@unwanted/matrix-sdk-mini 34.12.0-2 → 34.12.0-3

package/lib/crypto/index.js

@@ -1,4097 +0,0 @@
-import _asyncToGenerator from "@babel/runtime/helpers/asyncToGenerator";
-import _defineProperty from "@babel/runtime/helpers/defineProperty";
-function ownKeys(e, r) { var t = Object.keys(e); if (Object.getOwnPropertySymbols) { var o = Object.getOwnPropertySymbols(e); r && (o = o.filter(function (r) { return Object.getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
-function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? ownKeys(Object(t), !0).forEach(function (r) { _defineProperty(e, r, t[r]); }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function (r) { Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r)); }); } return e; }
-/*
-Copyright 2016 OpenMarket Ltd
-Copyright 2017 Vector Creations Ltd
-Copyright 2018-2019 New Vector Ltd
-Copyright 2019-2021 The Matrix.org Foundation C.I.C.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/
-
-import anotherjson from "another-json";
-import { v4 as uuidv4 } from "uuid";
-import { EventType, ToDeviceMessageId } from "../@types/event.js";
-import { TypedReEmitter } from "../ReEmitter.js";
-import { logger } from "../logger.js";
-import { OlmDevice } from "./OlmDevice.js";
-import * as olmlib from "./olmlib.js";
-import { DeviceList } from "./DeviceList.js";
-import { DeviceInfo } from "./deviceinfo.js";
-import * as algorithms from "./algorithms/index.js";
-import { createCryptoStoreCacheCallbacks, CrossSigningInfo, DeviceTrustLevel, UserTrustLevel } from "./CrossSigning.js";
-import { EncryptionSetupBuilder } from "./EncryptionSetup.js";
-import { SecretStorage as LegacySecretStorage } from "./SecretStorage.js";
-import { CrossSigningKey } from "./api.js";
-import { OutgoingRoomKeyRequestManager } from "./OutgoingRoomKeyRequestManager.js";
-import { IndexedDBCryptoStore } from "./store/indexeddb-crypto-store.js";
-import { ReciprocateQRCode, SCAN_QR_CODE_METHOD, SHOW_QR_CODE_METHOD } from "./verification/QRCode.js";
-import { SAS as SASVerification } from "./verification/SAS.js";
-import { keyFromPassphrase } from "./key_passphrase.js";
-import { VerificationRequest } from "./verification/request/VerificationRequest.js";
-import { InRoomChannel, InRoomRequests } from "./verification/request/InRoomChannel.js";
-import { ToDeviceChannel, ToDeviceRequests } from "./verification/request/ToDeviceChannel.js";
-import { IllegalMethod } from "./verification/IllegalMethod.js";
-import { KeySignatureUploadError } from "../errors.js";
-import { DehydrationManager } from "./dehydration.js";
-import { BackupManager, LibOlmBackupDecryptor, backupTrustInfoFromLegacyTrustInfo } from "./backup.js";
-import { RoomEvent } from "../models/room.js";
-import { RoomMemberEvent } from "../models/room-member.js";
-import { EventStatus, MatrixEvent, MatrixEventEvent } from "../models/event.js";
-import { ClientEvent, MatrixClient } from "../client.js";
-import { RoomList } from "./RoomList.js";
-import { TypedEventEmitter } from "../models/typed-event-emitter.js";
-import { DecryptionError } from "../common-crypto/CryptoBackend.js";
-import { RoomStateEvent } from "../models/room-state.js";
-import { MapWithDefault, recursiveMapToObject } from "../utils.js";
-import { calculateKeyCheck, SECRET_STORAGE_ALGORITHM_V1_AES, ServerSideSecretStorageImpl } from "../secret-storage.js";
-import { decodeRecoveryKey, DecryptionFailureCode, encodeRecoveryKey, EventShieldColour, EventShieldReason, CryptoEvent as CryptoApiCryptoEvent } from "../crypto-api/index.js";
-import { deviceInfoToDevice } from "./device-converter.js";
-import { ClientPrefix, MatrixError, Method } from "../http-api/index.js";
-import { decodeBase64, encodeBase64 } from "../base64.js";
-import { KnownMembership } from "../@types/membership.js";
-import decryptAESSecretStorageItem from "../utils/decryptAESSecretStorageItem.js";
-import encryptAESSecretStorageItem from "../utils/encryptAESSecretStorageItem.js";
-
-/* re-exports for backwards compatibility */
-
-var DeviceVerification = DeviceInfo.DeviceVerification;
-var defaultVerificationMethods = {
-  [ReciprocateQRCode.NAME]: ReciprocateQRCode,
-  [SASVerification.NAME]: SASVerification,
-  // These two can't be used for actual verification, but we do
-  // need to be able to define them here for the verification flows
-  // to start.
-  [SHOW_QR_CODE_METHOD]: IllegalMethod,
-  [SCAN_QR_CODE_METHOD]: IllegalMethod
-};
-
-/**
- * verification method names
- */
-// legacy export identifier
-export var verificationMethods = {
-  RECIPROCATE_QR_CODE: ReciprocateQRCode.NAME,
-  SAS: SASVerification.NAME
-};
-// minimum time between attempting to unwedge an Olm session, if we succeeded
-// in creating a new session
-var MIN_FORCE_SESSION_INTERVAL_MS = 60 * 60 * 1000; // 1 hour
-// minimum time between attempting to unwedge an Olm session, if we failed
-// to create a new session
-var FORCE_SESSION_RETRY_INTERVAL_MS = 5 * 60 * 1000; // 5 minutes
-
-/* eslint-disable camelcase */
-
-/**
- * The parameters of a room key request. The details of the request may
- * vary with the crypto algorithm, but the management and storage layers for
- * outgoing requests expect it to have 'room_id' and 'session_id' properties.
- */
-
-/* eslint-enable camelcase */
-
-/* eslint-disable camelcase */
-
-/* eslint-enable camelcase */
-
-export var CryptoEvent = function (CryptoEvent) {
-  CryptoEvent["DeviceVerificationChanged"] = "deviceVerificationChanged";
-  CryptoEvent[CryptoEvent["UserTrustStatusChanged"] = CryptoApiCryptoEvent.UserTrustStatusChanged] = "UserTrustStatusChanged";
-  CryptoEvent["UserCrossSigningUpdated"] = "userCrossSigningUpdated";
-  CryptoEvent["RoomKeyRequest"] = "crypto.roomKeyRequest";
-  CryptoEvent["RoomKeyRequestCancellation"] = "crypto.roomKeyRequestCancellation";
-  CryptoEvent[CryptoEvent["KeyBackupStatus"] = CryptoApiCryptoEvent.KeyBackupStatus] = "KeyBackupStatus";
-  CryptoEvent[CryptoEvent["KeyBackupFailed"] = CryptoApiCryptoEvent.KeyBackupFailed] = "KeyBackupFailed";
-  CryptoEvent[CryptoEvent["KeyBackupSessionsRemaining"] = CryptoApiCryptoEvent.KeyBackupSessionsRemaining] = "KeyBackupSessionsRemaining";
-  CryptoEvent[CryptoEvent["KeyBackupDecryptionKeyCached"] = CryptoApiCryptoEvent.KeyBackupDecryptionKeyCached] = "KeyBackupDecryptionKeyCached";
-  CryptoEvent["KeySignatureUploadFailure"] = "crypto.keySignatureUploadFailure";
-  CryptoEvent["VerificationRequest"] = "crypto.verification.request";
-  CryptoEvent[CryptoEvent["VerificationRequestReceived"] = CryptoApiCryptoEvent.VerificationRequestReceived] = "VerificationRequestReceived";
-  CryptoEvent["Warning"] = "crypto.warning";
-  CryptoEvent[CryptoEvent["WillUpdateDevices"] = CryptoApiCryptoEvent.WillUpdateDevices] = "WillUpdateDevices";
-  CryptoEvent[CryptoEvent["DevicesUpdated"] = CryptoApiCryptoEvent.DevicesUpdated] = "DevicesUpdated";
-  CryptoEvent[CryptoEvent["KeysChanged"] = CryptoApiCryptoEvent.KeysChanged] = "KeysChanged";
-  CryptoEvent[CryptoEvent["LegacyCryptoStoreMigrationProgress"] = CryptoApiCryptoEvent.LegacyCryptoStoreMigrationProgress] = "LegacyCryptoStoreMigrationProgress";
-  return CryptoEvent;
-}({});
-export class Crypto extends TypedEventEmitter {
-  /**
-   * @returns The version of Olm.
-   */
-  static getOlmVersion() {
-    return OlmDevice.getOlmVersion();
-  }
-  /**
-   * Cryptography bits
-   *
-   * This module is internal to the js-sdk; the public API is via MatrixClient.
-   *
-   * @internal
-   *
-   * @param baseApis - base matrix api interface
-   *
-   * @param userId - The user ID for the local user
-   *
-   * @param deviceId - The identifier for this device.
-   *
-   * @param clientStore - the MatrixClient data store.
-   *
-   * @param cryptoStore - storage for the crypto layer.
-   *
-   * @param verificationMethods - Array of verification methods to use.
-   *    Each element can either be a string from MatrixClient.verificationMethods
-   *    or a class that implements a verification method.
-   */
-  constructor(baseApis, userId, deviceId, clientStore, cryptoStore, verificationMethods) {
-    var _this;
-    super();
-    _this = this;
-    this.baseApis = baseApis;
-    this.userId = userId;
-    this.deviceId = deviceId;
-    this.clientStore = clientStore;
-    this.cryptoStore = cryptoStore;
-    _defineProperty(this, "backupManager", void 0);
-    _defineProperty(this, "crossSigningInfo", void 0);
-    _defineProperty(this, "olmDevice", void 0);
-    _defineProperty(this, "deviceList", void 0);
-    _defineProperty(this, "dehydrationManager", void 0);
-    _defineProperty(this, "secretStorage", void 0);
-    _defineProperty(this, "roomList", void 0);
-    _defineProperty(this, "reEmitter", void 0);
-    _defineProperty(this, "verificationMethods", void 0);
-    _defineProperty(this, "supportedAlgorithms", void 0);
-    _defineProperty(this, "outgoingRoomKeyRequestManager", void 0);
-    _defineProperty(this, "toDeviceVerificationRequests", void 0);
-    _defineProperty(this, "inRoomVerificationRequests", void 0);
-    _defineProperty(this, "trustCrossSignedDevices", true);
-    // the last time we did a check for the number of one-time-keys on the server.
-    _defineProperty(this, "lastOneTimeKeyCheck", null);
-    _defineProperty(this, "oneTimeKeyCheckInProgress", false);
-    // EncryptionAlgorithm instance for each room
-    _defineProperty(this, "roomEncryptors", new Map());
-    // map from algorithm to DecryptionAlgorithm instance, for each room
-    _defineProperty(this, "roomDecryptors", new Map());
-    _defineProperty(this, "deviceKeys", {});
-    // type: key
-    _defineProperty(this, "globalBlacklistUnverifiedDevices", false);
-    _defineProperty(this, "globalErrorOnUnknownDevices", true);
-    // list of IncomingRoomKeyRequests/IncomingRoomKeyRequestCancellations
-    // we received in the current sync.
-    _defineProperty(this, "receivedRoomKeyRequests", []);
-    _defineProperty(this, "receivedRoomKeyRequestCancellations", []);
-    // true if we are currently processing received room key requests
-    _defineProperty(this, "processingRoomKeyRequests", false);
-    // controls whether device tracking is delayed
-    // until calling encryptEvent or trackRoomDevices,
-    // or done immediately upon enabling room encryption.
-    _defineProperty(this, "lazyLoadMembers", false);
-    // in case lazyLoadMembers is true,
-    // track if an initial tracking of all the room members
-    // has happened for a given room. This is delayed
-    // to avoid loading room members as long as possible.
-    _defineProperty(this, "roomDeviceTrackingState", {});
-    // The timestamp of the minimum time at which we will retry forcing establishment
-    // of a new session for each device, in milliseconds.
-    // {
-    //     userId: {
-    //         deviceId: 1234567890000,
-    //     },
-    // }
-    // Map: user Id → device Id → timestamp
-    _defineProperty(this, "forceNewSessionRetryTime", new MapWithDefault(() => new MapWithDefault(() => 0)));
-    // This flag will be unset whilst the client processes a sync response
-    // so that we don't start requesting keys until we've actually finished
-    // processing the response.
-    _defineProperty(this, "sendKeyRequestsImmediately", false);
-    _defineProperty(this, "oneTimeKeyCount", void 0);
-    _defineProperty(this, "needsNewFallback", void 0);
-    _defineProperty(this, "fallbackCleanup", void 0);
-    /*
-     * Event handler for DeviceList's userNewDevices event
-     */
-    _defineProperty(this, "onDeviceListUserCrossSigningUpdated", /*#__PURE__*/function () {
-      var _ref = _asyncToGenerator(function* (userId) {
-        if (userId === _this.userId) {
-          // An update to our own cross-signing key.
-          // Get the new key first:
-          var newCrossSigning = _this.deviceList.getStoredCrossSigningForUser(userId);
-          var seenPubkey = newCrossSigning ? newCrossSigning.getId() : null;
-          var currentPubkey = _this.crossSigningInfo.getId();
-          var changed = currentPubkey !== seenPubkey;
-          if (currentPubkey && seenPubkey && !changed) {
-            // If it's not changed, just make sure everything is up to date
-            yield _this.checkOwnCrossSigningTrust();
-          } else {
-            // We'll now be in a state where cross-signing on the account is not trusted
-            // because our locally stored cross-signing keys will not match the ones
-            // on the server for our account. So we clear our own stored cross-signing keys,
-            // effectively disabling cross-signing until the user gets verified by the device
-            // that reset the keys
-            _this.storeTrustedSelfKeys(null);
-            // emit cross-signing has been disabled
-            _this.emit(CryptoEvent.KeysChanged, {});
-            // as the trust for our own user has changed,
-            // also emit an event for this
-            _this.emit(CryptoEvent.UserTrustStatusChanged, _this.userId, _this.checkUserTrust(userId));
-          }
-        } else {
-          yield _this.checkDeviceVerifications(userId);
-
-          // Update verified before latch using the current state and save the new
-          // latch value in the device list store.
-          var crossSigning = _this.deviceList.getStoredCrossSigningForUser(userId);
-          if (crossSigning) {
-            crossSigning.updateCrossSigningVerifiedBefore(_this.checkUserTrust(userId).isCrossSigningVerified());
-            _this.deviceList.setRawStoredCrossSigningForUser(userId, crossSigning.toStorage());
-          }
-          _this.emit(CryptoEvent.UserTrustStatusChanged, userId, _this.checkUserTrust(userId));
-        }
-      });
-      return function (_x) {
-        return _ref.apply(this, arguments);
-      };
-    }());
-    _defineProperty(this, "onMembership", (event, member, oldMembership) => {
-      try {
-        this.onRoomMembership(event, member, oldMembership);
-      } catch (e) {
-        logger.error("Error handling membership change:", e);
-      }
-    });
-    _defineProperty(this, "onToDeviceEvent", event => {
-      try {
-        logger.log("received to-device ".concat(event.getType(), " from: ") + "".concat(event.getSender(), " id: ").concat(event.getContent()[ToDeviceMessageId]));
-        if (event.getType() == "m.room_key" || event.getType() == "m.forwarded_room_key") {
-          this.onRoomKeyEvent(event);
-        } else if (event.getType() == "m.room_key_request") {
-          this.onRoomKeyRequestEvent(event);
-        } else if (event.getType() === "m.secret.request") {
-          this.secretStorage.onRequestReceived(event);
-        } else if (event.getType() === "m.secret.send") {
-          this.secretStorage.onSecretReceived(event);
-        } else if (event.getType() === "m.room_key.withheld") {
-          this.onRoomKeyWithheldEvent(event);
-        } else if (event.getContent().transaction_id) {
-          this.onKeyVerificationMessage(event);
-        } else if (event.getContent().msgtype === "m.bad.encrypted") {
-          this.onToDeviceBadEncrypted(event);
-        } else if (event.isBeingDecrypted() || event.shouldAttemptDecryption()) {
-          if (!event.isBeingDecrypted()) {
-            event.attemptDecryption(this);
-          }
-          // once the event has been decrypted, try again
-          event.once(MatrixEventEvent.Decrypted, ev => {
-            this.onToDeviceEvent(ev);
-          });
-        }
-      } catch (e) {
-        logger.error("Error handling toDeviceEvent:", e);
-      }
-    });
-    /**
-     * Handle key verification requests sent as timeline events
-     *
-     * @internal
-     * @param event - the timeline event
-     * @param room - not used
-     * @param atStart - not used
-     * @param removed - not used
-     * @param whether - this is a live event
-     */
-    _defineProperty(this, "onTimelineEvent", function (event, room, atStart, removed) {
-      var {
-        liveEvent = true
-      } = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : {};
-      if (!InRoomChannel.validateEvent(event, _this.baseApis)) {
-        return;
-      }
-      var createRequest = event => {
-        var channel = new InRoomChannel(_this.baseApis, event.getRoomId());
-        return new VerificationRequest(channel, _this.verificationMethods, _this.baseApis);
-      };
-      _this.handleVerificationEvent(event, _this.inRoomVerificationRequests, createRequest, liveEvent);
-    });
-    logger.debug("Crypto: initialising roomlist...");
-    this.roomList = new RoomList(cryptoStore);
-    this.reEmitter = new TypedReEmitter(this);
-    if (verificationMethods) {
-      this.verificationMethods = new Map();
-      for (var method of verificationMethods) {
-        if (typeof method === "string") {
-          if (defaultVerificationMethods[method]) {
-            this.verificationMethods.set(method, defaultVerificationMethods[method]);
-          }
-        } else if (method["NAME"]) {
-          this.verificationMethods.set(method["NAME"], method);
-        } else {
-          logger.warn("Excluding unknown verification method ".concat(method));
-        }
-      }
-    } else {
-      this.verificationMethods = new Map(Object.entries(defaultVerificationMethods));
-    }
-    this.backupManager = new BackupManager(baseApis, /*#__PURE__*/_asyncToGenerator(function* () {
-      // try to get key from cache
-      var cachedKey = yield _this.getSessionBackupPrivateKey();
-      if (cachedKey) {
-        return cachedKey;
-      }
-
-      // try to get key from secret storage
-      var storedKey = yield _this.secretStorage.get("m.megolm_backup.v1");
-      if (storedKey) {
-        // ensure that the key is in the right format.  If not, fix the key and
-        // store the fixed version
-        var fixedKey = fixBackupKey(storedKey);
-        if (fixedKey) {
-          var keys = yield _this.secretStorage.getKey();
-          yield _this.secretStorage.store("m.megolm_backup.v1", fixedKey, [keys[0]]);
-        }
-        return decodeBase64(fixedKey || storedKey);
-      }
-
-      // try to get key from app
-      if (_this.baseApis.cryptoCallbacks && _this.baseApis.cryptoCallbacks.getBackupKey) {
-        return _this.baseApis.cryptoCallbacks.getBackupKey();
-      }
-      throw new Error("Unable to get private key");
-    }));
-    this.olmDevice = new OlmDevice(cryptoStore);
-    this.deviceList = new DeviceList(baseApis, cryptoStore, this.olmDevice);
-
-    // XXX: This isn't removed at any point, but then none of the event listeners
-    // this class sets seem to be removed at any point... :/
-    this.deviceList.on(CryptoEvent.UserCrossSigningUpdated, this.onDeviceListUserCrossSigningUpdated);
-    this.reEmitter.reEmit(this.deviceList, [CryptoEvent.DevicesUpdated, CryptoEvent.WillUpdateDevices]);
-    this.supportedAlgorithms = Array.from(algorithms.DECRYPTION_CLASSES.keys());
-    this.outgoingRoomKeyRequestManager = new OutgoingRoomKeyRequestManager(baseApis, this.deviceId, this.cryptoStore);
-    this.toDeviceVerificationRequests = new ToDeviceRequests();
-    this.inRoomVerificationRequests = new InRoomRequests();
-    var cryptoCallbacks = this.baseApis.cryptoCallbacks || {};
-    var cacheCallbacks = createCryptoStoreCacheCallbacks(cryptoStore, this.olmDevice);
-    this.crossSigningInfo = new CrossSigningInfo(userId, cryptoCallbacks, cacheCallbacks);
-    // Yes, we pass the client twice here: see SecretStorage
-    this.secretStorage = new LegacySecretStorage(baseApis, cryptoCallbacks, baseApis);
-    this.dehydrationManager = new DehydrationManager(this);
-
-    // Assuming no app-supplied callback, default to getting from SSSS.
-    if (!cryptoCallbacks.getCrossSigningKey && cryptoCallbacks.getSecretStorageKey) {
-      cryptoCallbacks.getCrossSigningKey = /*#__PURE__*/function () {
-        var _ref3 = _asyncToGenerator(function* (type) {
-          return CrossSigningInfo.getFromSecretStorage(type, _this.secretStorage);
-        });
-        return function (_x2) {
-          return _ref3.apply(this, arguments);
-        };
-      }();
-    }
-  }
-
-  /**
-   * Initialise the crypto module so that it is ready for use
-   *
-   * Returns a promise which resolves once the crypto module is ready for use.
-   *
-   * @param exportedOlmDevice - (Optional) data from exported device
-   *     that must be re-created.
-   */
-  init() {
-    var _arguments = arguments,
-      _this2 = this;
-    return _asyncToGenerator(function* () {
-      var {
-        exportedOlmDevice,
-        pickleKey
-      } = _arguments.length > 0 && _arguments[0] !== undefined ? _arguments[0] : {};
-      logger.log("Crypto: initialising Olm...");
-      yield globalThis.Olm.init();
-      logger.log(exportedOlmDevice ? "Crypto: initialising Olm device from exported device..." : "Crypto: initialising Olm device...");
-      yield _this2.olmDevice.init({
-        fromExportedDevice: exportedOlmDevice,
-        pickleKey
-      });
-      logger.log("Crypto: loading device list...");
-      yield _this2.deviceList.load();
-
-      // build our device keys: these will later be uploaded
-      _this2.deviceKeys["ed25519:" + _this2.deviceId] = _this2.olmDevice.deviceEd25519Key;
-      _this2.deviceKeys["curve25519:" + _this2.deviceId] = _this2.olmDevice.deviceCurve25519Key;
-      logger.log("Crypto: fetching own devices...");
-      var myDevices = _this2.deviceList.getRawStoredDevicesForUser(_this2.userId);
-      if (!myDevices) {
-        myDevices = {};
-      }
-      if (!myDevices[_this2.deviceId]) {
-        // add our own deviceinfo to the cryptoStore
-        logger.log("Crypto: adding this device to the store...");
-        var deviceInfo = {
-          keys: _this2.deviceKeys,
-          algorithms: _this2.supportedAlgorithms,
-          verified: DeviceVerification.VERIFIED,
-          known: true
-        };
-        myDevices[_this2.deviceId] = deviceInfo;
-        _this2.deviceList.storeDevicesForUser(_this2.userId, myDevices);
-        _this2.deviceList.saveIfDirty();
-      }
-      yield _this2.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], txn => {
-        _this2.cryptoStore.getCrossSigningKeys(txn, keys => {
-          // can be an empty object after resetting cross-signing keys, see storeTrustedSelfKeys
-          if (keys && Object.keys(keys).length !== 0) {
-            logger.log("Loaded cross-signing public keys from crypto store");
-            _this2.crossSigningInfo.setKeys(keys);
-          }
-        });
-      });
-      // make sure we are keeping track of our own devices
-      // (this is important for key backups & things)
-      _this2.deviceList.startTrackingDeviceList(_this2.userId);
-      logger.debug("Crypto: initialising roomlist...");
-      yield _this2.roomList.init();
-      logger.log("Crypto: checking for key backup...");
-      _this2.backupManager.checkAndStart();
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#setDeviceIsolationMode}.
-   */
-  setDeviceIsolationMode(isolationMode) {
-    throw new Error("Not supported");
-  }
-  /**
-   * Implementation of {@link Crypto.CryptoApi#getVersion}.
-   */
-  getVersion() {
-    var olmVersionTuple = Crypto.getOlmVersion();
-    return "Olm ".concat(olmVersionTuple[0], ".").concat(olmVersionTuple[1], ".").concat(olmVersionTuple[2]);
-  }
-
-  /**
-   * Whether to trust a others users signatures of their devices.
-   * If false, devices will only be considered 'verified' if we have
-   * verified that device individually (effectively disabling cross-signing).
-   *
-   * Default: true
-   *
-   * @returns True if trusting cross-signed devices
-   */
-  getTrustCrossSignedDevices() {
-    return this.trustCrossSignedDevices;
-  }
-
-  /**
-   * @deprecated Use {@link Crypto.CryptoApi#getTrustCrossSignedDevices}.
-   */
-  getCryptoTrustCrossSignedDevices() {
-    return this.trustCrossSignedDevices;
-  }
-
-  /**
-   * See getCryptoTrustCrossSignedDevices
-   *
-   * @param val - True to trust cross-signed devices
-   */
-  setTrustCrossSignedDevices(val) {
-    this.trustCrossSignedDevices = val;
-    for (var _userId of this.deviceList.getKnownUserIds()) {
-      var devices = this.deviceList.getRawStoredDevicesForUser(_userId);
-      for (var _deviceId of Object.keys(devices)) {
-        var deviceTrust = this.checkDeviceTrust(_userId, _deviceId);
-        // If the device is locally verified then isVerified() is always true,
-        // so this will only have caused the value to change if the device is
-        // cross-signing verified but not locally verified
-        if (!deviceTrust.isLocallyVerified() && deviceTrust.isCrossSigningVerified()) {
-          var deviceObj = this.deviceList.getStoredDevice(_userId, _deviceId);
-          this.emit(CryptoEvent.DeviceVerificationChanged, _userId, _deviceId, deviceObj);
-        }
-      }
-    }
-  }
-
-  /**
-   * @deprecated Use {@link Crypto.CryptoApi#setTrustCrossSignedDevices}.
-   */
-  setCryptoTrustCrossSignedDevices(val) {
-    this.setTrustCrossSignedDevices(val);
-  }
-
-  /**
-   * Create a recovery key from a user-supplied passphrase.
-   *
-   * @param password - Passphrase string that can be entered by the user
-   *     when restoring the backup as an alternative to entering the recovery key.
-   *     Optional.
-   * @returns Object with public key metadata, encoded private
-   *     recovery key which should be disposed of after displaying to the user,
-   *     and raw private key to avoid round tripping if needed.
-   */
-  createRecoveryKeyFromPassphrase(password) {
-    return _asyncToGenerator(function* () {
-      var decryption = new globalThis.Olm.PkDecryption();
-      try {
-        if (password) {
-          var derivation = yield keyFromPassphrase(password);
-          decryption.init_with_private_key(derivation.key);
-          var privateKey = decryption.get_private_key();
-          return {
-            keyInfo: {
-              passphrase: {
-                algorithm: "m.pbkdf2",
-                iterations: derivation.iterations,
-                salt: derivation.salt
-              }
-            },
-            privateKey: privateKey,
-            encodedPrivateKey: encodeRecoveryKey(privateKey)
-          };
-        } else {
-          decryption.generate_key();
-          var _privateKey = decryption.get_private_key();
-          return {
-            privateKey: _privateKey,
-            encodedPrivateKey: encodeRecoveryKey(_privateKey)
-          };
-        }
-      } finally {
-        decryption === null || decryption === void 0 || decryption.free();
-      }
-    })();
-  }
-
-  /**
-   * Checks if the user has previously published cross-signing keys
-   *
-   * This means downloading the devicelist for the user and checking if the list includes
-   * the cross-signing pseudo-device.
-   *
-   * @internal
-   */
-  userHasCrossSigningKeys() {
-    var _arguments2 = arguments,
-      _this3 = this;
-    return _asyncToGenerator(function* () {
-      var userId = _arguments2.length > 0 && _arguments2[0] !== undefined ? _arguments2[0] : _this3.userId;
-      yield _this3.downloadKeys([userId]);
-      return _this3.deviceList.getStoredCrossSigningForUser(userId) !== null;
-    })();
-  }
-
-  /**
-   * Checks whether cross signing:
-   * - is enabled on this account and trusted by this device
-   * - has private keys either cached locally or stored in secret storage
-   *
-   * If this function returns false, bootstrapCrossSigning() can be used
-   * to fix things such that it returns true. That is to say, after
-   * bootstrapCrossSigning() completes successfully, this function should
-   * return true.
-   *
-   * The cross-signing API is currently UNSTABLE and may change without notice.
-   *
-   * @returns True if cross-signing is ready to be used on this device
-   */
-  isCrossSigningReady() {
-    var _this4 = this;
-    return _asyncToGenerator(function* () {
-      var publicKeysOnDevice = _this4.crossSigningInfo.getId();
-      var privateKeysExistSomewhere = (yield _this4.crossSigningInfo.isStoredInKeyCache()) || (yield _this4.crossSigningInfo.isStoredInSecretStorage(_this4.secretStorage));
-      return !!(publicKeysOnDevice && privateKeysExistSomewhere);
-    })();
-  }
-
-  /**
-   * Checks whether secret storage:
-   * - is enabled on this account
-   * - is storing cross-signing private keys
-   * - is storing session backup key (if enabled)
-   *
-   * If this function returns false, bootstrapSecretStorage() can be used
-   * to fix things such that it returns true. That is to say, after
-   * bootstrapSecretStorage() completes successfully, this function should
-   * return true.
-   *
-   * The Secure Secret Storage API is currently UNSTABLE and may change without notice.
-   *
-   * @returns True if secret storage is ready to be used on this device
-   */
-  isSecretStorageReady() {
-    var _this5 = this;
-    return _asyncToGenerator(function* () {
-      var secretStorageKeyInAccount = yield _this5.secretStorage.hasKey();
-      var privateKeysInStorage = yield _this5.crossSigningInfo.isStoredInSecretStorage(_this5.secretStorage);
-      var sessionBackupInStorage = !_this5.backupManager.getKeyBackupEnabled() || (yield _this5.baseApis.isKeyBackupKeyStored());
-      return !!(secretStorageKeyInAccount && privateKeysInStorage && sessionBackupInStorage);
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#getCrossSigningStatus}
-   */
-  getCrossSigningStatus() {
-    var _this6 = this;
-    return _asyncToGenerator(function* () {
-      var _cacheCallbacks$getCr, _cacheCallbacks$getCr2, _cacheCallbacks$getCr3;
-      var publicKeysOnDevice = Boolean(_this6.crossSigningInfo.getId());
-      var privateKeysInSecretStorage = Boolean(yield _this6.crossSigningInfo.isStoredInSecretStorage(_this6.secretStorage));
-      var cacheCallbacks = _this6.crossSigningInfo.getCacheCallbacks();
-      var masterKey = Boolean(yield (_cacheCallbacks$getCr = cacheCallbacks.getCrossSigningKeyCache) === null || _cacheCallbacks$getCr === void 0 ? void 0 : _cacheCallbacks$getCr.call(cacheCallbacks, "master"));
-      var selfSigningKey = Boolean(yield (_cacheCallbacks$getCr2 = cacheCallbacks.getCrossSigningKeyCache) === null || _cacheCallbacks$getCr2 === void 0 ? void 0 : _cacheCallbacks$getCr2.call(cacheCallbacks, "self_signing"));
-      var userSigningKey = Boolean(yield (_cacheCallbacks$getCr3 = cacheCallbacks.getCrossSigningKeyCache) === null || _cacheCallbacks$getCr3 === void 0 ? void 0 : _cacheCallbacks$getCr3.call(cacheCallbacks, "user_signing"));
-      return {
-        publicKeysOnDevice,
-        privateKeysInSecretStorage,
-        privateKeysCachedLocally: {
-          masterKey,
-          selfSigningKey,
-          userSigningKey
-        }
-      };
-    })();
-  }
-
-  /**
-   * Bootstrap cross-signing by creating keys if needed. If everything is already
-   * set up, then no changes are made, so this is safe to run to ensure
-   * cross-signing is ready for use.
-   *
-   * This function:
-   * - creates new cross-signing keys if they are not found locally cached nor in
-   *   secret storage (if it has been setup)
-   *
-   * The cross-signing API is currently UNSTABLE and may change without notice.
-   */
-  bootstrapCrossSigning() {
-    var _arguments3 = arguments,
-      _this7 = this;
-    return _asyncToGenerator(function* () {
-      var {
-        authUploadDeviceSigningKeys,
-        setupNewCrossSigning
-      } = _arguments3.length > 0 && _arguments3[0] !== undefined ? _arguments3[0] : {};
-      logger.log("Bootstrapping cross-signing");
-      var delegateCryptoCallbacks = _this7.baseApis.cryptoCallbacks;
-      var builder = new EncryptionSetupBuilder(_this7.baseApis.store.accountData, delegateCryptoCallbacks);
-      var crossSigningInfo = new CrossSigningInfo(_this7.userId, builder.crossSigningCallbacks, builder.crossSigningCallbacks);
-
-      // Reset the cross-signing keys
-      var resetCrossSigning = /*#__PURE__*/function () {
-        var _ref4 = _asyncToGenerator(function* () {
-          crossSigningInfo.resetKeys();
-          // Sign master key with device key
-          yield _this7.signObject(crossSigningInfo.keys.master);
-
-          // Store auth flow helper function, as we need to call it when uploading
-          // to ensure we handle auth errors properly.
-          builder.addCrossSigningKeys(authUploadDeviceSigningKeys, crossSigningInfo.keys);
-
-          // Cross-sign own device
-          var device = _this7.deviceList.getStoredDevice(_this7.userId, _this7.deviceId);
-          var deviceSignature = yield crossSigningInfo.signDevice(_this7.userId, device);
-          builder.addKeySignature(_this7.userId, _this7.deviceId, deviceSignature);
-
-          // Sign message key backup with cross-signing master key
-          if (_this7.backupManager.backupInfo) {
-            yield crossSigningInfo.signObject(_this7.backupManager.backupInfo.auth_data, "master");
-            builder.addSessionBackup(_this7.backupManager.backupInfo);
-          }
-        });
-        return function resetCrossSigning() {
-          return _ref4.apply(this, arguments);
-        };
-      }();
-      var publicKeysOnDevice = _this7.crossSigningInfo.getId();
-      var privateKeysInCache = yield _this7.crossSigningInfo.isStoredInKeyCache();
-      var privateKeysInStorage = yield _this7.crossSigningInfo.isStoredInSecretStorage(_this7.secretStorage);
-      var privateKeysExistSomewhere = privateKeysInCache || privateKeysInStorage;
-
-      // Log all relevant state for easier parsing of debug logs.
-      logger.log({
-        setupNewCrossSigning,
-        publicKeysOnDevice,
-        privateKeysInCache,
-        privateKeysInStorage,
-        privateKeysExistSomewhere
-      });
-      if (!privateKeysExistSomewhere || setupNewCrossSigning) {
-        logger.log("Cross-signing private keys not found locally or in secret storage, " + "creating new keys");
-        // If a user has multiple devices, it important to only call bootstrap
-        // as part of some UI flow (and not silently during startup), as they
-        // may have setup cross-signing on a platform which has not saved keys
-        // to secret storage, and this would reset them. In such a case, you
-        // should prompt the user to verify any existing devices first (and
-        // request private keys from those devices) before calling bootstrap.
-        yield resetCrossSigning();
-      } else if (publicKeysOnDevice && privateKeysInCache) {
-        logger.log("Cross-signing public keys trusted and private keys found locally");
-      } else if (privateKeysInStorage) {
-        logger.log("Cross-signing private keys not found locally, but they are available " + "in secret storage, reading storage and caching locally");
-        yield _this7.checkOwnCrossSigningTrust({
-          allowPrivateKeyRequests: true
-        });
-      }
-
-      // Assuming no app-supplied callback, default to storing new private keys in
-      // secret storage if it exists. If it does not, it is assumed this will be
-      // done as part of setting up secret storage later.
-      var crossSigningPrivateKeys = builder.crossSigningCallbacks.privateKeys;
-      if (crossSigningPrivateKeys.size && !_this7.baseApis.cryptoCallbacks.saveCrossSigningKeys) {
-        var secretStorage = new ServerSideSecretStorageImpl(builder.accountDataClientAdapter, builder.ssssCryptoCallbacks);
-        if (yield secretStorage.hasKey()) {
-          logger.log("Storing new cross-signing private keys in secret storage");
-          // This is writing to in-memory account data in
-          // builder.accountDataClientAdapter so won't fail
-          yield CrossSigningInfo.storeInSecretStorage(crossSigningPrivateKeys, secretStorage);
-        }
-      }
-      var operation = builder.buildOperation();
-      yield operation.apply(_this7);
-      // This persists private keys and public keys as trusted,
-      // only do this if apply succeeded for now as retry isn't in place yet
-      yield builder.persist(_this7);
-      logger.log("Cross-signing ready");
-    })();
-  }
-
-  /**
-   * Bootstrap Secure Secret Storage if needed by creating a default key. If everything is
-   * already set up, then no changes are made, so this is safe to run to ensure secret
-   * storage is ready for use.
-   *
-   * This function
-   * - creates a new Secure Secret Storage key if no default key exists
-   *   - if a key backup exists, it is migrated to store the key in the Secret
-   *     Storage
-   * - creates a backup if none exists, and one is requested
-   * - migrates Secure Secret Storage to use the latest algorithm, if an outdated
-   *   algorithm is found
-   *
-   * The Secure Secret Storage API is currently UNSTABLE and may change without notice.
-   *
-   * Returns:
-   *     A promise which resolves to key creation data for
-   *     SecretStorage#addKey: an object with `passphrase` etc fields.
-   */
-  // TODO this does not resolve with what it says it does
-  bootstrapSecretStorage() {
-    var _arguments4 = arguments,
-      _this8 = this;
-    return _asyncToGenerator(function* () {
-      var {
-        createSecretStorageKey = /*#__PURE__*/_asyncToGenerator(function* () {
-          return {};
-        }),
-        keyBackupInfo,
-        setupNewKeyBackup,
-        setupNewSecretStorage,
-        getKeyBackupPassphrase
-      } = _arguments4.length > 0 && _arguments4[0] !== undefined ? _arguments4[0] : {};
-      logger.log("Bootstrapping Secure Secret Storage");
-      var delegateCryptoCallbacks = _this8.baseApis.cryptoCallbacks;
-      var builder = new EncryptionSetupBuilder(_this8.baseApis.store.accountData, delegateCryptoCallbacks);
-      var secretStorage = new ServerSideSecretStorageImpl(builder.accountDataClientAdapter, builder.ssssCryptoCallbacks);
-
-      // the ID of the new SSSS key, if we create one
-      var newKeyId = null;
-
-      // create a new SSSS key and set it as default
-      var createSSSS = /*#__PURE__*/function () {
-        var _ref6 = _asyncToGenerator(function* (opts) {
-          var {
-            keyId,
-            keyInfo
-          } = yield secretStorage.addKey(SECRET_STORAGE_ALGORITHM_V1_AES, opts);
-
-          // make the private key available to encrypt 4S secrets
-          builder.ssssCryptoCallbacks.addPrivateKey(keyId, keyInfo, opts.key);
-          yield secretStorage.setDefaultKeyId(keyId);
-          return keyId;
-        });
-        return function createSSSS(_x3) {
-          return _ref6.apply(this, arguments);
-        };
-      }();
-      var ensureCanCheckPassphrase = /*#__PURE__*/function () {
-        var _ref7 = _asyncToGenerator(function* (keyId, keyInfo) {
-          if (!keyInfo.mac) {
-            var _this8$baseApis$crypt, _this8$baseApis$crypt2;
-            var key = yield (_this8$baseApis$crypt = (_this8$baseApis$crypt2 = _this8.baseApis.cryptoCallbacks).getSecretStorageKey) === null || _this8$baseApis$crypt === void 0 ? void 0 : _this8$baseApis$crypt.call(_this8$baseApis$crypt2, {
-              keys: {
-                [keyId]: keyInfo
-              }
-            }, "");
-            if (key) {
-              var privateKey = key[1];
-              builder.ssssCryptoCallbacks.addPrivateKey(keyId, keyInfo, privateKey);
-              var {
-                iv,
-                mac
-              } = yield calculateKeyCheck(privateKey);
-              keyInfo.iv = iv;
-              keyInfo.mac = mac;
-              yield builder.setAccountData("m.secret_storage.key.".concat(keyId), keyInfo);
-            }
-          }
-        });
-        return function ensureCanCheckPassphrase(_x4, _x5) {
-          return _ref7.apply(this, arguments);
-        };
-      }();
-      var signKeyBackupWithCrossSigning = /*#__PURE__*/function () {
-        var _ref8 = _asyncToGenerator(function* (keyBackupAuthData) {
-          if (_this8.crossSigningInfo.getId() && (yield _this8.crossSigningInfo.isStoredInKeyCache("master"))) {
-            try {
-              logger.log("Adding cross-signing signature to key backup");
-              yield _this8.crossSigningInfo.signObject(keyBackupAuthData, "master");
-            } catch (e) {
-              // This step is not critical (just helpful), so we catch here
-              // and continue if it fails.
-              logger.error("Signing key backup with cross-signing keys failed", e);
-            }
-          } else {
-            logger.warn("Cross-signing keys not available, skipping signature on key backup");
-          }
-        });
-        return function signKeyBackupWithCrossSigning(_x6) {
-          return _ref8.apply(this, arguments);
-        };
-      }();
-      var oldSSSSKey = yield _this8.secretStorage.getKey();
-      var [oldKeyId, oldKeyInfo] = oldSSSSKey || [null, null];
-      var storageExists = !setupNewSecretStorage && oldKeyInfo && oldKeyInfo.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES;
-
-      // Log all relevant state for easier parsing of debug logs.
-      logger.log({
-        keyBackupInfo,
-        setupNewKeyBackup,
-        setupNewSecretStorage,
-        storageExists,
-        oldKeyInfo
-      });
-      if (!storageExists && !keyBackupInfo) {
-        // either we don't have anything, or we've been asked to restart
-        // from scratch
-        logger.log("Secret storage does not exist, creating new storage key");
-
-        // if we already have a usable default SSSS key and aren't resetting
-        // SSSS just use it. otherwise, create a new one
-        // Note: we leave the old SSSS key in place: there could be other
-        // secrets using it, in theory. We could move them to the new key but a)
-        // that would mean we'd need to prompt for the old passphrase, and b)
-        // it's not clear that would be the right thing to do anyway.
-        var {
-          keyInfo,
-          privateKey
-        } = yield createSecretStorageKey();
-        newKeyId = yield createSSSS({
-          passphrase: keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.passphrase,
-          key: privateKey,
-          name: keyInfo === null || keyInfo === void 0 ? void 0 : keyInfo.name
-        });
-      } else if (!storageExists && keyBackupInfo) {
-        // we have an existing backup, but no SSSS
-        logger.log("Secret storage does not exist, using key backup key");
-
-        // if we have the backup key already cached, use it; otherwise use the
-        // callback to prompt for the key
-        var backupKey = (yield _this8.getSessionBackupPrivateKey()) || (yield getKeyBackupPassphrase === null || getKeyBackupPassphrase === void 0 ? void 0 : getKeyBackupPassphrase());
-
-        // create a new SSSS key and use the backup key as the new SSSS key
-        var opts = {
-          key: backupKey
-        };
-        if (keyBackupInfo.auth_data.private_key_salt && keyBackupInfo.auth_data.private_key_iterations) {
-          // FIXME: ???
-          opts.passphrase = {
-            algorithm: "m.pbkdf2",
-            iterations: keyBackupInfo.auth_data.private_key_iterations,
-            salt: keyBackupInfo.auth_data.private_key_salt,
-            bits: 256
-          };
-        }
-        newKeyId = yield createSSSS(opts);
-
-        // store the backup key in secret storage
-        yield secretStorage.store("m.megolm_backup.v1", encodeBase64(backupKey), [newKeyId]);
-
-        // The backup is trusted because the user provided the private key.
-        // Sign the backup with the cross-signing key so the key backup can
-        // be trusted via cross-signing.
-        yield signKeyBackupWithCrossSigning(keyBackupInfo.auth_data);
-        builder.addSessionBackup(keyBackupInfo);
-      } else {
-        // 4S is already set up
-        logger.log("Secret storage exists");
-        if (oldKeyInfo && oldKeyInfo.algorithm === SECRET_STORAGE_ALGORITHM_V1_AES) {
-          // make sure that the default key has the information needed to
-          // check the passphrase
-          yield ensureCanCheckPassphrase(oldKeyId, oldKeyInfo);
-        }
-      }
-
-      // If we have cross-signing private keys cached, store them in secret
-      // storage if they are not there already.
-      if (!_this8.baseApis.cryptoCallbacks.saveCrossSigningKeys && (yield _this8.isCrossSigningReady()) && (newKeyId || !(yield _this8.crossSigningInfo.isStoredInSecretStorage(secretStorage)))) {
-        logger.log("Copying cross-signing private keys from cache to secret storage");
-        var crossSigningPrivateKeys = yield _this8.crossSigningInfo.getCrossSigningKeysFromCache();
-        // This is writing to in-memory account data in
-        // builder.accountDataClientAdapter so won't fail
-        yield CrossSigningInfo.storeInSecretStorage(crossSigningPrivateKeys, secretStorage);
-      }
-      if (setupNewKeyBackup && !keyBackupInfo) {
-        logger.log("Creating new message key backup version");
-        var info = yield _this8.baseApis.prepareKeyBackupVersion(null /* random key */,
-        // don't write to secret storage, as it will write to this.secretStorage.
-        // Here, we want to capture all the side-effects of bootstrapping,
-        // and want to write to the local secretStorage object
-        {
-          secureSecretStorage: false
-        });
-        // write the key to 4S
-        var _privateKey2 = decodeRecoveryKey(info.recovery_key);
-        yield secretStorage.store("m.megolm_backup.v1", encodeBase64(_privateKey2));
-
-        // create keyBackupInfo object to add to builder
-        var data = {
-          algorithm: info.algorithm,
-          auth_data: info.auth_data
-        };
-
-        // Sign with cross-signing master key
-        yield signKeyBackupWithCrossSigning(data.auth_data);
-
-        // sign with the device fingerprint
-        yield _this8.signObject(data.auth_data);
-        builder.addSessionBackup(data);
-      }
-
-      // Cache the session backup key
-      var sessionBackupKey = yield secretStorage.get("m.megolm_backup.v1");
-      if (sessionBackupKey) {
-        logger.info("Got session backup key from secret storage: caching");
-        // fix up the backup key if it's in the wrong format, and replace
-        // in secret storage
-        var fixedBackupKey = fixBackupKey(sessionBackupKey);
-        if (fixedBackupKey) {
-          var keyId = newKeyId || oldKeyId;
-          yield secretStorage.store("m.megolm_backup.v1", fixedBackupKey, keyId ? [keyId] : null);
-        }
-        var decodedBackupKey = new Uint8Array(decodeBase64(fixedBackupKey || sessionBackupKey));
-        builder.addSessionBackupPrivateKeyToCache(decodedBackupKey);
-      } else if (_this8.backupManager.getKeyBackupEnabled()) {
-        // key backup is enabled but we don't have a session backup key in SSSS: see if we have one in
-        // the cache or the user can provide one, and if so, write it to SSSS
-        var _backupKey = (yield _this8.getSessionBackupPrivateKey()) || (yield getKeyBackupPassphrase === null || getKeyBackupPassphrase === void 0 ? void 0 : getKeyBackupPassphrase());
-        if (!_backupKey) {
-          // This will require user intervention to recover from since we don't have the key
-          // backup key anywhere. The user should probably just set up a new key backup and
-          // the key for the new backup will be stored. If we hit this scenario in the wild
-          // with any frequency, we should do more than just log an error.
-          logger.error("Key backup is enabled but couldn't get key backup key!");
-          return;
-        }
-        logger.info("Got session backup key from cache/user that wasn't in SSSS: saving to SSSS");
-        yield secretStorage.store("m.megolm_backup.v1", encodeBase64(_backupKey));
-      }
-      var operation = builder.buildOperation();
-      yield operation.apply(_this8);
-      // this persists private keys and public keys as trusted,
-      // only do this if apply succeeded for now as retry isn't in place yet
-      yield builder.persist(_this8);
-      logger.log("Secure Secret Storage ready");
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#resetKeyBackup}.
-   */
-  resetKeyBackup() {
-    var _this9 = this;
-    return _asyncToGenerator(function* () {
-      // Delete existing ones
-      // There is no use case for having several key backup version live server side.
-      // Even if not deleted it would be lost as the key to restore is lost.
-      // There should be only one backup at a time.
-      yield _this9.backupManager.deleteAllKeyBackupVersions();
-      var info = yield _this9.backupManager.prepareKeyBackupVersion();
-      yield _this9.signObject(info.auth_data);
-
-      // add new key backup
-      var {
-        version
-      } = yield _this9.baseApis.http.authedRequest(Method.Post, "/room_keys/version", undefined, info, {
-        prefix: ClientPrefix.V3
-      });
-      logger.log("Created backup version ".concat(version));
-
-      // write the key to 4S
-      var privateKey = info.privateKey;
-      yield _this9.secretStorage.store("m.megolm_backup.v1", encodeBase64(privateKey));
-      yield _this9.storeSessionBackupPrivateKey(privateKey);
-      yield _this9.backupManager.checkAndStart();
-      yield _this9.backupManager.scheduleAllGroupSessionsForBackup();
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#deleteKeyBackupVersion}.
-   */
-  deleteKeyBackupVersion(version) {
-    var _this10 = this;
-    return _asyncToGenerator(function* () {
-      yield _this10.backupManager.deleteKeyBackupVersion(version);
-    })();
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#addKey}.
-   */
-  addSecretStorageKey(algorithm, opts, keyID) {
-    return this.secretStorage.addKey(algorithm, opts, keyID);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#hasKey}.
-   */
-  hasSecretStorageKey(keyID) {
-    return this.secretStorage.hasKey(keyID);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#getKey}.
-   */
-  getSecretStorageKey(keyID) {
-    return this.secretStorage.getKey(keyID);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#store}.
-   */
-  storeSecret(name, secret, keys) {
-    return this.secretStorage.store(name, secret, keys);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#get}.
-   */
-  getSecret(name) {
-    return this.secretStorage.get(name);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#isStored}.
-   */
-  isSecretStored(name) {
-    return this.secretStorage.isStored(name);
-  }
-  requestSecret(name, devices) {
-    if (!devices) {
-      devices = Object.keys(this.deviceList.getRawStoredDevicesForUser(this.userId));
-    }
-    return this.secretStorage.request(name, devices);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#getDefaultKeyId}.
-   */
-  getDefaultSecretStorageKeyId() {
-    return this.secretStorage.getDefaultKeyId();
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#setDefaultKeyId}.
-   */
-  setDefaultSecretStorageKeyId(k) {
-    return this.secretStorage.setDefaultKeyId(k);
-  }
-
-  /**
-   * @deprecated Use {@link MatrixClient#secretStorage} and {@link SecretStorage.ServerSideSecretStorage#checkKey}.
-   */
-  checkSecretStorageKey(key, info) {
-    return this.secretStorage.checkKey(key, info);
-  }
-
-  /**
-   * Checks that a given secret storage private key matches a given public key.
-   * This can be used by the getSecretStorageKey callback to verify that the
-   * private key it is about to supply is the one that was requested.
-   *
-   * @param privateKey - The private key
-   * @param expectedPublicKey - The public key
-   * @returns true if the key matches, otherwise false
-   */
-  checkSecretStoragePrivateKey(privateKey, expectedPublicKey) {
-    var decryption = null;
-    try {
-      decryption = new globalThis.Olm.PkDecryption();
-      var gotPubkey = decryption.init_with_private_key(privateKey);
-      // make sure it agrees with the given pubkey
-      return gotPubkey === expectedPublicKey;
-    } finally {
-      var _decryption;
-      (_decryption = decryption) === null || _decryption === void 0 || _decryption.free();
-    }
-  }
-
-  /**
-   * Fetches the backup private key, if cached
-   * @returns the key, if any, or null
-   */
-  getSessionBackupPrivateKey() {
-    var _this11 = this;
-    return _asyncToGenerator(function* () {
-      var encodedKey = yield new Promise(resolve => {
-        _this11.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_ACCOUNT], txn => {
-          _this11.cryptoStore.getSecretStorePrivateKey(txn, resolve, "m.megolm_backup.v1");
-        });
-      });
-      var key = null;
-
-      // make sure we have a Uint8Array, rather than a string
-      if (typeof encodedKey === "string") {
-        key = new Uint8Array(decodeBase64(fixBackupKey(encodedKey) || encodedKey));
-        yield _this11.storeSessionBackupPrivateKey(key);
-      }
-      if (encodedKey && typeof encodedKey === "object" && "ciphertext" in encodedKey) {
-        var pickleKey = Buffer.from(_this11.olmDevice.pickleKey);
-        var decrypted = yield decryptAESSecretStorageItem(encodedKey, pickleKey, "m.megolm_backup.v1");
-        key = decodeBase64(decrypted);
-      }
-      return key;
-    })();
-  }
-
-  /**
-   * Stores the session backup key to the cache
-   * @param key - the private key
-   * @returns a promise so you can catch failures
-   */
-  storeSessionBackupPrivateKey(key, version) {
-    var _this12 = this;
-    return _asyncToGenerator(function* () {
-      if (!(key instanceof Uint8Array)) {
-        // eslint-disable-next-line @typescript-eslint/no-base-to-string
-        throw new Error("storeSessionBackupPrivateKey expects Uint8Array, got ".concat(key));
-      }
-      var pickleKey = Buffer.from(_this12.olmDevice.pickleKey);
-      var encryptedKey = yield encryptAESSecretStorageItem(encodeBase64(key), pickleKey, "m.megolm_backup.v1");
-      return _this12.cryptoStore.doTxn("readwrite", [IndexedDBCryptoStore.STORE_ACCOUNT], txn => {
-        _this12.cryptoStore.storeSecretStorePrivateKey(txn, "m.megolm_backup.v1", encryptedKey);
-      });
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.loadSessionBackupPrivateKeyFromSecretStorage}.
-   */
-  loadSessionBackupPrivateKeyFromSecretStorage() {
-    throw new Error("Not implmeented");
-  }
-
-  /**
-   * Get the current status of key backup.
-   *
-   * Implementation of {@link Crypto.CryptoApi.getActiveSessionBackupVersion}.
-   */
-  getActiveSessionBackupVersion() {
-    var _this13 = this;
-    return _asyncToGenerator(function* () {
-      if (_this13.backupManager.getKeyBackupEnabled()) {
-        var _this13$backupManager;
-        return (_this13$backupManager = _this13.backupManager.version) !== null && _this13$backupManager !== void 0 ? _this13$backupManager : null;
-      }
-      return null;
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#getKeyBackupInfo}.
-   */
-  getKeyBackupInfo() {
-    return _asyncToGenerator(function* () {
-      throw new Error("Not implemented");
-    })();
-  }
-
-  /**
-   * Determine if a key backup can be trusted.
-   *
-   * Implementation of {@link Crypto.CryptoApi.isKeyBackupTrusted}.
-   */
-  isKeyBackupTrusted(info) {
-    var _this14 = this;
-    return _asyncToGenerator(function* () {
-      var trustInfo = yield _this14.backupManager.isKeyBackupTrusted(info);
-      return backupTrustInfoFromLegacyTrustInfo(trustInfo);
-    })();
-  }
-
-  /**
-   * Force a re-check of the key backup and enable/disable it as appropriate.
-   *
-   * Implementation of {@link Crypto.CryptoApi.checkKeyBackupAndEnable}.
-   */
-  checkKeyBackupAndEnable() {
-    var _this15 = this;
-    return _asyncToGenerator(function* () {
-      var checkResult = yield _this15.backupManager.checkKeyBackup();
-      if (!checkResult || !checkResult.backupInfo) return null;
-      return {
-        backupInfo: checkResult.backupInfo,
-        trustInfo: backupTrustInfoFromLegacyTrustInfo(checkResult.trustInfo)
-      };
-    })();
-  }
-
-  /**
-   * Checks that a given cross-signing private key matches a given public key.
-   * This can be used by the getCrossSigningKey callback to verify that the
-   * private key it is about to supply is the one that was requested.
-   *
-   * @param privateKey - The private key
-   * @param expectedPublicKey - The public key
-   * @returns true if the key matches, otherwise false
-   */
-  checkCrossSigningPrivateKey(privateKey, expectedPublicKey) {
-    var signing = null;
-    try {
-      signing = new globalThis.Olm.PkSigning();
-      var gotPubkey = signing.init_with_seed(privateKey);
-      // make sure it agrees with the given pubkey
-      return gotPubkey === expectedPublicKey;
-    } finally {
-      var _signing;
-      (_signing = signing) === null || _signing === void 0 || _signing.free();
-    }
-  }
-
-  /**
-   * Run various follow-up actions after cross-signing keys have changed locally
-   * (either by resetting the keys for the account or by getting them from secret
-   * storage), such as signing the current device, upgrading device
-   * verifications, etc.
-   */
-  afterCrossSigningLocalKeyChange() {
-    var _this16 = this;
-    return _asyncToGenerator(function* () {
-      logger.info("Starting cross-signing key change post-processing");
-
-      // sign the current device with the new key, and upload to the server
-      var device = _this16.deviceList.getStoredDevice(_this16.userId, _this16.deviceId);
-      var signedDevice = yield _this16.crossSigningInfo.signDevice(_this16.userId, device);
-      logger.info("Starting background key sig upload for ".concat(_this16.deviceId));
-      var upload = _ref9 => {
-        var {
-          shouldEmit = false
-        } = _ref9;
-        return _this16.baseApis.uploadKeySignatures({
-          [_this16.userId]: {
-            [_this16.deviceId]: signedDevice
-          }
-        }).then(response => {
-          var {
-            failures
-          } = response || {};
-          if (Object.keys(failures || []).length > 0) {
-            if (shouldEmit) {
-              _this16.baseApis.emit(CryptoEvent.KeySignatureUploadFailure, failures, "afterCrossSigningLocalKeyChange", upload // continuation
-              );
-            }
-            throw new KeySignatureUploadError("Key upload failed", {
-              failures
-            });
-          }
-          logger.info("Finished background key sig upload for ".concat(_this16.deviceId));
-        }).catch(e => {
-          logger.error("Error during background key sig upload for ".concat(_this16.deviceId), e);
-        });
-      };
-      upload({
-        shouldEmit: true
-      });
-      var shouldUpgradeCb = _this16.baseApis.cryptoCallbacks.shouldUpgradeDeviceVerifications;
-      if (shouldUpgradeCb) {
-        logger.info("Starting device verification upgrade");
-
-        // Check all users for signatures if upgrade callback present
-        // FIXME: do this in batches
-        var users = {};
-        for (var [_userId2, crossSigningInfo] of Object.entries(_this16.deviceList.crossSigningInfo)) {
-          var upgradeInfo = yield _this16.checkForDeviceVerificationUpgrade(_userId2, CrossSigningInfo.fromStorage(crossSigningInfo, _userId2));
-          if (upgradeInfo) {
-            users[_userId2] = upgradeInfo;
-          }
-        }
-        if (Object.keys(users).length > 0) {
-          logger.info("Found ".concat(Object.keys(users).length, " verif users to upgrade"));
-          try {
-            var usersToUpgrade = yield shouldUpgradeCb({
-              users: users
-            });
-            if (usersToUpgrade) {
-              for (var _userId3 of usersToUpgrade) {
-                if (_userId3 in users) {
-                  yield _this16.baseApis.setDeviceVerified(_userId3, users[_userId3].crossSigningInfo.getId());
-                }
-              }
-            }
-          } catch (e) {
-            logger.log("shouldUpgradeDeviceVerifications threw an error: not upgrading", e);
-          }
-        }
-        logger.info("Finished device verification upgrade");
-      }
-      logger.info("Finished cross-signing key change post-processing");
-    })();
-  }
-
-  /**
-   * Check if a user's cross-signing key is a candidate for upgrading from device
-   * verification.
-   *
-   * @param userId - the user whose cross-signing information is to be checked
-   * @param crossSigningInfo - the cross-signing information to check
-   */
-  checkForDeviceVerificationUpgrade(userId, crossSigningInfo) {
-    var _this17 = this;
-    return _asyncToGenerator(function* () {
-      // only upgrade if this is the first cross-signing key that we've seen for
-      // them, and if their cross-signing key isn't already verified
-      var trustLevel = _this17.crossSigningInfo.checkUserTrust(crossSigningInfo);
-      if (crossSigningInfo.firstUse && !trustLevel.isVerified()) {
-        var devices = _this17.deviceList.getRawStoredDevicesForUser(userId);
-        var deviceIds = yield _this17.checkForValidDeviceSignature(userId, crossSigningInfo.keys.master, devices);
-        if (deviceIds.length) {
-          return {
-            devices: deviceIds.map(deviceId => DeviceInfo.fromStorage(devices[deviceId], deviceId)),
-            crossSigningInfo
-          };
-        }
-      }
-    })();
-  }
-
-  /**
-   * Check if the cross-signing key is signed by a verified device.
-   *
-   * @param userId - the user ID whose key is being checked
-   * @param key - the key that is being checked
-   * @param devices - the user's devices.  Should be a map from device ID
-   *     to device info
-   */
-  checkForValidDeviceSignature(userId, key, devices) {
-    var _this18 = this;
-    return _asyncToGenerator(function* () {
-      var deviceIds = [];
-      if (devices && key.signatures && key.signatures[userId]) {
-        for (var signame of Object.keys(key.signatures[userId])) {
-          var [, _deviceId2] = signame.split(":", 2);
-          if (_deviceId2 in devices && devices[_deviceId2].verified === DeviceVerification.VERIFIED) {
-            try {
-              yield olmlib.verifySignature(_this18.olmDevice, key, userId, _deviceId2, devices[_deviceId2].keys[signame]);
-              deviceIds.push(_deviceId2);
-            } catch (_unused) {}
-          }
-        }
-      }
-      return deviceIds;
-    })();
-  }
-
-  /**
-   * Get the user's cross-signing key ID.
-   *
-   * @param type - The type of key to get the ID of.  One of
-   *     "master", "self_signing", or "user_signing".  Defaults to "master".
-   *
-   * @returns the key ID
-   */
-  getCrossSigningKeyId() {
-    var type = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : CrossSigningKey.Master;
-    return Promise.resolve(this.getCrossSigningId(type));
-  }
-
-  // old name, for backwards compatibility
-  getCrossSigningId(type) {
-    return this.crossSigningInfo.getId(type);
-  }
-
-  /**
-   * Get the cross signing information for a given user.
-   *
-   * @param userId - the user ID to get the cross-signing info for.
-   *
-   * @returns the cross signing information for the user.
-   */
-  getStoredCrossSigningForUser(userId) {
-    return this.deviceList.getStoredCrossSigningForUser(userId);
-  }
-
-  /**
-   * Check whether a given user is trusted.
-   *
-   * @param userId - The ID of the user to check.
-   *
-   * @returns
-   */
-  checkUserTrust(userId) {
-    var userCrossSigning = this.deviceList.getStoredCrossSigningForUser(userId);
-    if (!userCrossSigning) {
-      return new UserTrustLevel(false, false, false);
-    }
-    return this.crossSigningInfo.checkUserTrust(userCrossSigning);
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi.getUserVerificationStatus}.
-   */
-  getUserVerificationStatus(userId) {
-    var _this19 = this;
-    return _asyncToGenerator(function* () {
-      return _this19.checkUserTrust(userId);
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi.pinCurrentUserIdentity}.
-   */
-  pinCurrentUserIdentity(userId) {
-    return _asyncToGenerator(function* () {
-      throw new Error("not implemented");
-    })();
-  }
-
-  /**
-   * Check whether a given device is trusted.
-   *
-   * @param userId - The ID of the user whose device is to be checked.
-   * @param deviceId - The ID of the device to check
-   */
-  getDeviceVerificationStatus(userId, deviceId) {
-    var _this20 = this;
-    return _asyncToGenerator(function* () {
-      var device = _this20.deviceList.getStoredDevice(userId, deviceId);
-      if (!device) {
-        return null;
-      }
-      return _this20.checkDeviceInfoTrust(userId, device);
-    })();
-  }
-
-  /**
-   * @deprecated Use {@link Crypto.CryptoApi.getDeviceVerificationStatus}.
-   */
-  checkDeviceTrust(userId, deviceId) {
-    var device = this.deviceList.getStoredDevice(userId, deviceId);
-    return this.checkDeviceInfoTrust(userId, device);
-  }
-
-  /**
-   * Check whether a given deviceinfo is trusted.
-   *
-   * @param userId - The ID of the user whose devices is to be checked.
-   * @param device - The device info object to check
-   *
-   * @deprecated Use {@link Crypto.CryptoApi.getDeviceVerificationStatus}.
-   */
-  checkDeviceInfoTrust(userId, device) {
-    var trustedLocally = !!(device !== null && device !== void 0 && device.isVerified());
-    var userCrossSigning = this.deviceList.getStoredCrossSigningForUser(userId);
-    if (device && userCrossSigning) {
-      // The trustCrossSignedDevices only affects trust of other people's cross-signing
-      // signatures
-      var trustCrossSig = this.trustCrossSignedDevices || userId === this.userId;
-      return this.crossSigningInfo.checkDeviceTrust(userCrossSigning, device, trustedLocally, trustCrossSig);
-    } else {
-      return new DeviceTrustLevel(false, false, trustedLocally, false);
-    }
-  }
-
-  /**
-   * Check whether one of our own devices is cross-signed by our
-   * user's stored keys, regardless of whether we trust those keys yet.
-   *
-   * @param deviceId - The ID of the device to check
-   *
-   * @returns true if the device is cross-signed
-   */
-  checkIfOwnDeviceCrossSigned(deviceId) {
-    var _userCrossSigning$che;
-    var device = this.deviceList.getStoredDevice(this.userId, deviceId);
-    if (!device) return false;
-    var userCrossSigning = this.deviceList.getStoredCrossSigningForUser(this.userId);
-    return (_userCrossSigning$che = userCrossSigning === null || userCrossSigning === void 0 ? void 0 : userCrossSigning.checkDeviceTrust(userCrossSigning, device, false, true).isCrossSigningVerified()) !== null && _userCrossSigning$che !== void 0 ? _userCrossSigning$che : false;
-  }
-  /**
-   * Check the copy of our cross-signing key that we have in the device list and
-   * see if we can get the private key. If so, mark it as trusted.
-   */
-  checkOwnCrossSigningTrust() {
-    var _arguments5 = arguments,
-      _this21 = this;
-    return _asyncToGenerator(function* () {
-      var {
-        allowPrivateKeyRequests = false
-      } = _arguments5.length > 0 && _arguments5[0] !== undefined ? _arguments5[0] : {};
-      var userId = _this21.userId;
-
-      // Before proceeding, ensure our cross-signing public keys have been
-      // downloaded via the device list.
-      yield _this21.downloadKeys([_this21.userId]);
-
-      // Also check which private keys are locally cached.
-      var crossSigningPrivateKeys = yield _this21.crossSigningInfo.getCrossSigningKeysFromCache();
-
-      // If we see an update to our own master key, check it against the master
-      // key we have and, if it matches, mark it as verified
-
-      // First, get the new cross-signing info
-      var newCrossSigning = _this21.deviceList.getStoredCrossSigningForUser(userId);
-      if (!newCrossSigning) {
-        logger.error("Got cross-signing update event for user " + userId + " but no new cross-signing information found!");
-        return;
-      }
-      var seenPubkey = newCrossSigning.getId();
-      var masterChanged = _this21.crossSigningInfo.getId() !== seenPubkey;
-      var masterExistsNotLocallyCached = newCrossSigning.getId() && !crossSigningPrivateKeys.has("master");
-      if (masterChanged) {
-        logger.info("Got new master public key", seenPubkey);
-      }
-      if (allowPrivateKeyRequests && (masterChanged || masterExistsNotLocallyCached)) {
-        logger.info("Attempting to retrieve cross-signing master private key");
-        var signing = null;
-        // It's important for control flow that we leave any errors alone for
-        // higher levels to handle so that e.g. cancelling access properly
-        // aborts any larger operation as well.
-        try {
-          var ret = yield _this21.crossSigningInfo.getCrossSigningKey("master", seenPubkey);
-          signing = ret[1];
-          logger.info("Got cross-signing master private key");
-        } finally {
-          var _signing2;
-          (_signing2 = signing) === null || _signing2 === void 0 || _signing2.free();
-        }
-      }
-      var oldSelfSigningId = _this21.crossSigningInfo.getId("self_signing");
-      var oldUserSigningId = _this21.crossSigningInfo.getId("user_signing");
-
-      // Update the version of our keys in our cross-signing object and the local store
-      _this21.storeTrustedSelfKeys(newCrossSigning.keys);
-      var selfSigningChanged = oldSelfSigningId !== newCrossSigning.getId("self_signing");
-      var userSigningChanged = oldUserSigningId !== newCrossSigning.getId("user_signing");
-      var selfSigningExistsNotLocallyCached = newCrossSigning.getId("self_signing") && !crossSigningPrivateKeys.has("self_signing");
-      var userSigningExistsNotLocallyCached = newCrossSigning.getId("user_signing") && !crossSigningPrivateKeys.has("user_signing");
-      var keySignatures = {};
-      if (selfSigningChanged) {
-        logger.info("Got new self-signing key", newCrossSigning.getId("self_signing"));
-      }
-      if (allowPrivateKeyRequests && (selfSigningChanged || selfSigningExistsNotLocallyCached)) {
-        logger.info("Attempting to retrieve cross-signing self-signing private key");
-        var _signing3 = null;
-        try {
-          var _ret = yield _this21.crossSigningInfo.getCrossSigningKey("self_signing", newCrossSigning.getId("self_signing"));
-          _signing3 = _ret[1];
-          logger.info("Got cross-signing self-signing private key");
-        } finally {
-          var _signing4;
-          (_signing4 = _signing3) === null || _signing4 === void 0 || _signing4.free();
-        }
-        var device = _this21.deviceList.getStoredDevice(_this21.userId, _this21.deviceId);
-        var signedDevice = yield _this21.crossSigningInfo.signDevice(_this21.userId, device);
-        keySignatures[_this21.deviceId] = signedDevice;
-      }
-      if (userSigningChanged) {
-        logger.info("Got new user-signing key", newCrossSigning.getId("user_signing"));
-      }
-      if (allowPrivateKeyRequests && (userSigningChanged || userSigningExistsNotLocallyCached)) {
-        logger.info("Attempting to retrieve cross-signing user-signing private key");
-        var _signing5 = null;
-        try {
-          var _ret2 = yield _this21.crossSigningInfo.getCrossSigningKey("user_signing", newCrossSigning.getId("user_signing"));
-          _signing5 = _ret2[1];
-          logger.info("Got cross-signing user-signing private key");
-        } finally {
-          var _signing6;
-          (_signing6 = _signing5) === null || _signing6 === void 0 || _signing6.free();
-        }
-      }
-      if (masterChanged) {
-        var masterKey = _this21.crossSigningInfo.keys.master;
-        yield _this21.signObject(masterKey);
-        var deviceSig = masterKey.signatures[_this21.userId]["ed25519:" + _this21.deviceId];
-        // Include only the _new_ device signature in the upload.
-        // We may have existing signatures from deleted devices, which will cause
-        // the entire upload to fail.
-        keySignatures[_this21.crossSigningInfo.getId()] = Object.assign({}, masterKey, {
-          signatures: {
-            [_this21.userId]: {
-              ["ed25519:" + _this21.deviceId]: deviceSig
-            }
-          }
-        });
-      }
-      var keysToUpload = Object.keys(keySignatures);
-      if (keysToUpload.length) {
-        var upload = _ref10 => {
-          var {
-            shouldEmit = false
-          } = _ref10;
-          logger.info("Starting background key sig upload for ".concat(keysToUpload));
-          return _this21.baseApis.uploadKeySignatures({
-            [_this21.userId]: keySignatures
-          }).then(response => {
-            var {
-              failures
-            } = response || {};
-            logger.info("Finished background key sig upload for ".concat(keysToUpload));
-            if (Object.keys(failures || []).length > 0) {
-              if (shouldEmit) {
-                _this21.baseApis.emit(CryptoEvent.KeySignatureUploadFailure, failures, "checkOwnCrossSigningTrust", upload);
-              }
-              throw new KeySignatureUploadError("Key upload failed", {
-                failures
-              });
-            }
-          }).catch(e => {
-            logger.error("Error during background key sig upload for ".concat(keysToUpload), e);
-          });
-        };
-        upload({
-          shouldEmit: true
-        });
-      }
-      _this21.emit(CryptoEvent.UserTrustStatusChanged, userId, _this21.checkUserTrust(userId));
-      if (masterChanged) {
-        _this21.emit(CryptoEvent.KeysChanged, {});
-        yield _this21.afterCrossSigningLocalKeyChange();
-      }
-
-      // Now we may be able to trust our key backup
-      yield _this21.backupManager.checkKeyBackup();
-      // FIXME: if we previously trusted the backup, should we automatically sign
-      // the backup with the new key (if not already signed)?
-    })();
-  }
-
-  /**
-   * Implementation of {@link CryptoBackend#getBackupDecryptor}.
-   */
-  getBackupDecryptor(backupInfo, privKey) {
-    return _asyncToGenerator(function* () {
-      if (!(privKey instanceof Uint8Array)) {
-        throw new Error("getBackupDecryptor expects Uint8Array");
-      }
-      var algorithm = yield BackupManager.makeAlgorithm(backupInfo, /*#__PURE__*/_asyncToGenerator(function* () {
-        return privKey;
-      }));
-
-      // If the pubkey computed from the private data we've been given
-      // doesn't match the one in the auth_data, the user has entered
-      // a different recovery key / the wrong passphrase.
-      if (!(yield algorithm.keyMatches(privKey))) {
-        return Promise.reject(new MatrixError({
-          errcode: MatrixClient.RESTORE_BACKUP_ERROR_BAD_KEY
-        }));
-      }
-      return new LibOlmBackupDecryptor(algorithm);
-    })();
-  }
-
-  /**
-   * Implementation of {@link CryptoBackend#importBackedUpRoomKeys}.
-   */
-  importBackedUpRoomKeys(keys, backupVersion) {
-    var opts = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
-    opts.source = "backup";
-    return this.importRoomKeys(keys, opts);
-  }
-
-  /**
-   * Store a set of keys as our own, trusted, cross-signing keys.
-   *
-   * @param keys - The new trusted set of keys
-   */
-  storeTrustedSelfKeys(keys) {
-    var _this22 = this;
-    return _asyncToGenerator(function* () {
-      if (keys) {
-        _this22.crossSigningInfo.setKeys(keys);
-      } else {
-        _this22.crossSigningInfo.clearKeys();
-      }
-      yield _this22.cryptoStore.doTxn("readwrite", [IndexedDBCryptoStore.STORE_ACCOUNT], txn => {
-        _this22.cryptoStore.storeCrossSigningKeys(txn, _this22.crossSigningInfo.keys);
-      });
-    })();
-  }
-
-  /**
-   * Check if the master key is signed by a verified device, and if so, prompt
-   * the application to mark it as verified.
-   *
-   * @param userId - the user ID whose key should be checked
-   */
-  checkDeviceVerifications(userId) {
-    var _this23 = this;
-    return _asyncToGenerator(function* () {
-      var shouldUpgradeCb = _this23.baseApis.cryptoCallbacks.shouldUpgradeDeviceVerifications;
-      if (!shouldUpgradeCb) {
-        // Upgrading skipped when callback is not present.
-        return;
-      }
-      logger.info("Starting device verification upgrade for ".concat(userId));
-      if (_this23.crossSigningInfo.keys.user_signing) {
-        var crossSigningInfo = _this23.deviceList.getStoredCrossSigningForUser(userId);
-        if (crossSigningInfo) {
-          var upgradeInfo = yield _this23.checkForDeviceVerificationUpgrade(userId, crossSigningInfo);
-          if (upgradeInfo) {
-            var usersToUpgrade = yield shouldUpgradeCb({
-              users: {
-                [userId]: upgradeInfo
-              }
-            });
-            if (usersToUpgrade.includes(userId)) {
-              yield _this23.baseApis.setDeviceVerified(userId, crossSigningInfo.getId());
-            }
-          }
-        }
-      }
-      logger.info("Finished device verification upgrade for ".concat(userId));
-    })();
-  }
-
-  /**
-   */
-  enableLazyLoading() {
-    this.lazyLoadMembers = true;
-  }
-
-  /**
-   * Tell the crypto module to register for MatrixClient events which it needs to
-   * listen for
-   *
-   * @param eventEmitter - event source where we can register
-   *    for event notifications
-   */
-  registerEventHandlers(eventEmitter) {
-    eventEmitter.on(RoomMemberEvent.Membership, this.onMembership);
-    eventEmitter.on(ClientEvent.ToDeviceEvent, this.onToDeviceEvent);
-    eventEmitter.on(RoomEvent.Timeline, this.onTimelineEvent);
-    eventEmitter.on(MatrixEventEvent.Decrypted, this.onTimelineEvent);
-  }
-
-  /**
-   * @deprecated this does nothing and will be removed in a future version
-   */
-  start() {
-    logger.warn("MatrixClient.crypto.start() is deprecated");
-  }
-
-  /** Stop background processes related to crypto */
-  stop() {
-    this.outgoingRoomKeyRequestManager.stop();
-    this.deviceList.stop();
-    this.dehydrationManager.stop();
-    this.backupManager.stop();
-  }
-
-  /**
-   * Get the Ed25519 key for this device
-   *
-   * @returns base64-encoded ed25519 key.
-   *
-   * @deprecated Use {@link Crypto.CryptoApi#getOwnDeviceKeys}.
-   */
-  getDeviceEd25519Key() {
-    return this.olmDevice.deviceEd25519Key;
-  }
-
-  /**
-   * Get the Curve25519 key for this device
-   *
-   * @returns base64-encoded curve25519 key.
-   *
-   * @deprecated Use {@link Crypto.CryptoApi#getOwnDeviceKeys}
-   */
-  getDeviceCurve25519Key() {
-    return this.olmDevice.deviceCurve25519Key;
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#getOwnDeviceKeys}.
-   */
-  getOwnDeviceKeys() {
-    var _this24 = this;
-    return _asyncToGenerator(function* () {
-      if (!_this24.olmDevice.deviceCurve25519Key) {
-        throw new Error("Curve25519 key not yet created");
-      }
-      if (!_this24.olmDevice.deviceEd25519Key) {
-        throw new Error("Ed25519 key not yet created");
-      }
-      return {
-        ed25519: _this24.olmDevice.deviceEd25519Key,
-        curve25519: _this24.olmDevice.deviceCurve25519Key
-      };
-    })();
-  }
-
-  /**
-   * Set the global override for whether the client should ever send encrypted
-   * messages to unverified devices.  This provides the default for rooms which
-   * do not specify a value.
-   *
-   * @param value - whether to blacklist all unverified devices by default
-   *
-   * @deprecated Set {@link Crypto.CryptoApi#globalBlacklistUnverifiedDevices | CryptoApi.globalBlacklistUnverifiedDevices} directly.
-   */
-  setGlobalBlacklistUnverifiedDevices(value) {
-    this.globalBlacklistUnverifiedDevices = value;
-  }
-
-  /**
-   * @returns whether to blacklist all unverified devices by default
-   *
-   * @deprecated Reference {@link Crypto.CryptoApi#globalBlacklistUnverifiedDevices | CryptoApi.globalBlacklistUnverifiedDevices} directly.
-   */
-  getGlobalBlacklistUnverifiedDevices() {
-    return this.globalBlacklistUnverifiedDevices;
-  }
-
-  /**
-   * Upload the device keys to the homeserver.
-   * @returns A promise that will resolve when the keys are uploaded.
-   */
-  uploadDeviceKeys() {
-    var deviceKeys = {
-      algorithms: this.supportedAlgorithms,
-      device_id: this.deviceId,
-      keys: this.deviceKeys,
-      user_id: this.userId
-    };
-    return this.signObject(deviceKeys).then(() => {
-      return this.baseApis.uploadKeysRequest({
-        device_keys: deviceKeys
-      });
-    });
-  }
-  getNeedsNewFallback() {
-    return !!this.needsNewFallback;
-  }
-
-  // check if it's time to upload one-time keys, and do so if so.
-  maybeUploadOneTimeKeys() {
-    var _this25 = this;
-    // frequency with which to check & upload one-time keys
-    var uploadPeriod = 1000 * 60; // one minute
-
-    // max number of keys to upload at once
-    // Creating keys can be an expensive operation so we limit the
-    // number we generate in one go to avoid blocking the application
-    // for too long.
-    var maxKeysPerCycle = 5;
-    if (this.oneTimeKeyCheckInProgress) {
-      return;
-    }
-    var now = Date.now();
-    if (this.lastOneTimeKeyCheck !== null && now - this.lastOneTimeKeyCheck < uploadPeriod) {
-      // we've done a key upload recently.
-      return;
-    }
-    this.lastOneTimeKeyCheck = now;
-
-    // We need to keep a pool of one time public keys on the server so that
-    // other devices can start conversations with us. But we can only store
-    // a finite number of private keys in the olm Account object.
-    // To complicate things further then can be a delay between a device
-    // claiming a public one time key from the server and it sending us a
-    // message. We need to keep the corresponding private key locally until
-    // we receive the message.
-    // But that message might never arrive leaving us stuck with duff
-    // private keys clogging up our local storage.
-    // So we need some kind of engineering compromise to balance all of
-    // these factors.
-
-    // Check how many keys we can store in the Account object.
-    var maxOneTimeKeys = this.olmDevice.maxNumberOfOneTimeKeys();
-    // Try to keep at most half that number on the server. This leaves the
-    // rest of the slots free to hold keys that have been claimed from the
-    // server but we haven't received a message for.
-    // If we run out of slots when generating new keys then olm will
-    // discard the oldest private keys first. This will eventually clean
-    // out stale private keys that won't receive a message.
-    var keyLimit = Math.floor(maxOneTimeKeys / 2);
-    var uploadLoop = /*#__PURE__*/function () {
-      var _ref12 = _asyncToGenerator(function* (keyCount) {
-        while (keyLimit > keyCount || _this25.getNeedsNewFallback()) {
-          // Ask olm to generate new one time keys, then upload them to synapse.
-          if (keyLimit > keyCount) {
-            logger.info("generating oneTimeKeys");
-            var keysThisLoop = Math.min(keyLimit - keyCount, maxKeysPerCycle);
-            yield _this25.olmDevice.generateOneTimeKeys(keysThisLoop);
-          }
-          if (_this25.getNeedsNewFallback()) {
-            var fallbackKeys = yield _this25.olmDevice.getFallbackKey();
-            // if fallbackKeys is non-empty, we've already generated a
-            // fallback key, but it hasn't been published yet, so we
-            // can use that instead of generating a new one
-            if (!fallbackKeys.curve25519 || Object.keys(fallbackKeys.curve25519).length == 0) {
-              logger.info("generating fallback key");
-              if (_this25.fallbackCleanup) {
-                // cancel any pending fallback cleanup because generating
-                // a new fallback key will already drop the old fallback
-                // that would have been dropped, and we don't want to kill
-                // the current key
-                clearTimeout(_this25.fallbackCleanup);
-                delete _this25.fallbackCleanup;
-              }
-              yield _this25.olmDevice.generateFallbackKey();
-            }
-          }
-          logger.info("calling uploadOneTimeKeys");
-          var res = yield _this25.uploadOneTimeKeys();
-          if (res.one_time_key_counts && res.one_time_key_counts.signed_curve25519) {
-            // if the response contains a more up to date value use this
-            // for the next loop
-            keyCount = res.one_time_key_counts.signed_curve25519;
-          } else {
-            throw new Error("response for uploading keys does not contain " + "one_time_key_counts.signed_curve25519");
-          }
-        }
-      });
-      return function uploadLoop(_x7) {
-        return _ref12.apply(this, arguments);
-      };
-    }();
-    this.oneTimeKeyCheckInProgress = true;
-    Promise.resolve().then(() => {
-      if (this.oneTimeKeyCount !== undefined) {
-        // We already have the current one_time_key count from a /sync response.
-        // Use this value instead of asking the server for the current key count.
-        return Promise.resolve(this.oneTimeKeyCount);
-      }
-      // ask the server how many keys we have
-      return this.baseApis.uploadKeysRequest({}).then(res => {
-        return res.one_time_key_counts.signed_curve25519 || 0;
-      });
-    }).then(keyCount => {
-      // Start the uploadLoop with the current keyCount. The function checks if
-      // we need to upload new keys or not.
-      // If there are too many keys on the server then we don't need to
-      // create any more keys.
-      return uploadLoop(keyCount);
-    }).catch(e => {
-      logger.error("Error uploading one-time keys", e.stack || e);
-    }).finally(() => {
-      // reset oneTimeKeyCount to prevent start uploading based on old data.
-      // it will be set again on the next /sync-response
-      this.oneTimeKeyCount = undefined;
-      this.oneTimeKeyCheckInProgress = false;
-    });
-  }
-
-  // returns a promise which resolves to the response
-  uploadOneTimeKeys() {
-    var _this26 = this;
-    return _asyncToGenerator(function* () {
-      var promises = [];
-      var fallbackJson;
-      if (_this26.getNeedsNewFallback()) {
-        fallbackJson = {};
-        var fallbackKeys = yield _this26.olmDevice.getFallbackKey();
-        for (var [keyId, key] of Object.entries(fallbackKeys.curve25519)) {
-          var k = {
-            key,
-            fallback: true
-          };
-          fallbackJson["signed_curve25519:" + keyId] = k;
-          promises.push(_this26.signObject(k));
-        }
-        _this26.needsNewFallback = false;
-      }
-      var oneTimeKeys = yield _this26.olmDevice.getOneTimeKeys();
-      var oneTimeJson = {};
-      for (var _keyId in oneTimeKeys.curve25519) {
-        if (oneTimeKeys.curve25519.hasOwnProperty(_keyId)) {
-          var _k = {
-            key: oneTimeKeys.curve25519[_keyId]
-          };
-          oneTimeJson["signed_curve25519:" + _keyId] = _k;
-          promises.push(_this26.signObject(_k));
-        }
-      }
-      yield Promise.all(promises);
-      var requestBody = {
-        one_time_keys: oneTimeJson
-      };
-      if (fallbackJson) {
-        requestBody["org.matrix.msc2732.fallback_keys"] = fallbackJson;
-        requestBody["fallback_keys"] = fallbackJson;
-      }
-      var res = yield _this26.baseApis.uploadKeysRequest(requestBody);
-      if (fallbackJson) {
-        _this26.fallbackCleanup = setTimeout(() => {
-          delete _this26.fallbackCleanup;
-          _this26.olmDevice.forgetOldFallbackKey();
-        }, 60 * 60 * 1000);
-      }
-      yield _this26.olmDevice.markKeysAsPublished();
-      return res;
-    })();
-  }
-
-  /**
-   * Download the keys for a list of users and stores the keys in the session
-   * store.
-   * @param userIds - The users to fetch.
-   * @param forceDownload - Always download the keys even if cached.
-   *
-   * @returns A promise which resolves to a map `userId->deviceId->{@link DeviceInfo}`.
-   */
-  downloadKeys(userIds, forceDownload) {
-    return this.deviceList.downloadKeys(userIds, !!forceDownload);
-  }
-
-  /**
-   * Get the stored device keys for a user id
-   *
-   * @param userId - the user to list keys for.
-   *
-   * @returns list of devices, or null if we haven't
-   * managed to get a list of devices for this user yet.
-   */
-  getStoredDevicesForUser(userId) {
-    return this.deviceList.getStoredDevicesForUser(userId);
-  }
-
-  /**
-   * Get the device information for the given list of users.
-   *
-   * @param userIds - The users to fetch.
-   * @param downloadUncached - If true, download the device list for users whose device list we are not
-   *    currently tracking. Defaults to false, in which case such users will not appear at all in the result map.
-   *
-   * @returns A map `{@link DeviceMap}`.
-   */
-  getUserDeviceInfo(userIds) {
-    var _arguments6 = arguments,
-      _this27 = this;
-    return _asyncToGenerator(function* () {
-      var downloadUncached = _arguments6.length > 1 && _arguments6[1] !== undefined ? _arguments6[1] : false;
-      var deviceMapByUserId = new Map();
-      // Keep the users without device to download theirs keys
-      var usersWithoutDeviceInfo = [];
-      var _loop = function* _loop(_userId4) {
-        var deviceInfos = yield _this27.getStoredDevicesForUser(_userId4);
-        // If there are device infos for a userId, we transform it into a map
-        // Else, the keys will be downloaded after
-        if (deviceInfos) {
-          var deviceMap = new Map(
-          // Convert DeviceInfo to Device
-          deviceInfos.map(deviceInfo => [deviceInfo.deviceId, deviceInfoToDevice(deviceInfo, _userId4)]));
-          deviceMapByUserId.set(_userId4, deviceMap);
-        } else {
-          usersWithoutDeviceInfo.push(_userId4);
-        }
-      };
-      for (var _userId4 of userIds) {
-        yield* _loop(_userId4);
-      }
-
-      // Download device info for users without device infos
-      if (downloadUncached && usersWithoutDeviceInfo.length > 0) {
-        var newDeviceInfoMap = yield _this27.downloadKeys(usersWithoutDeviceInfo);
-        newDeviceInfoMap.forEach((deviceInfoMap, userId) => {
-          var deviceMap = new Map();
-          // Convert DeviceInfo to Device
-          deviceInfoMap.forEach((deviceInfo, deviceId) => deviceMap.set(deviceId, deviceInfoToDevice(deviceInfo, userId)));
-
-          // Put the new device infos into the returned map
-          deviceMapByUserId.set(userId, deviceMap);
-        });
-      }
-      return deviceMapByUserId;
-    })();
-  }
-
-  /**
-   * Get the stored keys for a single device
-   *
-   *
-   * @returns device, or undefined
-   * if we don't know about this device
-   */
-  getStoredDevice(userId, deviceId) {
-    return this.deviceList.getStoredDevice(userId, deviceId);
-  }
-
-  /**
-   * Save the device list, if necessary
-   *
-   * @param delay - Time in ms before which the save actually happens.
-   *     By default, the save is delayed for a short period in order to batch
-   *     multiple writes, but this behaviour can be disabled by passing 0.
-   *
-   * @returns true if the data was saved, false if
-   *     it was not (eg. because no changes were pending). The promise
-   *     will only resolve once the data is saved, so may take some time
-   *     to resolve.
-   */
-  saveDeviceList(delay) {
-    return this.deviceList.saveIfDirty(delay);
-  }
-
-  /**
-   * Mark the given device as locally verified.
-   *
-   * Implementation of {@link Crypto.CryptoApi#setDeviceVerified}.
-   */
-  setDeviceVerified(userId, deviceId) {
-    var _arguments7 = arguments,
-      _this28 = this;
-    return _asyncToGenerator(function* () {
-      var verified = _arguments7.length > 2 && _arguments7[2] !== undefined ? _arguments7[2] : true;
-      yield _this28.setDeviceVerification(userId, deviceId, verified);
-    })();
-  }
-
-  /**
-   * Blindly cross-sign one of our other devices.
-   *
-   * Implementation of {@link Crypto.CryptoApi#crossSignDevice}.
-   */
-  crossSignDevice(deviceId) {
-    var _this29 = this;
-    return _asyncToGenerator(function* () {
-      yield _this29.setDeviceVerified(_this29.userId, deviceId, true);
-    })();
-  }
-
-  /**
-   * Update the blocked/verified state of the given device
-   *
-   * @param userId - owner of the device
-   * @param deviceId - unique identifier for the device or user's
-   * cross-signing public key ID.
-   *
-   * @param verified - whether to mark the device as verified. Null to
-   *     leave unchanged.
-   *
-   * @param blocked - whether to mark the device as blocked. Null to
-   *      leave unchanged.
-   *
-   * @param known - whether to mark that the user has been made aware of
-   *      the existence of this device. Null to leave unchanged
-   *
-   * @param keys - The list of keys that was present
-   * during the device verification. This will be double checked with the list
-   * of keys the given device has currently.
-   *
-   * @returns updated DeviceInfo
-   */
-  setDeviceVerification(userId, deviceId) {
-    var _arguments8 = arguments,
-      _this30 = this;
-    return _asyncToGenerator(function* () {
-      var verified = _arguments8.length > 2 && _arguments8[2] !== undefined ? _arguments8[2] : null;
-      var blocked = _arguments8.length > 3 && _arguments8[3] !== undefined ? _arguments8[3] : null;
-      var known = _arguments8.length > 4 && _arguments8[4] !== undefined ? _arguments8[4] : null;
-      var keys = _arguments8.length > 5 ? _arguments8[5] : undefined;
-      // Check if the 'device' is actually a cross signing key
-      // The js-sdk's verification treats cross-signing keys as devices
-      // and so uses this method to mark them verified.
-      var xsk = _this30.deviceList.getStoredCrossSigningForUser(userId);
-      if ((xsk === null || xsk === void 0 ? void 0 : xsk.getId()) === deviceId) {
-        if (blocked !== null || known !== null) {
-          throw new Error("Cannot set blocked or known for a cross-signing key");
-        }
-        if (!verified) {
-          throw new Error("Cannot set a cross-signing key as unverified");
-        }
-        var gotKeyId = keys ? Object.values(keys)[0] : null;
-        if (keys && (Object.values(keys).length !== 1 || gotKeyId !== xsk.getId())) {
-          throw new Error("Key did not match expected value: expected ".concat(xsk.getId(), ", got ").concat(gotKeyId));
-        }
-        if (!_this30.crossSigningInfo.getId() && userId === _this30.crossSigningInfo.userId) {
-          _this30.storeTrustedSelfKeys(xsk.keys);
-          // This will cause our own user trust to change, so emit the event
-          _this30.emit(CryptoEvent.UserTrustStatusChanged, _this30.userId, _this30.checkUserTrust(userId));
-        }
-
-        // Now sign the master key with our user signing key (unless it's ourself)
-        if (userId !== _this30.userId) {
-          logger.info("Master key " + xsk.getId() + " for " + userId + " marked verified. Signing...");
-          var device = yield _this30.crossSigningInfo.signUser(xsk);
-          if (device) {
-            var _upload = /*#__PURE__*/function () {
-              var _ref14 = _asyncToGenerator(function* (_ref13) {
-                var {
-                  shouldEmit = false
-                } = _ref13;
-                logger.info("Uploading signature for " + userId + "...");
-                var response = yield _this30.baseApis.uploadKeySignatures({
-                  [userId]: {
-                    [deviceId]: device
-                  }
-                });
-                var {
-                  failures
-                } = response || {};
-                if (Object.keys(failures || []).length > 0) {
-                  if (shouldEmit) {
-                    _this30.baseApis.emit(CryptoEvent.KeySignatureUploadFailure, failures, "setDeviceVerification", _upload);
-                  }
-                  /* Throwing here causes the process to be cancelled and the other
-                   * user to be notified */
-                  throw new KeySignatureUploadError("Key upload failed", {
-                    failures
-                  });
-                }
-              });
-              return function upload(_x8) {
-                return _ref14.apply(this, arguments);
-              };
-            }();
-            yield _upload({
-              shouldEmit: true
-            });
-
-            // This will emit events when it comes back down the sync
-            // (we could do local echo to speed things up)
-          }
-          return device;
-        } else {
-          return xsk;
-        }
-      }
-      var devices = _this30.deviceList.getRawStoredDevicesForUser(userId);
-      if (!devices || !devices[deviceId]) {
-        throw new Error("Unknown device " + userId + ":" + deviceId);
-      }
-      var dev = devices[deviceId];
-      var verificationStatus = dev.verified;
-      if (verified) {
-        if (keys) {
-          for (var [keyId, key] of Object.entries(keys)) {
-            if (dev.keys[keyId] !== key) {
-              throw new Error("Key did not match expected value: expected ".concat(key, ", got ").concat(dev.keys[keyId]));
-            }
-          }
-        }
-        verificationStatus = DeviceVerification.VERIFIED;
-      } else if (verified !== null && verificationStatus == DeviceVerification.VERIFIED) {
-        verificationStatus = DeviceVerification.UNVERIFIED;
-      }
-      if (blocked) {
-        verificationStatus = DeviceVerification.BLOCKED;
-      } else if (blocked !== null && verificationStatus == DeviceVerification.BLOCKED) {
-        verificationStatus = DeviceVerification.UNVERIFIED;
-      }
-      var knownStatus = dev.known;
-      if (known !== null) {
-        knownStatus = known;
-      }
-      if (dev.verified !== verificationStatus || dev.known !== knownStatus) {
-        dev.verified = verificationStatus;
-        dev.known = knownStatus;
-        _this30.deviceList.storeDevicesForUser(userId, devices);
-        _this30.deviceList.saveIfDirty();
-      }
-
-      // do cross-signing
-      if (verified && userId === _this30.userId) {
-        logger.info("Own device " + deviceId + " marked verified: signing");
-
-        // Signing only needed if other device not already signed
-        var _device;
-        var deviceTrust = _this30.checkDeviceTrust(userId, deviceId);
-        if (deviceTrust.isCrossSigningVerified()) {
-          logger.log("Own device ".concat(deviceId, " already cross-signing verified"));
-        } else {
-          _device = yield _this30.crossSigningInfo.signDevice(userId, DeviceInfo.fromStorage(dev, deviceId));
-        }
-        if (_device) {
-          var _upload2 = /*#__PURE__*/function () {
-            var _ref16 = _asyncToGenerator(function* (_ref15) {
-              var {
-                shouldEmit = false
-              } = _ref15;
-              logger.info("Uploading signature for " + deviceId);
-              var response = yield _this30.baseApis.uploadKeySignatures({
-                [userId]: {
-                  [deviceId]: _device
-                }
-              });
-              var {
-                failures
-              } = response || {};
-              if (Object.keys(failures || []).length > 0) {
-                if (shouldEmit) {
-                  _this30.baseApis.emit(CryptoEvent.KeySignatureUploadFailure, failures, "setDeviceVerification", _upload2 // continuation
-                  );
-                }
-                throw new KeySignatureUploadError("Key upload failed", {
-                  failures
-                });
-              }
-            });
-            return function upload(_x9) {
-              return _ref16.apply(this, arguments);
-            };
-          }();
-          yield _upload2({
-            shouldEmit: true
-          });
-          // XXX: we'll need to wait for the device list to be updated
-        }
-      }
-      var deviceObj = DeviceInfo.fromStorage(dev, deviceId);
-      _this30.emit(CryptoEvent.DeviceVerificationChanged, userId, deviceId, deviceObj);
-      return deviceObj;
-    })();
-  }
-  findVerificationRequestDMInProgress(roomId, userId) {
-    return this.inRoomVerificationRequests.findRequestInProgress(roomId, userId);
-  }
-  getVerificationRequestsToDeviceInProgress(userId) {
-    return this.toDeviceVerificationRequests.getRequestsInProgress(userId);
-  }
-  requestVerificationDM(userId, roomId) {
-    var existingRequest = this.inRoomVerificationRequests.findRequestInProgress(roomId);
-    if (existingRequest) {
-      return Promise.resolve(existingRequest);
-    }
-    var channel = new InRoomChannel(this.baseApis, roomId, userId);
-    return this.requestVerificationWithChannel(userId, channel, this.inRoomVerificationRequests);
-  }
-
-  /** @deprecated Use `requestOwnUserVerificationToDevice` or `requestDeviceVerification` */
-  requestVerification(userId, devices) {
-    if (!devices) {
-      devices = Object.keys(this.deviceList.getRawStoredDevicesForUser(userId));
-    }
-    var existingRequest = this.toDeviceVerificationRequests.findRequestInProgress(userId, devices);
-    if (existingRequest) {
-      return Promise.resolve(existingRequest);
-    }
-    var channel = new ToDeviceChannel(this.baseApis, userId, devices, ToDeviceChannel.makeTransactionId());
-    return this.requestVerificationWithChannel(userId, channel, this.toDeviceVerificationRequests);
-  }
-  requestOwnUserVerification() {
-    return this.requestVerification(this.userId);
-  }
-  requestDeviceVerification(userId, deviceId) {
-    return this.requestVerification(userId, [deviceId]);
-  }
-  requestVerificationWithChannel(userId, channel, requestsMap) {
-    var _this31 = this;
-    return _asyncToGenerator(function* () {
-      var request = new VerificationRequest(channel, _this31.verificationMethods, _this31.baseApis);
-      // if transaction id is already known, add request
-      if (channel.transactionId) {
-        requestsMap.setRequestByChannel(channel, request);
-      }
-      yield request.sendRequest();
-      // don't replace the request created by a racing remote echo
-      var racingRequest = requestsMap.getRequestByChannel(channel);
-      if (racingRequest) {
-        request = racingRequest;
-      } else {
-        logger.log("Crypto: adding new request to " + "requestsByTxnId with id ".concat(channel.transactionId, " ").concat(channel.roomId));
-        requestsMap.setRequestByChannel(channel, request);
-      }
-      return request;
-    })();
-  }
-  beginKeyVerification(method, userId, deviceId) {
-    var transactionId = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : null;
-    var request;
-    if (transactionId) {
-      request = this.toDeviceVerificationRequests.getRequestBySenderAndTxnId(userId, transactionId);
-      if (!request) {
-        throw new Error("No request found for user ".concat(userId, " with ") + "transactionId ".concat(transactionId));
-      }
-    } else {
-      transactionId = ToDeviceChannel.makeTransactionId();
-      var _channel = new ToDeviceChannel(this.baseApis, userId, [deviceId], transactionId, deviceId);
-      request = new VerificationRequest(_channel, this.verificationMethods, this.baseApis);
-      this.toDeviceVerificationRequests.setRequestBySenderAndTxnId(userId, transactionId, request);
-    }
-    return request.beginKeyVerification(method, {
-      userId,
-      deviceId
-    });
-  }
-  legacyDeviceVerification(userId, deviceId, method) {
-    var _this32 = this;
-    return _asyncToGenerator(function* () {
-      var transactionId = ToDeviceChannel.makeTransactionId();
-      var channel = new ToDeviceChannel(_this32.baseApis, userId, [deviceId], transactionId, deviceId);
-      var request = new VerificationRequest(channel, _this32.verificationMethods, _this32.baseApis);
-      _this32.toDeviceVerificationRequests.setRequestBySenderAndTxnId(userId, transactionId, request);
-      var verifier = request.beginKeyVerification(method, {
-        userId,
-        deviceId
-      });
-      // either reject by an error from verify() while sending .start
-      // or resolve when the request receives the
-      // local (fake remote) echo for sending the .start event
-      yield Promise.race([verifier.verify(), request.waitFor(r => r.started)]);
-      return request;
-    })();
-  }
-
-  /**
-   * Get information on the active olm sessions with a user
-   * <p>
-   * Returns a map from device id to an object with keys 'deviceIdKey' (the
-   * device's curve25519 identity key) and 'sessions' (an array of objects in the
-   * same format as that returned by
-   * {@link OlmDevice#getSessionInfoForDevice}).
-   * <p>
-   * This method is provided for debugging purposes.
-   *
-   * @param userId - id of user to inspect
-   */
-  getOlmSessionsForUser(userId) {
-    var _this33 = this;
-    return _asyncToGenerator(function* () {
-      var devices = _this33.getStoredDevicesForUser(userId) || [];
-      var result = {};
-      for (var device of devices) {
-        var deviceKey = device.getIdentityKey();
-        var sessions = yield _this33.olmDevice.getSessionInfoForDevice(deviceKey);
-        result[device.deviceId] = {
-          deviceIdKey: deviceKey,
-          sessions: sessions
-        };
-      }
-      return result;
-    })();
-  }
-
-  /**
-   * Get the device which sent an event
-   *
-   * @param event - event to be checked
-   */
-  getEventSenderDeviceInfo(event) {
-    var senderKey = event.getSenderKey();
-    var algorithm = event.getWireContent().algorithm;
-    if (!senderKey || !algorithm) {
-      return null;
-    }
-    if (event.isKeySourceUntrusted()) {
-      // we got the key for this event from a source that we consider untrusted
-      return null;
-    }
-
-    // senderKey is the Curve25519 identity key of the device which the event
-    // was sent from. In the case of Megolm, it's actually the Curve25519
-    // identity key of the device which set up the Megolm session.
-
-    var device = this.deviceList.getDeviceByIdentityKey(algorithm, senderKey);
-    if (device === null) {
-      // we haven't downloaded the details of this device yet.
-      return null;
-    }
-
-    // so far so good, but now we need to check that the sender of this event
-    // hadn't advertised someone else's Curve25519 key as their own. We do that
-    // by checking the Ed25519 claimed by the event (or, in the case of megolm,
-    // the event which set up the megolm session), to check that it matches the
-    // fingerprint of the purported sending device.
-    //
-    // (see https://github.com/vector-im/vector-web/issues/2215)
-
-    var claimedKey = event.getClaimedEd25519Key();
-    if (!claimedKey) {
-      logger.warn("Event " + event.getId() + " claims no ed25519 key: " + "cannot verify sending device");
-      return null;
-    }
-    if (claimedKey !== device.getFingerprint()) {
-      logger.warn("Event " + event.getId() + " claims ed25519 key " + claimedKey + " but sender device has key " + device.getFingerprint());
-      return null;
-    }
-    return device;
-  }
-
-  /**
-   * Get information about the encryption of an event
-   *
-   * @param event - event to be checked
-   *
-   * @returns An object with the fields:
-   *    - encrypted: whether the event is encrypted (if not encrypted, some of the
-   *      other properties may not be set)
-   *    - senderKey: the sender's key
-   *    - algorithm: the algorithm used to encrypt the event
-   *    - authenticated: whether we can be sure that the owner of the senderKey
-   *      sent the event
-   *    - sender: the sender's device information, if available
-   *    - mismatchedSender: if the event's ed25519 and curve25519 keys don't match
-   *      (only meaningful if `sender` is set)
-   */
-  getEventEncryptionInfo(event) {
-    var _event$getSenderKey, _this$deviceList$getD;
-    var ret = {};
-    ret.senderKey = (_event$getSenderKey = event.getSenderKey()) !== null && _event$getSenderKey !== void 0 ? _event$getSenderKey : undefined;
-    ret.algorithm = event.getWireContent().algorithm;
-    if (!ret.senderKey || !ret.algorithm) {
-      ret.encrypted = false;
-      return ret;
-    }
-    ret.encrypted = true;
-    if (event.isKeySourceUntrusted()) {
-      // we got the key this event from somewhere else
-      // TODO: check if we can trust the forwarders.
-      ret.authenticated = false;
-    } else {
-      ret.authenticated = true;
-    }
-
-    // senderKey is the Curve25519 identity key of the device which the event
-    // was sent from. In the case of Megolm, it's actually the Curve25519
-    // identity key of the device which set up the Megolm session.
-
-    ret.sender = (_this$deviceList$getD = this.deviceList.getDeviceByIdentityKey(ret.algorithm, ret.senderKey)) !== null && _this$deviceList$getD !== void 0 ? _this$deviceList$getD : undefined;
-
-    // so far so good, but now we need to check that the sender of this event
-    // hadn't advertised someone else's Curve25519 key as their own. We do that
-    // by checking the Ed25519 claimed by the event (or, in the case of megolm,
-    // the event which set up the megolm session), to check that it matches the
-    // fingerprint of the purported sending device.
-    //
-    // (see https://github.com/vector-im/vector-web/issues/2215)
-
-    var claimedKey = event.getClaimedEd25519Key();
-    if (!claimedKey) {
-      logger.warn("Event " + event.getId() + " claims no ed25519 key: " + "cannot verify sending device");
-      ret.mismatchedSender = true;
-    }
-    if (ret.sender && claimedKey !== ret.sender.getFingerprint()) {
-      logger.warn("Event " + event.getId() + " claims ed25519 key " + claimedKey + "but sender device has key " + ret.sender.getFingerprint());
-      ret.mismatchedSender = true;
-    }
-    return ret;
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi.getEncryptionInfoForEvent}.
-   */
-  getEncryptionInfoForEvent(event) {
-    var _this34 = this;
-    return _asyncToGenerator(function* () {
-      var encryptionInfo = _this34.getEventEncryptionInfo(event);
-      if (!encryptionInfo.encrypted) {
-        return null;
-      }
-      var senderId = event.getSender();
-      if (!senderId || encryptionInfo.mismatchedSender) {
-        // something definitely wrong is going on here
-
-        // previously: E2EState.Warning -> E2ePadlockUnverified -> Red/"Encrypted by an unverified session"
-        return {
-          shieldColour: EventShieldColour.RED,
-          shieldReason: EventShieldReason.MISMATCHED_SENDER_KEY
-        };
-      }
-      var userTrust = _this34.checkUserTrust(senderId);
-      if (!userTrust.isCrossSigningVerified()) {
-        // If the message is unauthenticated, then display a grey
-        // shield, otherwise if the user isn't cross-signed then
-        // nothing's needed
-        if (!encryptionInfo.authenticated) {
-          // previously: E2EState.Unauthenticated -> E2ePadlockUnauthenticated -> Grey/"The authenticity of this encrypted message can't be guaranteed on this device."
-          return {
-            shieldColour: EventShieldColour.GREY,
-            shieldReason: EventShieldReason.AUTHENTICITY_NOT_GUARANTEED
-          };
-        } else {
-          // previously: E2EState.Normal -> no icon
-          return {
-            shieldColour: EventShieldColour.NONE,
-            shieldReason: null
-          };
-        }
-      }
-      var eventSenderTrust = senderId && encryptionInfo.sender && (yield _this34.getDeviceVerificationStatus(senderId, encryptionInfo.sender.deviceId));
-      if (!eventSenderTrust) {
-        // previously: E2EState.Unknown -> E2ePadlockUnknown -> Grey/"Encrypted by a deleted session"
-        return {
-          shieldColour: EventShieldColour.GREY,
-          shieldReason: EventShieldReason.UNKNOWN_DEVICE
-        };
-      }
-      if (!eventSenderTrust.isVerified()) {
-        // previously: E2EState.Warning -> E2ePadlockUnverified -> Red/"Encrypted by an unverified session"
-        return {
-          shieldColour: EventShieldColour.RED,
-          shieldReason: EventShieldReason.UNSIGNED_DEVICE
-        };
-      }
-      if (!encryptionInfo.authenticated) {
-        // previously: E2EState.Unauthenticated -> E2ePadlockUnauthenticated -> Grey/"The authenticity of this encrypted message can't be guaranteed on this device."
-        return {
-          shieldColour: EventShieldColour.GREY,
-          shieldReason: EventShieldReason.AUTHENTICITY_NOT_GUARANTEED
-        };
-      }
-
-      // previously: E2EState.Verified -> no icon
-      return {
-        shieldColour: EventShieldColour.NONE,
-        shieldReason: null
-      };
-    })();
-  }
-
-  /**
-   * Forces the current outbound group session to be discarded such
-   * that another one will be created next time an event is sent.
-   *
-   * @param roomId - The ID of the room to discard the session for
-   *
-   * This should not normally be necessary.
-   */
-  forceDiscardSession(roomId) {
-    var alg = this.roomEncryptors.get(roomId);
-    if (alg === undefined) throw new Error("Room not encrypted");
-    if (alg.forceDiscardSession === undefined) {
-      throw new Error("Room encryption algorithm doesn't support session discarding");
-    }
-    alg.forceDiscardSession();
-    return Promise.resolve();
-  }
-
-  /**
-   * Configure a room to use encryption (ie, save a flag in the cryptoStore).
-   *
-   * @param roomId - The room ID to enable encryption in.
-   *
-   * @param config - The encryption config for the room.
-   *
-   * @param inhibitDeviceQuery - true to suppress device list query for
-   *   users in the room (for now). In case lazy loading is enabled,
-   *   the device query is always inhibited as the members are not tracked.
-   *
-   * @deprecated It is normally incorrect to call this method directly. Encryption
-   *   is enabled by receiving an `m.room.encryption` event (which we may have sent
-   *   previously).
-   */
-  setRoomEncryption(roomId, config, inhibitDeviceQuery) {
-    var _this35 = this;
-    return _asyncToGenerator(function* () {
-      var room = _this35.clientStore.getRoom(roomId);
-      if (!room) {
-        throw new Error("Unable to enable encryption tracking devices in unknown room ".concat(roomId));
-      }
-      yield _this35.setRoomEncryptionImpl(room, config);
-      if (!_this35.lazyLoadMembers && !inhibitDeviceQuery) {
-        _this35.deviceList.refreshOutdatedDeviceLists();
-      }
-    })();
-  }
-
-  /**
-   * Set up encryption for a room.
-   *
-   * This is called when an <tt>m.room.encryption</tt> event is received. It saves a flag
-   * for the room in the cryptoStore (if it wasn't already set), sets up an "encryptor" for
-   * the room, and enables device-list tracking for the room.
-   *
-   * It does <em>not</em> initiate a device list query for the room. That is normally
-   * done once we finish processing the sync, in onSyncCompleted.
-   *
-   * @param room - The room to enable encryption in.
-   * @param config - The encryption config for the room.
-   */
-  setRoomEncryptionImpl(room, config) {
-    var _this36 = this;
-    return _asyncToGenerator(function* () {
-      var roomId = room.roomId;
-
-      // ignore crypto events with no algorithm defined
-      // This will happen if a crypto event is redacted before we fetch the room state
-      // It would otherwise just throw later as an unknown algorithm would, but we may
-      // as well catch this here
-      if (!config.algorithm) {
-        logger.log("Ignoring setRoomEncryption with no algorithm");
-        return;
-      }
-
-      // if state is being replayed from storage, we might already have a configuration
-      // for this room as they are persisted as well.
-      // We just need to make sure the algorithm is initialized in this case.
-      // However, if the new config is different,
-      // we should bail out as room encryption can't be changed once set.
-      var existingConfig = _this36.roomList.getRoomEncryption(roomId);
-      if (existingConfig) {
-        if (JSON.stringify(existingConfig) != JSON.stringify(config)) {
-          logger.error("Ignoring m.room.encryption event which requests " + "a change of config in " + roomId);
-          return;
-        }
-      }
-      // if we already have encryption in this room, we should ignore this event,
-      // as it would reset the encryption algorithm.
-      // This is at least expected to be called twice, as sync calls onCryptoEvent
-      // for both the timeline and state sections in the /sync response,
-      // the encryption event would appear in both.
-      // If it's called more than twice though,
-      // it signals a bug on client or server.
-      var existingAlg = _this36.roomEncryptors.get(roomId);
-      if (existingAlg) {
-        return;
-      }
-
-      // _roomList.getRoomEncryption will not race with _roomList.setRoomEncryption
-      // because it first stores in memory. We should await the promise only
-      // after all the in-memory state (roomEncryptors and _roomList) has been updated
-      // to avoid races when calling this method multiple times. Hence keep a hold of the promise.
-      var storeConfigPromise = null;
-      if (!existingConfig) {
-        storeConfigPromise = _this36.roomList.setRoomEncryption(roomId, config);
-      }
-      var AlgClass = algorithms.ENCRYPTION_CLASSES.get(config.algorithm);
-      if (!AlgClass) {
-        throw new Error("Unable to encrypt with " + config.algorithm);
-      }
-      var alg = new AlgClass({
-        userId: _this36.userId,
-        deviceId: _this36.deviceId,
-        crypto: _this36,
-        olmDevice: _this36.olmDevice,
-        baseApis: _this36.baseApis,
-        roomId,
-        config
-      });
-      _this36.roomEncryptors.set(roomId, alg);
-      if (storeConfigPromise) {
-        yield storeConfigPromise;
-      }
-      logger.log("Enabling encryption in ".concat(roomId));
-
-      // we don't want to force a download of the full membership list of this room, but as soon as we have that
-      // list we can start tracking the device list.
-      if (room.membersLoaded()) {
-        yield _this36.trackRoomDevicesImpl(room);
-      } else {
-        // wait for the membership list to be loaded
-        var onState = _state => {
-          room.off(RoomStateEvent.Update, onState);
-          if (room.membersLoaded()) {
-            _this36.trackRoomDevicesImpl(room).catch(e => {
-              logger.error("Error enabling device tracking in ".concat(roomId), e);
-            });
-          }
-        };
-        room.on(RoomStateEvent.Update, onState);
-      }
-    })();
-  }
-
-  /**
-   * Make sure we are tracking the device lists for all users in this room.
-   *
-   * @param roomId - The room ID to start tracking devices in.
-   * @returns when all devices for the room have been fetched and marked to track
-   * @deprecated there's normally no need to call this function: device list tracking
-   *    will be enabled as soon as we have the full membership list.
-   */
-  trackRoomDevices(roomId) {
-    var room = this.clientStore.getRoom(roomId);
-    if (!room) {
-      throw new Error("Unable to start tracking devices in unknown room ".concat(roomId));
-    }
-    return this.trackRoomDevicesImpl(room);
-  }
-
-  /**
-   * Make sure we are tracking the device lists for all users in this room.
-   *
-   * This is normally called when we are about to send an encrypted event, to make sure
-   * we have all the devices in the room; but it is also called when processing an
-   * m.room.encryption state event (if lazy-loading is disabled), or when members are
-   * loaded (if lazy-loading is enabled), to prepare the device list.
-   *
-   * @param room - Room to enable device-list tracking in
-   */
-  trackRoomDevicesImpl(room) {
-    var _this37 = this;
-    var roomId = room.roomId;
-    var trackMembers = /*#__PURE__*/function () {
-      var _ref17 = _asyncToGenerator(function* () {
-        // not an encrypted room
-        if (!_this37.roomEncryptors.has(roomId)) {
-          return;
-        }
-        logger.log("Starting to track devices for room ".concat(roomId, " ..."));
-        var members = yield room.getEncryptionTargetMembers();
-        members.forEach(m => {
-          _this37.deviceList.startTrackingDeviceList(m.userId);
-        });
-      });
-      return function trackMembers() {
-        return _ref17.apply(this, arguments);
-      };
-    }();
-    var promise = this.roomDeviceTrackingState[roomId];
-    if (!promise) {
-      promise = trackMembers();
-      this.roomDeviceTrackingState[roomId] = promise.catch(err => {
-        delete this.roomDeviceTrackingState[roomId];
-        throw err;
-      });
-    }
-    return promise;
-  }
-
-  /**
-   * Try to make sure we have established olm sessions for all known devices for
-   * the given users.
-   *
-   * @param users - list of user ids
-   * @param force - If true, force a new Olm session to be created. Default false.
-   *
-   * @returns resolves once the sessions are complete, to
-   *    an Object mapping from userId to deviceId to
-   *    `IOlmSessionResult`
-   */
-  ensureOlmSessionsForUsers(users, force) {
-    // map user Id → DeviceInfo[]
-    var devicesByUser = new Map();
-    for (var _userId5 of users) {
-      var userDevices = [];
-      devicesByUser.set(_userId5, userDevices);
-      var devices = this.getStoredDevicesForUser(_userId5) || [];
-      for (var deviceInfo of devices) {
-        var key = deviceInfo.getIdentityKey();
-        if (key == this.olmDevice.deviceCurve25519Key) {
-          // don't bother setting up session to ourself
-          continue;
-        }
-        if (deviceInfo.verified == DeviceVerification.BLOCKED) {
-          // don't bother setting up sessions with blocked users
-          continue;
-        }
-        userDevices.push(deviceInfo);
-      }
-    }
-    return olmlib.ensureOlmSessionsForDevices(this.olmDevice, this.baseApis, devicesByUser, force);
-  }
-
-  /**
-   * Get a list containing all of the room keys
-   *
-   * @returns a list of session export objects
-   */
-  exportRoomKeys() {
-    var _this38 = this;
-    return _asyncToGenerator(function* () {
-      var exportedSessions = [];
-      yield _this38.cryptoStore.doTxn("readonly", [IndexedDBCryptoStore.STORE_INBOUND_GROUP_SESSIONS], txn => {
-        _this38.cryptoStore.getAllEndToEndInboundGroupSessions(txn, s => {
-          if (s === null) return;
-          var sess = _this38.olmDevice.exportInboundGroupSession(s.senderKey, s.sessionId, s.sessionData);
-          delete sess.first_known_index;
-          sess.algorithm = olmlib.MEGOLM_ALGORITHM;
-          exportedSessions.push(sess);
-        });
-      });
-      return exportedSessions;
-    })();
-  }
-
-  /**
-   * Get a JSON list containing all of the room keys
-   *
-   * @returns a JSON string encoding a list of session
-   *    export objects, each of which is an IMegolmSessionData
-   */
-  exportRoomKeysAsJson() {
-    var _this39 = this;
-    return _asyncToGenerator(function* () {
-      return JSON.stringify(yield _this39.exportRoomKeys());
-    })();
-  }
-
-  /**
-   * Import a list of room keys previously exported by exportRoomKeys
-   *
-   * @param keys - a list of session export objects
-   * @returns a promise which resolves once the keys have been imported
-   */
-  importRoomKeys(keys) {
-    var opts = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-    var successes = 0;
-    var failures = 0;
-    var total = keys.length;
-    function updateProgress() {
-      var _opts$progressCallbac;
-      (_opts$progressCallbac = opts.progressCallback) === null || _opts$progressCallbac === void 0 || _opts$progressCallbac.call(opts, {
-        stage: "load_keys",
-        successes,
-        failures,
-        total
-      });
-    }
-    return Promise.all(keys.map(key => {
-      if (!key.room_id || !key.algorithm) {
-        logger.warn("ignoring room key entry with missing fields", key);
-        failures++;
-        if (opts.progressCallback) {
-          updateProgress();
-        }
-        return null;
-      }
-      var alg = this.getRoomDecryptor(key.room_id, key.algorithm);
-      return alg.importRoomKey(key, opts).finally(() => {
-        successes++;
-        if (opts.progressCallback) {
-          updateProgress();
-        }
-      });
-    })).then();
-  }
-
-  /**
-   * Import a JSON string encoding a list of room keys previously
-   * exported by exportRoomKeysAsJson
-   *
-   * @param keys - a JSON string encoding a list of session export
-   *    objects, each of which is an IMegolmSessionData
-   * @param opts - options object
-   * @returns a promise which resolves once the keys have been imported
-   */
-  importRoomKeysAsJson(keys, opts) {
-    var _this40 = this;
-    return _asyncToGenerator(function* () {
-      return yield _this40.importRoomKeys(JSON.parse(keys));
-    })();
-  }
-
-  /**
-   * Counts the number of end to end session keys that are waiting to be backed up
-   * @returns Promise which resolves to the number of sessions requiring backup
-   */
-  countSessionsNeedingBackup() {
-    return this.backupManager.countSessionsNeedingBackup();
-  }
-
-  /**
-   * Perform any background tasks that can be done before a message is ready to
-   * send, in order to speed up sending of the message.
-   *
-   * @param room - the room the event is in
-   */
-  prepareToEncrypt(room) {
-    var alg = this.roomEncryptors.get(room.roomId);
-    if (alg) {
-      alg.prepareToEncrypt(room);
-    }
-  }
-
-  /**
-   * Encrypt an event according to the configuration of the room.
-   *
-   * @param event -  event to be sent
-   *
-   * @param room - destination room.
-   *
-   * @returns Promise which resolves when the event has been
-   *     encrypted, or null if nothing was needed
-   */
-  encryptEvent(event, room) {
-    var _this41 = this;
-    return _asyncToGenerator(function* () {
-      var roomId = event.getRoomId();
-      var alg = _this41.roomEncryptors.get(roomId);
-      if (!alg) {
-        // MatrixClient has already checked that this room should be encrypted,
-        // so this is an unexpected situation.
-        throw new Error("Room " + roomId + " was previously configured to use encryption, but is " + "no longer. Perhaps the homeserver is hiding the " + "configuration event.");
-      }
-
-      // wait for all the room devices to be loaded
-      yield _this41.trackRoomDevicesImpl(room);
-      var content = event.getContent();
-      // If event has an m.relates_to then we need
-      // to put this on the wrapping event instead
-      var mRelatesTo = content["m.relates_to"];
-      if (mRelatesTo) {
-        // Clone content here so we don't remove `m.relates_to` from the local-echo
-        content = Object.assign({}, content);
-        delete content["m.relates_to"];
-      }
-
-      // Treat element's performance metrics the same as `m.relates_to` (when present)
-      var elementPerfMetrics = content["io.element.performance_metrics"];
-      if (elementPerfMetrics) {
-        content = Object.assign({}, content);
-        delete content["io.element.performance_metrics"];
-      }
-      var encryptedContent = yield alg.encryptMessage(room, event.getType(), content);
-      if (mRelatesTo) {
-        encryptedContent["m.relates_to"] = mRelatesTo;
-      }
-      if (elementPerfMetrics) {
-        encryptedContent["io.element.performance_metrics"] = elementPerfMetrics;
-      }
-      event.makeEncrypted("m.room.encrypted", encryptedContent, _this41.olmDevice.deviceCurve25519Key, _this41.olmDevice.deviceEd25519Key);
-    })();
-  }
-
-  /**
-   * Decrypt a received event
-   *
-   *
-   * @returns resolves once we have
-   *  finished decrypting. Rejects with an `algorithms.DecryptionError` if there
-   *  is a problem decrypting the event.
-   */
-  decryptEvent(event) {
-    var _this42 = this;
-    return _asyncToGenerator(function* () {
-      if (event.isRedacted()) {
-        // Try to decrypt the redaction event, to support encrypted
-        // redaction reasons.  If we can't decrypt, just fall back to using
-        // the original redacted_because.
-        var redactionEvent = new MatrixEvent(_objectSpread({
-          room_id: event.getRoomId()
-        }, event.getUnsigned().redacted_because));
-        var redactedBecause = event.getUnsigned().redacted_because;
-        if (redactionEvent.isEncrypted()) {
-          try {
-            var decryptedEvent = yield _this42.decryptEvent(redactionEvent);
-            redactedBecause = decryptedEvent.clearEvent;
-          } catch (e) {
-            logger.warn("Decryption of redaction failed. Falling back to unencrypted event.", e);
-          }
-        }
-        return {
-          clearEvent: {
-            room_id: event.getRoomId(),
-            type: "m.room.message",
-            content: {},
-            unsigned: {
-              redacted_because: redactedBecause
-            }
-          }
-        };
-      } else {
-        var content = event.getWireContent();
-        var alg = _this42.getRoomDecryptor(event.getRoomId(), content.algorithm);
-        return alg.decryptEvent(event);
-      }
-    })();
-  }
-
-  /**
-   * Handle the notification from /sync that device lists have
-   * been changed.
-   *
-   * @param deviceLists - device_lists field from /sync
-   */
-  processDeviceLists(deviceLists) {
-    var _this43 = this;
-    return _asyncToGenerator(function* () {
-      // Here, we're relying on the fact that we only ever save the sync data after
-      // sucessfully saving the device list data, so we're guaranteed that the device
-      // list store is at least as fresh as the sync token from the sync store, ie.
-      // any device changes received in sync tokens prior to the 'next' token here
-      // have been processed and are reflected in the current device list.
-      // If we didn't make this assumption, we'd have to use the /keys/changes API
-      // to get key changes between the sync token in the device list and the 'old'
-      // sync token used here to make sure we didn't miss any.
-      yield _this43.evalDeviceListChanges(deviceLists);
-    })();
-  }
-
-  /**
-   * Send a request for some room keys, if we have not already done so
-   *
-   * @param resend - whether to resend the key request if there is
-   *    already one
-   *
-   * @returns a promise that resolves when the key request is queued
-   */
-  requestRoomKey(requestBody, recipients) {
-    var resend = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
-    return this.outgoingRoomKeyRequestManager.queueRoomKeyRequest(requestBody, recipients, resend).then(() => {
-      if (this.sendKeyRequestsImmediately) {
-        this.outgoingRoomKeyRequestManager.sendQueuedRequests();
-      }
-    }).catch(e => {
-      // this normally means we couldn't talk to the store
-      logger.error("Error requesting key for event", e);
-    });
-  }
-
-  /**
-   * Cancel any earlier room key request
-   *
-   * @param requestBody - parameters to match for cancellation
-   */
-  cancelRoomKeyRequest(requestBody) {
-    this.outgoingRoomKeyRequestManager.cancelRoomKeyRequest(requestBody).catch(e => {
-      logger.warn("Error clearing pending room key requests", e);
-    });
-  }
-
-  /**
-   * Re-send any outgoing key requests, eg after verification
-   * @returns
-   */
-  cancelAndResendAllOutgoingKeyRequests() {
-    var _this44 = this;
-    return _asyncToGenerator(function* () {
-      yield _this44.outgoingRoomKeyRequestManager.cancelAndResendAllOutgoingRequests();
-    })();
-  }
-
-  /**
-   * handle an m.room.encryption event
-   *
-   * @param room - in which the event was received
-   * @param event - encryption event to be processed
-   */
-  onCryptoEvent(room, event) {
-    var _this45 = this;
-    return _asyncToGenerator(function* () {
-      var content = event.getContent();
-      yield _this45.setRoomEncryptionImpl(room, content);
-    })();
-  }
-
-  /**
-   * Called before the result of a sync is processed
-   *
-   * @param syncData -  the data from the 'MatrixClient.sync' event
-   */
-  onSyncWillProcess(syncData) {
-    var _this46 = this;
-    return _asyncToGenerator(function* () {
-      if (!syncData.oldSyncToken) {
-        // If there is no old sync token, we start all our tracking from
-        // scratch, so mark everything as untracked. onCryptoEvent will
-        // be called for all e2e rooms during the processing of the sync,
-        // at which point we'll start tracking all the users of that room.
-        logger.log("Initial sync performed - resetting device tracking state");
-        _this46.deviceList.stopTrackingAllDeviceLists();
-        // we always track our own device list (for key backups etc)
-        _this46.deviceList.startTrackingDeviceList(_this46.userId);
-        _this46.roomDeviceTrackingState = {};
-      }
-      _this46.sendKeyRequestsImmediately = false;
-    })();
-  }
-
-  /**
-   * handle the completion of a /sync
-   *
-   * This is called after the processing of each successful /sync response.
-   * It is an opportunity to do a batch process on the information received.
-   *
-   * @param syncData -  the data from the 'MatrixClient.sync' event
-   */
-  onSyncCompleted(syncData) {
-    var _this47 = this;
-    return _asyncToGenerator(function* () {
-      var _syncData$nextSyncTok;
-      _this47.deviceList.setSyncToken((_syncData$nextSyncTok = syncData.nextSyncToken) !== null && _syncData$nextSyncTok !== void 0 ? _syncData$nextSyncTok : null);
-      _this47.deviceList.saveIfDirty();
-
-      // we always track our own device list (for key backups etc)
-      _this47.deviceList.startTrackingDeviceList(_this47.userId);
-      _this47.deviceList.refreshOutdatedDeviceLists();
-
-      // we don't start uploading one-time keys until we've caught up with
-      // to-device messages, to help us avoid throwing away one-time-keys that we
-      // are about to receive messages for
-      // (https://github.com/vector-im/element-web/issues/2782).
-      if (!syncData.catchingUp) {
-        _this47.maybeUploadOneTimeKeys();
-        _this47.processReceivedRoomKeyRequests();
-
-        // likewise don't start requesting keys until we've caught up
-        // on to_device messages, otherwise we'll request keys that we're
-        // just about to get.
-        _this47.outgoingRoomKeyRequestManager.sendQueuedRequests();
-
-        // Sync has finished so send key requests straight away.
-        _this47.sendKeyRequestsImmediately = true;
-      }
-    })();
-  }
-
-  /**
-   * Trigger the appropriate invalidations and removes for a given
-   * device list
-   *
-   * @param deviceLists - device_lists field from /sync, or response from
-   * /keys/changes
-   */
-  evalDeviceListChanges(deviceLists) {
-    var _this48 = this;
-    return _asyncToGenerator(function* () {
-      if (Array.isArray(deviceLists === null || deviceLists === void 0 ? void 0 : deviceLists.changed)) {
-        deviceLists.changed.forEach(u => {
-          _this48.deviceList.invalidateUserDeviceList(u);
-        });
-      }
-      if (Array.isArray(deviceLists === null || deviceLists === void 0 ? void 0 : deviceLists.left) && deviceLists.left.length) {
-        // Check we really don't share any rooms with these users
-        // any more: the server isn't required to give us the
-        // exact correct set.
-        var e2eUserIds = new Set(yield _this48.getTrackedE2eUsers());
-        deviceLists.left.forEach(u => {
-          if (!e2eUserIds.has(u)) {
-            _this48.deviceList.stopTrackingDeviceList(u);
-          }
-        });
-      }
-    })();
-  }
-
-  /**
-   * Get a list of all the IDs of users we share an e2e room with
-   * for which we are tracking devices already
-   *
-   * @returns List of user IDs
-   */
-  getTrackedE2eUsers() {
-    var _this49 = this;
-    return _asyncToGenerator(function* () {
-      var e2eUserIds = [];
-      for (var room of _this49.getTrackedE2eRooms()) {
-        var members = yield room.getEncryptionTargetMembers();
-        for (var member of members) {
-          e2eUserIds.push(member.userId);
-        }
-      }
-      return e2eUserIds;
-    })();
-  }
-
-  /**
-   * Get a list of the e2e-enabled rooms we are members of,
-   * and for which we are already tracking the devices
-   *
-   * @returns
-   */
-  getTrackedE2eRooms() {
-    return this.clientStore.getRooms().filter(room => {
-      // check for rooms with encryption enabled
-      var alg = this.roomEncryptors.get(room.roomId);
-      if (!alg) {
-        return false;
-      }
-      if (!this.roomDeviceTrackingState[room.roomId]) {
-        return false;
-      }
-
-      // ignore any rooms which we have left
-      var myMembership = room.getMyMembership();
-      return myMembership === KnownMembership.Join || myMembership === KnownMembership.Invite;
-    });
-  }
-
-  /**
-   * Encrypts and sends a given object via Olm to-device messages to a given
-   * set of devices.
-   * @param userDeviceInfoArr - the devices to send to
-   * @param payload - fields to include in the encrypted payload
-   * @returns Promise which
-   *     resolves once the message has been encrypted and sent to the given
-   *     userDeviceMap, and returns the `{ contentMap, deviceInfoByDeviceId }`
-   *     of the successfully sent messages.
-   *
-   * @deprecated Instead use {@link encryptToDeviceMessages} followed by {@link MatrixClient.queueToDevice}.
-   */
-  encryptAndSendToDevices(userDeviceInfoArr, payload) {
-    var _this50 = this;
-    return _asyncToGenerator(function* () {
-      try {
-        var toDeviceBatch = yield _this50.prepareToDeviceBatch(userDeviceInfoArr, payload);
-        try {
-          yield _this50.baseApis.queueToDevice(toDeviceBatch);
-        } catch (e) {
-          logger.error("sendToDevice failed", e);
-          throw e;
-        }
-      } catch (e) {
-        logger.error("encryptAndSendToDevices promises failed", e);
-        throw e;
-      }
-    })();
-  }
-  prepareToDeviceBatch(userDeviceInfoArr, payload) {
-    var _this51 = this;
-    return _asyncToGenerator(function* () {
-      var toDeviceBatch = {
-        eventType: EventType.RoomMessageEncrypted,
-        batch: []
-      };
-      yield Promise.all(userDeviceInfoArr.map(/*#__PURE__*/function () {
-        var _ref19 = _asyncToGenerator(function* (_ref18) {
-          var {
-            userId,
-            deviceInfo
-          } = _ref18;
-          var deviceId = deviceInfo.deviceId;
-          var encryptedContent = {
-            algorithm: olmlib.OLM_ALGORITHM,
-            sender_key: _this51.olmDevice.deviceCurve25519Key,
-            ciphertext: {},
-            [ToDeviceMessageId]: uuidv4()
-          };
-          toDeviceBatch.batch.push({
-            userId,
-            deviceId,
-            payload: encryptedContent
-          });
-          yield olmlib.ensureOlmSessionsForDevices(_this51.olmDevice, _this51.baseApis, new Map([[userId, [deviceInfo]]]));
-          yield olmlib.encryptMessageForDevice(encryptedContent.ciphertext, _this51.userId, _this51.deviceId, _this51.olmDevice, userId, deviceInfo, payload);
-        });
-        return function (_x10) {
-          return _ref19.apply(this, arguments);
-        };
-      }()));
-
-      // prune out any devices that encryptMessageForDevice could not encrypt for,
-      // in which case it will have just not added anything to the ciphertext object.
-      // There's no point sending messages to devices if we couldn't encrypt to them,
-      // since that's effectively a blank message.
-      toDeviceBatch.batch = toDeviceBatch.batch.filter(msg => {
-        if (Object.keys(msg.payload.ciphertext).length > 0) {
-          return true;
-        } else {
-          logger.log("No ciphertext for device ".concat(msg.userId, ":").concat(msg.deviceId, ": pruning"));
-          return false;
-        }
-      });
-      return toDeviceBatch;
-    })();
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#encryptToDeviceMessages}.
-   */
-  encryptToDeviceMessages(eventType, devices, payload) {
-    var _this52 = this;
-    return _asyncToGenerator(function* () {
-      var userIds = new Set(devices.map(_ref20 => {
-        var {
-          userId
-        } = _ref20;
-        return userId;
-      }));
-      var deviceInfoMap = yield _this52.downloadKeys(Array.from(userIds), false);
-      var userDeviceInfoArr = [];
-      devices.forEach(_ref21 => {
-        var {
-          userId,
-          deviceId
-        } = _ref21;
-        var devices = deviceInfoMap.get(userId);
-        if (!devices) {
-          logger.warn("No devices found for user ".concat(userId));
-          return;
-        }
-        if (devices.has(deviceId)) {
-          // Send the message to a specific device
-          userDeviceInfoArr.push({
-            userId,
-            deviceInfo: devices.get(deviceId)
-          });
-        } else {
-          logger.warn("No device found for user ".concat(userId, " with id ").concat(deviceId));
-        }
-      });
-      return _this52.prepareToDeviceBatch(userDeviceInfoArr, payload);
-    })();
-  }
-  preprocessToDeviceMessages(events) {
-    return _asyncToGenerator(function* () {
-      // all we do here is filter out encrypted to-device messages with the wrong algorithm. Decryption
-      // happens later in decryptEvent, via the EventMapper
-      return events.filter(toDevice => {
-        var _toDevice$content;
-        if (toDevice.type === EventType.RoomMessageEncrypted && !["m.olm.v1.curve25519-aes-sha2"].includes((_toDevice$content = toDevice.content) === null || _toDevice$content === void 0 ? void 0 : _toDevice$content.algorithm)) {
-          logger.log("Ignoring invalid encrypted to-device event from " + toDevice.sender);
-          return false;
-        }
-        return true;
-      });
-    })();
-  }
-
-  /**
-   * Stores the current one_time_key count which will be handled later (in a call of
-   * onSyncCompleted).
-   *
-   * @param currentCount - The current count of one_time_keys to be stored
-   */
-  updateOneTimeKeyCount(currentCount) {
-    if (isFinite(currentCount)) {
-      this.oneTimeKeyCount = currentCount;
-    } else {
-      throw new TypeError("Parameter for updateOneTimeKeyCount has to be a number");
-    }
-  }
-  processKeyCounts(oneTimeKeysCounts, unusedFallbackKeys) {
-    if (oneTimeKeysCounts !== undefined) {
-      this.updateOneTimeKeyCount(oneTimeKeysCounts["signed_curve25519"] || 0);
-    }
-    if (unusedFallbackKeys !== undefined) {
-      // If `unusedFallbackKeys` is defined, that means `device_unused_fallback_key_types`
-      // is present in the sync response, which indicates that the server supports fallback keys.
-      //
-      // If there's no unused signed_curve25519 fallback key, we need a new one.
-      this.needsNewFallback = !unusedFallbackKeys.includes("signed_curve25519");
-    }
-    return Promise.resolve();
-  }
-  /**
-   * Handle a key event
-   *
-   * @internal
-   * @param event - key event
-   */
-  onRoomKeyEvent(event) {
-    var content = event.getContent();
-    if (!content.room_id || !content.algorithm) {
-      logger.error("key event is missing fields");
-      return;
-    }
-    if (!this.backupManager.checkedForBackup) {
-      // don't bother awaiting on this - the important thing is that we retry if we
-      // haven't managed to check before
-      this.backupManager.checkAndStart();
-    }
-    var alg = this.getRoomDecryptor(content.room_id, content.algorithm);
-    alg.onRoomKeyEvent(event);
-  }
-
-  /**
-   * Handle a key withheld event
-   *
-   * @internal
-   * @param event - key withheld event
-   */
-  onRoomKeyWithheldEvent(event) {
-    var content = event.getContent();
-    if (content.code !== "m.no_olm" && (!content.room_id || !content.session_id) || !content.algorithm || !content.sender_key) {
-      logger.error("key withheld event is missing fields");
-      return;
-    }
-    logger.info("Got room key withheld event from ".concat(event.getSender(), " ") + "for ".concat(content.algorithm, " session ").concat(content.sender_key, "|").concat(content.session_id, " ") + "in room ".concat(content.room_id, " with code ").concat(content.code, " (").concat(content.reason, ")"));
-    var alg = this.getRoomDecryptor(content.room_id, content.algorithm);
-    if (alg.onRoomKeyWithheldEvent) {
-      alg.onRoomKeyWithheldEvent(event);
-    }
-    if (!content.room_id) {
-      // retry decryption for all events sent by the sender_key.  This will
-      // update the events to show a message indicating that the olm session was
-      // wedged.
-      var roomDecryptors = this.getRoomDecryptors(content.algorithm);
-      for (var decryptor of roomDecryptors) {
-        decryptor.retryDecryptionFromSender(content.sender_key);
-      }
-    }
-  }
-
-  /**
-   * Handle a general key verification event.
-   *
-   * @internal
-   * @param event - verification start event
-   */
-  onKeyVerificationMessage(event) {
-    if (!ToDeviceChannel.validateEvent(event, this.baseApis)) {
-      return;
-    }
-    var createRequest = event => {
-      if (!ToDeviceChannel.canCreateRequest(ToDeviceChannel.getEventType(event))) {
-        return;
-      }
-      var content = event.getContent();
-      var deviceId = content && content.from_device;
-      if (!deviceId) {
-        return;
-      }
-      var userId = event.getSender();
-      var channel = new ToDeviceChannel(this.baseApis, userId, [deviceId]);
-      return new VerificationRequest(channel, this.verificationMethods, this.baseApis);
-    };
-    this.handleVerificationEvent(event, this.toDeviceVerificationRequests, createRequest);
-  }
-  handleVerificationEvent(event, requestsMap, createRequest) {
-    var _arguments9 = arguments,
-      _this53 = this;
-    return _asyncToGenerator(function* () {
-      var isLiveEvent = _arguments9.length > 3 && _arguments9[3] !== undefined ? _arguments9[3] : true;
-      // Wait for event to get its final ID with pendingEventOrdering: "chronological", since DM channels depend on it.
-      if (event.isSending() && event.status != EventStatus.SENT) {
-        var eventIdListener;
-        var statusListener;
-        try {
-          yield new Promise((resolve, reject) => {
-            eventIdListener = resolve;
-            statusListener = () => {
-              if (event.status == EventStatus.CANCELLED) {
-                reject(new Error("Event status set to CANCELLED."));
-              }
-            };
-            event.once(MatrixEventEvent.LocalEventIdReplaced, eventIdListener);
-            event.on(MatrixEventEvent.Status, statusListener);
-          });
-        } catch (err) {
-          logger.error("error while waiting for the verification event to be sent: ", err);
-          return;
-        } finally {
-          event.removeListener(MatrixEventEvent.LocalEventIdReplaced, eventIdListener);
-          event.removeListener(MatrixEventEvent.Status, statusListener);
-        }
-      }
-      var request = requestsMap.getRequest(event);
-      var isNewRequest = false;
-      if (!request) {
-        request = createRequest(event);
-        // a request could not be made from this event, so ignore event
-        if (!request) {
-          logger.log("Crypto: could not find VerificationRequest for " + "".concat(event.getType(), ", and could not create one, so ignoring."));
-          return;
-        }
-        isNewRequest = true;
-        requestsMap.setRequest(event, request);
-      }
-      event.setVerificationRequest(request);
-      try {
-        yield request.channel.handleEvent(event, request, isLiveEvent);
-      } catch (err) {
-        logger.error("error while handling verification event", err);
-      }
-      var shouldEmit = isNewRequest && !request.initiatedByMe && !request.invalid &&
-      // check it has enough events to pass the UNSENT stage
-      !request.observeOnly;
-      if (shouldEmit) {
-        _this53.baseApis.emit(CryptoEvent.VerificationRequest, request);
-        _this53.baseApis.emit(CryptoEvent.VerificationRequestReceived, request);
-      }
-    })();
-  }
-
-  /**
-   * Handle a toDevice event that couldn't be decrypted
-   *
-   * @internal
-   * @param event - undecryptable event
-   */
-  onToDeviceBadEncrypted(event) {
-    var _this54 = this;
-    return _asyncToGenerator(function* () {
-      var content = event.getWireContent();
-      var sender = event.getSender();
-      var algorithm = content.algorithm;
-      var deviceKey = content.sender_key;
-      _this54.baseApis.emit(ClientEvent.UndecryptableToDeviceEvent, event);
-
-      // retry decryption for all events sent by the sender_key.  This will
-      // update the events to show a message indicating that the olm session was
-      // wedged.
-      var retryDecryption = () => {
-        var roomDecryptors = _this54.getRoomDecryptors(olmlib.MEGOLM_ALGORITHM);
-        for (var decryptor of roomDecryptors) {
-          decryptor.retryDecryptionFromSender(deviceKey);
-        }
-      };
-      if (sender === undefined || deviceKey === undefined || deviceKey === undefined) {
-        return;
-      }
-
-      // check when we can force a new session with this device: if we've already done so
-      // recently, don't do it again.
-      var forceNewSessionRetryTimeDevices = _this54.forceNewSessionRetryTime.getOrCreate(sender);
-      var forceNewSessionRetryTime = forceNewSessionRetryTimeDevices.getOrCreate(deviceKey);
-      if (forceNewSessionRetryTime > Date.now()) {
-        logger.debug("New session already forced with device ".concat(sender, ":").concat(deviceKey, ": ") + "not forcing another until at least ".concat(new Date(forceNewSessionRetryTime).toUTCString()));
-        yield _this54.olmDevice.recordSessionProblem(deviceKey, "wedged", true);
-        retryDecryption();
-        return;
-      }
-
-      // make sure we don't retry to unwedge too soon even if we fail to create a new session
-      forceNewSessionRetryTimeDevices.set(deviceKey, Date.now() + FORCE_SESSION_RETRY_INTERVAL_MS);
-
-      // establish a new olm session with this device since we're failing to decrypt messages
-      // on a current session.
-      // Note that an undecryptable message from another device could easily be spoofed -
-      // is there anything we can do to mitigate this?
-      var device = _this54.deviceList.getDeviceByIdentityKey(algorithm, deviceKey);
-      if (!device) {
-        // if we don't know about the device, fetch the user's devices again
-        // and retry before giving up
-        yield _this54.downloadKeys([sender], false);
-        device = _this54.deviceList.getDeviceByIdentityKey(algorithm, deviceKey);
-        if (!device) {
-          logger.info("Couldn't find device for identity key " + deviceKey + ": not re-establishing session");
-          yield _this54.olmDevice.recordSessionProblem(deviceKey, "wedged", false);
-          retryDecryption();
-          return;
-        }
-      }
-      var devicesByUser = new Map([[sender, [device]]]);
-      yield olmlib.ensureOlmSessionsForDevices(_this54.olmDevice, _this54.baseApis, devicesByUser, true);
-      forceNewSessionRetryTimeDevices.set(deviceKey, Date.now() + MIN_FORCE_SESSION_INTERVAL_MS);
-
-      // Now send a blank message on that session so the other side knows about it.
-      // (The keyshare request is sent in the clear so that won't do)
-      // We send this first such that, as long as the toDevice messages arrive in the
-      // same order we sent them, the other end will get this first, set up the new session,
-      // then get the keyshare request and send the key over this new session (because it
-      // is the session it has most recently received a message on).
-      var encryptedContent = {
-        algorithm: olmlib.OLM_ALGORITHM,
-        sender_key: _this54.olmDevice.deviceCurve25519Key,
-        ciphertext: {},
-        [ToDeviceMessageId]: uuidv4()
-      };
-      yield olmlib.encryptMessageForDevice(encryptedContent.ciphertext, _this54.userId, _this54.deviceId, _this54.olmDevice, sender, device, {
-        type: "m.dummy"
-      });
-      yield _this54.olmDevice.recordSessionProblem(deviceKey, "wedged", true);
-      retryDecryption();
-      yield _this54.baseApis.sendToDevice("m.room.encrypted", new Map([[sender, new Map([[device.deviceId, encryptedContent]])]]));
-
-      // Most of the time this probably won't be necessary since we'll have queued up a key request when
-      // we failed to decrypt the message and will be waiting a bit for the key to arrive before sending
-      // it. This won't always be the case though so we need to re-send any that have already been sent
-      // to avoid races.
-      var requestsToResend = yield _this54.outgoingRoomKeyRequestManager.getOutgoingSentRoomKeyRequest(sender, device.deviceId);
-      for (var keyReq of requestsToResend) {
-        _this54.requestRoomKey(keyReq.requestBody, keyReq.recipients, true);
-      }
-    })();
-  }
-
-  /**
-   * Handle a change in the membership state of a member of a room
-   *
-   * @internal
-   * @param event -  event causing the change
-   * @param member -  user whose membership changed
-   * @param oldMembership -  previous membership
-   */
-  onRoomMembership(event, member, oldMembership) {
-    // this event handler is registered on the *client* (as opposed to the room
-    // member itself), which means it is only called on changes to the *live*
-    // membership state (ie, it is not called when we back-paginate, nor when
-    // we load the state in the initialsync).
-    //
-    // Further, it is automatically registered and called when new members
-    // arrive in the room.
-
-    var roomId = member.roomId;
-    var alg = this.roomEncryptors.get(roomId);
-    if (!alg) {
-      // not encrypting in this room
-      return;
-    }
-    // only mark users in this room as tracked if we already started tracking in this room
-    // this way we don't start device queries after sync on behalf of this room which we won't use
-    // the result of anyway, as we'll need to do a query again once all the members are fetched
-    // by calling _trackRoomDevices
-    if (roomId in this.roomDeviceTrackingState) {
-      var _this$clientStore$get;
-      if (member.membership == KnownMembership.Join) {
-        logger.log("Join event for " + member.userId + " in " + roomId);
-        // make sure we are tracking the deviceList for this user
-        this.deviceList.startTrackingDeviceList(member.userId);
-      } else if (member.membership == KnownMembership.Invite && (_this$clientStore$get = this.clientStore.getRoom(roomId)) !== null && _this$clientStore$get !== void 0 && _this$clientStore$get.shouldEncryptForInvitedMembers()) {
-        logger.log("Invite event for " + member.userId + " in " + roomId);
-        this.deviceList.startTrackingDeviceList(member.userId);
-      }
-    }
-    alg.onRoomMembership(event, member, oldMembership);
-  }
-
-  /**
-   * Called when we get an m.room_key_request event.
-   *
-   * @internal
-   * @param event - key request event
-   */
-  onRoomKeyRequestEvent(event) {
-    var content = event.getContent();
-    if (content.action === "request") {
-      // Queue it up for now, because they tend to arrive before the room state
-      // events at initial sync, and we want to see if we know anything about the
-      // room before passing them on to the app.
-      var req = new IncomingRoomKeyRequest(event);
-      this.receivedRoomKeyRequests.push(req);
-    } else if (content.action === "request_cancellation") {
-      var _req = new IncomingRoomKeyRequestCancellation(event);
-      this.receivedRoomKeyRequestCancellations.push(_req);
-    }
-  }
-
-  /**
-   * Process any m.room_key_request events which were queued up during the
-   * current sync.
-   *
-   * @internal
-   */
-  processReceivedRoomKeyRequests() {
-    var _this55 = this;
-    return _asyncToGenerator(function* () {
-      if (_this55.processingRoomKeyRequests) {
-        // we're still processing last time's requests; keep queuing new ones
-        // up for now.
-        return;
-      }
-      _this55.processingRoomKeyRequests = true;
-      try {
-        // we need to grab and clear the queues in the synchronous bit of this method,
-        // so that we don't end up racing with the next /sync.
-        var requests = _this55.receivedRoomKeyRequests;
-        _this55.receivedRoomKeyRequests = [];
-        var cancellations = _this55.receivedRoomKeyRequestCancellations;
-        _this55.receivedRoomKeyRequestCancellations = [];
-
-        // Process all of the requests, *then* all of the cancellations.
-        //
-        // This makes sure that if we get a request and its cancellation in the
-        // same /sync result, then we process the request before the
-        // cancellation (and end up with a cancelled request), rather than the
-        // cancellation before the request (and end up with an outstanding
-        // request which should have been cancelled.)
-        yield Promise.all(requests.map(req => _this55.processReceivedRoomKeyRequest(req)));
-        yield Promise.all(cancellations.map(cancellation => _this55.processReceivedRoomKeyRequestCancellation(cancellation)));
-      } catch (e) {
-        logger.error("Error processing room key requsts: ".concat(e));
-      } finally {
-        _this55.processingRoomKeyRequests = false;
-      }
-    })();
-  }
-
-  /**
-   * Helper for processReceivedRoomKeyRequests
-   *
-   */
-  processReceivedRoomKeyRequest(req) {
-    var _this56 = this;
-    return _asyncToGenerator(function* () {
-      var userId = req.userId;
-      var deviceId = req.deviceId;
-      var body = req.requestBody;
-      var roomId = body.room_id;
-      var alg = body.algorithm;
-      logger.log("m.room_key_request from ".concat(userId, ":").concat(deviceId) + " for ".concat(roomId, " / ").concat(body.session_id, " (id ").concat(req.requestId, ")"));
-      if (userId !== _this56.userId) {
-        if (!_this56.roomEncryptors.get(roomId)) {
-          logger.debug("room key request for unencrypted room ".concat(roomId));
-          return;
-        }
-        var encryptor = _this56.roomEncryptors.get(roomId);
-        var device = _this56.deviceList.getStoredDevice(userId, deviceId);
-        if (!device) {
-          logger.debug("Ignoring keyshare for unknown device ".concat(userId, ":").concat(deviceId));
-          return;
-        }
-        try {
-          yield encryptor.reshareKeyWithDevice(body.sender_key, body.session_id, userId, device);
-        } catch (e) {
-          logger.warn("Failed to re-share keys for session " + body.session_id + " with device " + userId + ":" + device.deviceId, e);
-        }
-        return;
-      }
-      if (deviceId === _this56.deviceId) {
-        // We'll always get these because we send room key requests to
-        // '*' (ie. 'all devices') which includes the sending device,
-        // so ignore requests from ourself because apart from it being
-        // very silly, it won't work because an Olm session cannot send
-        // messages to itself.
-        // The log here is probably superfluous since we know this will
-        // always happen, but let's log anyway for now just in case it
-        // causes issues.
-        logger.log("Ignoring room key request from ourselves");
-        return;
-      }
-
-      // todo: should we queue up requests we don't yet have keys for,
-      // in case they turn up later?
-
-      // if we don't have a decryptor for this room/alg, we don't have
-      // the keys for the requested events, and can drop the requests.
-      if (!_this56.roomDecryptors.has(roomId)) {
-        logger.log("room key request for unencrypted room ".concat(roomId));
-        return;
-      }
-      var decryptor = _this56.roomDecryptors.get(roomId).get(alg);
-      if (!decryptor) {
-        logger.log("room key request for unknown alg ".concat(alg, " in room ").concat(roomId));
-        return;
-      }
-      if (!(yield decryptor.hasKeysForKeyRequest(req))) {
-        logger.log("room key request for unknown session ".concat(roomId, " / ") + body.session_id);
-        return;
-      }
-      req.share = () => {
-        decryptor.shareKeysWithDevice(req);
-      };
-
-      // if the device is verified already, share the keys
-      if (_this56.checkDeviceTrust(userId, deviceId).isVerified()) {
-        logger.log("device is already verified: sharing keys");
-        req.share();
-        return;
-      }
-      _this56.emit(CryptoEvent.RoomKeyRequest, req);
-    })();
-  }
-
-  /**
-   * Helper for processReceivedRoomKeyRequests
-   *
-   */
-  processReceivedRoomKeyRequestCancellation(cancellation) {
-    var _this57 = this;
-    return _asyncToGenerator(function* () {
-      logger.log("m.room_key_request cancellation for ".concat(cancellation.userId, ":") + "".concat(cancellation.deviceId, " (id ").concat(cancellation.requestId, ")"));
-
-      // we should probably only notify the app of cancellations we told it
-      // about, but we don't currently have a record of that, so we just pass
-      // everything through.
-      _this57.emit(CryptoEvent.RoomKeyRequestCancellation, cancellation);
-    })();
-  }
-
-  /**
-   * Get a decryptor for a given room and algorithm.
-   *
-   * If we already have a decryptor for the given room and algorithm, return
-   * it. Otherwise try to instantiate it.
-   *
-   * @internal
-   *
-   * @param roomId -   room id for decryptor. If undefined, a temporary
-   * decryptor is instantiated.
-   *
-   * @param algorithm -  crypto algorithm
-   *
-   * @throws `DecryptionError` if the algorithm is unknown
-   */
-  getRoomDecryptor(roomId, algorithm) {
-    var decryptors;
-    var alg;
-    if (roomId) {
-      decryptors = this.roomDecryptors.get(roomId);
-      if (!decryptors) {
-        decryptors = new Map();
-        this.roomDecryptors.set(roomId, decryptors);
-      }
-      alg = decryptors.get(algorithm);
-      if (alg) {
-        return alg;
-      }
-    }
-    var AlgClass = algorithms.DECRYPTION_CLASSES.get(algorithm);
-    if (!AlgClass) {
-      throw new DecryptionError(DecryptionFailureCode.UNKNOWN_ENCRYPTION_ALGORITHM, 'Unknown encryption algorithm "' + algorithm + '".');
-    }
-    alg = new AlgClass({
-      userId: this.userId,
-      crypto: this,
-      olmDevice: this.olmDevice,
-      baseApis: this.baseApis,
-      roomId: roomId !== null && roomId !== void 0 ? roomId : undefined
-    });
-    if (decryptors) {
-      decryptors.set(algorithm, alg);
-    }
-    return alg;
-  }
-
-  /**
-   * Get all the room decryptors for a given encryption algorithm.
-   *
-   * @param algorithm - The encryption algorithm
-   *
-   * @returns An array of room decryptors
-   */
-  getRoomDecryptors(algorithm) {
-    var decryptors = [];
-    for (var d of this.roomDecryptors.values()) {
-      if (d.has(algorithm)) {
-        decryptors.push(d.get(algorithm));
-      }
-    }
-    return decryptors;
-  }
-
-  /**
-   * sign the given object with our ed25519 key
-   *
-   * @param obj -  Object to which we will add a 'signatures' property
-   */
-  signObject(obj) {
-    var _this58 = this;
-    return _asyncToGenerator(function* () {
-      var sigs = new Map(Object.entries(obj.signatures || {}));
-      var unsigned = obj.unsigned;
-      delete obj.signatures;
-      delete obj.unsigned;
-      var userSignatures = sigs.get(_this58.userId) || {};
-      sigs.set(_this58.userId, userSignatures);
-      userSignatures["ed25519:" + _this58.deviceId] = yield _this58.olmDevice.sign(anotherjson.stringify(obj));
-      obj.signatures = recursiveMapToObject(sigs);
-      if (unsigned !== undefined) obj.unsigned = unsigned;
-    })();
-  }
-
-  /**
-   * @returns true if the room with the supplied ID is encrypted. False if the
-   * room is not encrypted, or is unknown to us.
-   */
-  isRoomEncrypted(roomId) {
-    return this.roomList.isRoomEncrypted(roomId);
-  }
-
-  /**
-   * Implementation of {@link Crypto.CryptoApi#isEncryptionEnabledInRoom}.
-   */
-  isEncryptionEnabledInRoom(roomId) {
-    var _this59 = this;
-    return _asyncToGenerator(function* () {
-      return _this59.isRoomEncrypted(roomId);
-    })();
-  }
-
-  /**
-   * @returns information about the encryption on the room with the supplied
-   * ID, or null if the room is not encrypted or unknown to us.
-   */
-  getRoomEncryption(roomId) {
-    return this.roomList.getRoomEncryption(roomId);
-  }
-
-  /**
-   * Returns whether dehydrated devices are supported by the crypto backend
-   * and by the server.
-   */
-  isDehydrationSupported() {
-    return _asyncToGenerator(function* () {
-      return false;
-    })();
-  }
-
-  /**
-   * Stub function -- dehydration is not implemented here, so throw error
-   */
-  startDehydration(createNewKey) {
-    return _asyncToGenerator(function* () {
-      throw new Error("Not implemented");
-    })();
-  }
-
-  /**
-   * Stub function -- restoreKeyBackup is not implemented here, so throw error
-   */
-  restoreKeyBackup(opts) {
-    throw new Error("Not implemented");
-  }
-
-  /**
-   * Stub function -- restoreKeyBackupWithPassphrase is not implemented here, so throw error
-   */
-  restoreKeyBackupWithPassphrase(passphrase, opts) {
-    throw new Error("Not implemented");
-  }
-}
-
-/**
- * Fix up the backup key, that may be in the wrong format due to a bug in a
- * migration step.  Some backup keys were stored as a comma-separated list of
- * integers, rather than a base64-encoded byte array.  If this function is
- * passed a string that looks like a list of integers rather than a base64
- * string, it will attempt to convert it to the right format.
- *
- * @param key - the key to check
- * @returns If the key is in the wrong format, then the fixed
- * key will be returned. Otherwise null will be returned.
- *
- */
-export function fixBackupKey(key) {
-  if (typeof key !== "string" || key.indexOf(",") < 0) {
-    return null;
-  }
-  var fixedKey = Uint8Array.from(key.split(","), x => parseInt(x));
-  return encodeBase64(fixedKey);
-}
-
-/**
- * Represents a received m.room_key_request event
- */
-export class IncomingRoomKeyRequest {
-  constructor(event) {
-    /** user requesting the key */
-    _defineProperty(this, "userId", void 0);
-    /** device requesting the key */
-    _defineProperty(this, "deviceId", void 0);
-    /** unique id for the request */
-    _defineProperty(this, "requestId", void 0);
-    _defineProperty(this, "requestBody", void 0);
-    /**
-     * callback which, when called, will ask
-     *    the relevant crypto algorithm implementation to share the keys for
-     *    this request.
-     */
-    _defineProperty(this, "share", void 0);
-    var content = event.getContent();
-    this.userId = event.getSender();
-    this.deviceId = content.requesting_device_id;
-    this.requestId = content.request_id;
-    this.requestBody = content.body || {};
-    this.share = () => {
-      throw new Error("don't know how to share keys for this request yet");
-    };
-  }
-}
-
-/**
- * Represents a received m.room_key_request cancellation
- */
-class IncomingRoomKeyRequestCancellation {
-  constructor(event) {
-    /** user requesting the cancellation */
-    _defineProperty(this, "userId", void 0);
-    /** device requesting the cancellation */
-    _defineProperty(this, "deviceId", void 0);
-    /** unique id for the request to be cancelled */
-    _defineProperty(this, "requestId", void 0);
-    var content = event.getContent();
-    this.userId = event.getSender();
-    this.deviceId = content.requesting_device_id;
-    this.requestId = content.request_id;
-  }
-}
-
-// a number of types are re-exported for backwards compatibility, in case any applications are referencing it.
-//# sourceMappingURL=index.js.map