Deactivate account admin API is not deleting server side key backup

[BillCarsonFr]

As per https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#deactivate-account

When you deactivate an account it will clear all account data, so it will remove all 4S data (this includes the server side megolm backup encrypted key)
So even if you reactivate the backup will be unusable.

Notice that it's possible to setup a backup without using 4S (in this case it would be possible to recover your key backup).

Nonetheless, it looks sensible to delete the backup when deactivating the account.
If not, it would be good to then save the 4S account data keys and to restore them on reactivation.

[DMRobertson]

Notice that it's possible to setup a backup without using 4S (in this case it would be possible to recover your key backup).

via /room_keys/version?

[BillCarsonFr]

Notice that it's possible to setup a backup without using 4S (in this case it would be possible to recover your key backup).

via /room_keys/version?

Yes, it's totally up to clients to setup a backup without using 4S.
But element client are now creating a 4S with the provided passphrase(or key), then generating a random key for the room_keys/version that is saved encrypted in the 4S.

[erikjohnston]

@BillCarsonFr to clarify, is Synapse being inconsistent with what data it deletes on deactivation? And is this causing an issue with clients? Would you be happy if we deleted all data on deactivation?

[H-Shay]

It looks like we could probably achieve this by adding a function in here to delete all the columns in e2e_room_keys and e2e_room_keys_versions associated with the user, am I missing anything?

[erikjohnston]

@H-Shay That sounds correct