Implement room v12 (#943)

**Does not yet work!** Currently, state resolution does not correctly resolve conflicting states. Everything else appears to work as expected, so stateres will be fixed soon, then we should be clear for takeoff.

Also: a lot of things currently accept a nullable room ID that really just don't need to. This will need tidying up before merge. Some authentication checks have also been disabled temporarily but nothing important.

A lot of things are tagged with `TODO(hydra)`, those need resolving before merge. External contributors should PR to the `hydra/public` branch, *not* ` main`.

---

This PR should be squash merged.

Reviewed-on: https://forgejo.ellis.link/continuwuation/continuwuity/pulls/943
Co-authored-by: nexy7574 <git@nexy7574.co.uk>
Co-committed-by: nexy7574 <git@nexy7574.co.uk>

src/service/server_keys/get.rs

@@ -1,6 +1,6 @@
 use std::borrow::Borrow;
 
-use conduwuit::{Err, Result, implement};
+use conduwuit::{Err, Result, debug_error, implement, trace};
 use ruma::{
 	CanonicalJsonObject, RoomVersionId, ServerName, ServerSigningKeyId,
 	api::federation::discovery::VerifyKey,
@@ -19,9 +19,11 @@ pub async fn get_event_keys(
 	let required = match required_keys(object, version) {
 		| Ok(required) => required,
 		| Err(e) => {
+			debug_error!("Failed to determine keys required to verify: {e}");
 			return Err!(BadServerResponse("Failed to determine keys required to verify: {e}"));
 		},
 	};
+	trace!(?required, "Keys required to verify event");
 
 	let batch = required
 		.iter()
@@ -61,6 +63,7 @@ where
 }
 
 #[implement(super::Service)]
+#[tracing::instrument(skip(self))]
 pub async fn get_verify_key(
 	&self,
 	origin: &ServerName,
@@ -70,6 +73,7 @@ pub async fn get_verify_key(
 	let notary_only = self.services.server.config.only_query_trusted_key_servers;
 
 	if let Some(result) = self.verify_keys_for(origin).await.remove(key_id) {
+		trace!("Found key in cache");
 		return Ok(result);
 	}
 

src/service/server_keys/mod.rs

@@ -8,7 +8,7 @@ mod verify;
 use std::{collections::BTreeMap, sync::Arc, time::Duration};
 
 use conduwuit::{
-	Result, Server, implement,
+	Result, Server, debug_error, debug_warn, implement, trace,
 	utils::{IterStream, timepoint_from_now},
 };
 use database::{Deserialized, Json, Map};
@@ -112,6 +112,7 @@ async fn add_signing_keys(&self, new_keys: ServerSigningKeys) {
 }
 
 #[implement(Service)]
+#[tracing::instrument(skip(self, object))]
 pub async fn required_keys_exist(
 	&self,
 	object: &CanonicalJsonObject,
@@ -119,10 +120,12 @@ pub async fn required_keys_exist(
 ) -> bool {
 	use ruma::signatures::required_keys;
 
+	trace!(?object, "Checking required keys exist");
 	let Ok(required_keys) = required_keys(object, version) else {
+		debug_error!("Failed to determine required keys");
 		return false;
 	};
-
+	trace!(?required_keys, "Required keys to verify event");
 	required_keys
 		.iter()
 		.flat_map(|(server, key_ids)| key_ids.iter().map(move |key_id| (server, key_id)))
@@ -132,6 +135,7 @@ pub async fn required_keys_exist(
 }
 
 #[implement(Service)]
+#[tracing::instrument(skip(self))]
 pub async fn verify_key_exists(&self, origin: &ServerName, key_id: &ServerSigningKeyId) -> bool {
 	type KeysMap<'a> = BTreeMap<&'a ServerSigningKeyId, &'a RawJsonValue>;
 
@@ -142,6 +146,7 @@ pub async fn verify_key_exists(&self, origin: &ServerName, key_id: &ServerSignin
 		.await
 		.deserialized::<Raw<ServerSigningKeys>>()
 	else {
+		debug_warn!("No known signing keys found for {origin}");
 		return false;
 	};
 
@@ -157,6 +162,7 @@ pub async fn verify_key_exists(&self, origin: &ServerName, key_id: &ServerSignin
 		}
 	}
 
+	debug_warn!("Key {key_id} not found for {origin}");
 	false
 }
 

src/service/server_keys/verify.rs

@@ -1,4 +1,6 @@
-use conduwuit::{Err, Result, implement, matrix::event::gen_event_id_canonical_json};
+use conduwuit::{
+	Err, Result, debug_warn, implement, matrix::event::gen_event_id_canonical_json, trace,
+};
 use ruma::{
 	CanonicalJsonObject, CanonicalJsonValue, OwnedEventId, RoomVersionId, signatures::Verified,
 };
@@ -28,18 +30,25 @@ pub async fn validate_and_add_event_id_no_fetch(
 	pdu: &RawJsonValue,
 	room_version: &RoomVersionId,
 ) -> Result<(OwnedEventId, CanonicalJsonObject)> {
+	trace!(?pdu, "Validating PDU without fetching keys");
 	let (event_id, mut value) = gen_event_id_canonical_json(pdu, room_version)?;
+	trace!(event_id = event_id.as_str(), "Generated event ID, checking required keys");
 	if !self.required_keys_exist(&value, room_version).await {
+		debug_warn!(
+			"Event {event_id} is missing required keys, cannot verify without fetching keys"
+		);
 		return Err!(BadServerResponse(debug_warn!(
 			"Event {event_id} cannot be verified: missing keys."
 		)));
 	}
-
+	trace!("All required keys exist, verifying event");
 	if let Err(e) = self.verify_event(&value, Some(room_version)).await {
+		debug_warn!("Event verification failed");
 		return Err!(BadServerResponse(debug_error!(
 			"Event {event_id} failed verification: {e:?}"
 		)));
 	}
+	trace!("Event verified successfully");
 
 	value.insert("event_id".into(), CanonicalJsonValue::String(event_id.as_str().into()));
 
@@ -52,7 +61,7 @@ pub async fn verify_event(
 	event: &CanonicalJsonObject,
 	room_version: Option<&RoomVersionId>,
 ) -> Result<Verified> {
-	let room_version = room_version.unwrap_or(&RoomVersionId::V11);
+	let room_version = room_version.unwrap_or(&RoomVersionId::V12);
 	let keys = self.get_event_keys(event, room_version).await?;
 	ruma::signatures::verify_event(&keys, event, room_version).map_err(Into::into)
 }
@@ -63,7 +72,7 @@ pub async fn verify_json(
 	event: &CanonicalJsonObject,
 	room_version: Option<&RoomVersionId>,
 ) -> Result {
-	let room_version = room_version.unwrap_or(&RoomVersionId::V11);
+	let room_version = room_version.unwrap_or(&RoomVersionId::V12);
 	let keys = self.get_event_keys(event, room_version).await?;
 	ruma::signatures::verify_json(&keys, event.clone()).map_err(Into::into)
 }