Push Notifications for mobile

[gnunicorn]

This contains:

1. Strong encrypted on rest:
   From this point forward all newly registration or logins will have a strong encrypted-on-rest-paradigm installed: upon creation the database we create a random password and use it to encrypt all data stored on disk (within the matrix-sdk store). All this is then kept in the secure enclave ('keychain') of the operation system. Old sessions will be moved over into that enclave though already existing database won't be migrated or encrypted. This was necessary because we couldn't open the unsecured session storage before from the iOS Service Extension (see below), but we can savely open this one.
2. A new "Push Notifications"-flag is added to the Labs for iOS & Android (with Google Services):
   When activated and upon restart, the user will be asked if they want to receive push notifications. When accepted, we are sending over a "pusher" to the homeserver using your newly added $PUSH_SERVER as target (sygnal-servers already deployed).
3. When receiving a push notification from the server, we are:
   a) having a new service that enables us to read and decrypt the event, understanding its content and showing a decrypted message
   b) for iOS background services, this PR already contains the necessary Service-Extension and uniffi-swift-plumbing to load the rust service (that's what those makefile changes are about), and it actually works. Unfortunately it isn't able to actually decrypt the data until we have deployed the sliding-sync mechanism, so we are running into a runtime error (theoretically this should just work once we have switched to sliding-sync). In those cases it will show a generic message for the time being (but c) still works)
   c) Upon click, regardless of foreground or background, the app will open and route to the corresponding chat-room or space.
   Note that if we are in foreground and looking at the chat, not notification is issued (we are usually seconds faster in showing the message in chat compared to when the push-message makes us to the device).

Supported Platforms: iOS & Android.
Instructions for testing: You need to set the PUSH_SERVER or the code will be skipped altogether. For our test-setup use the usual matrix-domain and prefix it with sygnal. (DM me for help if you need it):

diff --git a/.vscode/launch.json b/.vscode/launch.json
index 1d70c46a11..97ea6181bd 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -50,7 +50,9 @@
             "flutterMode": "debug",
             "toolArgs": [
                 "--dart-define",
-                "RAGESHAKE_URL=http://localhost/api/submit"
+                "RAGESHAKE_URL=http://localhost/api/submit",
+                "--dart-define",
+                "PUSH_SERVER=sygnal.SERVER"
             ]
         },
         {

Stil to do:

• changelogs
• End-user documentation.
• confirm this still builds on all systems
  • MacOS
  • Windows
  • Linux
  • iOS
  • Android
• limit uniffi-features behind the flag to keep the overhead for other platforms low

For later

• Desktop Push:
  • Windows: https://learn.microsoft.com/en-us/azure/developer/mobile-apps/notification-hubs-backend-service-flutter
  • MacOS (similar as for iOS?!?)
  • Linux ??? maybe with unifiedPush?

Android:
android push.webm

iOS:

RPReplay_Final1696436232.MP4

[gtalha07]

Nuke seems a strong wording. I would probably go for Erase or Wipe in terms of easy understanding and no assumed double meanings.

[gnunicorn]

It is intentionally strong wording as this is super dangerous... and should only taken if there is no other course of action left ... it won't even back up ... Hence also using the bomb_icon and big-red-letters ...

I mean ... ideally this screen never shows up to a regular user. It only does when we got the underlying SDK into an unrecoverable state - most likely upon startup.

[gtalha07]

I would not be in favor of using this icon, could be brush or some more friendly warning sign...

[gnunicorn]

brush?

It was intended to be something that no one clicks without understanding the risk ... as this is a super-wipe-out without backups ... and see comments as above ...

[gtalha07]

As in means of cleaning as we can see in some cleaning data apps, anyways I would like to hear what's the general opinion on this via feedback.

[gtalha07]

Why is this commented out? Or its been moved somewhere else? If it is, you can remove comment.

[gnunicorn]

It was some previous code that would show local notifications just coming from our own local supply mechanism and show a local notification regardless of actual push ability on the device ... I suppose we could think about activating something similar again for desktop but we'd have to think about how to phrase that and actually make sure we get the needed data ... I'll remove this for now.

[gtalha07]

Very nice, a better handling approach.

[gtalha07]

this issue had been resolved in newly revised version. We can remove this section of doc :)

[gtalha07]

Very well put! Excited to try out new stuff.....

[bitfriend]

Great work