@unwanted/matrix-sdk-mini 34.12.0-1

package/lib/crypto/index.d.ts

@@ -0,0 +1,1209 @@
+import type { IEventDecryptionResult, IMegolmSessionData } from "../@types/crypto.ts";
+import { ToDeviceMessageId } from "../@types/event.ts";
+import { IExportedDevice, OlmDevice } from "./OlmDevice.ts";
+import { IOlmDevice } from "./algorithms/megolm.ts";
+import * as olmlib from "./olmlib.ts";
+import { DeviceInfoMap, DeviceList } from "./DeviceList.ts";
+import { DeviceInfo } from "./deviceinfo.ts";
+import type { DecryptionAlgorithm } from "./algorithms/index.ts";
+import { CrossSigningInfo, DeviceTrustLevel, UserTrustLevel } from "./CrossSigning.ts";
+import { SecretStorage as LegacySecretStorage } from "./SecretStorage.ts";
+import { CrossSigningKey, ICreateSecretStorageOpts, IEncryptedEventInfo, IRecoveryKey } from "./api.ts";
+import { VerificationBase } from "./verification/Base.ts";
+import { VerificationRequest } from "./verification/request/VerificationRequest.ts";
+import { InRoomRequests } from "./verification/request/InRoomChannel.ts";
+import { DehydrationManager } from "./dehydration.ts";
+import { BackupManager } from "./backup.ts";
+import { IStore } from "../store/index.ts";
+import { Room, RoomEvent } from "../models/room.ts";
+import { RoomMemberEvent } from "../models/room-member.ts";
+import { MatrixEvent, MatrixEventEvent } from "../models/event.ts";
+import { ToDeviceBatch, ToDevicePayload } from "../models/ToDeviceMessage.ts";
+import { ClientEvent, IKeysUploadResponse, IUploadKeySignaturesResponse, MatrixClient } from "../client.ts";
+import { IRoomEncryption } from "./RoomList.ts";
+import { ISyncStateData } from "../sync.ts";
+import { CryptoStore } from "./store/base.ts";
+import { IVerificationChannel } from "./verification/request/Channel.ts";
+import { TypedEventEmitter } from "../models/typed-event-emitter.ts";
+import { IDeviceLists, IToDeviceEvent } from "../sync-accumulator.ts";
+import { ISignatures } from "../@types/signed.ts";
+import { IMessage } from "./algorithms/olm.ts";
+import { BackupDecryptor, CryptoBackend, OnSyncCompletedData } from "../common-crypto/CryptoBackend.ts";
+import { AddSecretStorageKeyOpts, SecretStorageKeyDescription, SecretStorageKeyObject, SecretStorageKeyTuple } from "../secret-storage.ts";
+import { ISecretRequest } from "./SecretSharing.ts";
+import { BackupTrustInfo, BootstrapCrossSigningOpts, CrossSigningKeyInfo, CrossSigningStatus, DeviceIsolationMode, DeviceVerificationStatus, EventEncryptionInfo, ImportRoomKeysOpts, KeyBackupCheck, KeyBackupInfo, OwnDeviceKeys, CryptoEventHandlerMap as CryptoApiCryptoEventHandlerMap, KeyBackupRestoreResult, KeyBackupRestoreOpts } from "../crypto-api/index.ts";
+import { DeviceMap } from "../models/device.ts";
+export type { BootstrapCrossSigningOpts as IBootstrapCrossSigningOpts, CryptoCallbacks as ICryptoCallbacks, } from "../crypto-api/index.ts";
+/**
+ * verification method names
+ */
+export declare const verificationMethods: {
+    readonly RECIPROCATE_QR_CODE: string;
+    readonly SAS: string;
+};
+export type VerificationMethod = keyof typeof verificationMethods | string;
+interface IInitOpts {
+    exportedOlmDevice?: IExportedDevice;
+    pickleKey?: string;
+}
+interface IRoomKey {
+    room_id: string;
+    algorithm: string;
+}
+/**
+ * The parameters of a room key request. The details of the request may
+ * vary with the crypto algorithm, but the management and storage layers for
+ * outgoing requests expect it to have 'room_id' and 'session_id' properties.
+ */
+export interface IRoomKeyRequestBody extends IRoomKey {
+    session_id: string;
+    sender_key: string;
+}
+export interface ICheckOwnCrossSigningTrustOpts {
+    allowPrivateKeyRequests?: boolean;
+}
+interface IUserOlmSession {
+    deviceIdKey: string;
+    sessions: {
+        sessionId: string;
+        hasReceivedMessage: boolean;
+    }[];
+}
+export interface IRoomKeyRequestRecipient {
+    userId: string;
+    deviceId: string;
+}
+interface ISignableObject {
+    signatures?: ISignatures;
+    unsigned?: object;
+}
+export interface IRequestsMap {
+    getRequest(event: MatrixEvent): VerificationRequest | undefined;
+    getRequestByChannel(channel: IVerificationChannel): VerificationRequest | undefined;
+    setRequest(event: MatrixEvent, request: VerificationRequest): void;
+    setRequestByChannel(channel: IVerificationChannel, request: VerificationRequest): void;
+}
+export interface IOlmEncryptedContent {
+    algorithm: typeof olmlib.OLM_ALGORITHM;
+    sender_key: string;
+    ciphertext: Record<string, IMessage>;
+    [ToDeviceMessageId]?: string;
+}
+export interface IMegolmEncryptedContent {
+    algorithm: typeof olmlib.MEGOLM_ALGORITHM;
+    sender_key: string;
+    session_id: string;
+    device_id: string;
+    ciphertext: string;
+    [ToDeviceMessageId]?: string;
+}
+export type IEncryptedContent = IOlmEncryptedContent | IMegolmEncryptedContent;
+export declare enum CryptoEvent {
+    /** @deprecated Event not fired by the rust crypto */
+    DeviceVerificationChanged = "deviceVerificationChanged",
+    UserTrustStatusChanged = "userTrustStatusChanged",
+    /** @deprecated Event not fired by the rust crypto */
+    UserCrossSigningUpdated = "userCrossSigningUpdated",
+    /** @deprecated Event not fired by the rust crypto */
+    RoomKeyRequest = "crypto.roomKeyRequest",
+    /** @deprecated Event not fired by the rust crypto */
+    RoomKeyRequestCancellation = "crypto.roomKeyRequestCancellation",
+    KeyBackupStatus = "crypto.keyBackupStatus",
+    KeyBackupFailed = "crypto.keyBackupFailed",
+    KeyBackupSessionsRemaining = "crypto.keyBackupSessionsRemaining",
+    /**
+     * Fires when a new valid backup decryption key is in cache.
+     * This will happen when a secret is received from another session, from secret storage,
+     * or when a new backup is created from this session.
+     *
+     * The payload is the version of the backup for which we have the key for.
+     *
+     * This event is only fired by the rust crypto backend.
+     */
+    KeyBackupDecryptionKeyCached = "crypto.keyBackupDecryptionKeyCached",
+    /** @deprecated Event not fired by the rust crypto */
+    KeySignatureUploadFailure = "crypto.keySignatureUploadFailure",
+    /** @deprecated Use `VerificationRequestReceived`. */
+    VerificationRequest = "crypto.verification.request",
+    /**
+     * Fires when a key verification request is received.
+     *
+     * The payload is a {@link Crypto.VerificationRequest}.
+     */
+    VerificationRequestReceived = "crypto.verificationRequestReceived",
+    /** @deprecated Event not fired by the rust crypto */
+    Warning = "crypto.warning",
+    /** @deprecated Use {@link DevicesUpdated} instead when using rust crypto */
+    WillUpdateDevices = "crypto.willUpdateDevices",
+    DevicesUpdated = "crypto.devicesUpdated",
+    KeysChanged = "crossSigning.keysChanged",
+    /**
+     * Fires when data is being migrated from legacy crypto to rust crypto.
+     *
+     * The payload is a pair `(progress, total)`, where `progress` is the number of steps completed so far, and
+     * `total` is the total number of steps. When migration is complete, a final instance of the event is emitted, with
+     * `progress === total === -1`.
+     */
+    LegacyCryptoStoreMigrationProgress = "crypto.legacyCryptoStoreMigrationProgress"
+}
+export type CryptoEventHandlerMap = CryptoApiCryptoEventHandlerMap & {
+    /**
+     * Fires when a device is marked as verified/unverified/blocked/unblocked by
+     * {@link MatrixClient#setDeviceVerified | MatrixClient.setDeviceVerified} or
+     * {@link MatrixClient#setDeviceBlocked | MatrixClient.setDeviceBlocked}.
+     *
+     * @param userId - the owner of the verified device
+     * @param deviceId - the id of the verified device
+     * @param deviceInfo - updated device information
+     */
+    [CryptoEvent.DeviceVerificationChanged]: (userId: string, deviceId: string, deviceInfo: DeviceInfo) => void;
+    /**
+     * Fires when we receive a room key request
+     *
+     * @param request - request details
+     */
+    [CryptoEvent.RoomKeyRequest]: (request: IncomingRoomKeyRequest) => void;
+    /**
+     * Fires when we receive a room key request cancellation
+     */
+    [CryptoEvent.RoomKeyRequestCancellation]: (request: IncomingRoomKeyRequestCancellation) => void;
+    [CryptoEvent.KeySignatureUploadFailure]: (failures: IUploadKeySignaturesResponse["failures"], source: "checkOwnCrossSigningTrust" | "afterCrossSigningLocalKeyChange" | "setDeviceVerification", upload: (opts: {
+        shouldEmit: boolean;
+    }) => Promise<void>) => void;
+    /**
+     * Fires when a key verification is requested.
+     *
+     * Deprecated: use `CryptoEvent.VerificationRequestReceived`.
+     */
+    [CryptoEvent.VerificationRequest]: (request: VerificationRequest<any>) => void;
+    /**
+     * Fires when the app may wish to warn the user about something related
+     * the end-to-end crypto.
+     *
+     * @param type - One of the strings listed above
+     */
+    [CryptoEvent.Warning]: (type: string) => void;
+    [CryptoEvent.UserCrossSigningUpdated]: (userId: string) => void;
+    [CryptoEvent.LegacyCryptoStoreMigrationProgress]: (progress: number, total: number) => void;
+};
+export declare class Crypto extends TypedEventEmitter<CryptoEvent, CryptoEventHandlerMap> implements CryptoBackend {
+    readonly baseApis: MatrixClient;
+    readonly userId: string;
+    private readonly deviceId;
+    private readonly clientStore;
+    readonly cryptoStore: CryptoStore;
+    /**
+     * @returns The version of Olm.
+     */
+    static getOlmVersion(): [number, number, number];
+    readonly backupManager: BackupManager;
+    readonly crossSigningInfo: CrossSigningInfo;
+    readonly olmDevice: OlmDevice;
+    readonly deviceList: DeviceList;
+    readonly dehydrationManager: DehydrationManager;
+    readonly secretStorage: LegacySecretStorage;
+    private readonly roomList;
+    private readonly reEmitter;
+    private readonly verificationMethods;
+    readonly supportedAlgorithms: string[];
+    private readonly outgoingRoomKeyRequestManager;
+    private readonly toDeviceVerificationRequests;
+    readonly inRoomVerificationRequests: InRoomRequests;
+    private trustCrossSignedDevices;
+    private lastOneTimeKeyCheck;
+    private oneTimeKeyCheckInProgress;
+    private roomEncryptors;
+    private roomDecryptors;
+    private deviceKeys;
+    globalBlacklistUnverifiedDevices: boolean;
+    globalErrorOnUnknownDevices: boolean;
+    private receivedRoomKeyRequests;
+    private receivedRoomKeyRequestCancellations;
+    private processingRoomKeyRequests;
+    private lazyLoadMembers;
+    private roomDeviceTrackingState;
+    private forceNewSessionRetryTime;
+    private sendKeyRequestsImmediately;
+    private oneTimeKeyCount?;
+    private needsNewFallback?;
+    private fallbackCleanup?;
+    /**
+     * Cryptography bits
+     *
+     * This module is internal to the js-sdk; the public API is via MatrixClient.
+     *
+     * @internal
+     *
+     * @param baseApis - base matrix api interface
+     *
+     * @param userId - The user ID for the local user
+     *
+     * @param deviceId - The identifier for this device.
+     *
+     * @param clientStore - the MatrixClient data store.
+     *
+     * @param cryptoStore - storage for the crypto layer.
+     *
+     * @param verificationMethods - Array of verification methods to use.
+     *    Each element can either be a string from MatrixClient.verificationMethods
+     *    or a class that implements a verification method.
+     */
+    constructor(baseApis: MatrixClient, userId: string, deviceId: string, clientStore: IStore, cryptoStore: CryptoStore, verificationMethods: Array<VerificationMethod | (typeof VerificationBase & {
+        NAME: string;
+    })>);
+    /**
+     * Initialise the crypto module so that it is ready for use
+     *
+     * Returns a promise which resolves once the crypto module is ready for use.
+     *
+     * @param exportedOlmDevice - (Optional) data from exported device
+     *     that must be re-created.
+     */
+    init({ exportedOlmDevice, pickleKey }?: IInitOpts): Promise<void>;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#setDeviceIsolationMode}.
+     */
+    setDeviceIsolationMode(isolationMode: DeviceIsolationMode): void;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#getVersion}.
+     */
+    getVersion(): string;
+    /**
+     * Whether to trust a others users signatures of their devices.
+     * If false, devices will only be considered 'verified' if we have
+     * verified that device individually (effectively disabling cross-signing).
+     *
+     * Default: true
+     *
+     * @returns True if trusting cross-signed devices
+     */
+    getTrustCrossSignedDevices(): boolean;
+    /**
+     * @deprecated Use {@link Crypto.CryptoApi#getTrustCrossSignedDevices}.
+     */
+    getCryptoTrustCrossSignedDevices(): boolean;
+    /**
+     * See getCryptoTrustCrossSignedDevices
+     *
+     * @param val - True to trust cross-signed devices
+     */
+    setTrustCrossSignedDevices(val: boolean): void;
+    /**
+     * @deprecated Use {@link Crypto.CryptoApi#setTrustCrossSignedDevices}.
+     */
+    setCryptoTrustCrossSignedDevices(val: boolean): void;
+    /**
+     * Create a recovery key from a user-supplied passphrase.
+     *
+     * @param password - Passphrase string that can be entered by the user
+     *     when restoring the backup as an alternative to entering the recovery key.
+     *     Optional.
+     * @returns Object with public key metadata, encoded private
+     *     recovery key which should be disposed of after displaying to the user,
+     *     and raw private key to avoid round tripping if needed.
+     */
+    createRecoveryKeyFromPassphrase(password?: string): Promise<IRecoveryKey>;
+    /**
+     * Checks if the user has previously published cross-signing keys
+     *
+     * This means downloading the devicelist for the user and checking if the list includes
+     * the cross-signing pseudo-device.
+     *
+     * @internal
+     */
+    userHasCrossSigningKeys(userId?: string): Promise<boolean>;
+    /**
+     * Checks whether cross signing:
+     * - is enabled on this account and trusted by this device
+     * - has private keys either cached locally or stored in secret storage
+     *
+     * If this function returns false, bootstrapCrossSigning() can be used
+     * to fix things such that it returns true. That is to say, after
+     * bootstrapCrossSigning() completes successfully, this function should
+     * return true.
+     *
+     * The cross-signing API is currently UNSTABLE and may change without notice.
+     *
+     * @returns True if cross-signing is ready to be used on this device
+     */
+    isCrossSigningReady(): Promise<boolean>;
+    /**
+     * Checks whether secret storage:
+     * - is enabled on this account
+     * - is storing cross-signing private keys
+     * - is storing session backup key (if enabled)
+     *
+     * If this function returns false, bootstrapSecretStorage() can be used
+     * to fix things such that it returns true. That is to say, after
+     * bootstrapSecretStorage() completes successfully, this function should
+     * return true.
+     *
+     * The Secure Secret Storage API is currently UNSTABLE and may change without notice.
+     *
+     * @returns True if secret storage is ready to be used on this device
+     */
+    isSecretStorageReady(): Promise<boolean>;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#getCrossSigningStatus}
+     */
+    getCrossSigningStatus(): Promise<CrossSigningStatus>;
+    /**
+     * Bootstrap cross-signing by creating keys if needed. If everything is already
+     * set up, then no changes are made, so this is safe to run to ensure
+     * cross-signing is ready for use.
+     *
+     * This function:
+     * - creates new cross-signing keys if they are not found locally cached nor in
+     *   secret storage (if it has been setup)
+     *
+     * The cross-signing API is currently UNSTABLE and may change without notice.
+     */
+    bootstrapCrossSigning({ authUploadDeviceSigningKeys, setupNewCrossSigning, }?: BootstrapCrossSigningOpts): Promise<void>;
+    /**
+     * Bootstrap Secure Secret Storage if needed by creating a default key. If everything is
+     * already set up, then no changes are made, so this is safe to run to ensure secret
+     * storage is ready for use.
+     *
+     * This function
+     * - creates a new Secure Secret Storage key if no default key exists
+     *   - if a key backup exists, it is migrated to store the key in the Secret
+     *     Storage
+     * - creates a backup if none exists, and one is requested
+     * - migrates Secure Secret Storage to use the latest algorithm, if an outdated
+     *   algorithm is found
+     *
+     * The Secure Secret Storage API is currently UNSTABLE and may change without notice.
+     *
+     * Returns:
+     *     A promise which resolves to key creation data for
+     *     SecretStorage#addKey: an object with `passphrase` etc fields.
+     */
+    bootstrapSecretStorage({ createSecretStorageKey, keyBackupInfo, setupNewKeyBackup, setupNewSecretStorage, getKeyBackupPassphrase, }?: ICreateSecretStorageOpts): Promise<void>;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#resetKeyBackup}.
+     */
+    resetKeyBackup(): Promise<void>;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#deleteKeyBackupVersion}.
+     */
+    deleteKeyBackupVersion(version: string): Promise<void>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#addKey}.
+     */
+    addSecretStorageKey(algorithm: string, opts: AddSecretStorageKeyOpts, keyID?: string): Promise<SecretStorageKeyObject>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#hasKey}.
+     */
+    hasSecretStorageKey(keyID?: string): Promise<boolean>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#getKey}.
+     */
+    getSecretStorageKey(keyID?: string): Promise<SecretStorageKeyTuple | null>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#store}.
+     */
+    storeSecret(name: string, secret: string, keys?: string[]): Promise<void>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#get}.
+     */
+    getSecret(name: string): Promise<string | undefined>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#isStored}.
+     */
+    isSecretStored(name: string): Promise<Record<string, SecretStorageKeyDescription> | null>;
+    requestSecret(name: string, devices: string[]): ISecretRequest;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#getDefaultKeyId}.
+     */
+    getDefaultSecretStorageKeyId(): Promise<string | null>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#setDefaultKeyId}.
+     */
+    setDefaultSecretStorageKeyId(k: string): Promise<void>;
+    /**
+     * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#checkKey}.
+     */
+    checkSecretStorageKey(key: Uint8Array, info: SecretStorageKeyDescription): Promise<boolean>;
+    /**
+     * Checks that a given secret storage private key matches a given public key.
+     * This can be used by the getSecretStorageKey callback to verify that the
+     * private key it is about to supply is the one that was requested.
+     *
+     * @param privateKey - The private key
+     * @param expectedPublicKey - The public key
+     * @returns true if the key matches, otherwise false
+     */
+    checkSecretStoragePrivateKey(privateKey: Uint8Array, expectedPublicKey: string): boolean;
+    /**
+     * Fetches the backup private key, if cached
+     * @returns the key, if any, or null
+     */
+    getSessionBackupPrivateKey(): Promise<Uint8Array | null>;
+    /**
+     * Stores the session backup key to the cache
+     * @param key - the private key
+     * @returns a promise so you can catch failures
+     */
+    storeSessionBackupPrivateKey(key: ArrayLike<number>, version?: string): Promise<void>;
+    /**
+     * Implementation of {@link Crypto.loadSessionBackupPrivateKeyFromSecretStorage}.
+     */
+    loadSessionBackupPrivateKeyFromSecretStorage(): Promise<void>;
+    /**
+     * Get the current status of key backup.
+     *
+     * Implementation of {@link Crypto.CryptoApi.getActiveSessionBackupVersion}.
+     */
+    getActiveSessionBackupVersion(): Promise<string | null>;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#getKeyBackupInfo}.
+     */
+    getKeyBackupInfo(): Promise<KeyBackupInfo | null>;
+    /**
+     * Determine if a key backup can be trusted.
+     *
+     * Implementation of {@link Crypto.CryptoApi.isKeyBackupTrusted}.
+     */
+    isKeyBackupTrusted(info: KeyBackupInfo): Promise<BackupTrustInfo>;
+    /**
+     * Force a re-check of the key backup and enable/disable it as appropriate.
+     *
+     * Implementation of {@link Crypto.CryptoApi.checkKeyBackupAndEnable}.
+     */
+    checkKeyBackupAndEnable(): Promise<KeyBackupCheck | null>;
+    /**
+     * Checks that a given cross-signing private key matches a given public key.
+     * This can be used by the getCrossSigningKey callback to verify that the
+     * private key it is about to supply is the one that was requested.
+     *
+     * @param privateKey - The private key
+     * @param expectedPublicKey - The public key
+     * @returns true if the key matches, otherwise false
+     */
+    checkCrossSigningPrivateKey(privateKey: Uint8Array, expectedPublicKey: string): boolean;
+    /**
+     * Run various follow-up actions after cross-signing keys have changed locally
+     * (either by resetting the keys for the account or by getting them from secret
+     * storage), such as signing the current device, upgrading device
+     * verifications, etc.
+     */
+    private afterCrossSigningLocalKeyChange;
+    /**
+     * Check if a user's cross-signing key is a candidate for upgrading from device
+     * verification.
+     *
+     * @param userId - the user whose cross-signing information is to be checked
+     * @param crossSigningInfo - the cross-signing information to check
+     */
+    private checkForDeviceVerificationUpgrade;
+    /**
+     * Check if the cross-signing key is signed by a verified device.
+     *
+     * @param userId - the user ID whose key is being checked
+     * @param key - the key that is being checked
+     * @param devices - the user's devices.  Should be a map from device ID
+     *     to device info
+     */
+    private checkForValidDeviceSignature;
+    /**
+     * Get the user's cross-signing key ID.
+     *
+     * @param type - The type of key to get the ID of.  One of
+     *     "master", "self_signing", or "user_signing".  Defaults to "master".
+     *
+     * @returns the key ID
+     */
+    getCrossSigningKeyId(type?: CrossSigningKey): Promise<string | null>;
+    getCrossSigningId(type: string): string | null;
+    /**
+     * Get the cross signing information for a given user.
+     *
+     * @param userId - the user ID to get the cross-signing info for.
+     *
+     * @returns the cross signing information for the user.
+     */
+    getStoredCrossSigningForUser(userId: string): CrossSigningInfo | null;
+    /**
+     * Check whether a given user is trusted.
+     *
+     * @param userId - The ID of the user to check.
+     *
+     * @returns
+     */
+    checkUserTrust(userId: string): UserTrustLevel;
+    /**
+     * Implementation of {@link Crypto.CryptoApi.getUserVerificationStatus}.
+     */
+    getUserVerificationStatus(userId: string): Promise<UserTrustLevel>;
+    /**
+     * Implementation of {@link Crypto.CryptoApi.pinCurrentUserIdentity}.
+     */
+    pinCurrentUserIdentity(userId: string): Promise<void>;
+    /**
+     * Check whether a given device is trusted.
+     *
+     * @param userId - The ID of the user whose device is to be checked.
+     * @param deviceId - The ID of the device to check
+     */
+    getDeviceVerificationStatus(userId: string, deviceId: string): Promise<DeviceVerificationStatus | null>;
+    /**
+     * @deprecated Use {@link Crypto.CryptoApi.getDeviceVerificationStatus}.
+     */
+    checkDeviceTrust(userId: string, deviceId: string): DeviceTrustLevel;
+    /**
+     * Check whether a given deviceinfo is trusted.
+     *
+     * @param userId - The ID of the user whose devices is to be checked.
+     * @param device - The device info object to check
+     *
+     * @deprecated Use {@link Crypto.CryptoApi.getDeviceVerificationStatus}.
+     */
+    checkDeviceInfoTrust(userId: string, device?: DeviceInfo): DeviceTrustLevel;
+    /**
+     * Check whether one of our own devices is cross-signed by our
+     * user's stored keys, regardless of whether we trust those keys yet.
+     *
+     * @param deviceId - The ID of the device to check
+     *
+     * @returns true if the device is cross-signed
+     */
+    checkIfOwnDeviceCrossSigned(deviceId: string): boolean;
+    private onDeviceListUserCrossSigningUpdated;
+    /**
+     * Check the copy of our cross-signing key that we have in the device list and
+     * see if we can get the private key. If so, mark it as trusted.
+     */
+    checkOwnCrossSigningTrust({ allowPrivateKeyRequests, }?: ICheckOwnCrossSigningTrustOpts): Promise<void>;
+    /**
+     * Implementation of {@link CryptoBackend#getBackupDecryptor}.
+     */
+    getBackupDecryptor(backupInfo: KeyBackupInfo, privKey: ArrayLike<number>): Promise<BackupDecryptor>;
+    /**
+     * Implementation of {@link CryptoBackend#importBackedUpRoomKeys}.
+     */
+    importBackedUpRoomKeys(keys: IMegolmSessionData[], backupVersion: string, opts?: ImportRoomKeysOpts): Promise<void>;
+    /**
+     * Store a set of keys as our own, trusted, cross-signing keys.
+     *
+     * @param keys - The new trusted set of keys
+     */
+    private storeTrustedSelfKeys;
+    /**
+     * Check if the master key is signed by a verified device, and if so, prompt
+     * the application to mark it as verified.
+     *
+     * @param userId - the user ID whose key should be checked
+     */
+    private checkDeviceVerifications;
+    /**
+     */
+    enableLazyLoading(): void;
+    /**
+     * Tell the crypto module to register for MatrixClient events which it needs to
+     * listen for
+     *
+     * @param eventEmitter - event source where we can register
+     *    for event notifications
+     */
+    registerEventHandlers(eventEmitter: TypedEventEmitter<RoomMemberEvent.Membership | ClientEvent.ToDeviceEvent | RoomEvent.Timeline | MatrixEventEvent.Decrypted, any>): void;
+    /**
+     * @deprecated this does nothing and will be removed in a future version
+     */
+    start(): void;
+    /** Stop background processes related to crypto */
+    stop(): void;
+    /**
+     * Get the Ed25519 key for this device
+     *
+     * @returns base64-encoded ed25519 key.
+     *
+     * @deprecated Use {@link Crypto.CryptoApi#getOwnDeviceKeys}.
+     */
+    getDeviceEd25519Key(): string | null;
+    /**
+     * Get the Curve25519 key for this device
+     *
+     * @returns base64-encoded curve25519 key.
+     *
+     * @deprecated Use {@link Crypto.CryptoApi#getOwnDeviceKeys}
+     */
+    getDeviceCurve25519Key(): string | null;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#getOwnDeviceKeys}.
+     */
+    getOwnDeviceKeys(): Promise<OwnDeviceKeys>;
+    /**
+     * Set the global override for whether the client should ever send encrypted
+     * messages to unverified devices.  This provides the default for rooms which
+     * do not specify a value.
+     *
+     * @param value - whether to blacklist all unverified devices by default
+     *
+     * @deprecated Set {@link Crypto.CryptoApi#globalBlacklistUnverifiedDevices | CryptoApi.globalBlacklistUnverifiedDevices} directly.
+     */
+    setGlobalBlacklistUnverifiedDevices(value: boolean): void;
+    /**
+     * @returns whether to blacklist all unverified devices by default
+     *
+     * @deprecated Reference {@link Crypto.CryptoApi#globalBlacklistUnverifiedDevices | CryptoApi.globalBlacklistUnverifiedDevices} directly.
+     */
+    getGlobalBlacklistUnverifiedDevices(): boolean;
+    /**
+     * Upload the device keys to the homeserver.
+     * @returns A promise that will resolve when the keys are uploaded.
+     */
+    uploadDeviceKeys(): Promise<IKeysUploadResponse>;
+    getNeedsNewFallback(): boolean;
+    private maybeUploadOneTimeKeys;
+    private uploadOneTimeKeys;
+    /**
+     * Download the keys for a list of users and stores the keys in the session
+     * store.
+     * @param userIds - The users to fetch.
+     * @param forceDownload - Always download the keys even if cached.
+     *
+     * @returns A promise which resolves to a map `userId->deviceId->{@link DeviceInfo}`.
+     */
+    downloadKeys(userIds: string[], forceDownload?: boolean): Promise<DeviceInfoMap>;
+    /**
+     * Get the stored device keys for a user id
+     *
+     * @param userId - the user to list keys for.
+     *
+     * @returns list of devices, or null if we haven't
+     * managed to get a list of devices for this user yet.
+     */
+    getStoredDevicesForUser(userId: string): Array<DeviceInfo> | null;
+    /**
+     * Get the device information for the given list of users.
+     *
+     * @param userIds - The users to fetch.
+     * @param downloadUncached - If true, download the device list for users whose device list we are not
+     *    currently tracking. Defaults to false, in which case such users will not appear at all in the result map.
+     *
+     * @returns A map `{@link DeviceMap}`.
+     */
+    getUserDeviceInfo(userIds: string[], downloadUncached?: boolean): Promise<DeviceMap>;
+    /**
+     * Get the stored keys for a single device
+     *
+     *
+     * @returns device, or undefined
+     * if we don't know about this device
+     */
+    getStoredDevice(userId: string, deviceId: string): DeviceInfo | undefined;
+    /**
+     * Save the device list, if necessary
+     *
+     * @param delay - Time in ms before which the save actually happens.
+     *     By default, the save is delayed for a short period in order to batch
+     *     multiple writes, but this behaviour can be disabled by passing 0.
+     *
+     * @returns true if the data was saved, false if
+     *     it was not (eg. because no changes were pending). The promise
+     *     will only resolve once the data is saved, so may take some time
+     *     to resolve.
+     */
+    saveDeviceList(delay: number): Promise<boolean>;
+    /**
+     * Mark the given device as locally verified.
+     *
+     * Implementation of {@link Crypto.CryptoApi#setDeviceVerified}.
+     */
+    setDeviceVerified(userId: string, deviceId: string, verified?: boolean): Promise<void>;
+    /**
+     * Blindly cross-sign one of our other devices.
+     *
+     * Implementation of {@link Crypto.CryptoApi#crossSignDevice}.
+     */
+    crossSignDevice(deviceId: string): Promise<void>;
+    /**
+     * Update the blocked/verified state of the given device
+     *
+     * @param userId - owner of the device
+     * @param deviceId - unique identifier for the device or user's
+     * cross-signing public key ID.
+     *
+     * @param verified - whether to mark the device as verified. Null to
+     *     leave unchanged.
+     *
+     * @param blocked - whether to mark the device as blocked. Null to
+     *      leave unchanged.
+     *
+     * @param known - whether to mark that the user has been made aware of
+     *      the existence of this device. Null to leave unchanged
+     *
+     * @param keys - The list of keys that was present
+     * during the device verification. This will be double checked with the list
+     * of keys the given device has currently.
+     *
+     * @returns updated DeviceInfo
+     */
+    setDeviceVerification(userId: string, deviceId: string, verified?: boolean | null, blocked?: boolean | null, known?: boolean | null, keys?: Record<string, string>): Promise<DeviceInfo | CrossSigningInfo | CrossSigningKeyInfo | undefined>;
+    findVerificationRequestDMInProgress(roomId: string, userId?: string): VerificationRequest | undefined;
+    getVerificationRequestsToDeviceInProgress(userId: string): VerificationRequest[];
+    requestVerificationDM(userId: string, roomId: string): Promise<VerificationRequest>;
+    /** @deprecated Use `requestOwnUserVerificationToDevice` or `requestDeviceVerification` */
+    requestVerification(userId: string, devices?: string[]): Promise<VerificationRequest>;
+    requestOwnUserVerification(): Promise<VerificationRequest>;
+    requestDeviceVerification(userId: string, deviceId: string): Promise<VerificationRequest>;
+    private requestVerificationWithChannel;
+    beginKeyVerification(method: string, userId: string, deviceId: string, transactionId?: string | null): VerificationBase<any, any>;
+    legacyDeviceVerification(userId: string, deviceId: string, method: VerificationMethod): Promise<VerificationRequest>;
+    /**
+     * Get information on the active olm sessions with a user
+     * <p>
+     * Returns a map from device id to an object with keys 'deviceIdKey' (the
+     * device's curve25519 identity key) and 'sessions' (an array of objects in the
+     * same format as that returned by
+     * {@link OlmDevice#getSessionInfoForDevice}).
+     * <p>
+     * This method is provided for debugging purposes.
+     *
+     * @param userId - id of user to inspect
+     */
+    getOlmSessionsForUser(userId: string): Promise<Record<string, IUserOlmSession>>;
+    /**
+     * Get the device which sent an event
+     *
+     * @param event - event to be checked
+     */
+    getEventSenderDeviceInfo(event: MatrixEvent): DeviceInfo | null;
+    /**
+     * Get information about the encryption of an event
+     *
+     * @param event - event to be checked
+     *
+     * @returns An object with the fields:
+     *    - encrypted: whether the event is encrypted (if not encrypted, some of the
+     *      other properties may not be set)
+     *    - senderKey: the sender's key
+     *    - algorithm: the algorithm used to encrypt the event
+     *    - authenticated: whether we can be sure that the owner of the senderKey
+     *      sent the event
+     *    - sender: the sender's device information, if available
+     *    - mismatchedSender: if the event's ed25519 and curve25519 keys don't match
+     *      (only meaningful if `sender` is set)
+     */
+    getEventEncryptionInfo(event: MatrixEvent): IEncryptedEventInfo;
+    /**
+     * Implementation of {@link Crypto.CryptoApi.getEncryptionInfoForEvent}.
+     */
+    getEncryptionInfoForEvent(event: MatrixEvent): Promise<EventEncryptionInfo | null>;
+    /**
+     * Forces the current outbound group session to be discarded such
+     * that another one will be created next time an event is sent.
+     *
+     * @param roomId - The ID of the room to discard the session for
+     *
+     * This should not normally be necessary.
+     */
+    forceDiscardSession(roomId: string): Promise<void>;
+    /**
+     * Configure a room to use encryption (ie, save a flag in the cryptoStore).
+     *
+     * @param roomId - The room ID to enable encryption in.
+     *
+     * @param config - The encryption config for the room.
+     *
+     * @param inhibitDeviceQuery - true to suppress device list query for
+     *   users in the room (for now). In case lazy loading is enabled,
+     *   the device query is always inhibited as the members are not tracked.
+     *
+     * @deprecated It is normally incorrect to call this method directly. Encryption
+     *   is enabled by receiving an `m.room.encryption` event (which we may have sent
+     *   previously).
+     */
+    setRoomEncryption(roomId: string, config: IRoomEncryption, inhibitDeviceQuery?: boolean): Promise<void>;
+    /**
+     * Set up encryption for a room.
+     *
+     * This is called when an <tt>m.room.encryption</tt> event is received. It saves a flag
+     * for the room in the cryptoStore (if it wasn't already set), sets up an "encryptor" for
+     * the room, and enables device-list tracking for the room.
+     *
+     * It does <em>not</em> initiate a device list query for the room. That is normally
+     * done once we finish processing the sync, in onSyncCompleted.
+     *
+     * @param room - The room to enable encryption in.
+     * @param config - The encryption config for the room.
+     */
+    private setRoomEncryptionImpl;
+    /**
+     * Make sure we are tracking the device lists for all users in this room.
+     *
+     * @param roomId - The room ID to start tracking devices in.
+     * @returns when all devices for the room have been fetched and marked to track
+     * @deprecated there's normally no need to call this function: device list tracking
+     *    will be enabled as soon as we have the full membership list.
+     */
+    trackRoomDevices(roomId: string): Promise<void>;
+    /**
+     * Make sure we are tracking the device lists for all users in this room.
+     *
+     * This is normally called when we are about to send an encrypted event, to make sure
+     * we have all the devices in the room; but it is also called when processing an
+     * m.room.encryption state event (if lazy-loading is disabled), or when members are
+     * loaded (if lazy-loading is enabled), to prepare the device list.
+     *
+     * @param room - Room to enable device-list tracking in
+     */
+    private trackRoomDevicesImpl;
+    /**
+     * Try to make sure we have established olm sessions for all known devices for
+     * the given users.
+     *
+     * @param users - list of user ids
+     * @param force - If true, force a new Olm session to be created. Default false.
+     *
+     * @returns resolves once the sessions are complete, to
+     *    an Object mapping from userId to deviceId to
+     *    `IOlmSessionResult`
+     */
+    ensureOlmSessionsForUsers(users: string[], force?: boolean): Promise<Map<string, Map<string, olmlib.IOlmSessionResult>>>;
+    /**
+     * Get a list containing all of the room keys
+     *
+     * @returns a list of session export objects
+     */
+    exportRoomKeys(): Promise<IMegolmSessionData[]>;
+    /**
+     * Get a JSON list containing all of the room keys
+     *
+     * @returns a JSON string encoding a list of session
+     *    export objects, each of which is an IMegolmSessionData
+     */
+    exportRoomKeysAsJson(): Promise<string>;
+    /**
+     * Import a list of room keys previously exported by exportRoomKeys
+     *
+     * @param keys - a list of session export objects
+     * @returns a promise which resolves once the keys have been imported
+     */
+    importRoomKeys(keys: IMegolmSessionData[], opts?: ImportRoomKeysOpts): Promise<void>;
+    /**
+     * Import a JSON string encoding a list of room keys previously
+     * exported by exportRoomKeysAsJson
+     *
+     * @param keys - a JSON string encoding a list of session export
+     *    objects, each of which is an IMegolmSessionData
+     * @param opts - options object
+     * @returns a promise which resolves once the keys have been imported
+     */
+    importRoomKeysAsJson(keys: string, opts?: ImportRoomKeysOpts): Promise<void>;
+    /**
+     * Counts the number of end to end session keys that are waiting to be backed up
+     * @returns Promise which resolves to the number of sessions requiring backup
+     */
+    countSessionsNeedingBackup(): Promise<number>;
+    /**
+     * Perform any background tasks that can be done before a message is ready to
+     * send, in order to speed up sending of the message.
+     *
+     * @param room - the room the event is in
+     */
+    prepareToEncrypt(room: Room): void;
+    /**
+     * Encrypt an event according to the configuration of the room.
+     *
+     * @param event -  event to be sent
+     *
+     * @param room - destination room.
+     *
+     * @returns Promise which resolves when the event has been
+     *     encrypted, or null if nothing was needed
+     */
+    encryptEvent(event: MatrixEvent, room: Room): Promise<void>;
+    /**
+     * Decrypt a received event
+     *
+     *
+     * @returns resolves once we have
+     *  finished decrypting. Rejects with an `algorithms.DecryptionError` if there
+     *  is a problem decrypting the event.
+     */
+    decryptEvent(event: MatrixEvent): Promise<IEventDecryptionResult>;
+    /**
+     * Handle the notification from /sync that device lists have
+     * been changed.
+     *
+     * @param deviceLists - device_lists field from /sync
+     */
+    processDeviceLists(deviceLists: IDeviceLists): Promise<void>;
+    /**
+     * Send a request for some room keys, if we have not already done so
+     *
+     * @param resend - whether to resend the key request if there is
+     *    already one
+     *
+     * @returns a promise that resolves when the key request is queued
+     */
+    requestRoomKey(requestBody: IRoomKeyRequestBody, recipients: IRoomKeyRequestRecipient[], resend?: boolean): Promise<void>;
+    /**
+     * Cancel any earlier room key request
+     *
+     * @param requestBody - parameters to match for cancellation
+     */
+    cancelRoomKeyRequest(requestBody: IRoomKeyRequestBody): void;
+    /**
+     * Re-send any outgoing key requests, eg after verification
+     * @returns
+     */
+    cancelAndResendAllOutgoingKeyRequests(): Promise<void>;
+    /**
+     * handle an m.room.encryption event
+     *
+     * @param room - in which the event was received
+     * @param event - encryption event to be processed
+     */
+    onCryptoEvent(room: Room, event: MatrixEvent): Promise<void>;
+    /**
+     * Called before the result of a sync is processed
+     *
+     * @param syncData -  the data from the 'MatrixClient.sync' event
+     */
+    onSyncWillProcess(syncData: ISyncStateData): Promise<void>;
+    /**
+     * handle the completion of a /sync
+     *
+     * This is called after the processing of each successful /sync response.
+     * It is an opportunity to do a batch process on the information received.
+     *
+     * @param syncData -  the data from the 'MatrixClient.sync' event
+     */
+    onSyncCompleted(syncData: OnSyncCompletedData): Promise<void>;
+    /**
+     * Trigger the appropriate invalidations and removes for a given
+     * device list
+     *
+     * @param deviceLists - device_lists field from /sync, or response from
+     * /keys/changes
+     */
+    private evalDeviceListChanges;
+    /**
+     * Get a list of all the IDs of users we share an e2e room with
+     * for which we are tracking devices already
+     *
+     * @returns List of user IDs
+     */
+    private getTrackedE2eUsers;
+    /**
+     * Get a list of the e2e-enabled rooms we are members of,
+     * and for which we are already tracking the devices
+     *
+     * @returns
+     */
+    private getTrackedE2eRooms;
+    /**
+     * Encrypts and sends a given object via Olm to-device messages to a given
+     * set of devices.
+     * @param userDeviceInfoArr - the devices to send to
+     * @param payload - fields to include in the encrypted payload
+     * @returns Promise which
+     *     resolves once the message has been encrypted and sent to the given
+     *     userDeviceMap, and returns the `{ contentMap, deviceInfoByDeviceId }`
+     *     of the successfully sent messages.
+     *
+     * @deprecated Instead use {@link encryptToDeviceMessages} followed by {@link MatrixClient.queueToDevice}.
+     */
+    encryptAndSendToDevices(userDeviceInfoArr: IOlmDevice<DeviceInfo>[], payload: object): Promise<void>;
+    private prepareToDeviceBatch;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#encryptToDeviceMessages}.
+     */
+    encryptToDeviceMessages(eventType: string, devices: {
+        userId: string;
+        deviceId: string;
+    }[], payload: ToDevicePayload): Promise<ToDeviceBatch>;
+    private onMembership;
+    preprocessToDeviceMessages(events: IToDeviceEvent[]): Promise<IToDeviceEvent[]>;
+    /**
+     * Stores the current one_time_key count which will be handled later (in a call of
+     * onSyncCompleted).
+     *
+     * @param currentCount - The current count of one_time_keys to be stored
+     */
+    private updateOneTimeKeyCount;
+    processKeyCounts(oneTimeKeysCounts?: Record<string, number>, unusedFallbackKeys?: string[]): Promise<void>;
+    private onToDeviceEvent;
+    /**
+     * Handle a key event
+     *
+     * @internal
+     * @param event - key event
+     */
+    private onRoomKeyEvent;
+    /**
+     * Handle a key withheld event
+     *
+     * @internal
+     * @param event - key withheld event
+     */
+    private onRoomKeyWithheldEvent;
+    /**
+     * Handle a general key verification event.
+     *
+     * @internal
+     * @param event - verification start event
+     */
+    private onKeyVerificationMessage;
+    /**
+     * Handle key verification requests sent as timeline events
+     *
+     * @internal
+     * @param event - the timeline event
+     * @param room - not used
+     * @param atStart - not used
+     * @param removed - not used
+     * @param whether - this is a live event
+     */
+    private onTimelineEvent;
+    private handleVerificationEvent;
+    /**
+     * Handle a toDevice event that couldn't be decrypted
+     *
+     * @internal
+     * @param event - undecryptable event
+     */
+    private onToDeviceBadEncrypted;
+    /**
+     * Handle a change in the membership state of a member of a room
+     *
+     * @internal
+     * @param event -  event causing the change
+     * @param member -  user whose membership changed
+     * @param oldMembership -  previous membership
+     */
+    private onRoomMembership;
+    /**
+     * Called when we get an m.room_key_request event.
+     *
+     * @internal
+     * @param event - key request event
+     */
+    private onRoomKeyRequestEvent;
+    /**
+     * Process any m.room_key_request events which were queued up during the
+     * current sync.
+     *
+     * @internal
+     */
+    private processReceivedRoomKeyRequests;
+    /**
+     * Helper for processReceivedRoomKeyRequests
+     *
+     */
+    private processReceivedRoomKeyRequest;
+    /**
+     * Helper for processReceivedRoomKeyRequests
+     *
+     */
+    private processReceivedRoomKeyRequestCancellation;
+    /**
+     * Get a decryptor for a given room and algorithm.
+     *
+     * If we already have a decryptor for the given room and algorithm, return
+     * it. Otherwise try to instantiate it.
+     *
+     * @internal
+     *
+     * @param roomId -   room id for decryptor. If undefined, a temporary
+     * decryptor is instantiated.
+     *
+     * @param algorithm -  crypto algorithm
+     *
+     * @throws `DecryptionError` if the algorithm is unknown
+     */
+    getRoomDecryptor(roomId: string | null, algorithm: string): DecryptionAlgorithm;
+    /**
+     * Get all the room decryptors for a given encryption algorithm.
+     *
+     * @param algorithm - The encryption algorithm
+     *
+     * @returns An array of room decryptors
+     */
+    private getRoomDecryptors;
+    /**
+     * sign the given object with our ed25519 key
+     *
+     * @param obj -  Object to which we will add a 'signatures' property
+     */
+    signObject<T extends ISignableObject & object>(obj: T): Promise<void>;
+    /**
+     * @returns true if the room with the supplied ID is encrypted. False if the
+     * room is not encrypted, or is unknown to us.
+     */
+    isRoomEncrypted(roomId: string): boolean;
+    /**
+     * Implementation of {@link Crypto.CryptoApi#isEncryptionEnabledInRoom}.
+     */
+    isEncryptionEnabledInRoom(roomId: string): Promise<boolean>;
+    /**
+     * @returns information about the encryption on the room with the supplied
+     * ID, or null if the room is not encrypted or unknown to us.
+     */
+    getRoomEncryption(roomId: string): IRoomEncryption | null;
+    /**
+     * Returns whether dehydrated devices are supported by the crypto backend
+     * and by the server.
+     */
+    isDehydrationSupported(): Promise<boolean>;
+    /**
+     * Stub function -- dehydration is not implemented here, so throw error
+     */
+    startDehydration(createNewKey?: boolean): Promise<void>;
+    /**
+     * Stub function -- restoreKeyBackup is not implemented here, so throw error
+     */
+    restoreKeyBackup(opts: KeyBackupRestoreOpts): Promise<KeyBackupRestoreResult>;
+    /**
+     * Stub function -- restoreKeyBackupWithPassphrase is not implemented here, so throw error
+     */
+    restoreKeyBackupWithPassphrase(passphrase: string, opts: KeyBackupRestoreOpts): Promise<KeyBackupRestoreResult>;
+}
+/**
+ * Fix up the backup key, that may be in the wrong format due to a bug in a
+ * migration step.  Some backup keys were stored as a comma-separated list of
+ * integers, rather than a base64-encoded byte array.  If this function is
+ * passed a string that looks like a list of integers rather than a base64
+ * string, it will attempt to convert it to the right format.
+ *
+ * @param key - the key to check
+ * @returns If the key is in the wrong format, then the fixed
+ * key will be returned. Otherwise null will be returned.
+ *
+ */
+export declare function fixBackupKey(key?: string): string | null;
+/**
+ * Represents a received m.room_key_request event
+ */
+export declare class IncomingRoomKeyRequest {
+    /** user requesting the key */
+    readonly userId: string;
+    /** device requesting the key */
+    readonly deviceId: string;
+    /** unique id for the request */
+    readonly requestId: string;
+    readonly requestBody: IRoomKeyRequestBody;
+    /**
+     * callback which, when called, will ask
+     *    the relevant crypto algorithm implementation to share the keys for
+     *    this request.
+     */
+    share: () => void;
+    constructor(event: MatrixEvent);
+}
+/**
+ * Represents a received m.room_key_request cancellation
+ */
+declare class IncomingRoomKeyRequestCancellation {
+    /** user requesting the cancellation */
+    readonly userId: string;
+    /** device requesting the cancellation */
+    readonly deviceId: string;
+    /** unique id for the request to be cancelled */
+    readonly requestId: string;
+    constructor(event: MatrixEvent);
+}
+export type { IEventDecryptionResult, IMegolmSessionData } from "../@types/crypto.ts";
+//# sourceMappingURL=index.d.ts.map