+    pub fn session_id(&self) -> String {
+        self.inner.session_id().to_owned()
+    }
+
+    /// Has the session been imported from a file or server-side backup? As
+    /// opposed to being directly received as an `m.room_key` event.
+    #[wasm_bindgen(js_name = "hasBeenImported")]
+    pub fn has_been_imported(&self) -> bool {
+        self.inner.has_been_imported()
+    }
+}
@@ -0,0 +1,419 @@
+//! Types to handle requests.
+
+use js_sys::JsString;
+use matrix_sdk_crypto::{
+    requests::{
+        KeysBackupRequest as OriginalKeysBackupRequest,
+        KeysQueryRequest as OriginalKeysQueryRequest,
+        RoomMessageRequest as OriginalRoomMessageRequest,
+        ToDeviceRequest as OriginalToDeviceRequest,
+        UploadSigningKeysRequest as OriginalUploadSigningKeysRequest,
+    },
+    OutgoingRequests,
+};
+use ruma::api::client::keys::{
+    claim_keys::v3::Request as OriginalKeysClaimRequest,
+    upload_keys::v3::Request as OriginalKeysUploadRequest,
+    upload_signatures::v3::Request as OriginalSignatureUploadRequest,
+};
+use wasm_bindgen::prelude::*;
+
+/** Outgoing Requests * */
+
+/// Data for a request to the `/keys/upload` API endpoint
+/// ([specification]).
+///
+/// Publishes end-to-end encryption keys for the device.
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#post_matrixclientv3keysupload
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct KeysUploadRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"device_keys": …, "one_time_keys": …, "fallback_keys": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl KeysUploadRequest {
+    /// Create a new `KeysUploadRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> KeysUploadRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::KeysUpload
+    }
+}
+
+/// Data for a request to the `/keys/query` API endpoint
+/// ([specification]).
+///
+/// Returns the current devices and identity keys for the given users.
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#post_matrixclientv3keysquery
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct KeysQueryRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"timeout": …, "device_keys": …, "token": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl KeysQueryRequest {
+    /// Create a new `KeysQueryRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> KeysQueryRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::KeysQuery
+    }
+}
+
+/// Data for a request to the `/keys/claim` API endpoint
+/// ([specification]).
+///
+/// Claims one-time keys that can be used to establish 1-to-1 E2EE
+/// sessions.
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#post_matrixclientv3keysclaim
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct KeysClaimRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"timeout": …, "one_time_keys": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl KeysClaimRequest {
+    /// Create a new `KeysClaimRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> KeysClaimRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::KeysClaim
+    }
+}
+
+/// Data for a request to the `/sendToDevice` API endpoint
+/// ([specification]).
+///
+/// Send an event to a single device or to a group of devices.
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#put_matrixclientv3sendtodeviceeventtypetxnid
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct ToDeviceRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"event_type": …, "txn_id": …, "messages": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl ToDeviceRequest {
+    /// Create a new `ToDeviceRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> ToDeviceRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::ToDevice
+    }
+}
+
+/// Data for a request to the `/keys/signatures/upload` API endpoint
+/// ([specification]).
+///
+/// Publishes cross-signing signatures for the user.
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#post_matrixclientv3keyssignaturesupload
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct SignatureUploadRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"signed_keys": …, "txn_id": …, "messages": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl SignatureUploadRequest {
+    /// Create a new `SignatureUploadRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> SignatureUploadRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::SignatureUpload
+    }
+}
+
+/// A customized owned request type for sending out room messages
+/// ([specification]).
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#put_matrixclientv3roomsroomidsendeventtypetxnid
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct RoomMessageRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"room_id": …, "txn_id": …, "content": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl RoomMessageRequest {
+    /// Create a new `RoomMessageRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> RoomMessageRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::RoomMessage
+    }
+}
+
+/// A request that will back up a batch of room keys to the server
+/// ([specification]).
+///
+/// [specification]: https://spec.matrix.org/unstable/client-server-api/#put_matrixclientv3room_keyskeys
+#[derive(Debug)]
+#[wasm_bindgen(getter_with_clone)]
+pub struct KeysBackupRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"rooms": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+/** Other Requests * */
+
+/// Request that will publish a cross signing identity.
+///
+/// This uploads the public cross signing key triplet.
+#[wasm_bindgen(getter_with_clone)]
+#[derive(Debug)]
+pub struct SigningKeysUploadRequest {
+    /// The request ID.
+    #[wasm_bindgen(readonly)]
+    pub id: Option<JsString>,
+
+    /// A JSON-encoded object of form:
+    ///
+    /// ```json
+    /// {"master_key": …, "self_signing_key": …, "user_signing_key": …}
+    /// ```
+    #[wasm_bindgen(readonly)]
+    pub body: JsString,
+}
+
+#[wasm_bindgen]
+impl KeysBackupRequest {
+    /// Create a new `KeysBackupRequest`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(id: JsString, body: JsString) -> KeysBackupRequest {
+        Self { id: Some(id), body }
+    }
+
+    /// Get its request type.
+    #[wasm_bindgen(getter, js_name = "type")]
+    pub fn request_type(&self) -> RequestType {
+        RequestType::KeysBackup
+    }
+}
+
+macro_rules! request {
+    ($destination_request:ident from $source_request:ident maps fields $( $field:ident ),+ $(,)? ) => {
+        impl $destination_request {
+            pub(crate) fn to_json(request: &$source_request) -> Result<String, serde_json::Error> {
+                let mut map = serde_json::Map::new();
+                $(
+                    map.insert(stringify!($field).to_owned(), serde_json::to_value(&request.$field).unwrap());
+                )+
+                let object = serde_json::Value::Object(map);
+
+                serde_json::to_string(&object)
+            }
+        }
+
+        impl TryFrom<&$source_request> for $destination_request {
+            type Error = serde_json::Error;
+
+            fn try_from(request: &$source_request) -> Result<Self, Self::Error> {
+                Ok($destination_request {
+                    id: None,
+                    body: Self::to_json(request)?.into(),
+                })
+            }
+        }
+
+        impl TryFrom<(String, &$source_request)> for $destination_request {
+            type Error = serde_json::Error;
+
+            fn try_from(
+                (request_id, request): (String, &$source_request),
+            ) -> Result<Self, Self::Error> {
+                Ok($destination_request {
+                    id: Some(request_id.into()),
+                    body: Self::to_json(request)?.into(),
+                })
+            }
+        }
+    };
+}
+
+// Outgoing Requests
+request!(KeysUploadRequest from OriginalKeysUploadRequest maps fields device_keys, one_time_keys, fallback_keys);
+request!(KeysQueryRequest from OriginalKeysQueryRequest maps fields timeout, device_keys, token);
+request!(KeysClaimRequest from OriginalKeysClaimRequest maps fields timeout, one_time_keys);
+request!(ToDeviceRequest from OriginalToDeviceRequest maps fields event_type, txn_id, messages);
+request!(SignatureUploadRequest from OriginalSignatureUploadRequest maps fields signed_keys);
+request!(RoomMessageRequest from OriginalRoomMessageRequest maps fields room_id, txn_id, content);
+request!(KeysBackupRequest from OriginalKeysBackupRequest maps fields rooms);
+
+// Other Requests
+request!(SigningKeysUploadRequest from OriginalUploadSigningKeysRequest maps fields master_key, self_signing_key, user_signing_key);
+
+// JavaScript has no complex enums like Rust. To return structs of
+// different types, we have no choice that hiding everything behind a
+// `JsValue`.
+pub(crate) struct OutgoingRequest(pub(crate) matrix_sdk_crypto::OutgoingRequest);
+
+impl TryFrom<OutgoingRequest> for JsValue {
+    type Error = serde_json::Error;
+
+    fn try_from(outgoing_request: OutgoingRequest) -> Result<Self, Self::Error> {
+        let request_id = outgoing_request.0.request_id().to_string();
+
+        Ok(match outgoing_request.0.request() {
+            OutgoingRequests::KeysUpload(request) => {
+                JsValue::from(KeysUploadRequest::try_from((request_id, request))?)
+            }
+
+            OutgoingRequests::KeysQuery(request) => {
+                JsValue::from(KeysQueryRequest::try_from((request_id, request))?)
+            }
+
+            OutgoingRequests::KeysClaim(request) => {
+                JsValue::from(KeysClaimRequest::try_from((request_id, request))?)
+            }
+
+            OutgoingRequests::ToDeviceRequest(request) => {
+                JsValue::from(ToDeviceRequest::try_from((request_id, request))?)
+            }
+
+            OutgoingRequests::SignatureUpload(request) => {
+                JsValue::from(SignatureUploadRequest::try_from((request_id, request))?)
+            }
+
+            OutgoingRequests::RoomMessage(request) => {
+                JsValue::from(RoomMessageRequest::try_from((request_id, request))?)
+            }
+
+            OutgoingRequests::KeysBackup(request) => {
+                JsValue::from(KeysBackupRequest::try_from((request_id, request))?)
+            }
+        })
+    }
+}
+
+/// Represent the type of a request.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub enum RequestType {
+    /// Represents a `KeysUploadRequest`.
+    KeysUpload,
+
+    /// Represents a `KeysQueryRequest`.
+    KeysQuery,
+
+    /// Represents a `KeysClaimRequest`.
+    KeysClaim,
+
+    /// Represents a `ToDeviceRequest`.
+    ToDevice,
+
+    /// Represents a `SignatureUploadRequest`.
+    SignatureUpload,
+
+    /// Represents a `RoomMessageRequest`.
+    RoomMessage,
+
+    /// Represents a `KeysBackupRequest`.
+    KeysBackup,
+}
@@ -0,0 +1,206 @@
+//! Types related to responses.
+
+use std::borrow::Borrow;
+
+use js_sys::{Array, JsString};
+use matrix_sdk_common::deserialized_responses::{AlgorithmInfo, EncryptionInfo};
+use matrix_sdk_crypto::IncomingResponse;
+pub(crate) use ruma::api::client::{
+    backup::add_backup_keys::v3::Response as KeysBackupResponse,
+    keys::{
+        claim_keys::v3::Response as KeysClaimResponse, get_keys::v3::Response as KeysQueryResponse,
+        upload_keys::v3::Response as KeysUploadResponse,
+        upload_signatures::v3::Response as SignatureUploadResponse,
+    },
+    message::send_message_event::v3::Response as RoomMessageResponse,
+    to_device::send_event_to_device::v3::Response as ToDeviceResponse,
+};
+use ruma::api::IncomingResponse as RumaIncomingResponse;
+use wasm_bindgen::prelude::*;
+
+use crate::{encryption, identifiers, requests::RequestType};
+
+pub(crate) fn response_from_string(body: &str) -> http::Result<http::Response<Vec<u8>>> {
+    http::Response::builder().status(200).body(body.as_bytes().to_vec())
+}
+
+/// Intermediate private type to store an incoming owned response,
+/// without the need to manage lifetime.
+pub(crate) enum OwnedResponse {
+    KeysUpload(KeysUploadResponse),
+    KeysQuery(KeysQueryResponse),
+    KeysClaim(KeysClaimResponse),
+    ToDevice(ToDeviceResponse),
+    SignatureUpload(SignatureUploadResponse),
+    RoomMessage(RoomMessageResponse),
+    KeysBackup(KeysBackupResponse),
+}
+
+impl From<KeysUploadResponse> for OwnedResponse {
+    fn from(response: KeysUploadResponse) -> Self {
+        OwnedResponse::KeysUpload(response)
+    }
+}
+
+impl From<KeysQueryResponse> for OwnedResponse {
+    fn from(response: KeysQueryResponse) -> Self {
+        OwnedResponse::KeysQuery(response)
+    }
+}
+
+impl From<KeysClaimResponse> for OwnedResponse {
+    fn from(response: KeysClaimResponse) -> Self {
+        OwnedResponse::KeysClaim(response)
+    }
+}
+
+impl From<ToDeviceResponse> for OwnedResponse {
+    fn from(response: ToDeviceResponse) -> Self {
+        OwnedResponse::ToDevice(response)
+    }
+}
+
+impl From<SignatureUploadResponse> for OwnedResponse {
+    fn from(response: SignatureUploadResponse) -> Self {
+        Self::SignatureUpload(response)
+    }
+}
+
+impl From<RoomMessageResponse> for OwnedResponse {
+    fn from(response: RoomMessageResponse) -> Self {
+        OwnedResponse::RoomMessage(response)
+    }
+}
+
+impl From<KeysBackupResponse> for OwnedResponse {
+    fn from(r: KeysBackupResponse) -> Self {
+        Self::KeysBackup(r)
+    }
+}
+
+impl TryFrom<(RequestType, http::Response<Vec<u8>>)> for OwnedResponse {
+    type Error = JsError;
+
+    fn try_from(
+        (request_type, response): (RequestType, http::Response<Vec<u8>>),
+    ) -> Result<Self, Self::Error> {
+        match request_type {
+            RequestType::KeysUpload => {
+                KeysUploadResponse::try_from_http_response(response).map(Into::into)
+            }
+
+            RequestType::KeysQuery => {
+                KeysQueryResponse::try_from_http_response(response).map(Into::into)
+            }
+
+            RequestType::KeysClaim => {
+                KeysClaimResponse::try_from_http_response(response).map(Into::into)
+            }
+
+            RequestType::ToDevice => {
+                ToDeviceResponse::try_from_http_response(response).map(Into::into)
+            }
+
+            RequestType::SignatureUpload => {
+                SignatureUploadResponse::try_from_http_response(response).map(Into::into)
+            }
+
+            RequestType::RoomMessage => {
+                RoomMessageResponse::try_from_http_response(response).map(Into::into)
+            }
+
+            RequestType::KeysBackup => {
+                KeysBackupResponse::try_from_http_response(response).map(Into::into)
+            }
+        }
+        .map_err(JsError::from)
+    }
+}
+
+impl<'a> From<&'a OwnedResponse> for IncomingResponse<'a> {
+    fn from(response: &'a OwnedResponse) -> Self {
+        match response {
+            OwnedResponse::KeysUpload(response) => IncomingResponse::KeysUpload(response),
+            OwnedResponse::KeysQuery(response) => IncomingResponse::KeysQuery(response),
+            OwnedResponse::KeysClaim(response) => IncomingResponse::KeysClaim(response),
+            OwnedResponse::ToDevice(response) => IncomingResponse::ToDevice(response),
+            OwnedResponse::SignatureUpload(response) => IncomingResponse::SignatureUpload(response),
+            OwnedResponse::RoomMessage(response) => IncomingResponse::RoomMessage(response),
+            OwnedResponse::KeysBackup(response) => IncomingResponse::KeysBackup(response),
+        }
+    }
+}
+
+/// A decrypted room event.
+#[wasm_bindgen(getter_with_clone)]
+#[derive(Debug)]
+pub struct DecryptedRoomEvent {
+    /// The JSON-encoded decrypted event.
+    #[wasm_bindgen(readonly)]
+    pub event: JsString,
+
+    encryption_info: Option<EncryptionInfo>,
+}
+
+#[wasm_bindgen]
+impl DecryptedRoomEvent {
+    /// The user ID of the event sender, note this is untrusted data
+    /// unless the `verification_state` is as well trusted.
+    #[wasm_bindgen(getter)]
+    pub fn sender(&self) -> Option<identifiers::UserId> {
+        Some(identifiers::UserId::from(self.encryption_info.as_ref()?.sender.clone()))
+    }
+
+    /// The device ID of the device that sent us the event, note this
+    /// is untrusted data unless `verification_state` is as well
+    /// trusted.
+    #[wasm_bindgen(getter, js_name = "senderDevice")]
+    pub fn sender_device(&self) -> Option<identifiers::DeviceId> {
+        Some(identifiers::DeviceId::from(self.encryption_info.as_ref()?.sender_device.clone()))
+    }
+
+    /// The Curve25519 key of the device that created the megolm
+    /// decryption key originally.
+    #[wasm_bindgen(getter, js_name = "senderCurve25519Key")]
+    pub fn sender_curve25519_key(&self) -> Option<JsString> {
+        Some(match &self.encryption_info.as_ref()?.algorithm_info {
+            AlgorithmInfo::MegolmV1AesSha2 { curve25519_key, .. } => curve25519_key.clone().into(),
+        })
+    }
+
+    /// The signing Ed25519 key that have created the megolm key that
+    /// was used to decrypt this session.
+    #[wasm_bindgen(getter, js_name = "senderClaimedEd25519Key")]
+    pub fn sender_claimed_ed25519_key(&self) -> Option<JsString> {
+        match &self.encryption_info.as_ref()?.algorithm_info {
+            AlgorithmInfo::MegolmV1AesSha2 { sender_claimed_keys, .. } => {
+                sender_claimed_keys.get(&ruma::DeviceKeyAlgorithm::Ed25519).cloned().map(Into::into)
+            }
+        }
+    }
+
+    /// Chain of Curve25519 keys through which this session was
+    /// forwarded, via `m.forwarded_room_key` events.
+    #[wasm_bindgen(getter, js_name = "forwardingCurve25519KeyChain")]
+    pub fn forwarding_curve25519_key_chain(&self) -> Array {
+        Array::new()
+    }
+
+    /// The verification state of the device that sent us the event,
+    /// note this is the state of the device at the time of
+    /// decryption. It may change in the future if a device gets
+    /// verified or deleted.
+    #[wasm_bindgen(getter, js_name = "verificationState")]
+    pub fn verification_state(&self) -> Option<encryption::VerificationState> {
+        Some((self.encryption_info.as_ref()?.verification_state.borrow()).into())
+    }
+}
+
+impl From<matrix_sdk_common::deserialized_responses::TimelineEvent> for DecryptedRoomEvent {
+    fn from(value: matrix_sdk_common::deserialized_responses::TimelineEvent) -> Self {
+        Self {
+            event: value.event.json().get().to_owned().into(),
+            encryption_info: value.encryption_info,
+        }
+    }
+}
@@ -0,0 +1,36 @@
+//! Store types.
+
+use wasm_bindgen::prelude::*;
+
+use crate::impl_from_to_inner;
+
+/// A struct containing private cross signing keys that can be backed
+/// up or uploaded to the secret store.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct CrossSigningKeyExport {
+    pub(crate) inner: matrix_sdk_crypto::store::CrossSigningKeyExport,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::store::CrossSigningKeyExport => CrossSigningKeyExport);
+
+#[wasm_bindgen]
+impl CrossSigningKeyExport {
+    /// The seed of the master key encoded as unpadded base64.
+    #[wasm_bindgen(getter, js_name = "masterKey")]
+    pub fn master_key(&self) -> Option<String> {
+        self.inner.master_key.clone()
+    }
+
+    /// The seed of the self signing key encoded as unpadded base64.
+    #[wasm_bindgen(getter, js_name = "self_signing_key")]
+    pub fn self_signing_key(&self) -> Option<String> {
+        self.inner.self_signing_key.clone()
+    }
+
+    /// The seed of the user signing key encoded as unpadded base64.
+    #[wasm_bindgen(getter, js_name = "userSigningKey")]
+    pub fn user_signing_key(&self) -> Option<String> {
+        self.inner.user_signing_key.clone()
+    }
+}
@@ -0,0 +1,69 @@
+//! `GET /_matrix/client/*/sync`
+
+use js_sys::Array;
+use wasm_bindgen::prelude::*;
+
+use crate::{identifiers, js::downcast};
+
+/// Information on E2E device updates.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct DeviceLists {
+    pub(crate) inner: ruma::api::client::sync::sync_events::v3::DeviceLists,
+}
+
+#[wasm_bindgen]
+impl DeviceLists {
+    /// Create an empty `DeviceLists`.
+    ///
+    /// `changed` and `left` must be an array of `UserId`.
+    #[wasm_bindgen(constructor)]
+    pub fn new(changed: Option<Array>, left: Option<Array>) -> Result<DeviceLists, JsError> {
+        let mut inner = ruma::api::client::sync::sync_events::v3::DeviceLists::default();
+
+        inner.changed = changed
+            .unwrap_or_default()
+            .iter()
+            .map(|user| Ok(downcast::<identifiers::UserId>(&user, "UserId")?.inner.clone()))
+            .collect::<Result<Vec<ruma::OwnedUserId>, JsError>>()?;
+
+        inner.left = left
+            .unwrap_or_default()
+            .iter()
+            .map(|user| Ok(downcast::<identifiers::UserId>(&user, "UserId")?.inner.clone()))
+            .collect::<Result<Vec<ruma::OwnedUserId>, JsError>>()?;
+
+        Ok(Self { inner })
+    }
+
+    /// Returns true if there are no device list updates.
+    #[wasm_bindgen(js_name = "isEmpty")]
+    pub fn is_empty(&self) -> bool {
+        self.inner.is_empty()
+    }
+
+    /// List of users who have updated their device identity keys or
+    /// who now share an encrypted room with the client since the
+    /// previous sync
+    #[wasm_bindgen(getter)]
+    pub fn changed(&self) -> Array {
+        self.inner
+            .changed
+            .iter()
+            .map(|user| identifiers::UserId::from(user.clone()))
+            .map(JsValue::from)
+            .collect()
+    }
+
+    /// List of users who no longer share encrypted rooms since the
+    /// previous sync response.
+    #[wasm_bindgen(getter)]
+    pub fn left(&self) -> Array {
+        self.inner
+            .left
+            .iter()
+            .map(|user| identifiers::UserId::from(user.clone()))
+            .map(JsValue::from)
+            .collect()
+    }
+}
@@ -0,0 +1,290 @@
+use wasm_bindgen::prelude::*;
+
+/// Logger level.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub enum LoggerLevel {
+    /// `TRACE` level.
+    ///
+    /// Designate very low priority, often extremely verbose,
+    /// information.
+    Trace,
+
+    /// `DEBUG` level.
+    ///
+    /// Designate lower priority information.
+    Debug,
+
+    /// `INFO` level.
+    ///
+    /// Designate useful information.
+    Info,
+
+    /// `WARN` level.
+    ///
+    /// Designate hazardous situations.
+    Warn,
+
+    /// `ERROR` level.
+    ///
+    /// Designate very serious errors.
+    Error,
+}
+
+#[cfg(feature = "tracing")]
+mod inner {
+    use std::{
+        fmt,
+        fmt::Write as _,
+        sync::{Arc, Once},
+    };
+
+    use tracing::{
+        field::{Field, Visit},
+        metadata::LevelFilter,
+        Event, Level, Metadata, Subscriber,
+    };
+    use tracing_subscriber::{
+        layer::{Context, Layer as TracingLayer},
+        prelude::*,
+        reload, Registry,
+    };
+
+    use super::*;
+
+    type TracingInner = Arc<reload::Handle<Layer, Registry>>;
+
+    /// Type to install and to manipulate the tracing layer.
+    #[wasm_bindgen]
+    pub struct Tracing {
+        handle: TracingInner,
+    }
+
+    impl fmt::Debug for Tracing {
+        fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+            f.debug_struct("Tracing").finish_non_exhaustive()
+        }
+    }
+
+    #[wasm_bindgen]
+    impl Tracing {
+        /// Check whether the `tracing` feature has been enabled.
+        #[wasm_bindgen(js_name = "isAvailable")]
+        pub fn is_available() -> bool {
+            true
+        }
+
+        /// Install the tracing layer.
+        ///
+        /// `Tracing` is a singleton. Once it is installed,
+        /// consecutive calls to the constructor will construct a new
+        /// `Tracing` object but with the exact same inner
+        /// state. Calling the constructor with a new `min_level` will
+        /// just update the `min_level` parameter; in that regard, it
+        /// is similar to calling the `min_level` method on an
+        /// existing `Tracing` object.
+        #[wasm_bindgen(constructor)]
+        pub fn new(min_level: LoggerLevel) -> Result<Tracing, JsError> {
+            static mut INSTALL: Option<TracingInner> = None;
+            static INSTALLED: Once = Once::new();
+
+            INSTALLED.call_once(|| {
+                let (filter, reload_handle) = reload::Layer::new(Layer::new(min_level.clone()));
+
+                tracing_subscriber::registry().with(filter).init();
+
+                unsafe { INSTALL = Some(Arc::new(reload_handle)) };
+            });
+
+            let tracing = Tracing {
+                handle: unsafe { INSTALL.as_ref() }
+                    .cloned()
+                    .expect("`Tracing` has not been installed correctly"),
+            };
+
+            // If it's not the first call to `install`, the
+            // `min_level` can be different. Let's update it.
+            tracing.min_level(min_level);
+
+            Ok(tracing)
+        }
+
+        /// Re-define the minimum logger level.
+        #[wasm_bindgen(setter, js_name = "minLevel")]
+        pub fn min_level(&self, min_level: LoggerLevel) {
+            let _ = self.handle.modify(|layer| layer.min_level = min_level.into());
+        }
+
+        /// Turn the logger on, i.e. it emits logs again if it was turned
+        /// off.
+        #[wasm_bindgen(js_name = "turnOn")]
+        pub fn turn_on(&self) {
+            let _ = self.handle.modify(|layer| layer.turn_on());
+        }
+
+        /// Turn the logger off, i.e. it no long emits logs.
+        #[wasm_bindgen(js_name = "turnOff")]
+        pub fn turn_off(&self) {
+            let _ = self.handle.modify(|layer| layer.turn_off());
+        }
+    }
+
+    impl From<LoggerLevel> for Level {
+        fn from(value: LoggerLevel) -> Self {
+            use LoggerLevel::*;
+
+            match value {
+                Trace => Self::TRACE,
+                Debug => Self::DEBUG,
+                Info => Self::INFO,
+                Warn => Self::WARN,
+                Error => Self::ERROR,
+            }
+        }
+    }
+
+    #[wasm_bindgen]
+    extern "C" {
+        #[wasm_bindgen(js_namespace = console, js_name = "trace")]
+        fn log_trace(message: String);
+
+        #[wasm_bindgen(js_namespace = console, js_name = "debug")]
+        fn log_debug(message: String);
+
+        #[wasm_bindgen(js_namespace = console, js_name = "info")]
+        fn log_info(message: String);
+
+        #[wasm_bindgen(js_namespace = console, js_name = "warn")]
+        fn log_warn(message: String);
+
+        #[wasm_bindgen(js_namespace = console, js_name = "error")]
+        fn log_error(message: String);
+    }
+
+    struct Layer {
+        min_level: Level,
+        enabled: bool,
+    }
+
+    impl Layer {
+        fn new<L>(min_level: L) -> Self
+        where
+            L: Into<Level>,
+        {
+            Self { min_level: min_level.into(), enabled: true }
+        }
+
+        fn turn_on(&mut self) {
+            self.enabled = true;
+        }
+
+        fn turn_off(&mut self) {
+            self.enabled = false;
+        }
+    }
+
+    impl<S> TracingLayer<S> for Layer
+    where
+        S: Subscriber,
+    {
+        fn enabled(&self, metadata: &Metadata<'_>, _: Context<'_, S>) -> bool {
+            self.enabled && metadata.level() <= &self.min_level
+        }
+
+        fn max_level_hint(&self) -> Option<LevelFilter> {
+            if !self.enabled {
+                Some(LevelFilter::OFF)
+            } else {
+                Some(LevelFilter::from_level(self.min_level))
+            }
+        }
+
+        fn on_event(&self, event: &Event<'_>, _: Context<'_, S>) {
+            let mut recorder = StringVisitor::new();
+            event.record(&mut recorder);
+            let metadata = event.metadata();
+            let level = metadata.level();
+
+            let origin = metadata
+                .file()
+                .and_then(|file| metadata.line().map(|ln| format!("{file}:{ln}")))
+                .unwrap_or_default();
+
+            let message = format!("{level} {origin}{recorder}");
+
+            match *level {
+                Level::TRACE => log_trace(message),
+                Level::DEBUG => log_debug(message),
+                Level::INFO => log_info(message),
+                Level::WARN => log_warn(message),
+                Level::ERROR => log_error(message),
+            }
+        }
+    }
+
+    struct StringVisitor {
+        string: String,
+    }
+
+    impl StringVisitor {
+        fn new() -> Self {
+            Self { string: String::new() }
+        }
+    }
+
+    impl Visit for StringVisitor {
+        fn record_debug(&mut self, field: &Field, value: &dyn fmt::Debug) {
+            match field.name() {
+                "message" => {
+                    if !self.string.is_empty() {
+                        self.string.push('\n');
+                    }
+
+                    let _ = write!(self.string, "{value:?}");
+                }
+
+                field_name => {
+                    let _ = write!(self.string, "\n{field_name} = {value:?}");
+                }
+            }
+        }
+    }
+
+    impl fmt::Display for StringVisitor {
+        fn fmt(&self, mut f: &mut fmt::Formatter<'_>) -> fmt::Result {
+            if !self.string.is_empty() {
+                write!(&mut f, " {}", self.string)
+            } else {
+                Ok(())
+            }
+        }
+    }
+}
+
+#[cfg(not(feature = "tracing"))]
+mod inner {
+    use super::*;
+
+    /// Type to install and to manipulate the tracing layer.
+    #[wasm_bindgen]
+    #[derive(Debug)]
+    pub struct Tracing;
+
+    #[wasm_bindgen]
+    impl Tracing {
+        /// Check whether the `tracing` feature has been enabled.
+        #[wasm_bindgen(js_name = "isAvailable")]
+        pub fn is_available() -> bool {
+            false
+        }
+
+        /// The `tracing` feature is not enabled, so this constructor
+        /// will raise an error.
+        #[wasm_bindgen(constructor)]
+        pub fn new(_min_level: LoggerLevel) -> Result<Tracing, JsError> {
+            Err(JsError::new("The `tracing` feature is disabled. Check `Tracing.isAvailable` before constructing `Tracing`"))
+        }
+    }
+}
+
+pub use inner::*;
@@ -0,0 +1,156 @@
+//! Extra types, like `Signatures`.
+
+use js_sys::Map;
+use wasm_bindgen::prelude::*;
+
+use crate::{
+    identifiers::{DeviceKeyId, UserId},
+    impl_from_to_inner,
+    vodozemac::Ed25519Signature,
+};
+
+/// A collection of `Signature`.
+#[wasm_bindgen]
+#[derive(Debug, Default)]
+pub struct Signatures {
+    inner: matrix_sdk_crypto::types::Signatures,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::types::Signatures => Signatures);
+
+#[wasm_bindgen]
+impl Signatures {
+    /// Creates a new, empty, signatures collection.
+    #[wasm_bindgen(constructor)]
+    pub fn new() -> Self {
+        matrix_sdk_crypto::types::Signatures::new().into()
+    }
+
+    /// Add the given signature from the given signer and the given key ID to
+    /// the collection.
+    #[wasm_bindgen(js_name = "addSignature")]
+    pub fn add_signature(
+        &mut self,
+        signer: &UserId,
+        key_id: &DeviceKeyId,
+        signature: &Ed25519Signature,
+    ) -> Option<MaybeSignature> {
+        self.inner
+            .add_signature(signer.inner.clone(), key_id.inner.clone(), signature.inner)
+            .map(Into::into)
+    }
+
+    /// Try to find an Ed25519 signature from the given signer with
+    /// the given key ID.
+    #[wasm_bindgen(js_name = "getSignature")]
+    pub fn get_signature(&self, signer: &UserId, key_id: &DeviceKeyId) -> Option<Ed25519Signature> {
+        self.inner.get_signature(signer.inner.as_ref(), key_id.inner.as_ref()).map(Into::into)
+    }
+
+    /// Get the map of signatures that belong to the given user.
+    pub fn get(&self, signer: &UserId) -> Option<Map> {
+        let map = Map::new();
+
+        for (device_key_id, maybe_signature) in
+            self.inner.get(signer.inner.as_ref()).map(|map| {
+                map.iter().map(|(device_key_id, maybe_signature)| {
+                    (
+                        device_key_id.as_str().to_owned(),
+                        MaybeSignature::from(maybe_signature.clone()),
+                    )
+                })
+            })?
+        {
+            map.set(&device_key_id.into(), &maybe_signature.into());
+        }
+
+        Some(map)
+    }
+
+    /// Remove all the signatures we currently hold.
+    pub fn clear(&mut self) {
+        self.inner.clear();
+    }
+
+    /// Do we hold any signatures or is our collection completely
+    /// empty.
+    #[wasm_bindgen(js_name = "isEmpty")]
+    pub fn is_empty(&self) -> bool {
+        self.inner.is_empty()
+    }
+
+    /// How many signatures do we currently hold.
+    #[wasm_bindgen(getter)]
+    pub fn count(&self) -> usize {
+        self.inner.signature_count()
+    }
+}
+
+/// Represents a potentially decoded signature (but not a validated
+/// one).
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct Signature {
+    inner: matrix_sdk_crypto::types::Signature,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::types::Signature => Signature);
+
+#[wasm_bindgen]
+impl Signature {
+    /// Get the Ed25519 signature, if this is one.
+    #[wasm_bindgen(getter)]
+    pub fn ed25519(&self) -> Option<Ed25519Signature> {
+        self.inner.ed25519().map(Into::into)
+    }
+
+    /// Convert the signature to a base64 encoded string.
+    #[wasm_bindgen(js_name = "toBase64")]
+    pub fn to_base64(&self) -> String {
+        self.inner.to_base64()
+    }
+}
+
+type MaybeSignatureInner =
+    Result<matrix_sdk_crypto::types::Signature, matrix_sdk_crypto::types::InvalidSignature>;
+
+/// Represents a signature that is either valid _or_ that could not be
+/// decoded.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct MaybeSignature {
+    inner: MaybeSignatureInner,
+}
+
+impl_from_to_inner!(MaybeSignatureInner => MaybeSignature);
+
+#[wasm_bindgen]
+impl MaybeSignature {
+    /// Check whether the signature has been successfully decoded.
+    #[wasm_bindgen(js_name = "isValid")]
+    pub fn is_valid(&self) -> bool {
+        self.inner.is_ok()
+    }
+
+    /// Check whether the signature could not be successfully decoded.
+    #[wasm_bindgen(js_name = "isInvalid")]
+    pub fn is_invalid(&self) -> bool {
+        self.inner.is_err()
+    }
+
+    /// The signature, if successfully decoded.
+    #[wasm_bindgen(getter)]
+    pub fn signature(&self) -> Option<Signature> {
+        self.inner.as_ref().cloned().map(Into::into).ok()
+    }
+
+    /// The base64 encoded string that is claimed to contain a
+    /// signature but could not be decoded, if any.
+    #[wasm_bindgen(getter, js_name = "invalidSignatureSource")]
+    pub fn invalid_signature_source(&self) -> Option<String> {
+        match &self.inner {
+            Ok(_) => None,
+            Err(signature) => Some(signature.source.clone()),
+        }
+    }
+}
@@ -0,0 +1,193 @@
+//! Vodozemac types.
+
+use wasm_bindgen::prelude::*;
+
+use crate::impl_from_to_inner;
+
+/// An Ed25519 public key, used to verify digital signatures.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct Ed25519PublicKey {
+    inner: vodozemac::Ed25519PublicKey,
+}
+
+#[wasm_bindgen]
+impl Ed25519PublicKey {
+    /// The number of bytes an Ed25519 public key has.
+    #[wasm_bindgen(getter)]
+    pub fn length(&self) -> usize {
+        vodozemac::Ed25519PublicKey::LENGTH
+    }
+
+    /// Serialize an Ed25519 public key to an unpadded base64
+    /// representation.
+    #[wasm_bindgen(js_name = "toBase64")]
+    pub fn to_base64(&self) -> String {
+        self.inner.to_base64()
+    }
+}
+
+impl_from_to_inner!(vodozemac::Ed25519PublicKey => Ed25519PublicKey);
+
+/// An Ed25519 digital signature, can be used to verify the
+/// authenticity of a message.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct Ed25519Signature {
+    pub(crate) inner: vodozemac::Ed25519Signature,
+}
+
+impl_from_to_inner!(vodozemac::Ed25519Signature => Ed25519Signature);
+
+#[wasm_bindgen]
+impl Ed25519Signature {
+    /// Try to create an Ed25519 signature from an unpadded base64
+    /// representation.
+    #[wasm_bindgen(constructor)]
+    pub fn new(signature: String) -> Result<Ed25519Signature, JsError> {
+        Ok(Self { inner: vodozemac::Ed25519Signature::from_base64(signature.as_str())? })
+    }
+
+    /// Serialize a Ed25519 signature to an unpadded base64
+    /// representation.
+    #[wasm_bindgen(js_name = "toBase64")]
+    pub fn to_base64(&self) -> String {
+        self.inner.to_base64()
+    }
+}
+
+/// A Curve25519 public key.
+#[wasm_bindgen]
+#[derive(Debug, Clone)]
+pub struct Curve25519PublicKey {
+    inner: vodozemac::Curve25519PublicKey,
+}
+
+#[wasm_bindgen]
+impl Curve25519PublicKey {
+    /// The number of bytes a Curve25519 public key has.
+    #[wasm_bindgen(getter)]
+    pub fn length(&self) -> usize {
+        vodozemac::Curve25519PublicKey::LENGTH
+    }
+
+    /// Serialize an Curve25519 public key to an unpadded base64
+    /// representation.
+    #[wasm_bindgen(js_name = "toBase64")]
+    pub fn to_base64(&self) -> String {
+        self.inner.to_base64()
+    }
+}
+
+impl_from_to_inner!(vodozemac::Curve25519PublicKey => Curve25519PublicKey);
+
+/// Struct holding the two public identity keys of an account.
+#[wasm_bindgen(getter_with_clone)]
+#[derive(Debug)]
+pub struct IdentityKeys {
+    /// The Ed25519 public key, used for signing.
+    pub ed25519: Ed25519PublicKey,
+
+    /// The Curve25519 public key, used for establish shared secrets.
+    pub curve25519: Curve25519PublicKey,
+}
+
+impl From<matrix_sdk_crypto::olm::IdentityKeys> for IdentityKeys {
+    fn from(value: matrix_sdk_crypto::olm::IdentityKeys) -> Self {
+        Self {
+            ed25519: Ed25519PublicKey { inner: value.ed25519 },
+            curve25519: Curve25519PublicKey { inner: value.curve25519 },
+        }
+    }
+}
+
+/// An enum over the different key types a device can have.
+///
+/// Currently devices have a curve25519 and ed25519 keypair. The keys
+/// transport format is a base64 encoded string, any unknown key type
+/// will be left as such a string.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub struct DeviceKey {
+    inner: matrix_sdk_crypto::types::DeviceKey,
+}
+
+impl_from_to_inner!(matrix_sdk_crypto::types::DeviceKey => DeviceKey);
+
+#[wasm_bindgen]
+impl DeviceKey {
+    /// Get the name of the device key.
+    #[wasm_bindgen(getter)]
+    pub fn name(&self) -> DeviceKeyName {
+        (&self.inner).into()
+    }
+
+    /// Get the value associated to the `Curve25519` device key name.
+    #[wasm_bindgen(getter)]
+    pub fn curve25519(&self) -> Option<Curve25519PublicKey> {
+        use matrix_sdk_crypto::types::DeviceKey::*;
+
+        match &self.inner {
+            Curve25519(key) => Some((*key).into()),
+            _ => None,
+        }
+    }
+
+    /// Get the value associated to the `Ed25519` device key name.
+    #[wasm_bindgen(getter)]
+    pub fn ed25519(&self) -> Option<Ed25519PublicKey> {
+        use matrix_sdk_crypto::types::DeviceKey::*;
+
+        match &self.inner {
+            Ed25519(key) => Some((*key).into()),
+            _ => None,
+        }
+    }
+
+    /// Get the value associated to the `Unknown` device key name.
+    #[wasm_bindgen(getter)]
+    pub fn unknown(&self) -> Option<String> {
+        use matrix_sdk_crypto::types::DeviceKey::*;
+
+        match &self.inner {
+            Unknown(key) => Some(key.clone()),
+            _ => None,
+        }
+    }
+
+    /// Convert the `DeviceKey` into a base64 encoded string.
+    #[wasm_bindgen(js_name = "toBase64")]
+    pub fn to_base64(&self) -> String {
+        self.inner.to_base64()
+    }
+}
+
+impl From<&matrix_sdk_crypto::types::DeviceKey> for DeviceKeyName {
+    fn from(device_key: &matrix_sdk_crypto::types::DeviceKey) -> Self {
+        use matrix_sdk_crypto::types::DeviceKey::*;
+
+        match device_key {
+            Curve25519(_) => Self::Curve25519,
+            Ed25519(_) => Self::Ed25519,
+            Unknown(_) => Self::Unknown,
+        }
+    }
+}
+
+/// An enum over the different key types a device can have.
+///
+/// Currently devices have a curve25519 and ed25519 keypair. The keys
+/// transport format is a base64 encoded string, any unknown key type
+/// will be left as such a string.
+#[wasm_bindgen]
+#[derive(Debug)]
+pub enum DeviceKeyName {
+    /// The curve25519 device key.
+    Curve25519,
+
+    /// The ed25519 device key.
+    Ed25519,
+
+    /// An unknown device key.
+    Unknown,
+}
@@ -0,0 +1,77 @@
+const { Attachment, EncryptedAttachment } = require('../pkg/matrix_sdk_crypto_js');
+
+describe(Attachment.name, () => {
+    const originalData = 'hello';
+    const textEncoder = new TextEncoder();
+    const textDecoder = new TextDecoder();
+
+    let encryptedAttachment;
+    
+    test('can encrypt data', () => {
+        encryptedAttachment = Attachment.encrypt(textEncoder.encode(originalData));
+
+        const mediaEncryptionInfo = JSON.parse(encryptedAttachment.mediaEncryptionInfo);
+
+        expect(mediaEncryptionInfo).toMatchObject({
+            v: 'v2',
+            key: {
+                kty: expect.any(String),
+                key_ops: expect.arrayContaining(['encrypt', 'decrypt']),
+                alg: expect.any(String),
+                k: expect.any(String),
+                ext: expect.any(Boolean),
+            },
+            iv: expect.stringMatching(/^[A-Za-z0-9\+/]+$/),
+            hashes: {
+                sha256: expect.stringMatching(/^[A-Za-z0-9\+/]+$/)
+            }
+        });
+
+        const encryptedData = encryptedAttachment.encryptedData;
+        expect(encryptedData.every((i) => { i != 0 })).toStrictEqual(false);
+    });
+
+    test('can decrypt data', () => {
+        expect(encryptedAttachment.hasMediaEncryptionInfoBeenConsumed).toStrictEqual(false);
+
+        const decryptedAttachment = Attachment.decrypt(encryptedAttachment);
+
+        expect(textDecoder.decode(decryptedAttachment)).toStrictEqual(originalData);
+        expect(encryptedAttachment.hasMediaEncryptionInfoBeenConsumed).toStrictEqual(true);
+    });
+
+    test('can only decrypt once', () => {
+        expect(encryptedAttachment.hasMediaEncryptionInfoBeenConsumed).toStrictEqual(true);
+
+        expect(() => { textDecoder.decode(decryptedAttachment) }).toThrow()
+    });
+});
+
+describe(EncryptedAttachment.name, () => {
+    const originalData = 'hello';
+    const textDecoder = new TextDecoder();
+
+    test('can be created manually', () => {
+        const encryptedAttachment = new EncryptedAttachment(
+            new Uint8Array([24, 150, 67, 37, 144]),
+            JSON.stringify({
+                v: 'v2',
+                key: {
+                    kty: 'oct',
+                    key_ops: [ 'encrypt', 'decrypt' ],
+                    alg: 'A256CTR',
+                    k: 'QbNXUjuukFyEJ8cQZjJuzN6mMokg0HJIjx0wVMLf5BM',
+                    ext: true
+                },
+                iv: 'xk2AcWkomiYAAAAAAAAAAA',
+                hashes: {
+                    sha256: 'JsRbDXgOja4xvDiF3DwBuLHdxUzIrVYIuj7W/t3aEok'
+                }
+            })
+        );
+
+        expect(encryptedAttachment.hasMediaEncryptionInfoBeenConsumed).toStrictEqual(false);
+        expect(textDecoder.decode(Attachment.decrypt(encryptedAttachment))).toStrictEqual(originalData);
+        expect(encryptedAttachment.hasMediaEncryptionInfoBeenConsumed).toStrictEqual(true);
+    });
+});
@@ -0,0 +1,900 @@
+const {
+    OlmMachine,
+    UserId,
+    DeviceId,
+    DeviceKeyId,
+    RoomId,
+    Device,
+    LocalTrust,
+    UserDevices,
+    DeviceKey,
+    DeviceKeyName,
+    DeviceKeyAlgorithmName,
+    Ed25519PublicKey,
+    Curve25519PublicKey,
+    Signatures,
+    VerificationMethod,
+    VerificationRequest,
+    ToDeviceRequest,
+    DeviceLists,
+    KeysUploadRequest,
+    RequestType,
+    KeysQueryRequest,
+    Sas,
+    Emoji,
+    SigningKeysUploadRequest,
+    SignatureUploadRequest,
+    Qr,
+    QrCode,
+    QrCodeScan,
+} = require('../pkg/matrix_sdk_crypto_js');
+const { zip, addMachineToMachine } = require('./helper');
+
+describe('LocalTrust', () => {
+    test('has the correct variant values', () => {
+        expect(LocalTrust.Verified).toStrictEqual(0);
+        expect(LocalTrust.BlackListed).toStrictEqual(1);
+        expect(LocalTrust.Ignored).toStrictEqual(2);
+        expect(LocalTrust.Unset).toStrictEqual(3);
+    });
+});
+
+describe('DeviceKeyName', () => {
+    test('has the correct variant values', () => {
+        expect(DeviceKeyName.Curve25519).toStrictEqual(0);
+        expect(DeviceKeyName.Ed25519).toStrictEqual(1);
+        expect(DeviceKeyName.Unknown).toStrictEqual(2);
+    });
+});
+
+describe(OlmMachine.name, () => {
+    const user = new UserId('@alice:example.org');
+    const device = new DeviceId('foobar');
+    const room = new RoomId('!baz:matrix.org');
+
+    function machine(new_user, new_device) {
+        return new OlmMachine(new_user || user, new_device || device);
+    }
+
+    test('can read user devices', async () => {
+        const m = await machine();
+        const userDevices = await m.getUserDevices(user);
+
+        expect(userDevices).toBeInstanceOf(UserDevices);
+        expect(userDevices.get(device)).toBeInstanceOf(Device);
+        expect(userDevices.isAnyVerified()).toStrictEqual(false);
+        expect(userDevices.keys().map(device_id => device_id.toString())).toStrictEqual([device.toString()]);
+        expect(userDevices.devices().map(device => device.deviceId.toString())).toStrictEqual([device.toString()]);
+    });
+
+    test('can read a user device', async () => {
+        const m = await machine();
+        const dev = await m.getDevice(user, device);
+
+        expect(dev).toBeInstanceOf(Device);
+        expect(dev.isVerified()).toStrictEqual(false);
+        expect(dev.isCrossSigningTrusted()).toStrictEqual(false);
+
+        expect(dev.localTrustState).toStrictEqual(LocalTrust.Unset);
+        expect(dev.isLocallyTrusted()).toStrictEqual(false);
+        expect(await dev.setLocalTrust(LocalTrust.Verified)).toBeNull();
+        expect(dev.localTrustState).toStrictEqual(LocalTrust.Verified);
+        expect(dev.isLocallyTrusted()).toStrictEqual(true);
+
+        expect(dev.userId.toString()).toStrictEqual(user.toString());
+        expect(dev.deviceId.toString()).toStrictEqual(device.toString());
+        expect(dev.deviceName).toBeUndefined();
+
+        const deviceKey = dev.getKey(DeviceKeyAlgorithmName.Ed25519);
+
+        expect(deviceKey).toBeInstanceOf(DeviceKey);
+        expect(deviceKey.name).toStrictEqual(DeviceKeyName.Ed25519);
+        expect(deviceKey.curve25519).toBeUndefined();
+        expect(deviceKey.ed25519).toBeInstanceOf(Ed25519PublicKey);
+        expect(deviceKey.unknown).toBeUndefined();
+        expect(deviceKey.toBase64()).toMatch(/^[A-Za-z0-9\+/]+$/);
+
+        expect(dev.curve25519Key).toBeInstanceOf(Curve25519PublicKey);
+        expect(dev.ed25519Key).toBeInstanceOf(Ed25519PublicKey);
+
+        for (const [deviceKeyId, deviceKey] of dev.keys) {
+            expect(deviceKeyId).toBeInstanceOf(DeviceKeyId);
+            expect(deviceKey).toBeInstanceOf(DeviceKey);
+        }
+
+        expect(dev.signatures).toBeInstanceOf(Signatures);
+        expect(dev.isBlacklisted()).toStrictEqual(false);
+        expect(dev.isDeleted()).toStrictEqual(false);
+    });
+});
+
+describe('Key Verification', () => {
+    const userId1 = new UserId('@alice:example.org');
+    const deviceId1 = new DeviceId('alice_device');
+
+    const userId2 = new UserId('@bob:example.org');
+    const deviceId2 = new DeviceId('bob_device');
+
+    function machine(new_user, new_device) {
+        return new OlmMachine(new_user || userId1, new_device || deviceId1);
+    }
+
+    describe('SAS', () => {
+        // First Olm machine.
+        let m1;
+
+        // Second Olm machine.
+        let m2;
+
+        beforeAll(async () => {
+            m1 = await machine(userId1, deviceId1);
+            m2 = await machine(userId2, deviceId2);
+        });
+
+        // Verification request for `m1`.
+        let verificationRequest1;
+
+        // The flow ID.
+        let flowId;
+
+        test('can request verification (`m.key.verification.request`)', async () => {
+            // Make `m1` and `m2` be aware of each other.
+            {
+                await addMachineToMachine(m2, m1);
+                await addMachineToMachine(m1, m2);
+            }
+
+            // Pick the device we want to start the verification with.
+            const device2 = await m1.getDevice(userId2, deviceId2);
+
+            expect(device2).toBeInstanceOf(Device);
+
+            let outgoingVerificationRequest;
+            // Request a verification from `m1` to `device2`.
+            [verificationRequest1, outgoingVerificationRequest] = await device2.requestVerification();
+
+            expect(verificationRequest1).toBeInstanceOf(VerificationRequest);
+
+            expect(verificationRequest1.ownUserId.toString()).toStrictEqual(userId1.toString());
+            expect(verificationRequest1.otherUserId.toString()).toStrictEqual(userId2.toString());
+            expect(verificationRequest1.otherDeviceId).toBeUndefined();
+            expect(verificationRequest1.roomId).toBeUndefined();
+            expect(verificationRequest1.cancelInfo).toBeUndefined();
+            expect(verificationRequest1.isPassive()).toStrictEqual(false);
+            expect(verificationRequest1.isReady()).toStrictEqual(false);
+            expect(verificationRequest1.timedOut()).toStrictEqual(false);
+            expect(verificationRequest1.theirSupportedMethods).toBeUndefined();
+            expect(verificationRequest1.ourSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.SasV1, VerificationMethod.ReciprocateV1]));
+            expect(verificationRequest1.flowId).toMatch(/^[a-f0-9]+$/);
+            expect(verificationRequest1.isSelfVerification()).toStrictEqual(false);
+            expect(verificationRequest1.weStarted()).toStrictEqual(true);
+            expect(verificationRequest1.isDone()).toStrictEqual(false);
+            expect(verificationRequest1.isCancelled()).toStrictEqual(false);
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.request');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId2.toString()][deviceId2.toString()],
+                }]
+            };
+
+            // Let's send the verification request to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+
+            flowId = verificationRequest1.flowId;
+        });
+
+        // Verification request for `m2`.
+        let verificationRequest2;
+
+        test('can fetch received request verification', async () => {
+            // Oh, a new verification request.
+            verificationRequest2 = m2.getVerificationRequest(userId1, flowId);
+
+            expect(verificationRequest2).toBeInstanceOf(VerificationRequest);
+
+            expect(verificationRequest2.ownUserId.toString()).toStrictEqual(userId2.toString());
+            expect(verificationRequest2.otherUserId.toString()).toStrictEqual(userId1.toString());
+            expect(verificationRequest2.otherDeviceId.toString()).toStrictEqual(deviceId1.toString());
+            expect(verificationRequest2.roomId).toBeUndefined();
+            expect(verificationRequest2.cancelInfo).toBeUndefined();
+            expect(verificationRequest2.isPassive()).toStrictEqual(false);
+            expect(verificationRequest2.isReady()).toStrictEqual(false);
+            expect(verificationRequest2.timedOut()).toStrictEqual(false);
+            expect(verificationRequest2.theirSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.SasV1, VerificationMethod.ReciprocateV1]));
+            expect(verificationRequest2.ourSupportedMethods).toBeUndefined();
+            expect(verificationRequest2.flowId).toStrictEqual(flowId);
+            expect(verificationRequest2.isSelfVerification()).toStrictEqual(false);
+            expect(verificationRequest2.weStarted()).toStrictEqual(false);
+            expect(verificationRequest2.isDone()).toStrictEqual(false);
+            expect(verificationRequest2.isCancelled()).toStrictEqual(false);
+
+            const verificationRequests = m2.getVerificationRequests(userId1);
+            expect(verificationRequests).toHaveLength(1);
+            expect(verificationRequests[0].flowId).toStrictEqual(verificationRequest2.flowId); // there are the same
+        });
+
+        test('can accept a verification request (`m.key.verification.ready`)', async () => {
+            // Accept the verification request.
+            let outgoingVerificationRequest = verificationRequest2.accept();
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            // The request verification is ready.
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.ready');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId2.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId1.toString()][deviceId1.toString()],
+                }],
+            };
+
+            // Let's send the verification ready to `m1`.
+            await m1.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        test('verification requests are synchronized and automatically updated', () => {
+            expect(verificationRequest1.isReady()).toStrictEqual(true);
+            expect(verificationRequest2.isReady()).toStrictEqual(true);
+
+            expect(verificationRequest1.theirSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.SasV1, VerificationMethod.ReciprocateV1]));
+            expect(verificationRequest1.ourSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.SasV1, VerificationMethod.ReciprocateV1]));
+
+            expect(verificationRequest2.theirSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.SasV1, VerificationMethod.ReciprocateV1]));
+            expect(verificationRequest2.ourSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.SasV1, VerificationMethod.ReciprocateV1]));
+        });
+
+        // SAS verification for the second machine.
+        let sas2;
+
+        test('can start a SAS verification (`m.key.verification.start`)', async () => {
+            // Let's start a SAS verification, from `m2` for example.
+            [sas2, outgoingVerificationRequest] = await verificationRequest2.startSas();
+            expect(sas2).toBeInstanceOf(Sas);
+
+            expect(sas2.userId.toString()).toStrictEqual(userId2.toString());
+            expect(sas2.deviceId.toString()).toStrictEqual(deviceId2.toString());
+            expect(sas2.otherUserId.toString()).toStrictEqual(userId1.toString());
+            expect(sas2.otherDeviceId.toString()).toStrictEqual(deviceId1.toString());
+            expect(sas2.flowId).toStrictEqual(flowId);
+            expect(sas2.roomId).toBeUndefined();
+            expect(sas2.supportsEmoji()).toStrictEqual(false);
+            expect(sas2.startedFromRequest()).toStrictEqual(true);
+            expect(sas2.isSelfVerification()).toStrictEqual(false);
+            expect(sas2.haveWeConfirmed()).toStrictEqual(false);
+            expect(sas2.hasBeenAccepted()).toStrictEqual(false);
+            expect(sas2.cancelInfo()).toBeUndefined();
+            expect(sas2.weStarted()).toStrictEqual(false);
+            expect(sas2.timedOut()).toStrictEqual(false);
+            expect(sas2.canBePresented()).toStrictEqual(false);
+            expect(sas2.isDone()).toStrictEqual(false);
+            expect(sas2.isCancelled()).toStrictEqual(false);
+            expect(sas2.emoji()).toBeUndefined();
+            expect(sas2.emojiIndex()).toBeUndefined();
+            expect(sas2.decimals()).toBeUndefined();
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.start');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId2.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId1.toString()][deviceId1.toString()],
+                }],
+            };
+
+            // Let's send the SAS start to `m1`.
+            await m1.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        // SAS verification for the second machine.
+        let sas1;
+
+        test('can fetch and accept an ongoing SAS verification (`m.key.verification.accept`)', async () => {
+            // Let's fetch the ongoing SAS verification.
+            sas1 = await m1.getVerification(userId2, flowId);
+
+            expect(sas1).toBeInstanceOf(Sas);
+
+            expect(sas1.userId.toString()).toStrictEqual(userId1.toString());
+            expect(sas1.deviceId.toString()).toStrictEqual(deviceId1.toString());
+            expect(sas1.otherUserId.toString()).toStrictEqual(userId2.toString());
+            expect(sas1.otherDeviceId.toString()).toStrictEqual(deviceId2.toString());
+            expect(sas1.flowId).toStrictEqual(flowId);
+            expect(sas1.roomId).toBeUndefined();
+            expect(sas1.startedFromRequest()).toStrictEqual(true);
+            expect(sas1.isSelfVerification()).toStrictEqual(false);
+            expect(sas1.haveWeConfirmed()).toStrictEqual(false);
+            expect(sas1.hasBeenAccepted()).toStrictEqual(false);
+            expect(sas1.cancelInfo()).toBeUndefined();
+            expect(sas1.weStarted()).toStrictEqual(true);
+            expect(sas1.timedOut()).toStrictEqual(false);
+            expect(sas1.canBePresented()).toStrictEqual(false);
+            expect(sas1.isDone()).toStrictEqual(false);
+            expect(sas1.isCancelled()).toStrictEqual(false);
+            expect(sas1.emoji()).toBeUndefined();
+            expect(sas1.emojiIndex()).toBeUndefined();
+            expect(sas1.decimals()).toBeUndefined();
+
+            // Let's accept thet SAS start request.
+            let outgoingVerificationRequest = sas1.accept();
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.accept');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId2.toString()][deviceId2.toString()],
+                }],
+            };
+
+            // Let's send the SAS accept to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        test('emojis are supported by both sides', () => {
+            expect(sas1.supportsEmoji()).toStrictEqual(true);
+            expect(sas2.supportsEmoji()).toStrictEqual(true);
+        });
+
+        test('one side sends verification key (`m.key.verification.key`)', async () => {
+            // Let's send the verification keys from `m2` to `m1`.
+            const outgoingRequests = await m2.outgoingRequests();
+            let toDeviceRequest = outgoingRequests.find((request) => request.type == RequestType.ToDevice);
+
+            expect(toDeviceRequest).toBeInstanceOf(ToDeviceRequest);
+            const toDeviceRequestId = toDeviceRequest.id;
+            const toDeviceRequestType = toDeviceRequest.type;
+
+            toDeviceRequest = JSON.parse(toDeviceRequest.body);
+            expect(toDeviceRequest.event_type).toStrictEqual('m.key.verification.key');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId2.toString(),
+                    type: toDeviceRequest.event_type,
+                    content: toDeviceRequest.messages[userId1.toString()][deviceId1.toString()],
+                }],
+            };
+
+            // Let's send te SAS key to `m1`.
+            await m1.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+
+            m2.markRequestAsSent(toDeviceRequestId, toDeviceRequestType, '{}');
+        });
+
+        test('other side sends back verification key (`m.key.verification.key`)', async () => {
+            // Let's send the verification keys from `m1` to `m2`.
+            const outgoingRequests = await m1.outgoingRequests();
+            let toDeviceRequest = outgoingRequests.find((request) => request.type == RequestType.ToDevice);
+
+            expect(toDeviceRequest).toBeInstanceOf(ToDeviceRequest);
+            const toDeviceRequestId = toDeviceRequest.id;
+            const toDeviceRequestType = toDeviceRequest.type;
+
+            toDeviceRequest = JSON.parse(toDeviceRequest.body);
+            expect(toDeviceRequest.event_type).toStrictEqual('m.key.verification.key');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: toDeviceRequest.event_type,
+                    content: toDeviceRequest.messages[userId2.toString()][deviceId2.toString()],
+                }],
+            };
+
+            // Let's send te SAS key to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+
+            m1.markRequestAsSent(toDeviceRequestId, toDeviceRequestType, '{}');
+        });
+
+        test('emojis match from both sides', () => {
+            const emojis1 = sas1.emoji();
+            const emojiIndexes1 = sas1.emojiIndex();
+            const emojis2 = sas2.emoji();
+            const emojiIndexes2 = sas2.emojiIndex();
+
+            expect(emojis1).toHaveLength(7);
+            expect(emojiIndexes1).toHaveLength(emojis1.length);
+            expect(emojis2).toHaveLength(emojis1.length);
+            expect(emojiIndexes2).toHaveLength(emojis1.length);
+
+            const isEmoji = /(\u00a9|\u00ae|[\u2000-\u3300]|\ud83c[\ud000-\udfff]|\ud83d[\ud000-\udfff]|\ud83e[\ud000-\udfff])/;
+
+            for (const [emoji1, emojiIndex1, emoji2, emojiIndex2] of zip(emojis1, emojiIndexes1, emojis2, emojiIndexes2)) {
+                expect(emoji1).toBeInstanceOf(Emoji);
+                expect(emoji1.symbol).toMatch(isEmoji);
+                expect(emoji1.description).toBeTruthy();
+
+                expect(emojiIndex1).toBeGreaterThanOrEqual(0);
+                expect(emojiIndex1).toBeLessThanOrEqual(63);
+
+                expect(emoji2).toBeInstanceOf(Emoji);
+                expect(emoji2.symbol).toStrictEqual(emoji1.symbol);
+                expect(emoji2.description).toStrictEqual(emoji1.description);
+
+                expect(emojiIndex2).toStrictEqual(emojiIndex1);
+            }
+        });
+
+        test('decimals match from both sides', () => {
+            const decimals1 = sas1.decimals();
+            const decimals2 = sas2.decimals();
+
+            expect(decimals1).toHaveLength(3);
+            expect(decimals2).toHaveLength(decimals1.length);
+
+            const isDecimal = /^[0-9]{4}$/;
+
+            for (const [decimal1, decimal2] of zip(decimals1, decimals2)) {
+                expect(decimal1.toString()).toMatch(isDecimal);
+
+                expect(decimal2).toStrictEqual(decimal1);
+            }
+        });
+
+        test('can confirm keys match (`m.key.verification.mac`)', async () => {
+            // `m1` confirms.
+            const [outgoingVerificationRequests, signatureUploadRequest] = await sas1.confirm();
+
+            expect(signatureUploadRequest).toBeUndefined();
+            expect(outgoingVerificationRequests).toHaveLength(1);
+
+            let outgoingVerificationRequest = outgoingVerificationRequests[0];
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.mac');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId2.toString()][deviceId2.toString()],
+                }],
+            };
+
+            // Let's send te SAS confirmation to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        test('can confirm back keys match (`m.key.verification.done`)', async () => {
+            // `m2` confirms.
+            const [outgoingVerificationRequests, signatureUploadRequest] = await sas2.confirm();
+
+            expect(signatureUploadRequest).toBeUndefined();
+            expect(outgoingVerificationRequests).toHaveLength(2);
+
+            // `.mac`
+            {
+                let outgoingVerificationRequest = outgoingVerificationRequests[0];
+
+                expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+                outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+                expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.mac');
+
+                const toDeviceEvents = {
+                    events: [{
+                        sender: userId2.toString(),
+                        type: outgoingVerificationRequest.event_type,
+                        content: outgoingVerificationRequest.messages[userId1.toString()][deviceId1.toString()],
+                    }],
+                };
+
+                // Let's send te SAS confirmation to `m1`.
+                await m1.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+            }
+
+            // `.done`
+            {
+                let outgoingVerificationRequest = outgoingVerificationRequests[1];
+
+                expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+                outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+                expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.done');
+
+                const toDeviceEvents = {
+                    events: [{
+                        sender: userId2.toString(),
+                        type: outgoingVerificationRequest.event_type,
+                        content: outgoingVerificationRequest.messages[userId1.toString()][deviceId1.toString()],
+                    }],
+                };
+
+                // Let's send te SAS done to `m1`.
+                await m1.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+            }
+        });
+
+        test('can send final done (`m.key.verification.done`)', async () => {
+            const outgoingRequests = await m1.outgoingRequests();
+            expect(outgoingRequests).toHaveLength(4);
+
+            let toDeviceRequest = outgoingRequests.find((request) => request.type == RequestType.ToDevice);
+
+            expect(toDeviceRequest).toBeInstanceOf(ToDeviceRequest);
+            const toDeviceRequestId = toDeviceRequest.id;
+            const toDeviceRequestType = toDeviceRequest.type;
+
+            toDeviceRequest = JSON.parse(toDeviceRequest.body);
+            expect(toDeviceRequest.event_type).toStrictEqual('m.key.verification.done');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: toDeviceRequest.event_type,
+                    content: toDeviceRequest.messages[userId2.toString()][deviceId2.toString()],
+                }],
+            };
+
+            // Let's send te SAS key to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+
+            m1.markRequestAsSent(toDeviceRequestId, toDeviceRequestType, '{}');
+        });
+
+        test('can see if verification is done', () => {
+            expect(verificationRequest1.isDone()).toStrictEqual(true);
+            expect(verificationRequest2.isDone()).toStrictEqual(true);
+
+            expect(sas1.isDone()).toStrictEqual(true);
+            expect(sas2.isDone()).toStrictEqual(true);
+        });
+    });
+
+    describe('QR Code', () => {
+        if (undefined === Qr) {
+            // qrcode supports is not enabled
+            console.info('qrcode support is disabled, skip the associated test suite');
+
+            return;
+        }
+
+        // First Olm machine.
+        let m1;
+
+        // Second Olm machine.
+        let m2;
+
+        beforeAll(async () => {
+            m1 = await machine(userId1, deviceId1);
+            m2 = await machine(userId2, deviceId2);
+        });
+
+        // Verification request for `m1`.
+        let verificationRequest1;
+
+        // The flow ID.
+        let flowId;
+
+        test('can request verification (`m.key.verification.request`)', async () => {
+            // Make `m1` and `m2` be aware of each other.
+            {
+                await addMachineToMachine(m2, m1);
+                await addMachineToMachine(m1, m2);
+            }
+
+            // Pick the device we want to start the verification with.
+            const device2 = await m1.getDevice(userId2, deviceId2);
+
+            expect(device2).toBeInstanceOf(Device);
+
+            let outgoingVerificationRequest;
+            // Request a verification from `m1` to `device2`.
+            [verificationRequest1, outgoingVerificationRequest] = await device2.requestVerification([
+                VerificationMethod.QrCodeScanV1, // by default
+                VerificationMethod.QrCodeShowV1, // the one we add
+            ]);
+
+            expect(verificationRequest1).toBeInstanceOf(VerificationRequest);
+
+            expect(verificationRequest1.ownUserId.toString()).toStrictEqual(userId1.toString());
+            expect(verificationRequest1.otherUserId.toString()).toStrictEqual(userId2.toString());
+            expect(verificationRequest1.otherDeviceId).toBeUndefined();
+            expect(verificationRequest1.roomId).toBeUndefined();
+            expect(verificationRequest1.cancelInfo).toBeUndefined();
+            expect(verificationRequest1.isPassive()).toStrictEqual(false);
+            expect(verificationRequest1.isReady()).toStrictEqual(false);
+            expect(verificationRequest1.timedOut()).toStrictEqual(false);
+            expect(verificationRequest1.theirSupportedMethods).toBeUndefined();
+            expect(verificationRequest1.ourSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.QrCodeShowV1]));
+            expect(verificationRequest1.flowId).toMatch(/^[a-f0-9]+$/);
+            expect(verificationRequest1.isSelfVerification()).toStrictEqual(false);
+            expect(verificationRequest1.weStarted()).toStrictEqual(true);
+            expect(verificationRequest1.isDone()).toStrictEqual(false);
+            expect(verificationRequest1.isCancelled()).toStrictEqual(false);
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.request');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId2.toString()][deviceId2.toString()],
+                }]
+            };
+
+            // Let's send the verification request to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+
+            flowId = verificationRequest1.flowId;
+        });
+
+        // Verification request for `m2`.
+        let verificationRequest2;
+
+        test('can fetch received request verification', async () => {
+            // Oh, a new verification request.
+            verificationRequest2 = m2.getVerificationRequest(userId1, flowId);
+
+            expect(verificationRequest2).toBeInstanceOf(VerificationRequest);
+
+            expect(verificationRequest2.ownUserId.toString()).toStrictEqual(userId2.toString());
+            expect(verificationRequest2.otherUserId.toString()).toStrictEqual(userId1.toString());
+            expect(verificationRequest2.otherDeviceId.toString()).toStrictEqual(deviceId1.toString());
+            expect(verificationRequest2.roomId).toBeUndefined();
+            expect(verificationRequest2.cancelInfo).toBeUndefined();
+            expect(verificationRequest2.isPassive()).toStrictEqual(false);
+            expect(verificationRequest2.isReady()).toStrictEqual(false);
+            expect(verificationRequest2.timedOut()).toStrictEqual(false);
+            expect(verificationRequest2.theirSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.QrCodeScanV1, VerificationMethod.QrCodeShowV1]));
+            expect(verificationRequest2.ourSupportedMethods).toBeUndefined();
+            expect(verificationRequest2.flowId).toStrictEqual(flowId);
+            expect(verificationRequest2.isSelfVerification()).toStrictEqual(false);
+            expect(verificationRequest2.weStarted()).toStrictEqual(false);
+            expect(verificationRequest2.isDone()).toStrictEqual(false);
+            expect(verificationRequest2.isCancelled()).toStrictEqual(false);
+
+            const verificationRequests = m2.getVerificationRequests(userId1);
+            expect(verificationRequests).toHaveLength(1);
+            expect(verificationRequests[0].flowId).toStrictEqual(verificationRequest2.flowId); // there are the same
+        });
+
+        test('can accept a verification request with methods (`m.key.verification.ready`)', async () => {
+            // Accept the verification request.
+            let outgoingVerificationRequest = verificationRequest2.acceptWithMethods([
+                VerificationMethod.QrCodeScanV1, // by default
+                VerificationMethod.QrCodeShowV1, // the one we add
+            ]);
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            // The request verification is ready.
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.ready');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId2.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId1.toString()][deviceId1.toString()],
+                }],
+            };
+
+            // Let's send the verification ready to `m1`.
+            await m1.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        test('verification requests are synchronized and automatically updated', () => {
+            expect(verificationRequest1.isReady()).toStrictEqual(true);
+            expect(verificationRequest2.isReady()).toStrictEqual(true);
+
+            expect(verificationRequest1.theirSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.QrCodeScanV1, VerificationMethod.QrCodeShowV1]));
+            expect(verificationRequest1.ourSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.QrCodeScanV1, VerificationMethod.QrCodeShowV1]));
+
+            expect(verificationRequest2.theirSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.QrCodeScanV1, VerificationMethod.QrCodeShowV1]));
+            expect(verificationRequest2.ourSupportedMethods).toEqual(expect.arrayContaining([VerificationMethod.QrCodeScanV1, VerificationMethod.QrCodeShowV1]));
+        });
+
+        // QR verification for the second machine.
+        let qr2;
+
+        test('can generate a QR code', async () => {
+            qr2 = await verificationRequest2.generateQrCode();
+
+            expect(qr2).toBeInstanceOf(Qr);
+
+            expect(qr2.hasBeenScanned()).toStrictEqual(false);
+            expect(qr2.hasBeenConfirmed()).toStrictEqual(false);
+            expect(qr2.userId.toString()).toStrictEqual(userId2.toString());
+            expect(qr2.otherUserId.toString()).toStrictEqual(userId1.toString());
+            expect(qr2.otherDeviceId.toString()).toStrictEqual(deviceId1.toString());
+            expect(qr2.weStarted()).toStrictEqual(false);
+            expect(qr2.cancelInfo()).toBeUndefined();
+            expect(qr2.isDone()).toStrictEqual(false);
+            expect(qr2.isCancelled()).toStrictEqual(false);
+            expect(qr2.isSelfVerification()).toStrictEqual(false);
+            expect(qr2.reciprocated()).toStrictEqual(false);
+            expect(qr2.flowId).toMatch(/^[a-f0-9]+$/);
+            expect(qr2.roomId).toBeUndefined();
+        });
+
+        let qrCodeBytes;
+
+        test('can read QR code\'s bytes', async () => {
+            const qrCodeHeader = 'MATRIX';
+            const qrCodeVersion = '\x02';
+
+            qrCodeBytes = qr2.toBytes();
+
+            expect(qrCodeBytes).toHaveLength(122);
+            expect(qrCodeBytes.slice(0, 7)).toStrictEqual([...qrCodeHeader, ...qrCodeVersion].map(char => char.charCodeAt(0)));
+        });
+
+        test('can render QR code', async () => {
+            const qrCode = qr2.toQrCode();
+
+            expect(qrCode).toBeInstanceOf(QrCode);
+
+            // Want to get `canvasBuffer` to render the QR code? Install `npm install canvas` and uncomment the following blocks.
+
+            //let canvasBuffer;
+
+            {
+                const buffer = qrCode.renderIntoBuffer();
+
+                expect(buffer).toBeInstanceOf(Uint8ClampedArray);
+                // 45px ⨉ 45px
+                expect(buffer).toHaveLength(45 * 45);
+                // 0 for a white pixel, 1 for a black pixel.
+                expect(buffer.every(p => p == 0 || p == 1)).toStrictEqual(true);
+
+                /*
+                const { Canvas } = require('canvas');
+                const canvas = new Canvas(55, 55);
+
+                const context = canvas.getContext('2d');
+                context.fillStyle = 'white';
+                context.fillRect(0, 0, canvas.width, canvas.height);
+
+                // New image data, filled with black, transparent pixels.
+                const imageData = context.createImageData(45, 45);
+                const data = imageData.data;
+
+                const [r, g, b, a] = [0, 1, 2, 3];
+
+                for (
+                    let dataNth = 0,
+                        bufferNth = 0;
+                    dataNth < data.length && bufferNth < buffer.length;
+                    dataNth += 4,
+                    bufferNth += 1
+                ) {
+                    data[dataNth + a] = 255;
+
+                    // White pixel
+                    if (buffer[bufferNth] == 0) {
+                        data[dataNth + r] = 255;
+                        data[dataNth + g] = 255;
+                        data[dataNth + b] = 255;
+                    }
+                }
+
+                context.putImageData(imageData, 5, 5);
+                canvasBuffer = canvas.toBuffer('image/png');
+                */
+            }
+
+            // Want to see the QR code? Uncomment the following block.
+            /*
+            {
+                const fs = require('fs/promises');
+                const path = require('path');
+                const os = require('os');
+
+                const tempDirectory = await fs.mkdtemp(path.join(os.tmpdir(), 'matrix-sdk-crypto--'));
+                const qrCodeFile = path.join(tempDirectory, 'qrcode.png');
+
+                console.log(`View the QR code at \`${qrCodeFile}\`.`);
+
+                expect(await fs.writeFile(qrCodeFile, canvasBuffer)).toBeUndefined();
+            }
+            */
+        });
+
+        let qr1;
+
+        test('can scan a QR code from bytes', async () => {
+            const scan = QrCodeScan.fromBytes(qrCodeBytes);
+
+            expect(scan).toBeInstanceOf(QrCodeScan);
+
+            qr1 = await verificationRequest1.scanQrCode(scan);
+
+            expect(qr1).toBeInstanceOf(Qr);
+
+            expect(qr1.hasBeenScanned()).toStrictEqual(false);
+            expect(qr1.hasBeenConfirmed()).toStrictEqual(false);
+            expect(qr1.userId.toString()).toStrictEqual(userId1.toString());
+            expect(qr1.otherUserId.toString()).toStrictEqual(userId2.toString());
+            expect(qr1.otherDeviceId.toString()).toStrictEqual(deviceId2.toString());
+            expect(qr1.weStarted()).toStrictEqual(true);
+            expect(qr1.cancelInfo()).toBeUndefined();
+            expect(qr1.isDone()).toStrictEqual(false);
+            expect(qr1.isCancelled()).toStrictEqual(false);
+            expect(qr1.isSelfVerification()).toStrictEqual(false);
+            expect(qr1.reciprocated()).toStrictEqual(true);
+            expect(qr1.flowId).toMatch(/^[a-f0-9]+$/);
+            expect(qr1.roomId).toBeUndefined();
+        });
+
+        test('can start a QR verification/reciprocate (`m.key.verification.start`)', async () => {
+            let outgoingVerificationRequest = qr1.reciprocate();
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.start');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId1.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId2.toString()][deviceId2.toString()],
+                }]
+            };
+
+            // Let's send the verification request to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        test('can confirm QR code has been scanned', () => {
+            expect(qr2.hasBeenScanned()).toStrictEqual(true);
+        });
+
+        test('can confirm scanning (`m.key.verification.done`)', async () => {
+            let outgoingVerificationRequest = qr2.confirmScanning();
+
+            expect(outgoingVerificationRequest).toBeInstanceOf(ToDeviceRequest);
+
+            outgoingVerificationRequest = JSON.parse(outgoingVerificationRequest.body);
+            expect(outgoingVerificationRequest.event_type).toStrictEqual('m.key.verification.done');
+
+            const toDeviceEvents = {
+                events: [{
+                    sender: userId2.toString(),
+                    type: outgoingVerificationRequest.event_type,
+                    content: outgoingVerificationRequest.messages[userId1.toString()][deviceId1.toString()],
+                }]
+            };
+
+            // Let's send the verification request to `m2`.
+            await m2.receiveSyncChanges(JSON.stringify(toDeviceEvents), new DeviceLists(), new Map(), new Set());
+        });
+
+        test('can confirm QR code has been confirmed', () => {
+            expect(qr2.hasBeenConfirmed()).toStrictEqual(true);
+        });
+    });
+});
+
+describe('VerificationMethod', () => {
+    test('has the correct variant values', () => {
+        expect(VerificationMethod.SasV1).toStrictEqual(0);
+        expect(VerificationMethod.QrCodeScanV1).toStrictEqual(1);
+        expect(VerificationMethod.QrCodeShowV1).toStrictEqual(2);
+        expect(VerificationMethod.ReciprocateV1).toStrictEqual(3);
+    });
+});
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Jonas Platte	266e59b567	Release matrix-sdk 0.6.2	2022-10-24 12:55:00 +02:00
Jonas Platte	51c7294fce	fix(sdk): Remove token field from SyncSettings Debug output	2022-10-24 12:53:25 +02:00
Jonas Platte	2ee5f73d48	Release matrix-sdk-base 0.6.1 and matrix-sdk 0.6.1	2022-10-24 12:26:47 +02:00
Jonas Platte	85ec213db8	fix(base): Don't leak access and refresh tokens in Debug output	2022-10-24 12:25:33 +02:00
Jonas Platte	6fd906dd6f	fix(sdk): Don't log the access token in HttpClient::send	2022-10-24 12:07:20 +02:00