slidge-whatsapp 0.2.5__cp312-cp312-manylinux_2_36_aarch64.whl → 0.2.6__cp312-cp312-manylinux_2_36_aarch64.whl

slidge_whatsapp/vendor/go.mau.fi/whatsmeow/message.go

@@ -9,6 +9,8 @@ package whatsmeow
 import (
 	"bytes"
 	"compress/zlib"
+	"context"
+	"crypto/sha256"
 	"encoding/hex"
 	"errors"
 	"fmt"
@@ -16,6 +18,7 @@ import (
 	"runtime/debug"
 	"time"
 
+	"github.com/rs/zerolog"
 	"go.mau.fi/libsignal/groups"
 	"go.mau.fi/libsignal/protocol"
 	"go.mau.fi/libsignal/session"
@@ -36,33 +39,41 @@ import (
 var pbSerializer = store.SignalProtobufSerializer
 
 func (cli *Client) handleEncryptedMessage(node *waBinary.Node) {
+	ctx := context.TODO()
 	info, err := cli.parseMessageInfo(node)
 	if err != nil {
 		cli.Log.Warnf("Failed to parse message: %v", err)
 	} else {
+		if !info.SenderAlt.IsEmpty() {
+			cli.StoreLIDPNMapping(ctx, info.SenderAlt, info.Sender)
+		} else if !info.RecipientAlt.IsEmpty() {
+			cli.StoreLIDPNMapping(ctx, info.RecipientAlt, info.Chat)
+		}
 		if info.VerifiedName != nil && len(info.VerifiedName.Details.GetVerifiedName()) > 0 {
-			go cli.updateBusinessName(info.Sender, info, info.VerifiedName.Details.GetVerifiedName())
+			go cli.updateBusinessName(context.WithoutCancel(ctx), info.Sender, info, info.VerifiedName.Details.GetVerifiedName())
 		}
 		if len(info.PushName) > 0 && info.PushName != "-" {
-			go cli.updatePushName(info.Sender, info, info.PushName)
+			go cli.updatePushName(context.WithoutCancel(ctx), info.Sender, info, info.PushName)
 		}
 		defer cli.maybeDeferredAck(node)()
 		if info.Sender.Server == types.NewsletterServer {
-			cli.handlePlaintextMessage(info, node)
+			cli.handlePlaintextMessage(ctx, info, node)
 		} else {
-			cli.decryptMessages(info, node)
+			cli.decryptMessages(ctx, info, node)
 		}
 	}
 }
 
 func (cli *Client) parseMessageSource(node *waBinary.Node, requireParticipant bool) (source types.MessageSource, err error) {
 	clientID := cli.getOwnID()
+	clientLID := cli.Store.GetLID()
 	if clientID.IsEmpty() {
 		err = ErrNotLoggedIn
 		return
 	}
 	ag := node.AttrGetter()
 	from := ag.JID("from")
+	source.AddressingMode = types.AddressingMode(ag.OptionalString("addressing_mode"))
 	if from.Server == types.GroupServer || from.Server == types.BroadcastServer {
 		source.IsGroup = true
 		source.Chat = from
@@ -71,7 +82,12 @@ func (cli *Client) parseMessageSource(node *waBinary.Node, requireParticipant bo
 		} else {
 			source.Sender = ag.OptionalJIDOrEmpty("participant")
 		}
-		if source.Sender.User == clientID.User {
+		if source.AddressingMode == types.AddressingModeLID {
+			source.SenderAlt = ag.OptionalJIDOrEmpty("participant_pn")
+		} else {
+			source.SenderAlt = ag.OptionalJIDOrEmpty("participant_lid")
+		}
+		if source.Sender.User == clientID.User || source.Sender.User == clientLID.User {
 			source.IsFromMe = true
 		}
 		if from.Server == types.BroadcastServer {
@@ -81,7 +97,7 @@ func (cli *Client) parseMessageSource(node *waBinary.Node, requireParticipant bo
 		source.Chat = from
 		source.Sender = from
 		// TODO IsFromMe?
-	} else if from.User == clientID.User {
+	} else if from.User == clientID.User || from.User == clientLID.User {
 		source.IsFromMe = true
 		source.Sender = from
 		recipient := ag.OptionalJID("recipient")
@@ -90,6 +106,11 @@ func (cli *Client) parseMessageSource(node *waBinary.Node, requireParticipant bo
 		} else {
 			source.Chat = from.ToNonAD()
 		}
+		if source.AddressingMode == types.AddressingModeLID {
+			source.RecipientAlt = ag.OptionalJIDOrEmpty("peer_recipient_pn") // existence of this field is not confirmed
+		} else {
+			source.RecipientAlt = ag.OptionalJIDOrEmpty("peer_recipient_lid")
+		}
 	} else if from.IsBot() {
 		source.Sender = from
 		meta := node.GetChildByTag("meta")
@@ -103,6 +124,14 @@ func (cli *Client) parseMessageSource(node *waBinary.Node, requireParticipant bo
 	} else {
 		source.Chat = from.ToNonAD()
 		source.Sender = from
+		if source.AddressingMode == types.AddressingModeLID {
+			source.SenderAlt = ag.OptionalJIDOrEmpty("sender_pn")
+		} else {
+			source.SenderAlt = ag.OptionalJIDOrEmpty("sender_lid")
+		}
+	}
+	if !source.SenderAlt.IsEmpty() && source.SenderAlt.Device == 0 {
+		source.SenderAlt.Device = source.Sender.Device
 	}
 	err = ag.Error()
 	return
@@ -125,11 +154,14 @@ func (cli *Client) parseMsgMetaInfo(node waBinary.Node) (metaInfo types.MsgMetaI
 	metaNode := node.GetChildByTag("meta")
 
 	ag := metaNode.AttrGetter()
-	metaInfo.TargetID = types.MessageID(ag.String("target_id"))
-	targetSenderJID := ag.OptionalJIDOrEmpty("target_sender_jid")
-	if targetSenderJID.User != "" {
-		metaInfo.TargetSender = targetSenderJID
+	metaInfo.TargetID = types.MessageID(ag.OptionalString("target_id"))
+	metaInfo.TargetSender = ag.OptionalJIDOrEmpty("target_sender_jid")
+	deprecatedLIDSession, ok := ag.GetBool("deprecated_lid_session", false)
+	if ok {
+		metaInfo.DeprecatedLIDSession = &deprecatedLIDSession
 	}
+	metaInfo.ThreadMessageID = types.MessageID(ag.OptionalString("thread_msg_id"))
+	metaInfo.ThreadMessageSenderJID = ag.OptionalJIDOrEmpty("thread_msg_sender_jid")
 	err = ag.Error()
 	return
 }
@@ -168,8 +200,10 @@ func (cli *Client) parseMessageInfo(node *waBinary.Node) (*types.MessageInfo, er
 				cli.Log.Warnf("Failed to parse <bot> node in %s: %v", info.ID, err)
 			}
 		case "meta":
-			// TODO parse non-bot metadata too
-			info.MsgMetaInfo, _ = cli.parseMsgMetaInfo(child)
+			info.MsgMetaInfo, err = cli.parseMsgMetaInfo(child)
+			if err != nil {
+				cli.Log.Warnf("Failed to parse <meta> node in %s: %v", info.ID, err)
+			}
 		case "franking":
 			// TODO
 		case "trace":
@@ -184,7 +218,7 @@ func (cli *Client) parseMessageInfo(node *waBinary.Node) (*types.MessageInfo, er
 	return &info, nil
 }
 
-func (cli *Client) handlePlaintextMessage(info *types.MessageInfo, node *waBinary.Node) {
+func (cli *Client) handlePlaintextMessage(ctx context.Context, info *types.MessageInfo, node *waBinary.Node) {
 	// TODO edits have an additional <meta msg_edit_t="1696321271735" original_msg_t="1696321248"/> node
 	plaintext, ok := node.GetOptionalChildByTag("plaintext")
 	if !ok {
@@ -203,7 +237,7 @@ func (cli *Client) handlePlaintextMessage(info *types.MessageInfo, node *waBinar
 		cli.Log.Warnf("Error unmarshaling plaintext message from %s: %v", info.SourceString(), err)
 		return
 	}
-	cli.storeMessageSecret(info, &msg)
+	cli.storeMessageSecret(ctx, info, &msg)
 	evt := &events.Message{
 		Info:       *info,
 		RawMessage: &msg,
@@ -216,10 +250,16 @@ func (cli *Client) handlePlaintextMessage(info *types.MessageInfo, node *waBinar
 		}
 	}
 	cli.dispatchEvent(evt.UnwrapRaw())
-	return
 }
 
-func (cli *Client) decryptMessages(info *types.MessageInfo, node *waBinary.Node) {
+func (cli *Client) migrateSessionStore(ctx context.Context, pn, lid types.JID) {
+	err := cli.Store.Sessions.MigratePNToLID(ctx, pn, lid)
+	if err != nil {
+		cli.Log.Errorf("Failed to migrate signal store from %s to %s: %v", pn, lid, err)
+	}
+}
+
+func (cli *Client) decryptMessages(ctx context.Context, info *types.MessageInfo, node *waBinary.Node) {
 	unavailableNode, ok := node.GetOptionalChildByTag("unavailable")
 	if ok && len(node.GetChildrenByTag("enc")) == 0 {
 		uType := events.UnavailableType(unavailableNode.AttrGetter().String("type"))
@@ -233,6 +273,21 @@ func (cli *Client) decryptMessages(info *types.MessageInfo, node *waBinary.Node)
 	cli.Log.Debugf("Decrypting message from %s", info.SourceString())
 	handled := false
 	containsDirectMsg := false
+	senderEncryptionJID := info.Sender
+	if info.Sender.Server == types.DefaultUserServer && !info.Sender.IsBot() {
+		if info.SenderAlt.Server == types.HiddenUserServer {
+			senderEncryptionJID = info.SenderAlt
+			cli.migrateSessionStore(ctx, info.Sender, info.SenderAlt)
+		} else if lid, err := cli.Store.LIDs.GetLIDForPN(ctx, info.Sender); err != nil {
+			cli.Log.Errorf("Failed to get LID for %s: %v", info.Sender, err)
+		} else if !lid.IsEmpty() {
+			cli.migrateSessionStore(ctx, info.Sender, lid)
+			senderEncryptionJID = lid
+			info.SenderAlt = lid
+		} else {
+			cli.Log.Warnf("No LID found for %s", info.Sender)
+		}
+	}
 	for _, child := range children {
 		if child.Tag != "enc" {
 			continue
@@ -243,59 +298,54 @@ func (cli *Client) decryptMessages(info *types.MessageInfo, node *waBinary.Node)
 			continue
 		}
 		var decrypted []byte
+		var ciphertextHash *[32]byte
 		var err error
 		if encType == "pkmsg" || encType == "msg" {
-			decrypted, err = cli.decryptDM(&child, info.Sender, encType == "pkmsg")
+			decrypted, ciphertextHash, err = cli.decryptDM(ctx, &child, senderEncryptionJID, encType == "pkmsg", info.Timestamp)
 			containsDirectMsg = true
 		} else if info.IsGroup && encType == "skmsg" {
-			decrypted, err = cli.decryptGroupMsg(&child, info.Sender, info.Chat)
+			decrypted, ciphertextHash, err = cli.decryptGroupMsg(ctx, &child, senderEncryptionJID, info.Chat, info.Timestamp)
 		} else if encType == "msmsg" && info.Sender.IsBot() {
-			// Meta AI / other bots (biz?):
-
-			// step 1: get message secret
 			targetSenderJID := info.MsgMetaInfo.TargetSender
+			messageSecretSenderJID := targetSenderJID
 			if targetSenderJID.User == "" {
-				// if no targetSenderJID in <meta> this must be ourselves (one-one-one mode)
-				targetSenderJID = cli.getOwnID()
+				if info.Sender.Server == types.BotServer {
+					targetSenderJID = cli.Store.GetLID()
+				} else {
+					targetSenderJID = cli.getOwnID()
+				}
+				messageSecretSenderJID = cli.getOwnID()
 			}
-
-			messageSecret, err := cli.Store.MsgSecrets.GetMessageSecret(info.Chat, targetSenderJID, info.MsgMetaInfo.TargetID)
-			if err != nil || messageSecret == nil {
-				cli.Log.Warnf("Error getting message secret for bot msg with id %s", node.AttrGetter().String("id"))
-				continue
+			var decryptMessageID string
+			if info.MsgBotInfo.EditType == types.EditTypeInner || info.MsgBotInfo.EditType == types.EditTypeLast {
+				decryptMessageID = info.MsgBotInfo.EditTargetID
+			} else {
+				decryptMessageID = info.ID
 			}
-
-			// step 2: get MessageSecretMessage
-			byteContents := child.Content.([]byte) // <enc> contents
 			var msMsg waE2E.MessageSecretMessage
-
-			err = proto.Unmarshal(byteContents, &msMsg)
-			if err != nil {
-				cli.Log.Warnf("Error decoding MessageSecretMesage protobuf %v", err)
-				continue
-			}
-
-			// step 3: determine best message id for decryption
-			var messageID string
-			if info.MsgBotInfo.EditType == types.EditTypeInner || info.MsgBotInfo.EditType == types.EditTypeLast {
-				messageID = info.MsgBotInfo.EditTargetID
+			var messageSecret []byte
+			if messageSecret, err = cli.Store.MsgSecrets.GetMessageSecret(ctx, info.Chat, messageSecretSenderJID, info.MsgMetaInfo.TargetID); err != nil {
+				err = fmt.Errorf("failed to get message secret for %s: %v", info.MsgMetaInfo.TargetID, err)
+			} else if messageSecret == nil {
+				err = fmt.Errorf("message secret for %s not found", info.MsgMetaInfo.TargetID)
+			} else if err = proto.Unmarshal(child.Content.([]byte), &msMsg); err != nil {
+				err = fmt.Errorf("failed to unmarshal MessageSecretMessage protobuf: %v", err)
 			} else {
-				messageID = info.ID
+				decrypted, err = cli.decryptBotMessage(ctx, messageSecret, &msMsg, decryptMessageID, targetSenderJID, info)
 			}
-
-			// step 4: decrypt and voila
-			decrypted, err = cli.decryptBotMessage(messageSecret, &msMsg, messageID, targetSenderJID, info)
 		} else {
 			cli.Log.Warnf("Unhandled encrypted message (type %s) from %s", encType, info.SourceString())
 			continue
 		}
 
-		if err != nil {
+		if errors.Is(err, EventAlreadyProcessed) {
+			cli.Log.Debugf("Ignoring message %s from %s: %v", info.ID, info.SourceString(), err)
+			return
+		} else if err != nil {
 			cli.Log.Warnf("Error decrypting message from %s: %v", info.SourceString(), err)
 			isUnavailable := encType == "skmsg" && !containsDirectMsg && errors.Is(err, signalerror.ErrNoSenderKeyForUser)
-			// TODO figure out why @bot messages fail to decrypt
-			if info.Chat.Server != types.BotServer {
-				go cli.sendRetryReceipt(node, info, isUnavailable)
+			if encType != "msmsg" {
+				go cli.sendRetryReceipt(context.WithoutCancel(ctx), node, info, isUnavailable)
 			}
 			cli.dispatchEvent(&events.UndecryptableMessage{
 				Info:            *info,
@@ -315,85 +365,183 @@ func (cli *Client) decryptMessages(info *types.MessageInfo, node *waBinary.Node)
 				cli.Log.Warnf("Error unmarshaling decrypted message from %s: %v", info.SourceString(), err)
 				continue
 			}
-			cli.handleDecryptedMessage(info, &msg, retryCount)
+			cli.handleDecryptedMessage(ctx, info, &msg, retryCount)
 			handled = true
 		case 3:
-			handled = cli.handleDecryptedArmadillo(info, decrypted, retryCount)
+			handled = cli.handleDecryptedArmadillo(ctx, info, decrypted, retryCount)
 		default:
 			cli.Log.Warnf("Unknown version %d in decrypted message from %s", ag.Int("v"), info.SourceString())
 		}
+		if ciphertextHash != nil && cli.EnableDecryptedEventBuffer {
+			// Use the context passed to decryptMessages
+			err = cli.Store.EventBuffer.ClearBufferedEventPlaintext(ctx, *ciphertextHash)
+			if err != nil {
+				zerolog.Ctx(ctx).Err(err).
+					Hex("ciphertext_hash", ciphertextHash[:]).
+					Msg("Failed to clear buffered event plaintext")
+			} else {
+				zerolog.Ctx(ctx).Debug().
+					Hex("ciphertext_hash", ciphertextHash[:]).
+					Msg("Deleted event plaintext from buffer")
+			}
+
+			if time.Since(cli.lastDecryptedBufferClear) > 12*time.Hour {
+				cli.lastDecryptedBufferClear = time.Now()
+				go func() {
+					err := cli.Store.EventBuffer.DeleteOldBufferedHashes(context.WithoutCancel(ctx))
+					if err != nil {
+						zerolog.Ctx(ctx).Err(err).Msg("Failed to delete old buffered hashes")
+					}
+				}()
+			}
+		}
 	}
 	if handled {
 		go cli.sendMessageReceipt(info)
 	}
 }
 
-func (cli *Client) clearUntrustedIdentity(target types.JID) {
-	err := cli.Store.Identities.DeleteIdentity(target.SignalAddress().String())
+func (cli *Client) clearUntrustedIdentity(ctx context.Context, target types.JID) error {
+	err := cli.Store.Identities.DeleteIdentity(ctx, target.SignalAddress().String())
 	if err != nil {
-		cli.Log.Warnf("Failed to delete untrusted identity of %s from store: %v", target, err)
+		return fmt.Errorf("failed to delete identity: %w", err)
 	}
-	err = cli.Store.Sessions.DeleteSession(target.SignalAddress().String())
+	err = cli.Store.Sessions.DeleteSession(ctx, target.SignalAddress().String())
 	if err != nil {
-		cli.Log.Warnf("Failed to delete session with %s (untrusted identity) from store: %v", target, err)
+		return fmt.Errorf("failed to delete session: %w", err)
 	}
-	cli.dispatchEvent(&events.IdentityChange{JID: target, Timestamp: time.Now(), Implicit: true})
+	go cli.dispatchEvent(&events.IdentityChange{JID: target, Timestamp: time.Now(), Implicit: true})
+	return nil
 }
 
-func (cli *Client) decryptDM(child *waBinary.Node, from types.JID, isPreKey bool) ([]byte, error) {
-	content, _ := child.Content.([]byte)
+var EventAlreadyProcessed = errors.New("event was already processed")
+
+func (cli *Client) bufferedDecrypt(
+	ctx context.Context,
+	ciphertext []byte,
+	serverTimestamp time.Time,
+	decrypt func(context.Context) ([]byte, error),
+) (plaintext []byte, ciphertextHash [32]byte, err error) {
+	if !cli.EnableDecryptedEventBuffer {
+		plaintext, err = decrypt(ctx)
+		return
+	}
+	ciphertextHash = sha256.Sum256(ciphertext)
+	var buf *store.BufferedEvent
+	buf, err = cli.Store.EventBuffer.GetBufferedEvent(ctx, ciphertextHash)
+	if err != nil {
+		err = fmt.Errorf("failed to get buffered event: %w", err)
+		return
+	} else if buf != nil {
+		if buf.Plaintext == nil {
+			zerolog.Ctx(ctx).Debug().
+				Hex("ciphertext_hash", ciphertextHash[:]).
+				Time("insertion_time", buf.InsertTime).
+				Msg("Returning event already processed error")
+			err = fmt.Errorf("%w at %s", EventAlreadyProcessed, buf.InsertTime.String())
+			return
+		}
+		zerolog.Ctx(ctx).Debug().
+			Hex("ciphertext_hash", ciphertextHash[:]).
+			Time("insertion_time", buf.InsertTime).
+			Msg("Returning previously decrypted plaintext")
+		plaintext = buf.Plaintext
+		return
+	}
+
+	err = cli.Store.EventBuffer.DoDecryptionTxn(ctx, func(ctx context.Context) (innerErr error) {
+		plaintext, innerErr = decrypt(ctx)
+		if innerErr != nil {
+			return
+		}
+		innerErr = cli.Store.EventBuffer.PutBufferedEvent(ctx, ciphertextHash, plaintext, serverTimestamp)
+		if innerErr != nil {
+			innerErr = fmt.Errorf("failed to save decrypted event to buffer: %w", innerErr)
+		}
+		return
+	})
+	if err == nil {
+		zerolog.Ctx(ctx).Debug().
+			Hex("ciphertext_hash", ciphertextHash[:]).
+			Msg("Successfully decrypted and saved event")
+	}
+	return
+}
+
+func (cli *Client) decryptDM(ctx context.Context, child *waBinary.Node, from types.JID, isPreKey bool, serverTS time.Time) ([]byte, *[32]byte, error) {
+	content, ok := child.Content.([]byte)
+	if !ok {
+		return nil, nil, fmt.Errorf("message content is not a byte slice")
+	}
 
 	builder := session.NewBuilderFromSignal(cli.Store, from.SignalAddress(), pbSerializer)
 	cipher := session.NewCipher(builder, from.SignalAddress())
 	var plaintext []byte
+	var ciphertextHash [32]byte
 	if isPreKey {
 		preKeyMsg, err := protocol.NewPreKeySignalMessageFromBytes(content, pbSerializer.PreKeySignalMessage, pbSerializer.SignalMessage)
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse prekey message: %w", err)
-		}
-		plaintext, _, err = cipher.DecryptMessageReturnKey(preKeyMsg)
-		if cli.AutoTrustIdentity && errors.Is(err, signalerror.ErrUntrustedIdentity) {
-			cli.Log.Warnf("Got %v error while trying to decrypt prekey message from %s, clearing stored identity and retrying", err, from)
-			cli.clearUntrustedIdentity(from)
-			plaintext, _, err = cipher.DecryptMessageReturnKey(preKeyMsg)
-		}
+			return nil, nil, fmt.Errorf("failed to parse prekey message: %w", err)
+		}
+		plaintext, ciphertextHash, err = cli.bufferedDecrypt(ctx, content, serverTS, func(decryptCtx context.Context) ([]byte, error) {
+			pt, innerErr := cipher.DecryptMessage(decryptCtx, preKeyMsg)
+			if cli.AutoTrustIdentity && errors.Is(innerErr, signalerror.ErrUntrustedIdentity) {
+				cli.Log.Warnf("Got %v error while trying to decrypt prekey message from %s, clearing stored identity and retrying", innerErr, from)
+				if innerErr = cli.clearUntrustedIdentity(decryptCtx, from); innerErr != nil {
+					innerErr = fmt.Errorf("failed to clear untrusted identity: %w", innerErr)
+					return nil, innerErr
+				}
+				pt, innerErr = cipher.DecryptMessage(decryptCtx, preKeyMsg)
+			}
+			return pt, innerErr
+		})
 		if err != nil {
-			return nil, fmt.Errorf("failed to decrypt prekey message: %w", err)
+			return nil, nil, fmt.Errorf("failed to decrypt prekey message: %w", err)
 		}
 	} else {
 		msg, err := protocol.NewSignalMessageFromBytes(content, pbSerializer.SignalMessage)
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse normal message: %w", err)
+			return nil, nil, fmt.Errorf("failed to parse normal message: %w", err)
 		}
-		plaintext, err = cipher.Decrypt(msg)
+		plaintext, ciphertextHash, err = cli.bufferedDecrypt(ctx, content, serverTS, func(decryptCtx context.Context) ([]byte, error) {
+			return cipher.Decrypt(decryptCtx, msg)
+		})
 		if err != nil {
-			return nil, fmt.Errorf("failed to decrypt normal message: %w", err)
+			return nil, nil, fmt.Errorf("failed to decrypt normal message: %w", err)
 		}
 	}
-	if child.AttrGetter().Int("v") == 3 {
-		return plaintext, nil
+	var err error
+	plaintext, err = unpadMessage(plaintext, child.AttrGetter().Int("v"))
+	if err != nil {
+		return nil, nil, fmt.Errorf("failed to unpad message: %w", err)
 	}
-	return unpadMessage(plaintext)
+	return plaintext, &ciphertextHash, nil
 }
 
-func (cli *Client) decryptGroupMsg(child *waBinary.Node, from types.JID, chat types.JID) ([]byte, error) {
-	content, _ := child.Content.([]byte)
+func (cli *Client) decryptGroupMsg(ctx context.Context, child *waBinary.Node, from types.JID, chat types.JID, serverTS time.Time) ([]byte, *[32]byte, error) {
+	content, ok := child.Content.([]byte)
+	if !ok {
+		return nil, nil, fmt.Errorf("message content is not a byte slice")
+	}
 
 	senderKeyName := protocol.NewSenderKeyName(chat.String(), from.SignalAddress())
 	builder := groups.NewGroupSessionBuilder(cli.Store, pbSerializer)
 	cipher := groups.NewGroupCipher(builder, senderKeyName, cli.Store)
 	msg, err := protocol.NewSenderKeyMessageFromBytes(content, pbSerializer.SenderKeyMessage)
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse group message: %w", err)
+		return nil, nil, fmt.Errorf("failed to parse group message: %w", err)
 	}
-	plaintext, err := cipher.Decrypt(msg)
+	plaintext, ciphertextHash, err := cli.bufferedDecrypt(ctx, content, serverTS, func(decryptCtx context.Context) ([]byte, error) {
+		return cipher.Decrypt(decryptCtx, msg)
+	})
 	if err != nil {
-		return nil, fmt.Errorf("failed to decrypt group message: %w", err)
+		return nil, nil, fmt.Errorf("failed to decrypt group message: %w", err)
 	}
-	if child.AttrGetter().Int("v") == 3 {
-		return plaintext, nil
+	plaintext, err = unpadMessage(plaintext, child.AttrGetter().Int("v"))
+	if err != nil {
+		return nil, nil, err
 	}
-	return unpadMessage(plaintext)
+	return plaintext, &ciphertextHash, nil
 }
 
 const checkPadding = true
@@ -404,14 +552,16 @@ func isValidPadding(plaintext []byte) bool {
 	return bytes.HasSuffix(plaintext, expectedPadding)
 }
 
-func unpadMessage(plaintext []byte) ([]byte, error) {
-	if len(plaintext) == 0 {
+func unpadMessage(plaintext []byte, version int) ([]byte, error) {
+	if version == 3 {
+		return plaintext, nil
+	} else if len(plaintext) == 0 {
 		return nil, fmt.Errorf("plaintext is empty")
-	}
-	if checkPadding && !isValidPadding(plaintext) {
+	} else if checkPadding && !isValidPadding(plaintext) {
 		return nil, fmt.Errorf("plaintext doesn't have expected padding")
+	} else {
+		return plaintext[:len(plaintext)-int(plaintext[len(plaintext)-1])], nil
 	}
-	return plaintext[:len(plaintext)-int(plaintext[len(plaintext)-1])], nil
 }
 
 func padMessage(plaintext []byte) []byte {
@@ -424,7 +574,7 @@ func padMessage(plaintext []byte) []byte {
 	return plaintext
 }
 
-func (cli *Client) handleSenderKeyDistributionMessage(chat, from types.JID, axolotlSKDM []byte) {
+func (cli *Client) handleSenderKeyDistributionMessage(ctx context.Context, chat, from types.JID, axolotlSKDM []byte) {
 	builder := groups.NewGroupSessionBuilder(cli.Store, pbSerializer)
 	senderKeyName := protocol.NewSenderKeyName(chat.String(), from.SignalAddress())
 	sdkMsg, err := protocol.NewSenderKeyDistributionMessageFromBytes(axolotlSKDM, pbSerializer.SenderKeyDistributionMessage)
@@ -432,7 +582,11 @@ func (cli *Client) handleSenderKeyDistributionMessage(chat, from types.JID, axol
 		cli.Log.Errorf("Failed to parse sender key distribution message from %s for %s: %v", from, chat, err)
 		return
 	}
-	builder.Process(senderKeyName, sdkMsg)
+	err = builder.Process(ctx, senderKeyName, sdkMsg)
+	if err != nil {
+		cli.Log.Errorf("Failed to process sender key distribution message from %s for %s: %v", from, chat, err)
+		return
+	}
 	cli.Log.Debugf("Processed sender key distribution message from %s in %s", senderKeyName.Sender().String(), senderKeyName.GroupID())
 }
 
@@ -451,14 +605,15 @@ func (cli *Client) handleHistorySyncNotificationLoop() {
 			go cli.handleHistorySyncNotificationLoop()
 		}
 	}()
+	ctx := context.TODO()
 	for notif := range cli.historySyncNotifications {
-		cli.handleHistorySyncNotification(notif)
+		cli.handleHistorySyncNotification(ctx, notif)
 	}
 }
 
-func (cli *Client) handleHistorySyncNotification(notif *waE2E.HistorySyncNotification) {
+func (cli *Client) handleHistorySyncNotification(ctx context.Context, notif *waE2E.HistorySyncNotification) {
 	var historySync waHistorySync.HistorySync
-	if data, err := cli.Download(notif); err != nil {
+	if data, err := cli.Download(ctx, notif); err != nil {
 		cli.Log.Errorf("Failed to download history sync data: %v", err)
 	} else if reader, err := zlib.NewReader(bytes.NewReader(data)); err != nil {
 		cli.Log.Errorf("Failed to create zlib reader for history sync data: %v", err)
@@ -469,9 +624,9 @@ func (cli *Client) handleHistorySyncNotification(notif *waE2E.HistorySyncNotific
 	} else {
 		cli.Log.Debugf("Received history sync (type %s, chunk %d)", historySync.GetSyncType(), historySync.GetChunkOrder())
 		if historySync.GetSyncType() == waHistorySync.HistorySync_PUSH_NAME {
-			go cli.handleHistoricalPushNames(historySync.GetPushnames())
+			go cli.handleHistoricalPushNames(context.WithoutCancel(ctx), historySync.GetPushnames())
 		} else if len(historySync.GetConversations()) > 0 {
-			go cli.storeHistoricalMessageSecrets(historySync.GetConversations())
+			go cli.storeHistoricalMessageSecrets(context.WithoutCancel(ctx), historySync.GetConversations())
 		}
 		cli.dispatchEvent(&events.HistorySync{
 			Data: &historySync,
@@ -479,7 +634,7 @@ func (cli *Client) handleHistorySyncNotification(notif *waE2E.HistorySyncNotific
 	}
 }
 
-func (cli *Client) handleAppStateSyncKeyShare(keys *waE2E.AppStateSyncKeyShare) {
+func (cli *Client) handleAppStateSyncKeyShare(ctx context.Context, keys *waE2E.AppStateSyncKeyShare) {
 	onlyResyncIfNotSynced := true
 
 	cli.Log.Debugf("Got %d new app state keys", len(keys.GetKeys()))
@@ -494,7 +649,7 @@ func (cli *Client) handleAppStateSyncKeyShare(keys *waE2E.AppStateSyncKeyShare)
 		if isReRequest {
 			onlyResyncIfNotSynced = false
 		}
-		err = cli.Store.AppStateKeys.PutAppStateSyncKey(key.GetKeyID().GetKeyID(), store.AppStateSyncKey{
+		err = cli.Store.AppStateKeys.PutAppStateSyncKey(ctx, key.GetKeyID().GetKeyID(), store.AppStateSyncKey{
 			Data:        key.GetKeyData().GetKeyData(),
 			Fingerprint: marshaledFingerprint,
 			Timestamp:   key.GetKeyData().GetTimestamp(),
@@ -508,7 +663,7 @@ func (cli *Client) handleAppStateSyncKeyShare(keys *waE2E.AppStateSyncKeyShare)
 	cli.appStateKeyRequestsLock.RUnlock()
 
 	for _, name := range appstate.AllPatchNames {
-		err := cli.FetchAppState(name, false, onlyResyncIfNotSynced)
+		err := cli.FetchAppState(ctx, name, false, onlyResyncIfNotSynced)
 		if err != nil {
 			cli.Log.Errorf("Failed to do initial fetch of app state %s: %v", name, err)
 		}
@@ -534,7 +689,7 @@ func (cli *Client) handlePlaceholderResendResponse(msg *waE2E.PeerDataOperationR
 	}
 }
 
-func (cli *Client) handleProtocolMessage(info *types.MessageInfo, msg *waE2E.Message) {
+func (cli *Client) handleProtocolMessage(ctx context.Context, info *types.MessageInfo, msg *waE2E.Message) {
 	protoMsg := msg.GetProtocolMessage()
 
 	if protoMsg.GetHistorySyncNotification() != nil && info.IsFromMe {
@@ -550,7 +705,7 @@ func (cli *Client) handleProtocolMessage(info *types.MessageInfo, msg *waE2E.Mes
 	}
 
 	if protoMsg.GetAppStateSyncKeyShare() != nil && info.IsFromMe {
-		go cli.handleAppStateSyncKeyShare(protoMsg.AppStateSyncKeyShare)
+		go cli.handleAppStateSyncKeyShare(context.WithoutCancel(ctx), protoMsg.AppStateSyncKeyShare)
 	}
 
 	if info.Category == "peer" {
@@ -558,7 +713,8 @@ func (cli *Client) handleProtocolMessage(info *types.MessageInfo, msg *waE2E.Mes
 	}
 }
 
-func (cli *Client) processProtocolParts(info *types.MessageInfo, msg *waE2E.Message) {
+func (cli *Client) processProtocolParts(ctx context.Context, info *types.MessageInfo, msg *waE2E.Message) {
+	cli.storeMessageSecret(ctx, info, msg)
 	// Hopefully sender key distribution messages and protocol messages can't be inside ephemeral messages
 	if msg.GetDeviceSentMessage().GetMessage() != nil {
 		msg = msg.GetDeviceSentMessage().GetMessage()
@@ -567,20 +723,23 @@ func (cli *Client) processProtocolParts(info *types.MessageInfo, msg *waE2E.Mess
 		if !info.IsGroup {
 			cli.Log.Warnf("Got sender key distribution message in non-group chat from %s", info.Sender)
 		} else {
-			cli.handleSenderKeyDistributionMessage(info.Chat, info.Sender, msg.SenderKeyDistributionMessage.AxolotlSenderKeyDistributionMessage)
+			encryptionIdentity := info.Sender
+			if encryptionIdentity.Server == types.DefaultUserServer && info.SenderAlt.Server == types.HiddenUserServer {
+				encryptionIdentity = info.SenderAlt
+			}
+			cli.handleSenderKeyDistributionMessage(ctx, info.Chat, encryptionIdentity, msg.SenderKeyDistributionMessage.AxolotlSenderKeyDistributionMessage)
 		}
 	}
 	// N.B. Edits are protocol messages, but they're also wrapped inside EditedMessage,
 	// which is only unwrapped after processProtocolParts, so this won't trigger for edits.
 	if msg.GetProtocolMessage() != nil {
-		cli.handleProtocolMessage(info, msg)
+		cli.handleProtocolMessage(ctx, info, msg)
 	}
-	cli.storeMessageSecret(info, msg)
 }
 
-func (cli *Client) storeMessageSecret(info *types.MessageInfo, msg *waE2E.Message) {
+func (cli *Client) storeMessageSecret(ctx context.Context, info *types.MessageInfo, msg *waE2E.Message) {
 	if msgSecret := msg.GetMessageContextInfo().GetMessageSecret(); len(msgSecret) > 0 {
-		err := cli.Store.MsgSecrets.PutMessageSecret(info.Chat, info.Sender, info.ID, msgSecret)
+		err := cli.Store.MsgSecrets.PutMessageSecret(ctx, info.Chat, info.Sender, info.ID, msgSecret)
 		if err != nil {
 			cli.Log.Errorf("Failed to store message secret key for %s: %v", info.ID, err)
 		} else {
@@ -589,7 +748,7 @@ func (cli *Client) storeMessageSecret(info *types.MessageInfo, msg *waE2E.Messag
 	}
 }
 
-func (cli *Client) storeHistoricalMessageSecrets(conversations []*waHistorySync.Conversation) {
+func (cli *Client) storeHistoricalMessageSecrets(ctx context.Context, conversations []*waHistorySync.Conversation) {
 	var secrets []store.MessageSecretInsert
 	var privacyTokens []store.PrivacyToken
 	ownID := cli.getOwnID().ToNonAD()
@@ -639,7 +798,7 @@ func (cli *Client) storeHistoricalMessageSecrets(conversations []*waHistorySync.
 	}
 	if len(secrets) > 0 {
 		cli.Log.Debugf("Storing %d message secret keys in history sync", len(secrets))
-		err := cli.Store.MsgSecrets.PutMessageSecrets(secrets)
+		err := cli.Store.MsgSecrets.PutMessageSecrets(ctx, secrets)
 		if err != nil {
 			cli.Log.Errorf("Failed to store message secret keys in history sync: %v", err)
 		} else {
@@ -648,7 +807,7 @@ func (cli *Client) storeHistoricalMessageSecrets(conversations []*waHistorySync.
 	}
 	if len(privacyTokens) > 0 {
 		cli.Log.Debugf("Storing %d privacy tokens in history sync", len(privacyTokens))
-		err := cli.Store.PrivacyTokens.PutPrivacyTokens(privacyTokens...)
+		err := cli.Store.PrivacyTokens.PutPrivacyTokens(ctx, privacyTokens...)
 		if err != nil {
 			cli.Log.Errorf("Failed to store privacy tokens in history sync: %v", err)
 		} else {
@@ -657,8 +816,8 @@ func (cli *Client) storeHistoricalMessageSecrets(conversations []*waHistorySync.
 	}
 }
 
-func (cli *Client) handleDecryptedMessage(info *types.MessageInfo, msg *waE2E.Message, retryCount int) {
-	cli.processProtocolParts(info, msg)
+func (cli *Client) handleDecryptedMessage(ctx context.Context, info *types.MessageInfo, msg *waE2E.Message, retryCount int) {
+	cli.processProtocolParts(ctx, info, msg)
 	evt := &events.Message{Info: *info, RawMessage: msg, RetryCount: retryCount}
 	cli.dispatchEvent(evt.UnwrapRaw())
 }