From 62c377e19c778f98766036def7af400d3fdd17f1 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubertc@matrix.org>
Date: Wed, 29 Nov 2023 11:56:57 -0500
Subject: [PATCH] fallback keys should have a "fallback: true" property (#1676)

* fallback keys should have a "fallback: true" property

* add changelog
---
 changelogs/client_server/newsfragments/1676.clarification  | 1 +
 content/client-server-api/modules/end_to_end_encryption.md | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)
 create mode 100644 changelogs/client_server/newsfragments/1676.clarification

diff --git a/changelogs/client_server/newsfragments/1676.clarification b/changelogs/client_server/newsfragments/1676.clarification
new file mode 100644
index 000000000..79275096c
--- /dev/null
+++ b/changelogs/client_server/newsfragments/1676.clarification
@@ -0,0 +1 @@
+Indicate that fallback keys should have a `fallback` property set to `true`.
diff --git a/content/client-server-api/modules/end_to_end_encryption.md b/content/client-server-api/modules/end_to_end_encryption.md
index f2f757056..cdeed7061 100644
--- a/content/client-server-api/modules/end_to_end_encryption.md
+++ b/content/client-server-api/modules/end_to_end_encryption.md
@@ -77,6 +77,7 @@ algorithm is represented by an object with the following properties:
 |------------|------------|---------------------------------------------------------------------------------------------------------------------------------------------------|
 | key        | string     | **Required.** The unpadded Base64-encoded 32-byte Curve25519 public key.                                                                          |
 | signatures | Signatures | **Required.** Signatures of the key object. The signature is calculated using the process described at [Signing JSON](/appendices/#signing-json). |
+| fallback   | boolean    | Indicates whether this is a [fallback key](#one-time-and-fallback-keys). Defaults to `false`.                                                     |
 
 Example:
 
@@ -150,7 +151,9 @@ JSON](/appendices/#signing-json).
 
 One-time and fallback keys are also uploaded to the homeserver using the
 [`/keys/upload`](/client-server-api/#post_matrixclientv3keysupload) API. New
-one-time and fallback keys are uploaded as needed.
+one-time and fallback keys are uploaded as needed.  Fallback keys for key
+algorithms whose format is a signed JSON object should contain a property named
+`fallback` with a value of `true`.
 
 Devices must store the private part of each key they upload. They can
 discard the private part of a one-time key when they receive a message