From 45ee249e07dc8bf88461d2ac0610b1a1c518115f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 25 Oct 2023 19:09:04 +0200
Subject: [PATCH 01/29] Login sync fixes

---
 frontend/controller/actions/group.js    |  14 +-
 frontend/main.js                        |   3 +-
 frontend/model/contracts/group.js       | 210 +++++++++++++-----------
 frontend/model/contracts/manifests.json |   2 +-
 shared/domains/chelonia/utils.js        |   4 +-
 5 files changed, 128 insertions(+), 105 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index 145500d4c6..f339b5edea 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -322,12 +322,13 @@ export default (sbp('sbp/selectors/register', {
       // through an invite link, and we must send a key request to complete
       // the joining process.
       const sendKeyRequest = (!hasSecretKeys && params.originatingContractID)
+      const isWaitingForKeyShare = sbp('chelonia/contract/isWaitingForKeyShare', state)
 
       // If we are expecting to receive keys, set up an event listener
       // We are expecting to receive keys if:
       //   (a) we are about to send a key request; or
       //   (b) we have already sent a key request (!!pendingKeyRequests?.length)
-      if (sendKeyRequest || sbp('chelonia/contract/isWaitingForKeyShare', state)) {
+      if (sendKeyRequest || isWaitingForKeyShare) {
         console.log('@@@@@@@@ AT join[sendKeyRequest] for ' + params.contractID)
 
         // Event handler for continuing the join process if the keys are
@@ -377,7 +378,7 @@ export default (sbp('sbp/selectors/register', {
       // current group.
       // This block must be run after having received the group's secret keys
       // (i.e., the CSK and the CEK) that were requested earlier.
-      } else if (hasSecretKeys && !sbp('chelonia/contract/isWaitingForKeyShare', state)) {
+      } else if (hasSecretKeys && !isWaitingForKeyShare) {
         console.log('@@@@@@@@ AT join[firstTimeJoin] for ' + params.contractID)
 
         // We're joining for the first time
@@ -502,12 +503,19 @@ export default (sbp('sbp/selectors/register', {
         }
 
         sbp('okTurtles.data/set', 'JOINING_GROUP-' + params.contractID, false)
+      // We don't have the secret keys and we're not waiting for OP_KEY_SHARE
+      // This means that we've been removed from the group
+      } else if (!hasSecretKeys && !isWaitingForKeyShare) {
       // We have already sent a key request that hasn't been answered. We cannot
       // do much at this point, so we do nothing.
       // This could happen, for example, after logging in if we still haven't
       // received a response to the key request.
-      } else {
+        sbp('okTurtles.data/set', 'JOINING_GROUP-' + params.contractID, false)
+        console.warn('Requested to join group but we\'ve been removed. contractID=' + params.contractID)
+      } else if (isWaitingForKeyShare) {
         console.info('Requested to join group but already waiting for OP_KEY_SHARE. contractID=' + params.contractID)
+      } else {
+        console.warn('Requested to join group but the state appears invalid. contractID=' + params.contractID, { sendKeyRequest, hasSecretKeys, isWaitingForKeyShare })
       }
     } catch (e) {
       console.error('gi.actions/group/join failed!', e)
diff --git a/frontend/main.js b/frontend/main.js
index ceafcf8b8b..1f2ebf973d 100644
--- a/frontend/main.js
+++ b/frontend/main.js
@@ -115,7 +115,8 @@ async function startApp () {
           'gi.notifications/emit',
           'gi.actions/out/rotateKeys', 'gi.actions/group/shareNewKeys', 'gi.actions/chatroom/shareNewKeys', 'gi.actions/identity/shareNewPEK',
           'chelonia/out/keyDel',
-          'chelonia/contract/disconnect'
+          'chelonia/contract/disconnect',
+          'gi.actions/identity/saveOurLoginState'
         ],
         allowedDomains: ['okTurtles.data', 'okTurtles.events', 'okTurtles.eventQueue', 'gi.db', 'gi.contracts'],
         preferSlim: true,
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 70e94483db..41a7a109ed 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -939,100 +939,12 @@ sbp('chelonia/defineContract', {
           { contractID, meta, state, getters }
         )
       },
-      async sideEffect ({ data, meta, contractID }, { state, getters }) {
-        const rootState = sbp('state/vuex/state')
-        const rootGetters = sbp('state/vuex/getters')
-        const contracts = rootState.contracts || {}
-        const { username } = rootState.loggedIn
-
-        // If this member is re-joining the group, ignore the rest
-        // so the member doesn't remove themself again.
-        if (data.member === username && sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
-          return
-        }
-
-        if (data.member === username) {
-          // NOTE: should remove archived data from IndexedStorage
-          //       regarding the current group (proposals, payments)
-          await sbp('gi.contracts/group/removeArchivedProposals', contractID)
-          await sbp('gi.contracts/group/removeArchivedPayments', contractID)
-
-          // grab the groupID of any group that we've successfully finished joining
-          const groupIdToSwitch = Object.keys(contracts)
-            .filter(cID => contracts[cID].type === 'gi.contracts/group' && cID !== contractID)
-            .sort((cID1, cID2) => rootState[cID1].profiles?.[username] ? -1 : 1)[0] || null
-          sbp('state/vuex/commit', 'setCurrentChatRoomId', {})
-          sbp('state/vuex/commit', 'setCurrentGroupId', groupIdToSwitch)
-          // we can't await on this in here, because it will cause a deadlock, since Chelonia processes
-          // this sideEffect on the eventqueue for this contractID, and /remove uses that same eventqueue
-          sbp('chelonia/contract/remove', contractID).catch(e => {
-            console.error(`sideEffect(removeMember): ${e.name} thrown by /remove ${contractID}:`, e)
-          })
-          // this looks crazy, but doing this was necessary to fix a race condition in the
-          // group-member-removal Cypress tests where due to the ordering of asynchronous events
-          // we were getting the same latestHash upon re-logging in for test "user2 rejoins groupA".
-          // We add it to the same queue as '/remove' above gets run on so that it is run after
-          // contractID is removed. See also comments in 'gi.actions/identity/login'.
-          sbp('chelonia/queueInvocation', contractID, ['gi.actions/identity/saveOurLoginState'])
-            .then(function () {
-              const router = sbp('controller/router')
-              const switchFrom = router.currentRoute.path
-              const switchTo = groupIdToSwitch ? '/dashboard' : '/'
-              if (switchFrom !== '/join' && switchFrom !== switchTo) {
-                router.push({ path: switchTo }).catch(console.warn)
-              }
-            })
-            .catch(e => {
-              console.error(`sideEffect(removeMember): ${e.name} thrown during queueEvent to ${contractID} by saveOurLoginState:`, e)
-            })
-            .then(() => sbp('gi.contracts/group/revokeGroupKeyAndRotateOurPEK', contractID, true))
-            .catch(e => {
-              console.error(`sideEffect(removeMember): ${e.name} thrown during revokeGroupKeyAndRotateOurPEK to ${contractID}:`, e)
-            })
-          // TODO - #828 remove other group members contracts if applicable
-
-          // NOTE: remove all notifications whose scope is in this group
-          for (const notification of rootGetters.notificationsByGroup(contractID)) {
-            sbp('state/vuex/commit', REMOVE_NOTIFICATION, notification)
-          }
-        } else {
-          const myProfile = getters.groupProfile(username)
-
-          if (isActionYoungerThanUser(meta, myProfile)) {
-            const memberRemovedThemselves = data.member === meta.username
-
-            sbp('gi.notifications/emit', // emit a notification for a member removal.
-              memberRemovedThemselves ? 'MEMBER_LEFT' : 'MEMBER_REMOVED',
-              {
-                createdDate: meta.createdDate,
-                groupID: contractID,
-                username: memberRemovedThemselves ? meta.username : data.member
-              })
-
-            // gi.contracts/group/removeOurselves will eventually trigger this
-            // as well
-            sbp('gi.contracts/group/rotateKeys', contractID, state).then(() => {
-              return sbp('gi.contracts/group/revokeGroupKeyAndRotateOurPEK', contractID, false)
-            }).catch((e) => {
-              console.error('Error rotating group keys or our PEK', e)
-            })
-
-            const rootGetters = sbp('state/vuex/getters')
-            const userID = rootGetters.ourContactProfiles[data.member]?.contractID
-            if (userID) {
-              sbp('gi.contracts/group/removeForeignKeys', contractID, userID, state)
-            }
-          }
-          // TODO - #828 remove the member contract if applicable.
-          // problem is, if they're in another group we're also a part of, or if we
-          // have a DM with them, we don't want to do this. may need to use manual reference counting
-          // sbp('chelonia/contract/release', getters.groupProfile(data.member).contractID)
-        }
-
-        leaveAllChatRoomsUponLeaving(state, data.member, meta).catch((e) => {
-          console.error('[gi.contracts/group/removeMember/sideEffect]: Error while leaving all chatrooms', e)
+      sideEffect ({ data, meta, contractID }, { state, getters }) {
+        // Put this invocation at the end of a sync to ensure that leaving and
+        // re-joining works
+        sbp('chelonia/queueInvocation', contractID, () => sbp('gi.contracts/group/leaveGroup', { data, meta, contractID }, { state, getters })).catch(e => {
+          console.error(`[gi.contracts/group/removeMember/sideEffect] Error ${e.name} during queueInvocation for ${contractID}`, e)
         })
-        // TODO - #850 verify open proposals and see if they need some re-adjustment.
       }
     },
     'gi.contracts/group/removeOurselves': {
@@ -1302,7 +1214,7 @@ sbp('chelonia/defineContract', {
       },
       async sideEffect ({ meta, data, contractID }, { state }) {
         const rootState = sbp('state/vuex/state')
-        if (meta.username === rootState.loggedIn.username && !sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
+        if (meta.username !== rootState.loggedIn.username || !sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
           await leaveChatRoomAction(state, data, meta)
         }
       }
@@ -1547,6 +1459,106 @@ sbp('chelonia/defineContract', {
         })
       }
     },
+    'gi.contracts/group/leaveGroup': async ({ data, meta, contractID }, { getters }) => {
+      const rootState = sbp('state/vuex/state')
+      const rootGetters = sbp('state/vuex/getters')
+      const state = rootState[contractID]
+      const contracts = rootState.contracts || {}
+      const { username } = rootState.loggedIn
+
+      if (!state) {
+        console.info(`[gi.contracts/group/leaveGroup] for ${contractID}: contract has been removed`)
+      }
+
+      if ((state.profiles?.[data.member] && !state.profiles[data.member].departedDate) || (data.member === username && sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID))) {
+        console.info(`[gi.contracts/group/leaveGroup] for ${contractID}: member has not left`, window.structuredClone(state.profiles))
+        return
+      }
+
+      console.log('@@@@gi.contracts/group/leaveGroup', { contractID })
+
+      if (data.member === username) {
+        // NOTE: should remove archived data from IndexedStorage
+        //       regarding the current group (proposals, payments)
+        await sbp('gi.contracts/group/removeArchivedProposals', contractID)
+        await sbp('gi.contracts/group/removeArchivedPayments', contractID)
+
+        // grab the groupID of any group that we've successfully finished joining
+        const groupIdToSwitch = Object.keys(contracts)
+          .filter(cID => contracts[cID].type === 'gi.contracts/group' && cID !== contractID)
+          .sort((cID1, cID2) => rootState[cID1].profiles?.[username] ? -1 : 1)[0] || null
+        sbp('state/vuex/commit', 'setCurrentChatRoomId', {})
+        sbp('state/vuex/commit', 'setCurrentGroupId', groupIdToSwitch)
+        // we can't await on this in here, because it will cause a deadlock, since Chelonia processes
+        // this method on the eventqueue for this contractID, and /remove uses that same eventqueue
+        sbp('chelonia/contract/remove', contractID).catch(e => {
+          console.error(`sideEffect(removeMember): ${e.name} thrown by /remove ${contractID}:`, e)
+        })
+        // this looks crazy, but doing this was necessary to fix a race condition in the
+        // group-member-removal Cypress tests where due to the ordering of asynchronous events
+        // we were getting the same latestHash upon re-logging in for test "user2 rejoins groupA".
+        // We add it to the same queue as '/remove' above gets run on so that it is run after
+        // contractID is removed. See also comments in 'gi.actions/identity/login'.
+        sbp('gi.actions/identity/saveOurLoginState')
+          .then(function () {
+            const router = sbp('controller/router')
+            const switchFrom = router.currentRoute.path
+            const switchTo = groupIdToSwitch ? '/dashboard' : '/'
+            if (switchFrom !== '/join' && switchFrom !== switchTo) {
+              router.push({ path: switchTo }).catch(console.warn)
+            }
+          })
+          .catch(e => {
+            console.error(`sideEffect(removeMember): ${e.name} thrown by saveOurLoginState:`, e)
+          })
+          .then(() => sbp('gi.contracts/group/revokeGroupKeyAndRotateOurPEK', contractID, true))
+          .catch(e => {
+            console.error(`sideEffect(removeMember): ${e.name} thrown during revokeGroupKeyAndRotateOurPEK to ${contractID}:`, e)
+          })
+        // TODO - #828 remove other group members contracts if applicable
+
+        // NOTE: remove all notifications whose scope is in this group
+        for (const notification of rootGetters.notificationsByGroup(contractID)) {
+          sbp('state/vuex/commit', REMOVE_NOTIFICATION, notification)
+        }
+      } else {
+        const myProfile = getters.groupProfile(username)
+
+        if (isActionYoungerThanUser(meta, myProfile)) {
+          const memberRemovedThemselves = data.member === meta.username
+
+          sbp('gi.notifications/emit', // emit a notification for a member removal.
+            memberRemovedThemselves ? 'MEMBER_LEFT' : 'MEMBER_REMOVED',
+            {
+              createdDate: meta.createdDate,
+              groupID: contractID,
+              username: memberRemovedThemselves ? meta.username : data.member
+            })
+
+          // gi.contracts/group/removeOurselves will eventually trigger this
+          // as well
+          sbp('gi.contracts/group/rotateKeys', contractID, state).then(() => {
+            return sbp('gi.contracts/group/revokeGroupKeyAndRotateOurPEK', contractID, false)
+          }).catch((e) => {
+            console.error('Error rotating group keys or our PEK', e)
+          })
+
+          const userID = rootGetters.ourContactProfiles[data.member]?.contractID
+          if (userID) {
+            sbp('gi.contracts/group/removeForeignKeys', contractID, userID, state)
+          }
+        }
+        // TODO - #828 remove the member contract if applicable.
+        // problem is, if they're in another group we're also a part of, or if we
+        // have a DM with them, we don't want to do this. may need to use manual reference counting
+        // sbp('chelonia/contract/release', getters.groupProfile(data.member).contractID)
+      }
+
+      leaveAllChatRoomsUponLeaving(state, data.member, meta).catch((e) => {
+        console.error('[gi.contracts/group/leaveGroup]: Error while leaving all chatrooms', e)
+      })
+      // TODO - #850 verify open proposals and see if they need some re-adjustment.
+    },
     'gi.contracts/group/rotateKeys': (contractID, state) => {
       if (!state._volatile) Vue.set(state, '_volatile', Object.create(null))
       if (!state._volatile.pendingKeyRevocations) Vue.set(state._volatile, 'pendingKeyRevocations', Object.create(null))
@@ -1557,8 +1569,8 @@ sbp('chelonia/defineContract', {
       Vue.set(state._volatile.pendingKeyRevocations, CSKid, true)
       Vue.set(state._volatile.pendingKeyRevocations, CEKid, true)
 
-      return sbp('chelonia/queueInvocation', contractID, ['gi.actions/out/rotateKeys', contractID, 'gi.contracts/group', 'pending', 'gi.actions/group/shareNewKeys']).catch(e => {
-        console.warn(`rotateKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
+      return sbp('gi.actions/out/rotateKeys', contractID, 'gi.contracts/group', 'pending', 'gi.actions/group/shareNewKeys').catch(e => {
+        console.warn(`rotateKeys: ${e.name} thrown:`, e)
       })
     },
     'gi.contracts/group/revokeGroupKeyAndRotateOurPEK': (groupContractID, disconnectGroup: ?boolean) => {
@@ -1612,13 +1624,13 @@ sbp('chelonia/defineContract', {
 
       if (!CEKid) throw new Error('Missing encryption key')
 
-      sbp('chelonia/queueInvocation', contractID, ['chelonia/out/keyDel', {
+      sbp('chelonia/out/keyDel', {
         contractID,
         contractName: 'gi.contracts/group',
         data: keyIds,
         signingKeyId: CSKid
-      }]).catch(e => {
-        console.warn(`removeForeignKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
+      }).catch(e => {
+        console.warn(`removeForeignKeys: ${e.name} error thrown:`, e)
       })
     }
   }
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 5bc48c2937..499daab8e1 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNV497KyM78NWtVUEB7o86SpKnqUsPg83GCwDnMV6omQkM",
-    "gi.contracts/group": "21XWnNH3nWnjrzvy6utyLKbo9nQhstXeEKQbdhfRLsHX9R1UeT",
+    "gi.contracts/group": "21XWnNKHSrD2c7B1MHMs7uoEQ4oCf7u3G8VxQf86dHvCxv7poF",
     "gi.contracts/identity": "21XWnNSxNrVFTMBCUVcZV3CG833gTbJ9V8ZyX7Fxgmpj9rNy4r"
   }
 }
diff --git a/shared/domains/chelonia/utils.js b/shared/domains/chelonia/utils.js
index 2dc1f83d7e..213a2ec5ba 100644
--- a/shared/domains/chelonia/utils.js
+++ b/shared/domains/chelonia/utils.js
@@ -468,11 +468,13 @@ export const recreateEvent = async (entry: GIMessage, rootState: Object): Promis
         }
       } else if (opT === GIMessage.OP_ATOMIC) {
         if (!Array.isArray(opV)) throw new Error('Invalid message format')
-        newOpV = ((((opV: any): GIOpAtomic).map(([t, v]) => recreateOperationInternal(t, v)).filter(Boolean): any): GIOpAtomic)
+        newOpV = ((((opV: any): GIOpAtomic).map(([t, v]) => [t, recreateOperationInternal(t, v)]).filter(([, v]) => !!v): any): GIOpAtomic)
         if (newOpV.length === 0) {
           console.info('Omitting empty OP_ATOMIC', { head })
         } else if (newOpV.length === opV.length && newOpV.reduce((acc, cv, i) => acc && cv === opV[i], true)) {
           return opV
+        } else {
+          return newOpV
         }
       } else {
         return opV

From f3bed17c03e7a073123e6541882931a00f804bf7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Thu, 26 Oct 2023 20:34:12 +0200
Subject: [PATCH 02/29] Fix various issues related to login and re-joining

---
 frontend/controller/actions/group.js     |  7 +++---
 frontend/controller/actions/identity.js  | 28 ++++++++++++++----------
 frontend/controller/actions/index.js     |  5 +++++
 frontend/controller/router.js            |  2 +-
 frontend/model/contracts/group.js        | 10 +++++++--
 frontend/model/contracts/manifests.json  |  2 +-
 frontend/model/state.js                  |  3 +++
 frontend/views/pages/Join.vue            |  9 ++++++--
 frontend/views/pages/PendingApproval.vue |  5 +++--
 shared/domains/chelonia/GIMessage.js     | 25 ++++++++++-----------
 shared/domains/chelonia/internals.js     |  7 ++++++
 shared/domains/chelonia/signedData.js    |  5 +++--
 12 files changed, 70 insertions(+), 38 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index f339b5edea..b7e4768490 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -9,6 +9,7 @@ import {
   INVITE_INITIAL_CREATOR,
   MAX_GROUP_MEMBER_COUNT,
   MESSAGE_TYPES,
+  PROFILE_STATUS,
   PROPOSAL_GENERIC,
   PROPOSAL_GROUP_SETTING_CHANGE,
   PROPOSAL_INVITE_MEMBER,
@@ -294,7 +295,7 @@ export default (sbp('sbp/selectors/register', {
   // secret keys to be shared with us, (b) ready to call the inviteAccept
   // action if we haven't done so yet (because we were previously waiting for
   // the keys), or (c) already a member and ready to interact with the group.
-  'gi.actions/group/join': async function (params: $Exact<ChelKeyRequestParams> & { options?: { skipUsableKeysCheck?: boolean; skipInviteAccept?: boolean } }) {
+  'gi.actions/group/join': async function (params: $Exact<ChelKeyRequestParams> & { options?: { skipUsableKeysCheck?: boolean; } }) {
     sbp('okTurtles.data/set', 'JOINING_GROUP-' + params.contractID, true)
     try {
       const rootState = sbp('state/vuex/state')
@@ -384,7 +385,7 @@ export default (sbp('sbp/selectors/register', {
         // We're joining for the first time
         // In this case, we share our profile key with the group, call the
         // inviteAccept action and join the General chatroom
-        if (!state.profiles?.[username] || state.profiles[username].departedDate) {
+        if (!state.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE) {
           const generalChatRoomId = rootState[params.contractID].generalChatRoomId
 
           const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
@@ -524,7 +525,7 @@ export default (sbp('sbp/selectors/register', {
       saveLoginState('joining', params.contractID)
     }
   },
-  'gi.actions/group/joinAndSwitch': async function (params: $Exact<ChelKeyRequestParams> & { options?: { skipUsableKeysCheck?: boolean; skipInviteAccept: boolean } }) {
+  'gi.actions/group/joinAndSwitch': async function (params: $Exact<ChelKeyRequestParams> & { options?: { skipUsableKeysCheck?: boolean; } }) {
     await sbp('gi.actions/group/join', params)
     // after joining, we can set the current group
     sbp('gi.actions/group/switch', params.contractID)
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index b68810ed64..831e535235 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -3,7 +3,8 @@
 import { GIErrorUIRuntimeError, L, LError } from '@common/common.js'
 import {
   CHATROOM_PRIVACY_LEVEL,
-  CHATROOM_TYPES
+  CHATROOM_TYPES,
+  PROFILE_STATUS
 } from '@model/contracts/shared/constants.js'
 import { difference, omit, pickWhere, uniq } from '@model/contracts/shared/giLodash.js'
 import sbp from '@sbp/sbp'
@@ -294,7 +295,7 @@ export default (sbp('sbp/selectors/register', {
         console.info('synchronizing login state:', { groupsJoined })
         for (const contractID of groupsJoined) {
           try {
-            await sbp('gi.actions/group/join', { contractID, options: { skipInviteAccept: true } })
+            await sbp('gi.actions/group/join', { contractID })
           } catch (e) {
             console.error(`updateLoginStateUponLogin: ${e.name} attempting to join group ${contractID}`, e)
             if (state.contracts[contractID] || state[contractID]) {
@@ -453,15 +454,18 @@ export default (sbp('sbp/selectors/register', {
             // Call 'gi.actions/group/join' on all groups which may need re-joining
             await Promise.all(groupsToRejoin.map(groupId => {
               return (
-              // (1) Check whether the contract exists (may have been removed
-              //     after sync)
+                // (1) Check whether the contract exists (may have been removed
+                //     after sync)
                 state.contracts[groupId] &&
-            // (2) Check whether the join process is still incomplete
-            //     This needs to be re-checked because it may have changed after
-            //     sync
-            !state.profiles?.[username] &&
-            // (3) Call join
-            sbp('gi.actions/group/join', { contractID: groupId, contractName: 'gi.contracts/group' })
+                // (2) Check whether the join process is still incomplete
+                //     This needs to be re-checked because it may have changed after
+                //     sync
+                state[groupId]?.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE &&
+                // (3) Call join
+                sbp('gi.actions/group/join', {
+                  contractID: groupId,
+                  contractName: 'gi.contracts/group'
+                })
               )
             }))
 
@@ -471,8 +475,8 @@ export default (sbp('sbp/selectors/register', {
               .forEach(cId => {
                 // We send this action only for groups we have fully joined (i.e.,
                 // accepted an invite add added our profile)
-                if (state[cId]?.profiles?.[username]) {
-                  sbp('gi.actions/group/updateLastLoggedIn', { contractID: cId }).catch(console.error)
+                if (state[cId]?.profiles?.[username]?.status === PROFILE_STATUS.ACTIVE) {
+                  sbp('gi.actions/group/updateLastLoggedIn', { contractID: cId }).catch((e) => console.error('Error sending updateLastLoggedIn', e))
                 }
               })
           }).finally(() => {
diff --git a/frontend/controller/actions/index.js b/frontend/controller/actions/index.js
index 3e1a2a49b7..c0460aed4c 100644
--- a/frontend/controller/actions/index.js
+++ b/frontend/controller/actions/index.js
@@ -180,5 +180,10 @@ sbp('sbp/selectors/register', {
         signingKeyId
       })
     }
+
+    // TODO: Temporary sync until the server does signature validation
+    // This prevents us from sending messages signed with just-revoked keys
+    // Once the server enforces signatures, this can be removed
+    await sbp('chelonia/contract/sync', contractID, { force: true })
   }
 })
diff --git a/frontend/controller/router.js b/frontend/controller/router.js
index c73e3d9543..4bcf90cf34 100644
--- a/frontend/controller/router.js
+++ b/frontend/controller/router.js
@@ -55,7 +55,7 @@ const groupGuard = {
 }
 
 const pendingApprovalGuard = {
-  guard: (to, from) => store.state.currentGroupId && !store.getters.ourGroupProfile,
+  guard: (to, from) => store.state.currentGroupId && store.getters.ourPendingAccept,
   redirect: (to, from) => ({ path: '/pending-approval' })
 }
 
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 41a7a109ed..da07046ec0 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -336,6 +336,12 @@ sbp('chelonia/defineContract', {
     groupSettings (state, getters) {
       return getters.currentGroupState.settings || {}
     },
+    pendingAccept (state, getters) {
+      return username => {
+        const profiles = getters.currentGroupState.profiles
+        return profiles?.[username]?.status === PROFILE_STATUS.PENDING
+      }
+    },
     groupProfile (state, getters) {
       return username => {
         const profiles = getters.currentGroupState.profiles
@@ -1470,8 +1476,8 @@ sbp('chelonia/defineContract', {
         console.info(`[gi.contracts/group/leaveGroup] for ${contractID}: contract has been removed`)
       }
 
-      if ((state.profiles?.[data.member] && !state.profiles[data.member].departedDate) || (data.member === username && sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID))) {
-        console.info(`[gi.contracts/group/leaveGroup] for ${contractID}: member has not left`, window.structuredClone(state.profiles))
+      if (state.profiles?.[data.member]?.status !== PROFILE_STATUS.REMOVED || (data.member === username && sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID))) {
+        console.info(`[gi.contracts/group/leaveGroup] for ${contractID}: member has not left`, JSON.parse(JSON.stringify(state.profiles)))
         return
       }
 
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 499daab8e1..5f2fb4bd65 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNV497KyM78NWtVUEB7o86SpKnqUsPg83GCwDnMV6omQkM",
-    "gi.contracts/group": "21XWnNKHSrD2c7B1MHMs7uoEQ4oCf7u3G8VxQf86dHvCxv7poF",
+    "gi.contracts/group": "21XWnNSQz4992RD7xxtwmsiBnkPQGVC4F1j6BGvqBsC9aoqQ3E",
     "gi.contracts/identity": "21XWnNSxNrVFTMBCUVcZV3CG833gTbJ9V8ZyX7Fxgmpj9rNy4r"
   }
 }
diff --git a/frontend/model/state.js b/frontend/model/state.js
index 25480a8a89..f0985564ce 100644
--- a/frontend/model/state.js
+++ b/frontend/model/state.js
@@ -228,6 +228,9 @@ const getters = {
   ourUsername (state) {
     return state.loggedIn && state.loggedIn.username
   },
+  ourPendingAccept (state, getters) {
+    getters.pendingAccept(getters.ourUsername)
+  },
   ourGroupProfile (state, getters) {
     return getters.groupProfile(getters.ourUsername)
   },
diff --git a/frontend/views/pages/Join.vue b/frontend/views/pages/Join.vue
index c17fe68729..bde6db6133 100644
--- a/frontend/views/pages/Join.vue
+++ b/frontend/views/pages/Join.vue
@@ -52,12 +52,13 @@ import GroupWelcome from '@components/GroupWelcome.vue'
 import Loading from '@components/Loading.vue'
 import LoginForm from '@containers/access/LoginForm.vue'
 import SignupForm from '@containers/access/SignupForm.vue'
-import { INVITE_STATUS } from '~/shared/domains/chelonia/constants.js'
 import sbp from '@sbp/sbp'
 import SvgBrokenLink from '@svgs/broken-link.svg'
 import { LOGIN } from '@utils/events.js'
 import { mapGetters, mapState } from 'vuex'
+import { INVITE_STATUS } from '~/shared/domains/chelonia/constants.js'
 import { findKeyIdByName } from '~/shared/domains/chelonia/utils.js'
+import { PROFILE_STATUS } from '@model/contracts/shared/constants.js'
 // Using relative path to crypto.js instead of ~-path to workaround some esbuild bug
 import { deserializeKey, keyId } from '../../../shared/domains/chelonia/crypto.js'
 
@@ -130,7 +131,7 @@ export default ({
           return
         }
         if (this.ourUsername) {
-          if (this.currentGroupId && this.$store.state.contracts[this.ephemeral.query.groupId]) {
+          if (this.currentGroupId && [PROFILE_STATUS.ACTIVE, PROFILE_STATUS.PENDING].includes(this.$store.state.contracts[this.ephemeral.query.groupId]?.profiles?.[this.ourUsername])) {
             this.$router.push({ path: '/dashboard' })
           } else {
             await this.accept()
@@ -150,6 +151,8 @@ export default ({
         this.pageStatus = 'SIGNING'
       } catch (e) {
         console.error(e)
+        // eslint-disable-next-line no-debugger
+        debugger
         this.ephemeral.errorMsg = `${L('Something went wrong. Please, try again.')} ${e.message}`
         this.pageStatus = 'INVALID'
       }
@@ -188,6 +191,8 @@ export default ({
         // this.pageStatus = 'WELCOME'
         this.$router.push({ path: '/pending-approval' })
       } catch (e) {
+        // eslint-disable-next-line no-debugger
+        debugger
         console.error('Join.vue accept() error:', e)
         this.ephemeral.errorMsg = e.message
         this.pageStatus = 'INVALID'
diff --git a/frontend/views/pages/PendingApproval.vue b/frontend/views/pages/PendingApproval.vue
index 23b036d155..3ee8608deb 100644
--- a/frontend/views/pages/PendingApproval.vue
+++ b/frontend/views/pages/PendingApproval.vue
@@ -13,9 +13,10 @@ div
 </template>
 
 <script>
-import { mapGetters, mapState } from 'vuex'
 import GroupWelcome from '@components/GroupWelcome.vue'
+import { PROFILE_STATUS } from '@model/contracts/shared/constants'
 import SvgInvitation from '@svgs/invitation.svg'
+import { mapGetters, mapState } from 'vuex'
 
 export default ({
   name: 'PendingApproval',
@@ -36,7 +37,7 @@ export default ({
     ...mapState(['currentGroupId']),
     ourGroupProfile () {
       if (!this.ephemeral.groupIdWhenMounted) return
-      return this.$store.state[this.ephemeral.groupIdWhenMounted]?.profiles?.[this.ourUsername]
+      return this.$store.state[this.ephemeral.groupIdWhenMounted]?.profiles?.[this.ourUsername]?.status === PROFILE_STATUS.ACTIVE
     }
   },
   mounted () {
diff --git a/shared/domains/chelonia/GIMessage.js b/shared/domains/chelonia/GIMessage.js
index dcccebc0bd..b2a9246f80 100644
--- a/shared/domains/chelonia/GIMessage.js
+++ b/shared/domains/chelonia/GIMessage.js
@@ -358,25 +358,24 @@ export class GIMessage {
   }
 
   decryptedValue (): any {
-    const value = this.message()
-    const data = unwrapMaybeEncryptedData(value)
-    // Did decryption succeed? (unwrapMaybeEncryptedData will return undefined
-    // on failure)
-    if (data?.data) {
+    try {
+      const value = this.message()
+      const data = unwrapMaybeEncryptedData(value)
+      // Did decryption succeed? (unwrapMaybeEncryptedData will return undefined
+      // on failure)
+      if (data?.data) {
       // The data inside could be signed. In this case, we unwrap that to get
       // to the inner contents
-      if (isSignedData(data.data)) {
-        try {
+        if (isSignedData(data.data)) {
           return data.data.valueOf()
-        } catch {
-          // Signature verification failed. In this case, we return undefined
-          return undefined
+        } else {
+          return data.data
         }
-      } else {
-        return data.data
       }
+    } catch {
+      // Signature or encryption error
+      return undefined
     }
-    return undefined
   }
 
   head (): Object { return this._head }
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 83d6927d75..5f32e8f94a 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -270,6 +270,13 @@ export default (sbp('sbp/selectors/register', {
         }
       }
 
+      /* {
+        const rootState = sbp(this.config.stateSelector)
+        const state = rootState[entry.contractID()]
+
+        // console.debug('@@@publishEvent [11]', JSON.parse(JSON.stringify({ state })))
+      } */
+
       const r = await fetch(`${this.config.connectionURL}/event`, {
         method: 'POST',
         body: entry.serialize(),
diff --git a/shared/domains/chelonia/signedData.js b/shared/domains/chelonia/signedData.js
index 485f524c35..c3577668a3 100644
--- a/shared/domains/chelonia/signedData.js
+++ b/shared/domains/chelonia/signedData.js
@@ -41,6 +41,7 @@ const signData = function (sKeyId: string, data: any, extraFields: Object, addit
   if (!additionalData) {
     throw new ChelErrorSignatureError('Signature additional data must be provided')
   }
+  // console.debug('@@@@SIGNING_DATA [11]', JSON.parse(JSON.stringify({ state: this, sKeyId, data })))
   // Has the key been revoked? If so, attempt to find an authorized key by the same name
   // $FlowFixMe
   const designatedKey = this._vm?.authorizedKeys?.[sKeyId]
@@ -49,10 +50,10 @@ const signData = function (sKeyId: string, data: any, extraFields: Object, addit
   )) {
     throw new ChelErrorSignatureError(`Signing key ID ${sKeyId} is missing or is missing signing purpose`)
   }
-  if (designatedKey._notAfterHeight !== undefined) {
+  if (designatedKey._notAfterHeight != null) {
     const name = (this._vm: any).authorizedKeys[sKeyId].name
     console.log({ state: this })
-    const newKeyId = (Object.values(this._vm?.authorizedKeys).find((v: any) => v._notAfterHeight === undefined && v.name === name && v.purpose.includes('sig')): any)?.id
+    const newKeyId = (Object.values(this._vm?.authorizedKeys).find((v: any) => v._notAfterHeight != null && v.name === name && v.purpose.includes('sig')): any)?.id
 
     if (!newKeyId) {
       throw new ChelErrorSignatureError(`Signing key ID ${sKeyId} has been revoked and no new key exists by the same name (${name})`)

From abd54ab60c32f780e97099df2a4c5e8fb7eb0ee3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 27 Oct 2023 18:27:00 +0200
Subject: [PATCH 03/29] Make saveOurLoginState async

---
 frontend/controller/actions/identity.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index 831e535235..3482435b78 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -267,13 +267,13 @@ export default (sbp('sbp/selectors/register', {
       throw new GIErrorUIRuntimeError(L('Failed to signup: {reportError}', message))
     }
   },
-  'gi.actions/identity/saveOurLoginState': function () {
+  'gi.actions/identity/saveOurLoginState': async function () {
     const getters = sbp('state/vuex/getters')
     const contractID = getters.ourIdentityContractId
     const ourLoginState = generatedLoginState()
     const contractLoginState = getters.loginState
     if (contractID && diffLoginStates(ourLoginState, contractLoginState)) {
-      return sbp('gi.actions/identity/setLoginState', {
+      return await sbp('gi.actions/identity/setLoginState', {
         contractID, data: ourLoginState
       })
     }

From 889c43fccac00ecbed3e2fbb72548c1cb15535b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Sun, 29 Oct 2023 15:32:57 +0100
Subject: [PATCH 04/29] Various improvments and bugfixes

---
 frontend/controller/actions/group.js          | 32 ++-----
 frontend/controller/actions/identity.js       |  2 +-
 frontend/main.js                              |  4 +-
 frontend/model/contracts/chatroom.js          | 13 ++-
 frontend/model/contracts/group.js             | 84 ++++++++++++++++---
 frontend/model/contracts/manifests.json       |  4 +-
 .../views/containers/chatroom/ChatMixin.js    | 13 +--
 shared/domains/chelonia/internals.js          |  1 +
 8 files changed, 103 insertions(+), 50 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index b7e4768490..2e1184fdf7 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -380,12 +380,12 @@ export default (sbp('sbp/selectors/register', {
       // This block must be run after having received the group's secret keys
       // (i.e., the CSK and the CEK) that were requested earlier.
       } else if (hasSecretKeys && !isWaitingForKeyShare) {
-        console.log('@@@@@@@@ AT join[firstTimeJoin] for ' + params.contractID)
+        console.log('@@@@@@@@ AT join[firstTimeJoin] for ' + params.contractID, 'prfileStatus', state.profiles?.[username]?.status, JSON.parse(JSON.stringify(state.profiles)))
 
         // We're joining for the first time
         // In this case, we share our profile key with the group, call the
         // inviteAccept action and join the General chatroom
-        if (!state.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE) {
+        if (state.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE) {
           const generalChatRoomId = rootState[params.contractID].generalChatRoomId
 
           const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
@@ -484,7 +484,7 @@ export default (sbp('sbp/selectors/register', {
           console.log('@@@@@@@@ AT join[alreadyMember] for ' + params.contractID)
           // We've already joined
           const chatRoomIds = Object.keys(rootState[params.contractID].chatRooms ?? {})
-            .filter(cId => (rootState[params.contractID].chatRooms?.[cId].users.includes(username)))
+            .filter(cId => (rootState[params.contractID].chatRooms?.[cId].users?.[username].status === PROFILE_STATUS.ACTIVE))
 
           await sbp('chelonia/contract/sync', chatRoomIds)
           sbp('state/vuex/commit', 'setCurrentChatRoomId', {
@@ -569,7 +569,7 @@ export default (sbp('sbp/selectors/register', {
     const contractState = rootState[params.contractID]
     const userID = rootState.loggedIn.identityContractID
     for (const contractId in contractState.chatRooms) {
-      if (params.data.attributes.name.toUpperCase() === contractState.chatRooms[contractId].name.toUpperCase()) {
+      if (params.data.attributes.name.toUpperCase().normalize() === contractState.chatRooms[contractId].name.toUpperCase().normalize()) {
         throw new GIErrorUIRuntimeError(L('Duplicate channel name'))
       }
     }
@@ -664,35 +664,13 @@ export default (sbp('sbp/selectors/register', {
       })
     }
 
-    const message = await sbp('gi.actions/chatroom/join', {
-      ...omit(params, ['options', 'contractID', 'data', 'hooks']),
-      contractID: params.data.chatRoomID,
-      data: { username },
-      hooks: {
-        prepublish: params.hooks?.prepublish,
-        postpublish: null
-      }
-    })
-
-    if (username === me) {
-      // 'JOINING_GROUP_CHAT' is necessary to identify the joining chatroom action is NEW or OLD
-      // Users join the chatroom thru group making group actions
-      // But when user joins the group, he needs to ignore all the actions about chatroom
-      // Because the user is joining group, not joining chatroom
-      // and he is going to make a new action to join 'General' chatroom AGAIN
-      // While joining group, we don't set this flag because Joining chatroom actions are all OLD ones, which need to be ignored
-      // Joining 'General' chatroom is one of the steps to join group
-      // So setting 'JOINING_GROUP_CHAT' can not be out of the 'JOINING_GROUP' scope
-      sbp('okTurtles.data/set', 'JOINING_GROUP_CHAT', true)
-    }
-    await sendMessage({
+    return await sendMessage({
       ...omit(params, ['options', 'action', 'hooks']),
       hooks: {
         prepublish: null,
         postpublish: params.hooks?.postpublish
       }
     })
-    return message
   }),
   'gi.actions/group/addAndJoinChatRoom': async function (params: GIActionParams) {
     const message = await sbp('gi.actions/group/addChatRoom', {
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index 3482435b78..0444daffaf 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -438,7 +438,7 @@ export default (sbp('sbp/selectors/register', {
 
           throw new Error('Unable to sync identity contract')
         }).then(() =>
-          sbp('chelonia/contract/sync', contractIDs).then(async function () {
+          sbp('chelonia/contract/sync', contractIDs, { force: true }).then(async function () {
           // contract sync might've triggered an async call to /remove, so wait before proceeding
             await sbp('chelonia/contract/wait', contractIDs)
             // similarly, since removeMember may have triggered saveOurLoginState asynchronously,
diff --git a/frontend/main.js b/frontend/main.js
index 1f2ebf973d..73dc68ab59 100644
--- a/frontend/main.js
+++ b/frontend/main.js
@@ -116,7 +116,9 @@ async function startApp () {
           'gi.actions/out/rotateKeys', 'gi.actions/group/shareNewKeys', 'gi.actions/chatroom/shareNewKeys', 'gi.actions/identity/shareNewPEK',
           'chelonia/out/keyDel',
           'chelonia/contract/disconnect',
-          'gi.actions/identity/saveOurLoginState'
+          'gi.actions/identity/saveOurLoginState',
+          'gi.actions/chatroom/join',
+          'chelonia/contract/canPerformOperation'
         ],
         allowedDomains: ['okTurtles.data', 'okTurtles.events', 'okTurtles.eventQueue', 'gi.db', 'gi.contracts'],
         preferSlim: true,
diff --git a/frontend/model/contracts/chatroom.js b/frontend/model/contracts/chatroom.js
index 3854cbdf45..4a0e388742 100644
--- a/frontend/model/contracts/chatroom.js
+++ b/frontend/model/contracts/chatroom.js
@@ -185,16 +185,23 @@ sbp('chelonia/defineContract', {
       }),
       process ({ data, meta, hash, id }, { state }) {
         const { username } = data
+        console.log('jjjj  1', { state: JSON.parse(JSON.stringify(state)) })
         if (!state.onlyRenderMessage && state.users[username]) {
           throw new Error(`Can not join the chatroom which ${username} is already part of`)
         }
 
+        console.log('jjjj  2', { state: JSON.parse(JSON.stringify(state)) })
+
         Vue.set(state.users, username, { joinedDate: meta.createdDate })
 
+        console.log('jjjj 3', { state: JSON.parse(JSON.stringify(state)) })
+
         if (!state.onlyRenderMessage || state.attributes.type === CHATROOM_TYPES.DIRECT_MESSAGE) {
           return
         }
 
+        console.log('jjjj 4', { state: JSON.parse(JSON.stringify(state)) })
+
         const notificationType = username === meta.username ? MESSAGE_NOTIFICATIONS.JOIN_MEMBER : MESSAGE_NOTIFICATIONS.ADD_MEMBER
         const notificationData = createNotificationData(
           notificationType,
@@ -698,8 +705,10 @@ sbp('chelonia/defineContract', {
       Vue.set(state._volatile.pendingKeyRevocations, CSKid, true)
       Vue.set(state._volatile.pendingKeyRevocations, CEKid, true)
 
-      sbp('chelonia/queueInvocation', contractID, ['gi.actions/out/rotateKeys', contractID, 'gi.contracts/chatroom', 'pending', 'gi.actions/chatroom/shareNewKeys']).catch(e => {
-        console.warn(`rotateKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
+      sbp('chelonia/queueInvocation', contractID, () => {
+        sbp('gi.actions/out/rotateKeys', contractID, 'gi.contracts/chatroom', 'pending', 'gi.actions/chatroom/shareNewKeys').catch(e => {
+          console.warn(`rotateKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
+        })
       })
     },
     'gi.contracts/chatroom/removeForeignKeys': (contractID, userID, state) => {
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index da07046ec0..87d52d019c 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -261,11 +261,33 @@ function updateGroupStreaks ({ state, getters }) {
   }
 }
 
+const removeGroupChatroomProfile = (state, chatRoomID, member) => {
+  console.log('jjjj removeGroupChatroomProfile', { state, chatRoomID, member })
+  Vue.set(state.chatRooms[chatRoomID], 'users',
+    Object.fromEntries(
+      Object.entries(state.chatRooms[chatRoomID].users)
+        .map(([memberKey, profile]) => {
+          console.log('jjjj removeGroupChatroomProfile ii', {
+            memberKey, member, profile, active: (profile: any)?.status === PROFILE_STATUS.ACTIVE
+          })
+          if (memberKey === member && (profile: any)?.status === PROFILE_STATUS.ACTIVE) {
+            return [member, { status: PROFILE_STATUS.REMOVED }]
+          }
+          return [member, profile]
+        })
+    )
+  )
+}
+
 const leaveChatRoomAction = (state, { chatRoomID, member, leavingGroup }, meta) => {
   const sendingData = leavingGroup
     ? { member: member }
     : { member: member, username: meta.username }
 
+  if (state?.chatRooms?.[chatRoomID]?.users?.[member]?.status !== PROFILE_STATUS.REMOVED) {
+    return
+  }
+
   return sbp('gi.actions/chatroom/leave', {
     contractID: chatRoomID,
     data: sendingData,
@@ -292,7 +314,7 @@ const leaveAllChatRoomsUponLeaving = (state, member, meta) => {
   const chatRooms = state.chatRooms
 
   return Promise.all(Object.keys(chatRooms)
-    .filter(cID => chatRooms[cID].users.includes(member))
+    .filter(cID => chatRooms[cID].users?.[member]?.status === PROFILE_STATUS.REMOVED)
     .map((chatRoomID) => leaveChatRoomAction(state, {
       chatRoomID,
       member,
@@ -944,6 +966,10 @@ sbp('chelonia/defineContract', {
           { username: data.member, dateLeft: meta.createdDate },
           { contractID, meta, state, getters }
         )
+
+        Object.keys(state.chatRooms).forEach((chatroomID) => {
+          removeGroupChatroomProfile(state, chatroomID, data.member)
+        })
       },
       sideEffect ({ data, meta, contractID }, { state, getters }) {
         // Put this invocation at the end of a sync to ensure that leaving and
@@ -1189,7 +1215,7 @@ sbp('chelonia/defineContract', {
           type,
           privacyLevel,
           deletedDate: null,
-          users: []
+          users: {}
         })
         if (!state.generalChatRoomId) {
           Vue.set(state, 'generalChatRoomId', data.chatRoomID)
@@ -1215,8 +1241,7 @@ sbp('chelonia/defineContract', {
         leavingGroup: boolean // leave chatroom by leaving group
       }),
       process ({ data, meta }, { state }) {
-        Vue.set(state.chatRooms[data.chatRoomID], 'users',
-          state.chatRooms[data.chatRoomID].users.filter(u => u !== data.member))
+        removeGroupChatroomProfile(state, data.chatroomID, data.member)
       },
       async sideEffect ({ meta, data, contractID }, { state }) {
         const rootState = sbp('state/vuex/state')
@@ -1232,18 +1257,18 @@ sbp('chelonia/defineContract', {
       }),
       process ({ data, meta }, { state }) {
         const username = data.username || meta.username
-        state.chatRooms[data.chatRoomID].users.push(username)
+        if (state.profiles[username]?.status !== PROFILE_STATUS.ACTIVE) {
+          throw new Error('Cannot join a chatroom for a group you\'re not a member of')
+        }
+        Vue.set(state.chatRooms[data.chatRoomID].users, username, { status: PROFILE_STATUS.ACTIVE })
       },
-      async sideEffect ({ meta, data, contractID }, { state }) {
+      sideEffect ({ meta, data, contractID }, { state }) {
         const rootState = sbp('state/vuex/state')
         const username = data.username || meta.username
         if (username === rootState.loggedIn.username) {
-          if (!sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID) || sbp('okTurtles.data/get', 'JOINING_GROUP_CHAT')) {
-            // while users are joining chatroom, they don't need to leave chatrooms
-            // this is similar to setting 'JOINING_GROUP' before joining group
-            await sbp('chelonia/contract/sync', data.chatRoomID)
-            sbp('okTurtles.data/set', 'JOINING_GROUP_CHAT', false)
-          }
+          sbp('chelonia/queueInvocation', contractID, () => sbp('gi.contracts/group/joinGroupChatrooms', contractID, data.chatRoomID, username, rootState.loggedIn.username)).catch((e) => {
+            console.error(`[gi.contracts/group/joinChatRoom/sideEffect] Error syncing chatroom contract for ${contractID}`, { e, data })
+          })
         }
       }
     },
@@ -1465,6 +1490,41 @@ sbp('chelonia/defineContract', {
         })
       }
     },
+    'gi.contracts/group/joinGroupChatrooms': async function (contractID, chatRoomID, member, loggedInUsername) {
+      const rootState = sbp('state/vuex/state')
+      const state = rootState[contractID]
+      const username = rootState.loggedIn.username
+
+      if (loggedInUsername !== username || state?.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE || state?.chatRooms?.[chatRoomID]?.users[member]?.status !== PROFILE_STATUS.ACTIVE) {
+        console.log('jjjjj early return some check not met')
+        return
+      }
+
+      if (username === member) {
+        await sbp('chelonia/contract/sync', chatRoomID)
+      }
+
+      if (!sbp('chelonia/contract/canPerformOperation', chatRoomID, '*')) {
+        console.log('jjjj cantperformpop')
+        return
+      }
+
+      console.log('jjjjj sedingjoin')
+      await sbp('gi.actions/chatroom/join', {
+        contractID: chatRoomID,
+        data: { username: member },
+        hooks: {
+          preSendCheck: (_, state) => {
+            // Avoid sending a duplicate action if the person is already a
+            // chatroom member
+            console.log('jjjjj AT PRE-SEND-CHECK')
+            return !state?.users?.[member]
+          }
+        }
+      }).catch(e => {
+        console.error(`Unable to join ${member} to chatroom ${chatRoomID} for group ${contractID}`, e)
+      })
+    },
     'gi.contracts/group/leaveGroup': async ({ data, meta, contractID }, { getters }) => {
       const rootState = sbp('state/vuex/state')
       const rootGetters = sbp('state/vuex/getters')
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 5f2fb4bd65..f421655e80 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
-    "gi.contracts/chatroom": "21XWnNV497KyM78NWtVUEB7o86SpKnqUsPg83GCwDnMV6omQkM",
-    "gi.contracts/group": "21XWnNSQz4992RD7xxtwmsiBnkPQGVC4F1j6BGvqBsC9aoqQ3E",
+    "gi.contracts/chatroom": "21XWnNN5T2M4rouNPjMqp41Lbm58SfogTGCMxa9hPQGMQiVBSC",
+    "gi.contracts/group": "21XWnNNSR2QdJwcPRwzCQfJXYmuUnU2QrBM44jk8be9iEoAArP",
     "gi.contracts/identity": "21XWnNSxNrVFTMBCUVcZV3CG833gTbJ9V8ZyX7Fxgmpj9rNy4r"
   }
 }
diff --git a/frontend/views/containers/chatroom/ChatMixin.js b/frontend/views/containers/chatroom/ChatMixin.js
index 08cd1d9e4f..051fd74030 100644
--- a/frontend/views/containers/chatroom/ChatMixin.js
+++ b/frontend/views/containers/chatroom/ChatMixin.js
@@ -1,6 +1,6 @@
 import sbp from '@sbp/sbp'
 import { mapGetters, mapState } from 'vuex'
-import { CHATROOM_PRIVACY_LEVEL } from '@model/contracts/shared/constants.js'
+import { CHATROOM_PRIVACY_LEVEL, PROFILE_STATUS } from '@model/contracts/shared/constants.js'
 import { logExceptNavigationDuplicated } from '@view-utils/misc.js'
 
 const initSummary = {
@@ -101,10 +101,13 @@ const ChatMixin: Object = {
           chatRoomId,
           title: name,
           attributes: { creator, name, description, type, privacyLevel },
-          users: Object.fromEntries(users.map(username => {
-            const { displayName, picture, email } = this.globalProfile(username) || {}
-            return [username, { displayName, picture, email }]
-          })),
+          users: Object
+            .entries(users)
+            .filter((profile) => (profile: any)?.status === PROFILE_STATUS.ACTIVE)
+            .map(([username]) => {
+              const { displayName, picture, email } = this.globalProfile(username) || {}
+              return [username, { displayName, picture, email }]
+            }),
           numberOfUsers: users.length,
           participants: this.ourContactProfiles // TODO: return only historical contributors
         }
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 5f32e8f94a..e415af581c 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -160,6 +160,7 @@ export default (sbp('sbp/selectors/register', {
       if (allowedSels[selector] || allowedDoms[domain]) {
         return sbp(selector, ...args)
       } else {
+        console.error('[chelonia] selector not on allowlist', { selector, allowedSels, allowedDoms })
         throw new Error(`[chelonia] selector not on allowlist: '${selector}'`)
       }
     }

From 94188fe7b3766b2510c0cee0f7dece2ef14371de Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 3 Nov 2023 18:56:02 +0100
Subject: [PATCH 05/29] Bugfixes. Revert changes to side-effects

---
 frontend/common/errors.js               |  11 ++
 frontend/controller/actions/index.js    |  21 ++-
 frontend/controller/actions/utils.js    |   8 +-
 frontend/model/contracts/group.js       |  44 +++++--
 frontend/model/contracts/manifests.json |   2 +-
 shared/domains/chelonia/GIMessage.js    |   6 +-
 shared/domains/chelonia/chelonia.js     |  32 +----
 shared/domains/chelonia/internals.js    | 167 +++++++++++++-----------
 shared/domains/chelonia/utils.js        |  30 ++---
 9 files changed, 174 insertions(+), 147 deletions(-)

diff --git a/frontend/common/errors.js b/frontend/common/errors.js
index 6365a7b579..20a16c35ef 100644
--- a/frontend/common/errors.js
+++ b/frontend/common/errors.js
@@ -23,3 +23,14 @@ export class GIErrorUIRuntimeError extends Error {
     }
   }
 }
+
+export class GIErrorMissingSigningKeyError extends Error {
+  constructor (...params: any[]) {
+    super(...params)
+    // this.name = this.constructor.name
+    this.name = 'GIErrorMissingSigningKeyError' // string literal so minifier doesn't overwrite
+    if (Error.captureStackTrace) {
+      Error.captureStackTrace(this, this.constructor)
+    }
+  }
+}
diff --git a/frontend/controller/actions/index.js b/frontend/controller/actions/index.js
index c0460aed4c..ab4dde8f96 100644
--- a/frontend/controller/actions/index.js
+++ b/frontend/controller/actions/index.js
@@ -160,6 +160,17 @@ sbp('sbp/selectors/register', {
     // Share new keys with other contracts
     const keyShares = shareNewKeysSelector ? await sbp(shareNewKeysSelector, contractID, newKeys) : undefined
 
+    const preSendCheck = (msg, state) => {
+      const updatedKeysRemaining = updatedKeys.filter((key) => {
+        return state._vm.authorizedKeys[key.oldKeyId]._notAfterHeight == null
+      })
+
+      if (updatedKeysRemaining.length === 0) return false
+
+      // TODO: Update msg to remove unnecessary keys
+      return true
+    }
+
     if (Array.isArray(keyShares) && keyShares.length > 0) {
       // Issue OP_ATOMIC
       await sbp('chelonia/out/atomic', {
@@ -169,7 +180,10 @@ sbp('sbp/selectors/register', {
           ...keyShares.map((data) => ['chelonia/out/keyShare', { data }]),
           ['chelonia/out/keyUpdate', { data: updatedKeys }]
         ],
-        signingKeyId
+        signingKeyId,
+        hooks: {
+          preSendCheck
+        }
       })
     } else {
       // Issue OP_KEY_UPDATE
@@ -177,7 +191,10 @@ sbp('sbp/selectors/register', {
         contractID,
         contractName,
         data: updatedKeys,
-        signingKeyId
+        signingKeyId,
+        hooks: {
+          preSendCheck
+        }
       })
     }
 
diff --git a/frontend/controller/actions/utils.js b/frontend/controller/actions/utils.js
index 3bfcfcc5ba..487928b7f9 100644
--- a/frontend/controller/actions/utils.js
+++ b/frontend/controller/actions/utils.js
@@ -5,7 +5,7 @@ import sbp from '@sbp/sbp'
 import { GIMessage } from '~/shared/domains/chelonia/GIMessage.js'
 import { encryptedOutgoingData } from '~/shared/domains/chelonia/encryptedData.js'
 import { findKeyIdByName, findSuitableSecretKeyId } from '~/shared/domains/chelonia/utils.js'
-import { GIErrorUIRuntimeError, LError } from '@common/common.js'
+import { GIErrorMissingSigningKeyError, GIErrorUIRuntimeError, LError } from '@common/common.js'
 // Using relative path to crypto.js instead of ~-path to workaround some esbuild bug
 import { EDWARDS25519SHA512BATCH, keyId, keygen, serializeKey } from '../../../shared/domains/chelonia/crypto.js'
 import type { GIActionParams } from './types.js'
@@ -90,12 +90,12 @@ export const encryptedAction = (
 
         if (!signingKeyId || !encryptionKeyId || !sbp('chelonia/haveSecretKey', signingKeyId)) {
           console.warn(`Refusing to send action ${action} due to missing CSK or CEK`, { contractID, action, signingKeyName, encryptionKeyName, signingKeyId, encryptionKeyId, signingContractID: params.signingContractID, originatingContractID: params.originatingContractID })
-          throw new Error(`No key found to send ${action} for contract ${contractID}`)
+          throw new GIErrorMissingSigningKeyError(`No key found to send ${action} for contract ${contractID}`)
         }
 
         if (innerSigningContractID && (!innerSigningKeyId || !sbp('chelonia/haveSecretKey', innerSigningKeyId))) {
           console.warn(`Refusing to send action ${action} due to missing inner signing key ID`, { contractID, action, signingKeyName, encryptionKeyName, signingKeyId, encryptionKeyId, signingContractID: params.signingContractID, originatingContractID: params.originatingContractID, innerSigningKeyId })
-          throw new Error(`No key found to send ${action} for contract ${contractID}`)
+          throw new GIErrorMissingSigningKeyError(`No key found to send ${action} for contract ${contractID}`)
         }
 
         const sm = sendMessageFactory(params, signingKeyId, innerSigningKeyId || null, encryptionKeyId, params.originatingContractID)
@@ -111,7 +111,7 @@ export const encryptedAction = (
         const userFacingErrStr = typeof humanError === 'string'
           ? `${humanError} ${LError(e).reportError}`
           : humanError(params, e)
-        throw new GIErrorUIRuntimeError(userFacingErrStr)
+        throw new GIErrorUIRuntimeError(userFacingErrStr, { cause: e })
       }
     }
   }
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 87d52d019c..5dc414257e 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -262,7 +262,7 @@ function updateGroupStreaks ({ state, getters }) {
 }
 
 const removeGroupChatroomProfile = (state, chatRoomID, member) => {
-  console.log('jjjj removeGroupChatroomProfile', { state, chatRoomID, member })
+  console.log('jjjj removeGroupChatroomProfile', JSON.parse(JSON.stringify({ state, chatRoomID, member })))
   Vue.set(state.chatRooms[chatRoomID], 'users',
     Object.fromEntries(
       Object.entries(state.chatRooms[chatRoomID].users)
@@ -271,9 +271,9 @@ const removeGroupChatroomProfile = (state, chatRoomID, member) => {
             memberKey, member, profile, active: (profile: any)?.status === PROFILE_STATUS.ACTIVE
           })
           if (memberKey === member && (profile: any)?.status === PROFILE_STATUS.ACTIVE) {
-            return [member, { status: PROFILE_STATUS.REMOVED }]
+            return [memberKey, { status: PROFILE_STATUS.REMOVED }]
           }
-          return [member, profile]
+          return [memberKey, profile]
         })
     )
   )
@@ -288,18 +288,30 @@ const leaveChatRoomAction = (state, { chatRoomID, member, leavingGroup }, meta)
     return
   }
 
+  const extraParams = {}
+
+  // When a group is being left, we want to also leave chatrooms,
+  // including private chatrooms. Since the user issuing the action
+  // may not be a member of the chatroom, we use the group's CSK
+  // unconditionally in this situation, which should be a key in the
+  // chatroom (either the CSK or the groupKey)
+  if (leavingGroup) {
+    const signingKeyId = sbp('chelonia/contract/currentKeyIdByName', state, 'csk', true)
+
+    // If we don't have a CSK, it is because we've already been removed.
+    // Proceeding would cause an error
+    if (!signingKeyId) {
+      return
+    }
+
+    extraParams.signingKeyId = signingKeyId
+    extraParams.innerSigningContractID = null
+  }
+
   return sbp('gi.actions/chatroom/leave', {
     contractID: chatRoomID,
     data: sendingData,
-    // When a group is being left, we want to also leave chatrooms,
-    // including private chatrooms. Since the user issuing the action
-    // may not be a member of the chatroom, we use the group's CSK
-    // unconditionally in this situation, which should be a key in the
-    // chatroom (either the CSK or the groupKey)
-    ...(leavingGroup && {
-      signingKeyId: sbp('chelonia/contract/currentKeyIdByName', state, 'csk'),
-      innerSigningContractID: null
-    }),
+    ...extraParams,
     hooks: {
       preSendCheck: (_, state) => {
         // Avoid sending a duplicate action if the person has already
@@ -307,6 +319,13 @@ const leaveChatRoomAction = (state, { chatRoomID, member, leavingGroup }, meta)
         return !!state?.users?.[member]
       }
     }
+  }).catch((e) => {
+    console.log('jjj action', { e })
+    if (leavingGroup && e?.name === 'GIErrorUIRuntimeError' && e?.cause?.name === 'GIErrorMissingSigningKeyError') {
+      // This is fine; it just means we were removed by someone else
+      return
+    }
+    throw e
   })
 }
 
@@ -1644,6 +1663,7 @@ sbp('chelonia/defineContract', {
       const { identityContractID } = rootState.loggedIn
       const state = rootState[identityContractID]
 
+      if (!state._volatile) Vue.set(state, '_volatile', Object.create(null))
       if (!state._volatile.pendingKeyRevocations) Vue.set(state._volatile, 'pendingKeyRevocations', Object.create(null))
 
       const CSKid = findKeyIdByName(state, 'csk')
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index f421655e80..51b98ad4f3 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNN5T2M4rouNPjMqp41Lbm58SfogTGCMxa9hPQGMQiVBSC",
-    "gi.contracts/group": "21XWnNNSR2QdJwcPRwzCQfJXYmuUnU2QrBM44jk8be9iEoAArP",
+    "gi.contracts/group": "21XWnNRpqRP518XdoAKurByANXMqbHpK4di91v4mscViAdDNma",
     "gi.contracts/identity": "21XWnNSxNrVFTMBCUVcZV3CG833gTbJ9V8ZyX7Fxgmpj9rNy4r"
   }
 }
diff --git a/shared/domains/chelonia/GIMessage.js b/shared/domains/chelonia/GIMessage.js
index b2a9246f80..190a4395f8 100644
--- a/shared/domains/chelonia/GIMessage.js
+++ b/shared/domains/chelonia/GIMessage.js
@@ -235,8 +235,8 @@ export class GIMessage {
       contractID: string | null,
       originatingContractID?: string,
       originatingContractHeight?: number,
-      previousHEAD?: string | null,
-      height: number,
+      previousHEAD?: ?string,
+      height?: ?number,
       op: GIOpRaw,
       manifest: string,
     }
@@ -406,7 +406,7 @@ export class GIMessage {
     return `${desc}|${this.hash()} of ${this.contractID()}>`
   }
 
-  isFirstMessage (): boolean { return !this.head().previousHEAD }
+  isFirstMessage (): boolean { return !this.head().contractID }
 
   contractID (): string { return this.head().contractID || this.hash() }
 
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index 3d9cbe9731..1d8eeed21d 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -334,12 +334,15 @@ export default (sbp('sbp/selectors/register', {
     const op = (operation !== '*') ? [operation] : operation
     return !!findSuitableSecretKeyId(contractIDOrState, op, ['sig'])
   },
-  'chelonia/contract/currentKeyIdByName': function (contractIDOrState: string | Object, name: string) {
+  'chelonia/contract/currentKeyIdByName': function (contractIDOrState: string | Object, name: string, requireSecretKey?: boolean) {
     if (typeof contractIDOrState === 'string') {
       const rootState = sbp(this.config.stateSelector)
       contractIDOrState = rootState[contractIDOrState]
     }
     const currentKeyId = findKeyIdByName(contractIDOrState, name)
+    if (requireSecretKey && !sbp('chelonia/haveSecretKey', currentKeyId)) {
+      return
+    }
     return currentKeyId
   },
   'chelonia/contract/historicalKeyIdsByName': function (contractIDOrState: string | Object, name: string) {
@@ -689,8 +692,6 @@ export default (sbp('sbp/selectors/register', {
     }: GIOpContract)
     const contractMsg = GIMessage.createV1_0({
       contractID: null,
-      previousHEAD: null,
-      height: 0,
       op: [
         GIMessage.OP_CONTRACT,
         signedOutgoingDataWithRawKey(signingKey, payload)
@@ -745,8 +746,6 @@ export default (sbp('sbp/selectors/register', {
       throw new Error('Contract name not found')
     }
 
-    const { HEAD: previousHEAD, height: previousHeight } = atomic ? { HEAD: contractID, height: 0 } : await sbp('chelonia/private/out/latestHEADinfo', contractID)
-
     const payload = (data: GIOpKeyShare)
 
     if (!params.signingKeyId && !params.signingKey) {
@@ -757,8 +756,6 @@ export default (sbp('sbp/selectors/register', {
     let msg = GIMessage.createV1_0({
       contractID: contractID,
       originatingContractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_KEY_SHARE,
         params.signingKeyId
@@ -784,7 +781,6 @@ export default (sbp('sbp/selectors/register', {
     }
     const state = contract.state(contractID)
 
-    const { HEAD: previousHEAD, height: previousHeight } = atomic ? { HEAD: contractID, height: 0 } : await sbp('chelonia/private/out/latestHEADinfo', contractID)
     const payload = (data: GIOpKeyAdd).filter((wk) => {
       const k = (((isEncryptedData(wk) ? wk.valueOf() : wk): any): GIKey)
       if (has(state._vm.authorizedKeys, k.id)) {
@@ -801,8 +797,6 @@ export default (sbp('sbp/selectors/register', {
     validateKeyAddPermissions(contractID, state._vm.authorizedKeys[params.signingKeyId], state, payload)
     let msg = GIMessage.createV1_0({
       contractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_KEY_ADD,
         signedOutgoingData(state, params.signingKeyId, payload, this.transientSecretKeys)
@@ -822,7 +816,6 @@ export default (sbp('sbp/selectors/register', {
       throw new Error('Contract name not found')
     }
     const state = contract.state(contractID)
-    const { HEAD: previousHEAD, height: previousHeight } = atomic ? { HEAD: contractID, height: 0 } : await sbp('chelonia/private/out/latestHEADinfo', contractID)
     const payload = (data: GIOpKeyDel).map((keyId) => {
       if (isEncryptedData(keyId)) return keyId
       // $FlowFixMe
@@ -836,8 +829,6 @@ export default (sbp('sbp/selectors/register', {
     validateKeyDelPermissions(contractID, state._vm.authorizedKeys[params.signingKeyId], state, (payload: any))
     let msg = GIMessage.createV1_0({
       contractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_KEY_DEL,
         signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
@@ -857,7 +848,6 @@ export default (sbp('sbp/selectors/register', {
       throw new Error('Contract name not found')
     }
     const state = contract.state(contractID)
-    const { HEAD: previousHEAD, height: previousHeight } = atomic ? { HEAD: contractID, height: 0 } : await sbp('chelonia/private/out/latestHEADinfo', contractID)
     const payload = (data: GIOpKeyUpdate).map((key) => {
       if (isEncryptedData(key)) return key
       // $FlowFixMe
@@ -871,8 +861,6 @@ export default (sbp('sbp/selectors/register', {
     validateKeyUpdatePermissions(contractID, state._vm.authorizedKeys[params.signingKeyId], state, (payload: any))
     let msg = GIMessage.createV1_0({
       contractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_KEY_UPDATE,
         signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
@@ -897,7 +885,6 @@ export default (sbp('sbp/selectors/register', {
     const state = rootState[contractID]
     if (!rootState[contractID]) this.config.reactiveSet(rootState, contractID, state)
     const originatingState = originatingContract.state(originatingContractID)
-    const { HEAD: previousHEAD, height: previousHeight } = await sbp('chelonia/private/out/latestHEADinfo', contractID)
 
     const keyRequestReplyKey = keygen(EDWARDS25519SHA512BATCH)
     const keyRequestReplyKeyId = keyId(keyRequestReplyKey)
@@ -945,8 +932,6 @@ export default (sbp('sbp/selectors/register', {
     }: GIOpKeyRequest)
     let msg = GIMessage.createV1_0({
       contractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_KEY_REQUEST,
         signedOutgoingData(state, params.signingKeyId,
@@ -968,12 +953,9 @@ export default (sbp('sbp/selectors/register', {
       throw new Error('Contract name not found')
     }
     const state = contract.state(contractID)
-    const { HEAD: previousHEAD, height: previousHeight } = atomic ? { HEAD: contractID, height: 0 } : await sbp('chelonia/private/out/latestHEADinfo', contractID)
     const payload = (data: GIOpKeyRequestSeen)
     let message = GIMessage.createV1_0({
       contractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_KEY_REQUEST_SEEN,
         signedOutgoingData(state, params.signingKeyId, payload, this.transientSecretKeys)
@@ -993,7 +975,6 @@ export default (sbp('sbp/selectors/register', {
       throw new Error('Contract name not found')
     }
     const state = contract.state(contractID)
-    const { HEAD: previousHEAD, height: previousHeight } = await sbp('chelonia/private/out/latestHEADinfo', contractID)
     const payload = (await Promise.all(data.map(([selector, opParams]) => {
       if (!['chelonia/out/actionEncrypted', 'chelonia/out/actionUnencrypted', 'chelonia/out/keyAdd', 'chelonia/out/keyDel', 'chelonia/out/keyUpdate', 'chelonia/out/keyRequestResponse', 'chelonia/out/keyShare'].includes(selector)) {
         throw new Error('Selector not allowed in OP_ATOMIC: ' + selector)
@@ -1004,8 +985,6 @@ export default (sbp('sbp/selectors/register', {
     })
     let msg = GIMessage.createV1_0({
       contractID,
-      previousHEAD,
-      height: previousHeight + 1,
       op: [
         GIMessage.OP_ATOMIC,
         signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
@@ -1042,7 +1021,6 @@ async function outEncryptedOrUnencryptedAction (
   const manifestHash = this.config.contracts.manifests[contractName]
   const { contract } = this.manifestToContract[manifestHash]
   const state = contract.state(contractID)
-  const { HEAD: previousHEAD, height: previousHeight } = atomic ? { HEAD: contractID, height: 0 } : await sbp('chelonia/private/out/latestHEADinfo', contractID)
   const meta = await contract.metadata.create()
   const gProxy = gettersProxy(state, contract.getters)
   contract.metadata.validate(meta, { state, ...gProxy, contractID })
@@ -1061,8 +1039,6 @@ async function outEncryptedOrUnencryptedAction (
     : encryptedOutgoingData(state, ((params.encryptionKeyId: any): string), signedMessage)
   let message = GIMessage.createV1_0({
     contractID,
-    previousHEAD,
-    height: previousHeight + 1,
     op: [
       opType,
       signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index e415af581c..d1798d0678 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -257,26 +257,44 @@ export default (sbp('sbp/selectors/register', {
   'chelonia/private/noop': function () {},
   'chelonia/private/out/publishEvent': async function (entry: GIMessage, { maxAttempts = 5 } = {}, hooks) {
     let attempt = 1
+    let lastAttemptedHeight
     // auto resend after short random delay
     // https://github.com/okTurtles/group-income/issues/608
     hooks?.prepublish?.(entry)
+
+    console.log('jjjjjjj publish entry', { entry })
+
     while (true) {
-      if (hooks?.preSendCheck) {
+      // Queued event to ensure that we send the event with whatever the
+      // 'latest' state may be for that contract (in case we were receiving
+      // something over the web socket)
+      // This also ensures that the state doesn't change while reading it
+      lastAttemptedHeight = entry.height()
+      entry = await sbp('okTurtles.eventQueue/queueEvent', entry.contractID(), () => {
         const rootState = sbp(this.config.stateSelector)
         const state = rootState[entry.contractID()]
 
-        if (!hooks.preSendCheck(entry, state)) {
-          console.info(`[chelonia] Not sending message as preSendCheck hook returned non-truish value: ${entry.description()}`)
-          return
+        if (hooks?.preSendCheck) {
+          if (!hooks.preSendCheck(entry, state)) {
+            console.info(`[chelonia] Not sending message as preSendCheck hook returned non-truish value: ${entry.description()}`)
+            return
+          }
         }
-      }
 
-      /* {
-        const rootState = sbp(this.config.stateSelector)
-        const state = rootState[entry.contractID()]
+        // if this isn't OP_CONTRACT, recreate and resend message
+        // We always call recreateEvent because we may have received new events
+        // in the web socket
+        if (!entry.isFirstMessage()) {
+          return recreateEvent(entry, state)
+        }
 
-        // console.debug('@@@publishEvent [11]', JSON.parse(JSON.stringify({ state })))
-      } */
+        return entry
+      })
+
+      console.log('jjjjjjj publish entry updated', { entry })
+
+      // If there is no event to send, return
+      if (!entry) return
 
       const r = await fetch(`${this.config.connectionURL}/event`, {
         method: 'POST',
@@ -291,7 +309,7 @@ export default (sbp('sbp/selectors/register', {
         return entry
       }
       if (r.status === 409) {
-        if (attempt + 1 > maxAttempts) {
+        if (attempt >= maxAttempts) {
           console.error(`[chelonia] failed to publish ${entry.description()} after ${attempt} attempts`, entry)
           throw new Error(`publishEvent: ${r.status} - ${r.statusText}. attempt ${attempt}`)
         }
@@ -300,14 +318,12 @@ export default (sbp('sbp/selectors/register', {
         console.warn(`[chelonia] publish attempt ${attempt} of ${maxAttempts} failed. Waiting ${randDelay} msec before resending ${entry.description()}`)
         attempt += 1
         await delay(randDelay) // wait randDelay ms before sending it again
-        // if this isn't OP_CONTRACT, recreate and resend message
-        if (!entry.isFirstMessage()) {
-          const rootState = sbp(this.config.stateSelector)
-          const newEntry = await recreateEvent(entry, rootState)
-          if (!newEntry) {
-            return
-          }
-          entry = newEntry
+
+        // TODO: The [pubsub] code seems to miss events that happened between
+        // a call to sync and the subscription time. This is a temporary measure
+        // to handle this until [pubsub] is updated.
+        if (entry.height() === lastAttemptedHeight) {
+          await sbp('okTurtles.eventQueue/queueEvent', entry.contractID(), ['chelonia/private/in/syncContract', entry.contractID()])
         }
       } else {
         const message = (await r.json())?.message
@@ -924,7 +940,9 @@ export default (sbp('sbp/selectors/register', {
       return
     }
 
-    await sbp('chelonia/private/in/syncContract', contractID)
+    if (!has(rootState, contractID)) {
+      await sbp('chelonia/private/in/syncContract', contractID)
+    }
 
     const contractState = rootState[contractID]
     const keysToDelete = []
@@ -1255,16 +1273,13 @@ export default (sbp('sbp/selectors/register', {
       if (!processingErrored && !state[contractID]?._volatile?.dirty) {
         // Gets run get when skipSideEffects is false
         if (Array.isArray(internalSideEffectStack) && internalSideEffectStack.length > 0) {
-          // We don't await on internal side-effects as it may cause deadlocks
-          internalSideEffectStack.forEach(fn => sbp('okTurtles.eventQueue/queueEvent', `sideEffect:${contractID}`, fn).catch((e) => {
+          await Promise.all(internalSideEffectStack.map(fn => Promise.resolve(fn()).catch((e) => {
             console.error(`[chelonia] ERROR '${e.name}' in internal side effect for ${message.description()}: ${e.message}`, e, { message: message.serialize() })
-          }))
+          })))
         }
 
-        // We don't await on side-effects as it may deadlock if the side-effect
-        // ends up putting things in the queue
         if (!this.config.skipActionProcessing && !this.config.skipSideEffects) {
-          Promise.resolve().then(() => handleEvent.processSideEffects.call(this, message, state[contractID])).catch((e) => {
+          await handleEvent.processSideEffects.call(this, message, state[contractID])?.catch((e) => {
             console.error(`[chelonia] ERROR '${e.name}' in sideEffect for ${message.description()}: ${e.message}`, e, { message: message.serialize() })
             // We used to revert the state and rethrow the error here, but we no longer do that
             // see this issue for why: https://github.com/okTurtles/group-income/issues/1544
@@ -1347,64 +1362,66 @@ const handleEvent = {
   },
   processSideEffects (message: GIMessage, state: Object) {
     const opT = message.opType()
-    if ([GIMessage.OP_ATOMIC, GIMessage.OP_ACTION_ENCRYPTED, GIMessage.OP_ACTION_UNENCRYPTED].includes(opT)) {
-      const contractID = message.contractID()
-      const manifestHash = message.manifest()
-      const hash = message.hash()
-      const id = message.id()
-      const signingKeyId = message.signingKeyId()
-
-      const callSideEffect = (field) => {
-        let v = field.valueOf()
-        let innerSigningKeyId: string | typeof undefined
-        if (isSignedData(v)) {
-          innerSigningKeyId = (v: any).signingKeyId
-          v = (v: any).valueOf()
-        }
+    if (![GIMessage.OP_ATOMIC, GIMessage.OP_ACTION_ENCRYPTED, GIMessage.OP_ACTION_UNENCRYPTED].includes(opT)) {
+      return
+    }
 
-        const { action, data, meta } = (v: any)
-        const mutation = {
-          data,
-          meta,
-          hash,
-          id,
-          contractID,
-          description: message.description(),
-          direction: message.direction(),
-          signingKeyId,
-          get signingContractID () {
-            return getContractIDfromKeyId(contractID, signingKeyId, state)
-          },
-          innerSigningKeyId,
-          get innerSigningContractID () {
-            return getContractIDfromKeyId(contractID, innerSigningKeyId, state)
-          }
-        }
-        return sbp('okTurtles.eventQueue/queueEvent', `sideEffect:${contractID}`, [`${manifestHash}/${action}/sideEffect`, mutation])
-      }
-      const msg = Object(message.message())
+    const contractID = message.contractID()
+    const manifestHash = message.manifest()
+    const hash = message.hash()
+    const id = message.id()
+    const signingKeyId = message.signingKeyId()
 
-      if (opT !== GIMessage.OP_ATOMIC) {
-        return callSideEffect(msg)
+    const callSideEffect = (field) => {
+      let v = field.valueOf()
+      let innerSigningKeyId: string | typeof undefined
+      if (isSignedData(v)) {
+        innerSigningKeyId = (v: any).signingKeyId
+        v = (v: any).valueOf()
       }
 
-      const reducer = (acc, [opT, opV]) => {
-        if ([GIMessage.OP_ACTION_ENCRYPTED, GIMessage.OP_ACTION_UNENCRYPTED].includes(opT)) {
-          acc.push(Object(opV))
+      const { action, data, meta } = (v: any)
+      const mutation = {
+        data,
+        meta,
+        hash,
+        id,
+        contractID,
+        description: message.description(),
+        direction: message.direction(),
+        signingKeyId,
+        get signingContractID () {
+          return getContractIDfromKeyId(contractID, signingKeyId, state)
+        },
+        innerSigningKeyId,
+        get innerSigningContractID () {
+          return getContractIDfromKeyId(contractID, innerSigningKeyId, state)
         }
-        return acc
       }
+      return Promise.resolve(sbp(`${manifestHash}/${action}/sideEffect`, mutation))
+    }
+    const msg = Object(message.message())
 
-      const actionsOpV = ((msg: any): GIOpAtomic).reduce(reducer, [])
+    if (opT !== GIMessage.OP_ATOMIC) {
+      return callSideEffect(msg)
+    }
 
-      return Promise.allSettled(actionsOpV.map((action) => callSideEffect(action))).then((results) => {
-        const errors = results.filter((r) => r.status === 'rejected').map((r) => (r: any).reason)
-        if (errors.length > 0) {
-          // $FlowFixMe[cannot-resolve-name]
-          throw new AggregateError(errors, `Error at side effects for ${contractID}`)
-        }
-      })
+    const reducer = (acc, [opT, opV]) => {
+      if ([GIMessage.OP_ACTION_ENCRYPTED, GIMessage.OP_ACTION_UNENCRYPTED].includes(opT)) {
+        acc.push(Object(opV))
+      }
+      return acc
     }
+
+    const actionsOpV = ((msg: any): GIOpAtomic).reduce(reducer, [])
+
+    return Promise.allSettled(actionsOpV.map((action) => callSideEffect(action))).then((results) => {
+      const errors = results.filter((r) => r.status === 'rejected').map((r) => (r: any).reason)
+      if (errors.length > 0) {
+        // $FlowFixMe[cannot-resolve-name]
+        throw new AggregateError(errors, `Error at side effects for ${contractID}`)
+      }
+    })
   },
   revertProcess ({ message, state, contractID, contractStateCopy }) {
     console.warn(`[chelonia] reverting mutation ${message.description()}: ${message.serialize()}. Any side effects will be skipped!`)
diff --git a/shared/domains/chelonia/utils.js b/shared/domains/chelonia/utils.js
index 213a2ec5ba..229e630da2 100644
--- a/shared/domains/chelonia/utils.js
+++ b/shared/domains/chelonia/utils.js
@@ -400,30 +400,15 @@ export const subscribeToForeignKeyContracts = function (contractID: string, stat
 // duplicate operations. For operations involving keys, the payload will be
 // rewritten to eliminate no-longer-relevant keys. In most cases, this would
 // result in an empty payload, in which case the message is omitted entirely.
-export const recreateEvent = async (entry: GIMessage, rootState: Object): Promise<typeof undefined | GIMessage> => {
+export const recreateEvent = async (entry: GIMessage, state: Object): Promise<typeof undefined | GIMessage> => {
   const contractID = entry.contractID()
-  // We sync the contract to ensure we have the correct local state
-  // This way we can fetch new keys and correctly re-sign and re-encrypt
-  // messages as needed. This also ensures that we can rewrite (or omit) the
-  // payload to remove irrelevant parts.
-  // Note that in cases of high contention sync may fail to retrieve the latest
-  // state. In such cases, the operation (publishEvent) will fail after the
-  // maximum number of attempts is exhausted.
-  // Note also that this assumes (and requires) that we are subscribed to a
-  // contract before being able to write to it. This is because we rely on the
-  // contract state to identify the current keys (in _vm.authorizedKeys) which
-  // are used for signatures and for encryption.
-  // When recreateEvent is called we may already be in a queued event, so we
-  // call syncContract directly instead of sync
-  await sbp('chelonia/contract/sync', contractID, { force: true })
-  const { HEAD: previousHEAD, height: previousHeight } = await sbp('chelonia/queueInvocation', contractID, ['chelonia/db/latestHEADinfo', contractID]) || {}
+  const { HEAD: previousHEAD, height: previousHeight } = await sbp('chelonia/db/latestHEADinfo', contractID) || {}
   if (!previousHEAD) {
     throw new Error('recreateEvent: Giving up because the contract has been removed')
   }
   const head = entry.head()
 
   const [opT, rawOpV] = entry.rawOp()
-  const state = rootState[contractID]
 
   const recreateOperation = (opT: string, rawOpV: SignedData<GIOpValue>) => {
     const opV = rawOpV.valueOf()
@@ -500,12 +485,13 @@ export const recreateEvent = async (entry: GIMessage, rootState: Object): Promis
 
   if (!newRawOpV) return
 
+  const newOp = opT === GIMessage.OP_ATOMIC && (newRawOpV: any).length === 1
+    ? (newRawOpV: any)[0]
+    : [opT, newRawOpV]
+
   entry = GIMessage.cloneWith(
-    head,
-    [
-      opT,
-      (newRawOpV: any)
-    ], { previousHEAD, height: previousHeight + 1 })
+    head, newOp, { previousHEAD, height: previousHeight + 1 }
+  )
 
   return entry
 }

From 028513fd4e0fb008e9f630f38e42aa07c6d7250f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 3 Nov 2023 22:01:00 +0100
Subject: [PATCH 06/29] bump


From 9364fdf7d5dd3ccf3b2fc864259c30d5479b4457 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Sat, 4 Nov 2023 22:00:36 +0100
Subject: [PATCH 07/29] Address re-joining of chatrooms

---
 frontend/controller/actions/chatroom.js |  56 +++++----
 frontend/model/contracts/chatroom.js    | 147 +++++++++++++-----------
 frontend/model/contracts/manifests.json |   2 +-
 3 files changed, 118 insertions(+), 87 deletions(-)

diff --git a/frontend/controller/actions/chatroom.js b/frontend/controller/actions/chatroom.js
index 8d8a4162ab..3ca4912897 100644
--- a/frontend/controller/actions/chatroom.js
+++ b/frontend/controller/actions/chatroom.js
@@ -228,32 +228,44 @@ export default (sbp('sbp/selectors/register', {
       throw new Error(`Unable to send gi.actions/chatroom/join on ${params.contractID} because user ID contract ${userID} is missing`)
     }
 
-    await sbp('chelonia/contract/sync', params.contractID)
+    const isCurrentUserJoining = rootState.loggedIn.identityContractID === userID
 
-    const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
-    const userCSKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'csk')
+    if (isCurrentUserJoining) {
+      sbp('okTurtles.data/set', 'JOINING_CHATROOM-' + params.contractID, true)
+    }
+
+    try {
+      await sbp('chelonia/contract/sync', params.contractID)
 
-    const state = rootState[params.contractID]
+      const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
+      const userCSKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'csk')
 
-    // Add the user's CSK to the contract
-    await sbp('chelonia/out/keyAdd', {
-      contractID: params.contractID,
-      contractName: 'gi.contracts/chatroom',
-      // TODO: Find a way to have this wrapping be done by Chelonia directly
-      data: [encryptedOutgoingData(state, CEKid, {
-        foreignKey: `sp:${encodeURIComponent(userID)}?keyName=${encodeURIComponent('csk')}`,
-        id: userCSKid,
-        data: rootState[userID]._vm.authorizedKeys[userCSKid].data,
-        permissions: [GIMessage.OP_ACTION_ENCRYPTED + '#inner'],
-        allowedActions: '*',
-        purpose: ['sig'],
-        ringLevel: Number.MAX_SAFE_INTEGER,
-        name: `${userID}/${userCSKid}`
-      })],
-      signingKeyId
-    })
+      const state = rootState[params.contractID]
 
-    return sendMessage(params)
+      // Add the user's CSK to the contract
+      await sbp('chelonia/out/keyAdd', {
+        contractID: params.contractID,
+        contractName: 'gi.contracts/chatroom',
+        // TODO: Find a way to have this wrapping be done by Chelonia directly
+        data: [encryptedOutgoingData(state, CEKid, {
+          foreignKey: `sp:${encodeURIComponent(userID)}?keyName=${encodeURIComponent('csk')}`,
+          id: userCSKid,
+          data: rootState[userID]._vm.authorizedKeys[userCSKid].data,
+          permissions: [GIMessage.OP_ACTION_ENCRYPTED + '#inner'],
+          allowedActions: '*',
+          purpose: ['sig'],
+          ringLevel: Number.MAX_SAFE_INTEGER,
+          name: `${userID}/${userCSKid}`
+        })],
+        signingKeyId
+      })
+
+      return await sendMessage(params)
+    } finally {
+      if (isCurrentUserJoining) {
+        sbp('okTurtles.data/set', 'JOINING_CHATROOM-' + params.contractID, false)
+      }
+    }
   }),
   ...encryptedAction('gi.actions/chatroom/rename', L('Failed to rename chat channel.')),
   ...encryptedAction('gi.actions/chatroom/changeDescription', L('Failed to change chat channel description.')),
diff --git a/frontend/model/contracts/chatroom.js b/frontend/model/contracts/chatroom.js
index 4a0e388742..3091eddec3 100644
--- a/frontend/model/contracts/chatroom.js
+++ b/frontend/model/contracts/chatroom.js
@@ -210,54 +210,65 @@ sbp('chelonia/defineContract', {
         const newMessage = createMessage({ meta, hash, id, data: notificationData, state })
         state.messages.push(newMessage)
       },
-      async sideEffect ({ data, contractID, hash, meta }, { state }) {
-        const rootGetters = sbp('state/vuex/getters')
-        const { username } = data
-        const loggedIn = sbp('state/vuex/state').loggedIn
+      sideEffect ({ data, contractID, hash, meta }, { state }) {
+        sbp('chelonia/queueInvocation', contractID, async () => {
+          const rootState = sbp('state/vuex/state')
+          const state = rootState[contractID]
 
-        emitMessageEvent({ contractID, hash })
-        setReadUntilWhileJoining({ contractID, hash, createdDate: meta.createdDate })
+          if (!state?.users?.[data.username]) {
+            return
+          }
+
+          const rootGetters = sbp('state/vuex/getters')
+          const { username } = data
+          const loggedIn = sbp('state/vuex/state').loggedIn
+
+          emitMessageEvent({ contractID, hash })
+          setReadUntilWhileJoining({ contractID, hash, createdDate: meta.createdDate })
 
-        if (username === loggedIn.username) {
-          if (state.attributes.type === CHATROOM_TYPES.DIRECT_MESSAGE) {
+          if (username === loggedIn.username) {
+            if (state.attributes.type === CHATROOM_TYPES.DIRECT_MESSAGE) {
             // NOTE: To ignore scroll to the message of this hash
             //       since we don't create notification when join the direct message
-            sbp('state/vuex/commit', 'deleteChatRoomReadUntil', {
-              chatRoomId: contractID,
-              deletedDate: meta.createdDate
-            })
-          }
-          const lookupResult = await Promise.allSettled(
-            Object.keys(state.users)
-              .filter((name) =>
-                !rootGetters.ourContactProfiles[name] && name !== loggedIn.username)
-              .map(async (name) => await sbp('namespace/lookup', name).then((r) => {
-                if (!r) throw new Error('Cannot lookup username: ' + name)
-                return r
-              }))
-          )
-          const errors = lookupResult
-            .filter(({ status }) => status === 'rejected')
-            .map((r) => (r: any).reason)
-          await sbp('chelonia/contract/sync',
-            lookupResult
-              .filter(({ status }) => status === 'fulfilled')
-              .map((r) => (r: any).value)
-          ).catch(e => errors.push(e))
-          if (errors.length) {
-            const msg = `Encountered ${errors.length} errors while joining a chatroom`
-            console.error(msg, errors)
-            throw new Error(msg)
-          }
-        } else {
-          if (!rootGetters.ourContactProfiles[username]) {
-            const contractID = await sbp('namespace/lookup', username)
-            if (!contractID) {
-              throw new Error('Cannot lookup username: ' + username)
+              sbp('state/vuex/commit', 'deleteChatRoomReadUntil', {
+                chatRoomId: contractID,
+                deletedDate: meta.createdDate
+              })
+            }
+            const lookupResult = await Promise.allSettled(
+              Object.keys(state.users)
+                .filter((name) =>
+                  !rootGetters.ourContactProfiles[name] && name !== loggedIn.username)
+                .map(async (name) => await sbp('namespace/lookup', name).then((r) => {
+                  if (!r) throw new Error('Cannot lookup username: ' + name)
+                  return r
+                }))
+            )
+            const errors = lookupResult
+              .filter(({ status }) => status === 'rejected')
+              .map((r) => (r: any).reason)
+            await sbp('chelonia/contract/sync',
+              lookupResult
+                .filter(({ status }) => status === 'fulfilled')
+                .map((r) => (r: any).value)
+            ).catch(e => errors.push(e))
+            if (errors.length) {
+              const msg = `Encountered ${errors.length} errors while joining a chatroom`
+              console.error(msg, errors)
+              throw new Error(msg)
+            }
+          } else {
+            if (!rootGetters.ourContactProfiles[username]) {
+              const contractID = await sbp('namespace/lookup', username)
+              if (!contractID) {
+                throw new Error('Cannot lookup username: ' + username)
+              }
+              await sbp('chelonia/contract/sync', contractID)
             }
-            await sbp('chelonia/contract/sync', contractID)
           }
-        }
+        }).catch((e) => {
+          console.error('[gi.contracts/chatroom/join/sideEffect] Error at sideEffect', e?.message || e)
+        })
       }
     },
     'gi.contracts/chatroom/rename': {
@@ -331,25 +342,35 @@ sbp('chelonia/defineContract', {
         state.messages.push(newMessage)
       },
       sideEffect ({ data, hash, contractID, meta }, { state }) {
-        if (data.member === sbp('state/vuex/state').loggedIn.username) {
-          if (sbp('chelonia/contract/isSyncing', contractID)) {
+        sbp('chelonia/queueInvocation', contractID, async () => {
+          const rootState = sbp('state/vuex/state')
+          const state = rootState[contractID]
+
+          if (!state || !!state.users?.[data.username]) {
             return
           }
-          leaveChatRoom({ contractID })
-        } else {
-          emitMessageEvent({ contractID, hash })
-          setReadUntilWhileJoining({ contractID, hash, createdDate: meta.createdDate })
 
-          if (state.attributes.privacyLevel === CHATROOM_PRIVACY_LEVEL.PRIVATE) {
-            sbp('gi.contracts/chatroom/rotateKeys', contractID, state)
+          if (data.member === rootState.loggedIn.username) {
+            if (!sbp('okTurtles.data/get', 'JOINING_CHATROOM-' + contractID)) {
+              await leaveChatRoom({ contractID })
+            }
+          } else {
+            emitMessageEvent({ contractID, hash })
+            setReadUntilWhileJoining({ contractID, hash, createdDate: meta.createdDate })
+
+            if (state.attributes.privacyLevel === CHATROOM_PRIVACY_LEVEL.PRIVATE) {
+              sbp('gi.contracts/chatroom/rotateKeys', contractID, state)
+            }
           }
-        }
 
-        const rootGetters = sbp('state/vuex/getters')
-        const userID = rootGetters.ourContactProfiles[data.member]?.contractID
-        if (userID) {
-          sbp('gi.contracts/chatroom/removeForeignKeys', contractID, userID, state)
-        }
+          const rootGetters = sbp('state/vuex/getters')
+          const userID = rootGetters.ourContactProfiles[data.member]?.contractID
+          if (userID) {
+            sbp('gi.contracts/chatroom/removeForeignKeys', contractID, userID, state)
+          }
+        }).catch((e) => {
+          console.error('[gi.contracts/chatroom/leave/sideEffect] Error at sideEffect', e?.message || e)
+        })
       }
     },
     'gi.contracts/chatroom/delete': {
@@ -364,11 +385,11 @@ sbp('chelonia/defineContract', {
           Vue.delete(state.users, username)
         }
       },
-      sideEffect ({ meta, contractID }, { state }) {
+      async sideEffect ({ meta, contractID }, { state }) {
         if (sbp('chelonia/contract/isSyncing', contractID)) {
           return
         }
-        leaveChatRoom({ contractID })
+        await leaveChatRoom({ contractID })
       }
     },
     'gi.contracts/chatroom/addMessage': {
@@ -705,10 +726,8 @@ sbp('chelonia/defineContract', {
       Vue.set(state._volatile.pendingKeyRevocations, CSKid, true)
       Vue.set(state._volatile.pendingKeyRevocations, CEKid, true)
 
-      sbp('chelonia/queueInvocation', contractID, () => {
-        sbp('gi.actions/out/rotateKeys', contractID, 'gi.contracts/chatroom', 'pending', 'gi.actions/chatroom/shareNewKeys').catch(e => {
-          console.warn(`rotateKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
-        })
+      sbp('gi.actions/out/rotateKeys', contractID, 'gi.contracts/chatroom', 'pending', 'gi.actions/chatroom/shareNewKeys').catch(e => {
+        console.warn(`rotateKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
       })
     },
     'gi.contracts/chatroom/removeForeignKeys': (contractID, userID, state) => {
@@ -721,12 +740,12 @@ sbp('chelonia/defineContract', {
 
       if (!CEKid) throw new Error('Missing encryption key')
 
-      sbp('chelonia/queueInvocation', contractID, ['chelonia/out/keyDel', {
+      sbp('chelonia/out/keyDel', {
         contractID,
         contractName: 'gi.contracts/chatroom',
         data: keyIds,
         signingKeyId: CSKid
-      }]).catch(e => {
+      }).catch(e => {
         console.warn(`removeForeignKeys: ${e.name} thrown during queueEvent to ${contractID}:`, e)
       })
     }
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 51b98ad4f3..4fd128c408 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,6 +1,6 @@
 {
   "manifests": {
-    "gi.contracts/chatroom": "21XWnNN5T2M4rouNPjMqp41Lbm58SfogTGCMxa9hPQGMQiVBSC",
+    "gi.contracts/chatroom": "21XWnNU9378zyGY4FLr2WE8NYYtV7qe9QimUBYNwZpeM8X7hz4",
     "gi.contracts/group": "21XWnNRpqRP518XdoAKurByANXMqbHpK4di91v4mscViAdDNma",
     "gi.contracts/identity": "21XWnNSxNrVFTMBCUVcZV3CG833gTbJ9V8ZyX7Fxgmpj9rNy4r"
   }

From 51a95229ecdbaa247a1d85252ab67a60bb706341 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Tue, 7 Nov 2023 20:42:41 +0100
Subject: [PATCH 08/29] Address PR review feedback

---
 frontend/common/errors.js            | 36 ++++------------------------
 frontend/model/contracts/group.js    |  5 +++-
 shared/domains/chelonia/GIMessage.js |  2 ++
 shared/domains/chelonia/errors.js    |  4 ++--
 shared/domains/chelonia/internals.js | 19 +++++++--------
 shared/domains/chelonia/utils.js     |  4 +---
 shared/pubsub.js                     | 16 ++++++++-----
 7 files changed, 32 insertions(+), 54 deletions(-)

diff --git a/frontend/common/errors.js b/frontend/common/errors.js
index 20a16c35ef..d8947c34ae 100644
--- a/frontend/common/errors.js
+++ b/frontend/common/errors.js
@@ -1,36 +1,10 @@
 'use strict'
 
-export class GIErrorIgnoreAndBan extends Error {
-  // ugly boilerplate because JavaScript is stupid
-  // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error#Custom_Error_Types
-  constructor (...params: any[]) {
-    super(...params)
-    this.name = 'GIErrorIgnoreAndBan'
-    if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, this.constructor)
-    }
-  }
-}
+import { ChelErrorGenerator } from '~/shared/domains/chelonia/errors.js'
+
+export const GIErrorIgnoreAndBan: typeof Error = ChelErrorGenerator('GIErrorIgnoreAndBan')
 
 // Used to throw human readable errors on UI.
-export class GIErrorUIRuntimeError extends Error {
-  constructor (...params: any[]) {
-    super(...params)
-    // this.name = this.constructor.name
-    this.name = 'GIErrorUIRuntimeError' // string literal so minifier doesn't overwrite
-    if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, this.constructor)
-    }
-  }
-}
+export const GIErrorUIRuntimeError: typeof Error = ChelErrorGenerator('GIErrorUIRuntimeError')
 
-export class GIErrorMissingSigningKeyError extends Error {
-  constructor (...params: any[]) {
-    super(...params)
-    // this.name = this.constructor.name
-    this.name = 'GIErrorMissingSigningKeyError' // string literal so minifier doesn't overwrite
-    if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, this.constructor)
-    }
-  }
-}
+export const GIErrorMissingSigningKeyError: typeof Error = ChelErrorGenerator('GIErrorMissingSigningKeyError')
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 5dc414257e..6b8d1b6a9a 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -271,7 +271,7 @@ const removeGroupChatroomProfile = (state, chatRoomID, member) => {
             memberKey, member, profile, active: (profile: any)?.status === PROFILE_STATUS.ACTIVE
           })
           if (memberKey === member && (profile: any)?.status === PROFILE_STATUS.ACTIVE) {
-            return [memberKey, { status: PROFILE_STATUS.REMOVED }]
+            return [memberKey, { ...profile, status: PROFILE_STATUS.REMOVED }]
           }
           return [memberKey, profile]
         })
@@ -304,7 +304,10 @@ const leaveChatRoomAction = (state, { chatRoomID, member, leavingGroup }, meta)
       return
     }
 
+    // Set signing key to the CSK
     extraParams.signingKeyId = signingKeyId
+    // Explicitly opt out of inner signatures. By default, actions will be signed
+    // by the currently logged in user.
     extraParams.innerSigningContractID = null
   }
 
diff --git a/shared/domains/chelonia/GIMessage.js b/shared/domains/chelonia/GIMessage.js
index 190a4395f8..fd4dab2ada 100644
--- a/shared/domains/chelonia/GIMessage.js
+++ b/shared/domains/chelonia/GIMessage.js
@@ -374,6 +374,8 @@ export class GIMessage {
       }
     } catch {
       // Signature or encryption error
+      // We don't log this error because it's already logged when the value is
+      // retrieved
       return undefined
     }
   }
diff --git a/shared/domains/chelonia/errors.js b/shared/domains/chelonia/errors.js
index cc4f8d818f..938e440f14 100644
--- a/shared/domains/chelonia/errors.js
+++ b/shared/domains/chelonia/errors.js
@@ -2,9 +2,9 @@
 
 // ugly boilerplate because JavaScript is stupid
 // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error#Custom_Error_Types
-const ChelErrorGenerator = (
+export const ChelErrorGenerator = (
   name: string,
-  base = Error
+  base: typeof Error = Error
 ): typeof Error =>
   ((class extends base {
     constructor (...params: any[]) {
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index d1798d0678..f3cd5b1fd6 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -281,7 +281,11 @@ export default (sbp('sbp/selectors/register', {
           }
         }
 
-        // if this isn't OP_CONTRACT, recreate and resend message
+        // if this isn't the first event (i.e., OP_CONTRACT), recreate and
+        // resend message
+        // This is mainly to set height and previousHEAD. For the first event,
+        // this doesn't need to be done because previousHEAD is always undefined
+        // and height is always 0.
         // We always call recreateEvent because we may have received new events
         // in the web socket
         if (!entry.isFirstMessage()) {
@@ -309,7 +313,7 @@ export default (sbp('sbp/selectors/register', {
         return entry
       }
       if (r.status === 409) {
-        if (attempt >= maxAttempts) {
+        if (attempt + 1 > maxAttempts) {
           console.error(`[chelonia] failed to publish ${entry.description()} after ${attempt} attempts`, entry)
           throw new Error(`publishEvent: ${r.status} - ${r.statusText}. attempt ${attempt}`)
         }
@@ -318,13 +322,6 @@ export default (sbp('sbp/selectors/register', {
         console.warn(`[chelonia] publish attempt ${attempt} of ${maxAttempts} failed. Waiting ${randDelay} msec before resending ${entry.description()}`)
         attempt += 1
         await delay(randDelay) // wait randDelay ms before sending it again
-
-        // TODO: The [pubsub] code seems to miss events that happened between
-        // a call to sync and the subscription time. This is a temporary measure
-        // to handle this until [pubsub] is updated.
-        if (entry.height() === lastAttemptedHeight) {
-          await sbp('okTurtles.eventQueue/queueEvent', entry.contractID(), ['chelonia/private/in/syncContract', entry.contractID()])
-        }
       } else {
         const message = (await r.json())?.message
         console.error(`[chelonia] ERROR: failed to publish ${entry.description()}: ${r.status} - ${r.statusText}: ${message}`, entry)
@@ -1372,7 +1369,7 @@ const handleEvent = {
     const id = message.id()
     const signingKeyId = message.signingKeyId()
 
-    const callSideEffect = (field) => {
+    const callSideEffect = async (field) => {
       let v = field.valueOf()
       let innerSigningKeyId: string | typeof undefined
       if (isSignedData(v)) {
@@ -1398,7 +1395,7 @@ const handleEvent = {
           return getContractIDfromKeyId(contractID, innerSigningKeyId, state)
         }
       }
-      return Promise.resolve(sbp(`${manifestHash}/${action}/sideEffect`, mutation))
+      return await sbp(`${manifestHash}/${action}/sideEffect`, mutation)
     }
     const msg = Object(message.message())
 
diff --git a/shared/domains/chelonia/utils.js b/shared/domains/chelonia/utils.js
index 229e630da2..3b345054da 100644
--- a/shared/domains/chelonia/utils.js
+++ b/shared/domains/chelonia/utils.js
@@ -485,9 +485,7 @@ export const recreateEvent = async (entry: GIMessage, state: Object): Promise<ty
 
   if (!newRawOpV) return
 
-  const newOp = opT === GIMessage.OP_ATOMIC && (newRawOpV: any).length === 1
-    ? (newRawOpV: any)[0]
-    : [opT, newRawOpV]
+  const newOp = [opT, newRawOpV]
 
   entry = GIMessage.cloneWith(
     head, newOp, { previousHEAD, height: previousHeight + 1 }
diff --git a/shared/pubsub.js b/shared/pubsub.js
index dcaf1ef474..35e19bafad 100644
--- a/shared/pubsub.js
+++ b/shared/pubsub.js
@@ -327,11 +327,11 @@ const defaultClientEventHandlers = {
         client.socket?.close()
       }, options.pingTimeout)
     }
-    // We only need to handle contract resynchronization here when reconnecting.
-    // Not on initial connection, since the login code already does it.
-    if (!client.isNew) {
-      client.pendingSyncSet = new Set(client.pendingSubscriptionSet)
-    }
+    // Handle contract resynchronization after subscribing to a contract
+    // We need this to process events that may have happened in between our
+    // latest state and the time the subscription was set up (since only new
+    // events are sent over the web socket)
+    client.pendingSyncSet = new Set(client.pendingSubscriptionSet)
     // Send any pending subscription request.
     client.pendingSubscriptionSet.forEach((contractID) => {
       client.socket?.send(createRequest(REQUEST_TYPE.SUB, { contractID }, true))
@@ -425,7 +425,11 @@ const defaultMessageHandlers = {
         client.pendingSubscriptionSet.delete(contractID)
         client.subscriptionSet.add(contractID)
         if (client.pendingSyncSet.has(contractID)) {
-          sbp('chelonia/contract/sync', contractID)
+          // We call sync to fetch events that we may have missed while the
+          // subscription was being set up
+          // The sync must be forced because we've subscribed to the contract,
+          // and if it's not forced sync will not fetch the latest events
+          sbp('chelonia/contract/sync', contractID, { force: true })
           client.pendingSyncSet.delete(contractID)
         }
         break

From 65a6d7499a3b0e0caa40c4d3b45834880bf0a8c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 8 Nov 2023 19:28:04 +0100
Subject: [PATCH 09/29] Deferred remove

---
 frontend/controller/actions/utils.js    | 13 ++++++----
 frontend/model/contracts/group.js       |  7 +++--
 frontend/model/contracts/manifests.json |  6 ++---
 shared/domains/chelonia/chelonia.js     | 14 ++++++++--
 shared/domains/chelonia/internals.js    | 34 ++++++++++++++++++-------
 5 files changed, 51 insertions(+), 23 deletions(-)

diff --git a/frontend/controller/actions/utils.js b/frontend/controller/actions/utils.js
index 487928b7f9..d565e93635 100644
--- a/frontend/controller/actions/utils.js
+++ b/frontend/controller/actions/utils.js
@@ -38,13 +38,14 @@ export const encryptedAction = (
   }
   return {
     [action]: async function (params: GIActionParams) {
+      const contractID = params.contractID
+      if (!contractID) {
+        throw new Error('Missing contract ID')
+      }
+
       try {
-        const contractID = params.contractID
-        if (!contractID) {
-          throw new Error('Missing contract ID')
-        }
         // Writing to a contract requires being subscribed to it
-        await sbp('chelonia/contract/sync', contractID)
+        await sbp('chelonia/contract/sync', contractID, { deferredRemove: true })
         const state = {
           [contractID]: await sbp('chelonia/latestContractState', contractID)
         }
@@ -112,6 +113,8 @@ export const encryptedAction = (
           ? `${humanError} ${LError(e).reportError}`
           : humanError(params, e)
         throw new GIErrorUIRuntimeError(userFacingErrStr, { cause: e })
+      } finally {
+        await sbp('chelonia/contract/remove', contractID, { removeIfPending: true })
       }
     }
   }
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 6b8d1b6a9a..e465a7cb93 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -279,7 +279,7 @@ const removeGroupChatroomProfile = (state, chatRoomID, member) => {
   )
 }
 
-const leaveChatRoomAction = (state, { chatRoomID, member, leavingGroup }, meta) => {
+const leaveChatRoomAction = (state, { chatRoomID, member }, meta, leavingGroup) => {
   const sendingData = leavingGroup
     ? { member: member }
     : { member: member, username: meta.username }
@@ -339,9 +339,8 @@ const leaveAllChatRoomsUponLeaving = (state, member, meta) => {
     .filter(cID => chatRooms[cID].users?.[member]?.status === PROFILE_STATUS.REMOVED)
     .map((chatRoomID) => leaveChatRoomAction(state, {
       chatRoomID,
-      member,
-      leavingGroup: true
-    }, meta))
+      member
+    }, meta, true))
   )
 }
 
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 4fd128c408..e200fef84e 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
-    "gi.contracts/chatroom": "21XWnNU9378zyGY4FLr2WE8NYYtV7qe9QimUBYNwZpeM8X7hz4",
-    "gi.contracts/group": "21XWnNRpqRP518XdoAKurByANXMqbHpK4di91v4mscViAdDNma",
-    "gi.contracts/identity": "21XWnNSxNrVFTMBCUVcZV3CG833gTbJ9V8ZyX7Fxgmpj9rNy4r"
+    "gi.contracts/chatroom": "21XWnNHysv8qLzZ2csKW1FK2mZZxYJcTVCVthj4Gj8aa7cZs71",
+    "gi.contracts/group": "21XWnNHjL4wghFbMify2JVxiyy2ELfQYoWiBkDcqm14D8pgwU7",
+    "gi.contracts/identity": "21XWnNHcybuNT76JtFVbHR6cm7XcGur49ACsAEHRSjCzki2E4K"
   }
 }
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index 1d8eeed21d..8031ef8b58 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -534,7 +534,7 @@ export default (sbp('sbp/selectors/register', {
   },
   // 'chelonia/contract' - selectors related to injecting remote data and monitoring contracts
   // TODO: add an optional parameter to "retain" the contract (see #828)
-  'chelonia/contract/sync': function (contractIDs: string | string[], params?: { force?: boolean }): Promise<*> {
+  'chelonia/contract/sync': function (contractIDs: string | string[], params?: { force?: boolean, deferredRemove?: boolean }): Promise<*> {
     const listOfIds = typeof contractIDs === 'string' ? [contractIDs] : contractIDs
     const forcedSync = !!params?.force
     const rootState = sbp(this.config.stateSelector)
@@ -563,9 +563,19 @@ export default (sbp('sbp/selectors/register', {
   },
   // TODO: implement 'chelonia/contract/release' (see #828)
   // safer version of removeImmediately that waits to finish processing events for contractIDs
-  'chelonia/contract/remove': function (contractIDs: string | string[]): Promise<*> {
+  'chelonia/contract/remove': function (contractIDs: string | string[], params?: { removeIfPending?: boolean}): Promise<*> {
+    const rootState = sbp(this.config.stateSelector)
     const listOfIds = typeof contractIDs === 'string' ? [contractIDs] : contractIDs
     return Promise.all(listOfIds.map(contractID => {
+      if (params?.removeIfPending) {
+        if (!rootState?.contracts?.[contractID]?.pendingRemove) {
+          return undefined
+        }
+      } else if (rootState.contracts?.[contractID]?.deferredRemove) {
+        rootState.contracts[contractID].pendingRemove = true
+        return undefined
+      }
+
       return sbp('okTurtles.eventQueue/queueEvent', contractID, [
         'chelonia/contract/removeImmediately', contractID
       ])
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index f3cd5b1fd6..484b30d6dc 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -257,7 +257,6 @@ export default (sbp('sbp/selectors/register', {
   'chelonia/private/noop': function () {},
   'chelonia/private/out/publishEvent': async function (entry: GIMessage, { maxAttempts = 5 } = {}, hooks) {
     let attempt = 1
-    let lastAttemptedHeight
     // auto resend after short random delay
     // https://github.com/okTurtles/group-income/issues/608
     hooks?.prepublish?.(entry)
@@ -269,7 +268,7 @@ export default (sbp('sbp/selectors/register', {
       // 'latest' state may be for that contract (in case we were receiving
       // something over the web socket)
       // This also ensures that the state doesn't change while reading it
-      lastAttemptedHeight = entry.height()
+      entry.height()
       entry = await sbp('okTurtles.eventQueue/queueEvent', entry.contractID(), () => {
         const rootState = sbp(this.config.stateSelector)
         const state = rootState[entry.contractID()]
@@ -792,7 +791,7 @@ export default (sbp('sbp/selectors/register', {
     sbp('chelonia/private/enqueuePostSyncOps', contractID)
     return result
   },
-  'chelonia/private/in/syncContract': async function (contractID: string) {
+  'chelonia/private/in/syncContract': async function (contractID: string, params?: { force?: boolean, deferredRemove?: boolean }) {
     const state = sbp(this.config.stateSelector)
     const { HEAD: latest } = await sbp('chelonia/out/latestHEADInfo', contractID)
     console.debug(`[chelonia] syncContract: ${contractID} latestHash is: ${latest}`)
@@ -800,10 +799,18 @@ export default (sbp('sbp/selectors/register', {
     let recent
     if (state.contracts[contractID]) {
       recent = state.contracts[contractID].HEAD
-    } else if (!state.pending.includes(contractID)) {
+      if (params?.deferredRemove && !state.contracts[contractID].deferredRemove) {
+        state.contracts[contractID].deferredRemove = params.deferredRemove
+      }
+    } else {
+      const entry = state.pending.find((entry) => entry === contractID || entry?.contractID === contractID)
       // we're syncing a contract for the first time, make sure to add to pending
       // so that handleEvents knows to expect events from this contract
-      state.pending.push(contractID)
+      if (!entry) {
+        state.pending.push({ contractID, deferredRemove: params?.deferredRemove })
+      } else if (params?.deferredRemove && !entry.deferredRemove) {
+        entry.deferredRemove = params.deferredRemove
+      }
     }
     sbp('okTurtles.events/emit', CONTRACT_IS_SYNCING, contractID, true)
     this.currentSyncs[contractID] = { firstSync: !state.contracts[contractID] }
@@ -1223,7 +1230,7 @@ export default (sbp('sbp/selectors/register', {
     try {
       preHandleEvent?.(message)
       // verify we're expecting to hear from this contract
-      if (!state.pending.includes(contractID) && !state.contracts[contractID]) {
+      if (!state.pending.some((entry) => entry?.contractID === contractID) && !state.contracts[contractID]) {
         console.warn(`[chelonia] WARN: ignoring unexpected event ${message.description()}:`, message.serialize())
         return
       }
@@ -1349,10 +1356,19 @@ const handleEvent = {
       }
       console.debug(`contract ${type} registered for ${contractID}`)
       if (!state[contractID]) this.config.reactiveSet(state, contractID, Object.create(null))
-      this.config.reactiveSet(state.contracts, contractID, { type, HEAD: contractID, height: 0 })
+      const entry = state.pending.find((entry) => entry?.contractID === contractID)
+      if (entry?.deferredRemove) {
+        this.config.reactiveSet(state.contracts, contractID, { type, HEAD: contractID, height: 0, deferredRemove: true })
+      } else {
+        this.config.reactiveSet(state.contracts, contractID, { type, HEAD: contractID, height: 0 })
+      }
       // we've successfully received it back, so remove it from expectation pending
-      const index = state.pending.indexOf(contractID)
-      index !== -1 && state.pending.splice(index, 1)
+      if (entry) {
+        const index = state.pending.indexOf(entry)
+        if (index !== -1) {
+          state.pending.splice(index, 1)
+        }
+      }
       sbp('okTurtles.events/emit', CONTRACTS_MODIFIED, state.contracts)
     }
     await sbp('chelonia/private/in/processMessage', message, state[contractID], internalSideEffectStack)

From 0596f30a9c5e9ad9370acc7ac62199644cffe481 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 8 Nov 2023 19:52:39 +0100
Subject: [PATCH 10/29] Fixes to "chelonia/private/deleteRevokedKeys"

---
 shared/domains/chelonia/internals.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 484b30d6dc..1e9ee90bbd 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -997,15 +997,15 @@ export default (sbp('sbp/selectors/register', {
     const keysToDelete = Object.entries(pendingKeyRevocations).filter(([, v]) => v === 'del').map(([id]) => id)
 
     // Aggregate the keys that we can delete to send them in a single operation
-    const [, signingKeyId, keyIds] = keysToDelete.reduce((acc, cv) => {
+    const [, signingKeyId, keyIds] = keysToDelete.reduce((acc, keyId) => {
       const [currentRingLevel, currentSigningKeyId, currentKeyIds] = acc
-      const ringLevel = Math.min(currentRingLevel, contractState._vm?.authorizedKeys?.[keyId].ringLevel)
+      const ringLevel = Math.min(currentRingLevel, contractState._vm?.authorizedKeys?.[keyId]?.ringLevel ?? Number.POSITIVE_INFINITY)
       if (ringLevel >= currentRingLevel) {
-        return [currentRingLevel, currentSigningKeyId, (currentKeyIds: any).push(cv)]
+        return [currentRingLevel, currentSigningKeyId, (currentKeyIds: any).push(keyId)]
       } else if (Number.isFinite(ringLevel)) {
         const signingKeyId = findSuitableSecretKeyId(contractState, [GIMessage.OP_KEY_DEL], ['sig'], ringLevel)
         if (signingKeyId) {
-          return [ringLevel, signingKeyId, (currentKeyIds: any).push(cv)]
+          return [ringLevel, signingKeyId, (currentKeyIds: any).push(keyId)]
         }
       }
       return acc

From 2a6d64dcca937967a813ebca7a5b54907721a1af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 8 Nov 2023 20:07:55 +0100
Subject: [PATCH 11/29] Re-add sync to publishEvent

---
 shared/domains/chelonia/internals.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 1e9ee90bbd..9ad1daf1c6 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -257,6 +257,7 @@ export default (sbp('sbp/selectors/register', {
   'chelonia/private/noop': function () {},
   'chelonia/private/out/publishEvent': async function (entry: GIMessage, { maxAttempts = 5 } = {}, hooks) {
     let attempt = 1
+    let lastAttemptedHeight
     // auto resend after short random delay
     // https://github.com/okTurtles/group-income/issues/608
     hooks?.prepublish?.(entry)
@@ -268,7 +269,7 @@ export default (sbp('sbp/selectors/register', {
       // 'latest' state may be for that contract (in case we were receiving
       // something over the web socket)
       // This also ensures that the state doesn't change while reading it
-      entry.height()
+      lastAttemptedHeight = entry.height()
       entry = await sbp('okTurtles.eventQueue/queueEvent', entry.contractID(), () => {
         const rootState = sbp(this.config.stateSelector)
         const state = rootState[entry.contractID()]
@@ -321,6 +322,13 @@ export default (sbp('sbp/selectors/register', {
         console.warn(`[chelonia] publish attempt ${attempt} of ${maxAttempts} failed. Waiting ${randDelay} msec before resending ${entry.description()}`)
         attempt += 1
         await delay(randDelay) // wait randDelay ms before sending it again
+
+        // TODO: The [pubsub] code seems to miss events that happened between
+        // a call to sync and the subscription time. This is a temporary measure
+        // to handle this until [pubsub] is updated.
+        if (entry.height() === lastAttemptedHeight) {
+          await sbp('chelonia/contract/sync', entry.contractID(), { force: true })
+        }
       } else {
         const message = (await r.json())?.message
         console.error(`[chelonia] ERROR: failed to publish ${entry.description()}: ${r.status} - ${r.statusText}: ${message}`, entry)

From db5b43b27c8916d047e4e19dd513b61576707df2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 8 Nov 2023 21:27:57 +0100
Subject: [PATCH 12/29] Bugfix: reducer at deleteRevokedKeys

---
 shared/domains/chelonia/internals.js | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 9ad1daf1c6..7effc7e1d0 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -964,8 +964,8 @@ export default (sbp('sbp/selectors/register', {
       // of waiting, we need to remove it ourselves
       const keyId = findKeyIdByName(contractState, keyName)
       if (!keyId) {
+        console.log('@@@@ pendingWatch --- pushed to keysToDelete', { contractID, externalContractID, keyName, state: cloneDeep(contractState) })
         keysToDelete.push(externalId)
-
         return
       }
 
@@ -1009,11 +1009,13 @@ export default (sbp('sbp/selectors/register', {
       const [currentRingLevel, currentSigningKeyId, currentKeyIds] = acc
       const ringLevel = Math.min(currentRingLevel, contractState._vm?.authorizedKeys?.[keyId]?.ringLevel ?? Number.POSITIVE_INFINITY)
       if (ringLevel >= currentRingLevel) {
-        return [currentRingLevel, currentSigningKeyId, (currentKeyIds: any).push(keyId)]
+        (currentKeyIds: any).push(keyId)
+        return [currentRingLevel, currentSigningKeyId, currentKeyIds]
       } else if (Number.isFinite(ringLevel)) {
         const signingKeyId = findSuitableSecretKeyId(contractState, [GIMessage.OP_KEY_DEL], ['sig'], ringLevel)
         if (signingKeyId) {
-          return [ringLevel, signingKeyId, (currentKeyIds: any).push(keyId)]
+          (currentKeyIds: any).push(keyId)
+          return [ringLevel, signingKeyId, currentKeyIds]
         }
       }
       return acc
@@ -1024,8 +1026,8 @@ export default (sbp('sbp/selectors/register', {
     const contractName = contractState._vm.type
 
     // This is safe to do without await because it's sending an operation
-    // Using await could deadlock when retying to send the message
-    sbp('chelonia/out/keyDel', { contractID, contractName: contractName, data: keyIds, signingKeyId })
+    // Using await could deadlock when retrying to send the message
+    sbp('chelonia/out/keyDel', { contractID, contractName, data: keyIds, signingKeyId })
   },
   'chelonia/private/respondToAllKeyRequests': function (contractID: string) {
     const state = sbp(this.config.stateSelector)

From 4f9f4ce4ee03b03a586c428f4a94252327625e38 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 8 Nov 2023 21:50:40 +0100
Subject: [PATCH 13/29] Test state.contracts[cID] instead of state[cID]

---
 shared/domains/chelonia/internals.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 7effc7e1d0..828792cc7a 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -811,7 +811,7 @@ export default (sbp('sbp/selectors/register', {
         state.contracts[contractID].deferredRemove = params.deferredRemove
       }
     } else {
-      const entry = state.pending.find((entry) => entry === contractID || entry?.contractID === contractID)
+      const entry = state.pending.find((entry) => entry?.contractID === contractID)
       // we're syncing a contract for the first time, make sure to add to pending
       // so that handleEvents knows to expect events from this contract
       if (!entry) {
@@ -952,7 +952,7 @@ export default (sbp('sbp/selectors/register', {
       return
     }
 
-    if (!has(rootState, contractID)) {
+    if (!has(rootState.contracts, contractID)) {
       await sbp('chelonia/private/in/syncContract', contractID)
     }
 

From 4f91d6bd68e7a9693800e303e085c10f02fd3435 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Thu, 9 Nov 2023 19:58:16 +0100
Subject: [PATCH 14/29] Bugfixes:

  * Pass params from sync to syncContract
  * Use fresh state in signData and encryptData
  * Check membership status in Join.vue
---
 frontend/controller/actions/chatroom.js  |  8 ++---
 frontend/controller/actions/group.js     |  6 ++--
 frontend/controller/actions/identity.js  |  5 ++-
 frontend/controller/actions/index.js     |  6 ++--
 frontend/model/contracts/group.js        |  7 ++--
 frontend/model/contracts/manifests.json  |  2 +-
 frontend/views/pages/Join.vue            |  4 ++-
 shared/domains/chelonia/chelonia.js      | 44 ++++++++++++------------
 shared/domains/chelonia/encryptedData.js | 21 ++++++-----
 shared/domains/chelonia/internals.js     | 18 ++++++----
 shared/domains/chelonia/signedData.js    | 22 ++++++------
 11 files changed, 74 insertions(+), 69 deletions(-)

diff --git a/frontend/controller/actions/chatroom.js b/frontend/controller/actions/chatroom.js
index 3ca4912897..2a32234364 100644
--- a/frontend/controller/actions/chatroom.js
+++ b/frontend/controller/actions/chatroom.js
@@ -208,7 +208,7 @@ export default (sbp('sbp/selectors/register', {
           id: newId,
           meta: {
             private: {
-              content: encryptedOutgoingData(rootState[pContractID], CEKid, serializeKey(newKey, true))
+              content: encryptedOutgoingData(pContractID, CEKid, serializeKey(newKey, true))
             }
           }
         }))
@@ -235,19 +235,15 @@ export default (sbp('sbp/selectors/register', {
     }
 
     try {
-      await sbp('chelonia/contract/sync', params.contractID)
-
       const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
       const userCSKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'csk')
 
-      const state = rootState[params.contractID]
-
       // Add the user's CSK to the contract
       await sbp('chelonia/out/keyAdd', {
         contractID: params.contractID,
         contractName: 'gi.contracts/chatroom',
         // TODO: Find a way to have this wrapping be done by Chelonia directly
-        data: [encryptedOutgoingData(state, CEKid, {
+        data: [encryptedOutgoingData(params.contractID, CEKid, {
           foreignKey: `sp:${encodeURIComponent(userID)}?keyName=${encodeURIComponent('csk')}`,
           id: userCSKid,
           data: rootState[userID]._vm.authorizedKeys[userCSKid].data,
diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index 2e1184fdf7..fa31a7ad60 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -408,7 +408,7 @@ export default (sbp('sbp/selectors/register', {
           await sbp('chelonia/out/keyAdd', {
             contractID: params.contractID,
             contractName: 'gi.contracts/group',
-            data: [encryptedOutgoingData(state, CEKid, {
+            data: [encryptedOutgoingData(params.contractID, CEKid, {
               foreignKey: `sp:${encodeURIComponent(userID)}?keyName=${encodeURIComponent('csk')}`,
               id: userCSKid,
               data: rootState[userID]._vm.authorizedKeys[userCSKid].data,
@@ -436,7 +436,7 @@ export default (sbp('sbp/selectors/register', {
           await sbp('chelonia/out/keyAdd', {
             contractID: userID,
             contractName: 'gi.contracts/identity',
-            data: [encryptedOutgoingData(rootState[userID], userCEKid, {
+            data: [encryptedOutgoingData(userID, userCEKid, {
               foreignKey: `sp:${encodeURIComponent(params.contractID)}?keyName=${encodeURIComponent('csk')}`,
               id: CSKid,
               data: state._vm.authorizedKeys[CSKid].data,
@@ -557,7 +557,7 @@ export default (sbp('sbp/selectors/register', {
               id: newId,
               meta: {
                 private: {
-                  content: encryptedOutgoingData(rootState[pContractID], CEKid, serializeKey(newKey, true))
+                  content: encryptedOutgoingData(pContractID, CEKid, serializeKey(newKey, true))
                 }
               }
             }))
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index 0444daffaf..e7950625f1 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -531,7 +531,6 @@ export default (sbp('sbp/selectors/register', {
 
     // TODO: Also share PEK with DMs
     return Promise.all((state.loginState?.groupIds || []).filter(groupID => !!rootState.contracts[groupID]).map(groupID => {
-      const groupState = rootState[groupID]
       const CEKid = findKeyIdByName(rootState[groupID], 'cek')
       const CSKid = findKeyIdByName(rootState[groupID], 'csk')
 
@@ -544,14 +543,14 @@ export default (sbp('sbp/selectors/register', {
       return sbp('chelonia/out/keyShare', {
         contractID: groupID,
         contractName: rootState.contracts[groupID].type,
-        data: encryptedOutgoingData(groupState, CEKid, {
+        data: encryptedOutgoingData(groupID, CEKid, {
           contractID: groupID,
           // $FlowFixMe
           keys: Object.values(newKeys).map(([, newKey, newId]: [any, Key, string]) => ({
             id: newId,
             meta: {
               private: {
-                content: encryptedOutgoingData(groupState, CEKid, serializeKey(newKey, true))
+                content: encryptedOutgoingData(groupID, CEKid, serializeKey(newKey, true))
               }
             }
           }))
diff --git a/frontend/controller/actions/index.js b/frontend/controller/actions/index.js
index ab4dde8f96..3a7502ff4b 100644
--- a/frontend/controller/actions/index.js
+++ b/frontend/controller/actions/index.js
@@ -64,7 +64,7 @@ sbp('sbp/selectors/register', {
         id: keyId,
         meta: {
           private: {
-            content: encryptedOutgoingData(state, CEKid, key)
+            content: encryptedOutgoingData(contractID, CEKid, key)
           }
         }
       }))
@@ -73,7 +73,7 @@ sbp('sbp/selectors/register', {
     await sbp('chelonia/out/keyShare', {
       contractID,
       contractName,
-      data: encryptedOutgoingData(state, CEKid, payload),
+      data: encryptedOutgoingData(contractID, CEKid, payload),
       signingKeyId: signingKeyId
     })
   },
@@ -140,7 +140,7 @@ sbp('sbp/selectors/register', {
               // is already present in _vm.authorizedKeys and because it may
               // be rotated between the time we issue this operation and the
               // time it is written to the contract
-              : encryptedOutgoingData(state, keyId(encryptionKey), serializeKey(newKey, true)),
+              : encryptedOutgoingData(contractID, keyId(encryptionKey), serializeKey(newKey, true)),
             shareable: state._vm.authorizedKeys[id].meta.private.shareable
           }
         }
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index e465a7cb93..3c2028fc68 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -995,7 +995,7 @@ sbp('chelonia/defineContract', {
       sideEffect ({ data, meta, contractID }, { state, getters }) {
         // Put this invocation at the end of a sync to ensure that leaving and
         // re-joining works
-        sbp('chelonia/queueInvocation', contractID, () => sbp('gi.contracts/group/leaveGroup', { data, meta, contractID }, { state, getters })).catch(e => {
+        sbp('chelonia/queueInvocation', contractID, () => sbp('gi.contracts/group/leaveGroup', { data, meta, contractID, getters })).catch(e => {
           console.error(`[gi.contracts/group/removeMember/sideEffect] Error ${e.name} during queueInvocation for ${contractID}`, e)
         })
       }
@@ -1546,7 +1546,7 @@ sbp('chelonia/defineContract', {
         console.error(`Unable to join ${member} to chatroom ${chatRoomID} for group ${contractID}`, e)
       })
     },
-    'gi.contracts/group/leaveGroup': async ({ data, meta, contractID }, { getters }) => {
+    'gi.contracts/group/leaveGroup': async ({ data, meta, contractID, getters }) => {
       const rootState = sbp('state/vuex/state')
       const rootGetters = sbp('state/vuex/getters')
       const state = rootState[contractID]
@@ -1708,9 +1708,6 @@ sbp('chelonia/defineContract', {
       if (!keyIds?.length) return
 
       const CSKid = findKeyIdByName(state, 'csk')
-      const CEKid = findKeyIdByName(state, 'cek')
-
-      if (!CEKid) throw new Error('Missing encryption key')
 
       sbp('chelonia/out/keyDel', {
         contractID,
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index e200fef84e..40fc650f9c 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNHysv8qLzZ2csKW1FK2mZZxYJcTVCVthj4Gj8aa7cZs71",
-    "gi.contracts/group": "21XWnNHjL4wghFbMify2JVxiyy2ELfQYoWiBkDcqm14D8pgwU7",
+    "gi.contracts/group": "21XWnNGjF4Uby29AUmRZ4QTWBQHp5QQdR7f8htogFjZ8tHXMKR",
     "gi.contracts/identity": "21XWnNHcybuNT76JtFVbHR6cm7XcGur49ACsAEHRSjCzki2E4K"
   }
 }
diff --git a/frontend/views/pages/Join.vue b/frontend/views/pages/Join.vue
index bde6db6133..6278156558 100644
--- a/frontend/views/pages/Join.vue
+++ b/frontend/views/pages/Join.vue
@@ -132,8 +132,10 @@ export default ({
         }
         if (this.ourUsername) {
           if (this.currentGroupId && [PROFILE_STATUS.ACTIVE, PROFILE_STATUS.PENDING].includes(this.$store.state.contracts[this.ephemeral.query.groupId]?.profiles?.[this.ourUsername])) {
+            console.log('Join.vue, pushing /dashboard')
             this.$router.push({ path: '/dashboard' })
           } else {
+            console.log('Join.vue, calling this.accept()')
             await this.accept()
           }
           return
@@ -166,7 +168,7 @@ export default ({
     async accept () {
       this.ephemeral.errorMsg = null
       const { groupId, secret } = this.ephemeral.query
-      if (this.$store.state.contracts[groupId]) {
+      if ([PROFILE_STATUS.ACTIVE, PROFILE_STATUS.PENDING].includes(this.$store.state.contracts[groupId]?.profiles?.[this.ourUsername]?.status)) {
         return this.$router.push({ path: '/dashboard' })
       }
       try {
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index 8031ef8b58..4217ac6440 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -540,6 +540,9 @@ export default (sbp('sbp/selectors/register', {
     const rootState = sbp(this.config.stateSelector)
     return Promise.all(listOfIds.map(contractID => {
       if (!forcedSync && has(rootState.contracts, contractID)) {
+        if (params?.deferredRemove && !rootState.contracts[contractID].deferredRemove) {
+          rootState.contracts[contractID].deferredRemove = params.deferredRemove
+        }
         return undefined
       }
       // enqueue this invocation in a serial queue to ensure
@@ -548,7 +551,7 @@ export default (sbp('sbp/selectors/register', {
       // queuing the 'chelonia/private/in/handleEvent' selector, defined below.
       // This prevents handleEvent getting called with the wrong previousHEAD for an event.
       return sbp('okTurtles.eventQueue/queueEvent', contractID, [
-        'chelonia/private/in/syncContract', contractID
+        'chelonia/private/in/syncContract', contractID, params
       ]).catch((err) => {
         console.error(`[chelonia] failed to sync ${contractID}:`, err)
         throw err // re-throw the error
@@ -762,14 +765,13 @@ export default (sbp('sbp/selectors/register', {
       throw new TypeError('Either signingKeyId or signingKey must be specified')
     }
 
-    const state = destinationContract.state(contractID)
     let msg = GIMessage.createV1_0({
-      contractID: contractID,
+      contractID,
       originatingContractID,
       op: [
         GIMessage.OP_KEY_SHARE,
         params.signingKeyId
-          ? signedOutgoingData(state, params.signingKeyId, payload, this.transientSecretKeys)
+          ? signedOutgoingData(contractID, params.signingKeyId, payload, this.transientSecretKeys)
           // $FlowFixMe
           : signedOutgoingDataWithRawKey(params.signingKey, payload)
       ],
@@ -809,7 +811,7 @@ export default (sbp('sbp/selectors/register', {
       contractID,
       op: [
         GIMessage.OP_KEY_ADD,
-        signedOutgoingData(state, params.signingKeyId, payload, this.transientSecretKeys)
+        signedOutgoingData(contractID, params.signingKeyId, payload, this.transientSecretKeys)
       ],
       manifest: manifestHash
     })
@@ -831,7 +833,7 @@ export default (sbp('sbp/selectors/register', {
       // $FlowFixMe
       if (!has(state._vm.authorizedKeys, keyId) || state._vm.authorizedKeys[keyId]._notAfterHeight != null) return undefined
       if (state._vm.authorizedKeys[keyId]._private) {
-        return encryptedOutgoingData(state, state._vm.authorizedKeys[keyId]._private, keyId)
+        return encryptedOutgoingData(contractID, state._vm.authorizedKeys[keyId]._private, keyId)
       } else {
         return keyId
       }
@@ -841,7 +843,7 @@ export default (sbp('sbp/selectors/register', {
       contractID,
       op: [
         GIMessage.OP_KEY_DEL,
-        signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
+        signedOutgoingData(contractID, params.signingKeyId, (payload: any), this.transientSecretKeys)
       ],
       manifest: manifestHash
     })
@@ -863,7 +865,7 @@ export default (sbp('sbp/selectors/register', {
       // $FlowFixMe
       const { oldKeyId } = key
       if (state._vm.authorizedKeys[oldKeyId]._private) {
-        return encryptedOutgoingData(state, state._vm.authorizedKeys[oldKeyId]._private, key)
+        return encryptedOutgoingData(contractID, state._vm.authorizedKeys[oldKeyId]._private, key)
       } else {
         return key
       }
@@ -873,7 +875,7 @@ export default (sbp('sbp/selectors/register', {
       contractID,
       op: [
         GIMessage.OP_KEY_UPDATE,
-        signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
+        signedOutgoingData(contractID, params.signingKeyId, (payload: any), this.transientSecretKeys)
       ],
       manifest: manifestHash
     })
@@ -921,11 +923,11 @@ export default (sbp('sbp/selectors/register', {
         allowedActions: params.allowedActions,
         meta: {
           private: {
-            content: encryptedOutgoingData(originatingState, encryptionKeyId, keyRequestReplyKeyS),
+            content: encryptedOutgoingData(originatingContractID, encryptionKeyId, keyRequestReplyKeyS),
             shareable: false
           },
           keyRequest: {
-            contractID: fullEncryption ? encryptedOutgoingData(originatingState, encryptionKeyId, contractID) : contractID
+            contractID: fullEncryption ? encryptedOutgoingData(originatingContractID, encryptionKeyId, contractID) : contractID
           }
         },
         data: keyRequestReplyKeyP
@@ -935,18 +937,18 @@ export default (sbp('sbp/selectors/register', {
     const payload = ({
       contractID: originatingContractID,
       height: rootState.contracts[originatingContractID].height,
-      replyWith: signedOutgoingData(originatingState, innerSigningKeyId, {
+      replyWith: signedOutgoingData(originatingContractID, innerSigningKeyId, {
         encryptionKeyId,
-        responseKey: encryptedOutgoingData(state, innerEncryptionKeyId, keyRequestReplyKeyS)
+        responseKey: encryptedOutgoingData(contractID, innerEncryptionKeyId, keyRequestReplyKeyS)
       }, this.transientSecretKeys)
     }: GIOpKeyRequest)
     let msg = GIMessage.createV1_0({
       contractID,
       op: [
         GIMessage.OP_KEY_REQUEST,
-        signedOutgoingData(state, params.signingKeyId,
+        signedOutgoingData(contractID, params.signingKeyId,
           fullEncryption
-            ? (encryptedOutgoingData(state, innerEncryptionKeyId, payload): any)
+            ? (encryptedOutgoingData(contractID, innerEncryptionKeyId, payload): any)
             : payload, this.transientSecretKeys
         )
       ],
@@ -962,13 +964,12 @@ export default (sbp('sbp/selectors/register', {
     if (!contract) {
       throw new Error('Contract name not found')
     }
-    const state = contract.state(contractID)
     const payload = (data: GIOpKeyRequestSeen)
     let message = GIMessage.createV1_0({
       contractID,
       op: [
         GIMessage.OP_KEY_REQUEST_SEEN,
-        signedOutgoingData(state, params.signingKeyId, payload, this.transientSecretKeys)
+        signedOutgoingData(contractID, params.signingKeyId, payload, this.transientSecretKeys)
       ],
       manifest: manifestHash
     })
@@ -984,7 +985,6 @@ export default (sbp('sbp/selectors/register', {
     if (!contract) {
       throw new Error('Contract name not found')
     }
-    const state = contract.state(contractID)
     const payload = (await Promise.all(data.map(([selector, opParams]) => {
       if (!['chelonia/out/actionEncrypted', 'chelonia/out/actionUnencrypted', 'chelonia/out/keyAdd', 'chelonia/out/keyDel', 'chelonia/out/keyUpdate', 'chelonia/out/keyRequestResponse', 'chelonia/out/keyShare'].includes(selector)) {
         throw new Error('Selector not allowed in OP_ATOMIC: ' + selector)
@@ -997,7 +997,7 @@ export default (sbp('sbp/selectors/register', {
       contractID,
       op: [
         GIMessage.OP_ATOMIC,
-        signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
+        signedOutgoingData(contractID, params.signingKeyId, (payload: any), this.transientSecretKeys)
       ],
       manifest: manifestHash
     })
@@ -1038,7 +1038,7 @@ async function outEncryptedOrUnencryptedAction (
   const unencMessage = ({ action, data, meta }: GIOpActionUnencrypted)
   const signedMessage = params.innerSigningKeyId
     ? state._vm.authorizedKeys[params.innerSigningKeyId]
-      ? signedOutgoingData(state, params.innerSigningKeyId, (unencMessage: any), this.transientSecretKeys)
+      ? signedOutgoingData(contractID, params.innerSigningKeyId, (unencMessage: any), this.transientSecretKeys)
       : signedOutgoingDataWithRawKey(this.transientSecretKeys[params.innerSigningKeyId], (unencMessage: any), this.transientSecretKeys)
     : unencMessage
   if (opType === GIMessage.OP_ACTION_ENCRYPTED && !params.encryptionKeyId) {
@@ -1046,12 +1046,12 @@ async function outEncryptedOrUnencryptedAction (
   }
   const payload = opType === GIMessage.OP_ACTION_UNENCRYPTED
     ? signedMessage
-    : encryptedOutgoingData(state, ((params.encryptionKeyId: any): string), signedMessage)
+    : encryptedOutgoingData(contractID, ((params.encryptionKeyId: any): string), signedMessage)
   let message = GIMessage.createV1_0({
     contractID,
     op: [
       opType,
-      signedOutgoingData(state, params.signingKeyId, (payload: any), this.transientSecretKeys)
+      signedOutgoingData(contractID, params.signingKeyId, (payload: any), this.transientSecretKeys)
     ],
     manifest: manifestHash
   })
diff --git a/shared/domains/chelonia/encryptedData.js b/shared/domains/chelonia/encryptedData.js
index ba157db87b..565e5c58ae 100644
--- a/shared/domains/chelonia/encryptedData.js
+++ b/shared/domains/chelonia/encryptedData.js
@@ -33,18 +33,21 @@ export const isEncryptedData = (o: any): boolean => {
 
 // TODO: Check for permissions and allowedActions; this requires passing some
 // additional context
-const encryptData = function (eKeyId: string, data: any, additionalData: string) {
+const encryptData = function (stateOrContractID: string | Object, eKeyId: string, data: any, additionalData: string) {
+  const rootState = sbp('chelonia/rootState')
+  const state = typeof stateOrContractID === 'string' ? rootState[stateOrContractID] : stateOrContractID
+
   // Has the key been revoked? If so, attempt to find an authorized key by the same name
   // $FlowFixMe
-  const designatedKey = this._vm?.authorizedKeys?.[eKeyId]
+  const designatedKey = state._vm?.authorizedKeys?.[eKeyId]
   if (!designatedKey?.purpose.includes(
     'enc'
   )) {
     throw new Error(`Encryption key ID ${eKeyId} is missing or is missing encryption purpose`)
   }
   if (designatedKey._notAfterHeight !== undefined) {
-    const name = (this._vm: any).authorizedKeys[eKeyId].name
-    const newKeyId = (Object.values(this._vm?.authorizedKeys).find((v: any) => v._notAfterHeight === undefined && v.name === name && v.purpose.includes('enc')): any)?.id
+    const name = (state._vm: any).authorizedKeys[eKeyId].name
+    const newKeyId = (Object.values(state._vm?.authorizedKeys).find((v: any) => v._notAfterHeight === undefined && v.name === name && v.purpose.includes('enc')): any)?.id
 
     if (!newKeyId) {
       throw new Error(`Encryption key ID ${eKeyId} has been revoked and no new key exists by the same name (${name})`)
@@ -53,7 +56,7 @@ const encryptData = function (eKeyId: string, data: any, additionalData: string)
     eKeyId = newKeyId
   }
 
-  const key = this._vm?.authorizedKeys?.[eKeyId].data
+  const key = state._vm?.authorizedKeys?.[eKeyId].data
 
   if (!key) {
     throw new Error(`Missing encryption key ${eKeyId}`)
@@ -142,10 +145,10 @@ const decryptData = function (height: number, data: any, additionalKeys: Object,
   }
 }
 
-export const encryptedOutgoingData = <T>(state: Object, eKeyId: string, data: T): EncryptedData<T> => {
-  if (!state || data === undefined || !eKeyId) throw new TypeError('Invalid invocation')
+export const encryptedOutgoingData = <T>(stateOrContractID: string | Object, eKeyId: string, data: T): EncryptedData<T> => {
+  if (!stateOrContractID || data === undefined || !eKeyId) throw new TypeError('Invalid invocation')
 
-  const boundStringValueFn = encryptData.bind(state, eKeyId, data)
+  const boundStringValueFn = encryptData.bind(null, stateOrContractID, eKeyId, data)
 
   return wrapper({
     get encryptionKeyId () {
@@ -180,7 +183,7 @@ export const encryptedOutgoingDataWithRawKey = <T>(key: Key, data: T): Encrypted
       }
     }
   }
-  const boundStringValueFn = encryptData.bind(state, eKeyId, data)
+  const boundStringValueFn = encryptData.bind(null, state, eKeyId, data)
 
   return wrapper({
     get encryptionKeyId () {
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 828792cc7a..3fd45a1379 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -952,6 +952,12 @@ export default (sbp('sbp/selectors/register', {
       return
     }
 
+    // We check rootState.contracts[contractID] to see if we're already
+    // subscribed to the contract; if not, we call sync.
+    // If we're subscribed, we don't call sync because we should have the latest
+    // state
+    // Checking rootState[contractID] instead of rootState.contracts[contractID]
+    // could give us an incomplete state
     if (!has(rootState.contracts, contractID)) {
       await sbp('chelonia/private/in/syncContract', contractID)
     }
@@ -1116,7 +1122,7 @@ export default (sbp('sbp/selectors/register', {
           id: keyId,
           meta: {
             private: {
-              content: encryptedOutgoingData(originatingState, encryptionKeyId, key),
+              content: encryptedOutgoingData(originatingContractID, encryptionKeyId, key),
               shareable: true
             }
           }
@@ -1138,7 +1144,7 @@ export default (sbp('sbp/selectors/register', {
         contractName: originatingContractName,
         data: keyShareEncryption
           ? encryptedOutgoingData(
-            originatingState,
+            originatingContractID,
             findSuitablePublicKeyIds(originatingState, [GIMessage.OP_KEY_SHARE], ['enc'])?.[0] || '',
             keySharePayload
           )
@@ -1154,7 +1160,7 @@ export default (sbp('sbp/selectors/register', {
               id: keyId(deserializedResponseKey),
               meta: {
                 private: {
-                  content: encryptedOutgoingData(contractState, findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_REQUEST_SEEN], ['enc'])?.[0] || '', responseKey),
+                  content: encryptedOutgoingData(contractID, findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_REQUEST_SEEN], ['enc'])?.[0] || '', responseKey),
                   shareable: true
                 }
               }
@@ -1175,7 +1181,7 @@ export default (sbp('sbp/selectors/register', {
                 data:
                 krsEncryption
                   ? encryptedOutgoingData(
-                    contractState,
+                    contractID,
                     findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_REQUEST_SEEN], ['enc'])?.[0] || '',
                     payload
                   )
@@ -1189,7 +1195,7 @@ export default (sbp('sbp/selectors/register', {
               {
                 data: keyShareEncryption
                   ? encryptedOutgoingData(
-                    contractState,
+                    contractID,
                     findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_SHARE], ['enc'])?.[0] || '',
                     connectionKeyPayload
                   )
@@ -1218,7 +1224,7 @@ export default (sbp('sbp/selectors/register', {
         contractName,
         signingKeyId,
         data: krsEncryption
-          ? encryptedOutgoingData(contractState, findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_REQUEST_SEEN], ['enc'])?.[0] || '', payload)
+          ? encryptedOutgoingData(contractID, findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_REQUEST_SEEN], ['enc'])?.[0] || '', payload)
           : payload
       }).catch((e) => {
         console.error('Error at respondToKeyRequest while sending keyRequestResponse in error handler', e)
diff --git a/shared/domains/chelonia/signedData.js b/shared/domains/chelonia/signedData.js
index c3577668a3..12a326f1c9 100644
--- a/shared/domains/chelonia/signedData.js
+++ b/shared/domains/chelonia/signedData.js
@@ -37,23 +37,25 @@ export const isSignedData = (o: any): boolean => {
 
 // TODO: Check for permissions and allowedActions; this requires passing some
 // additional context
-const signData = function (sKeyId: string, data: any, extraFields: Object, additionalKeys: Object, additionalData: string) {
+const signData = function (stateOrContractID: string | Object, sKeyId: string, data: any, extraFields: Object, additionalKeys: Object, additionalData: string) {
+  const rootState = sbp('chelonia/rootState')
+  const state = typeof stateOrContractID === 'string' ? rootState[stateOrContractID] : stateOrContractID
   if (!additionalData) {
     throw new ChelErrorSignatureError('Signature additional data must be provided')
   }
   // console.debug('@@@@SIGNING_DATA [11]', JSON.parse(JSON.stringify({ state: this, sKeyId, data })))
   // Has the key been revoked? If so, attempt to find an authorized key by the same name
   // $FlowFixMe
-  const designatedKey = this._vm?.authorizedKeys?.[sKeyId]
+  const designatedKey = state._vm?.authorizedKeys?.[sKeyId]
   if (!designatedKey?.purpose.includes(
     'sig'
   )) {
     throw new ChelErrorSignatureError(`Signing key ID ${sKeyId} is missing or is missing signing purpose`)
   }
   if (designatedKey._notAfterHeight != null) {
-    const name = (this._vm: any).authorizedKeys[sKeyId].name
-    console.log({ state: this })
-    const newKeyId = (Object.values(this._vm?.authorizedKeys).find((v: any) => v._notAfterHeight != null && v.name === name && v.purpose.includes('sig')): any)?.id
+    const name = (state._vm: any).authorizedKeys[sKeyId].name
+    console.log('@@@@signData', { state })
+    const newKeyId = (Object.values(state._vm?.authorizedKeys).find((v: any) => v._notAfterHeight != null && v.name === name && v.purpose.includes('sig')): any)?.id
 
     if (!newKeyId) {
       throw new ChelErrorSignatureError(`Signing key ID ${sKeyId} has been revoked and no new key exists by the same name (${name})`)
@@ -135,8 +137,8 @@ const verifySignatureData = function (height: number, data: any, additionalData:
   }
 }
 
-export const signedOutgoingData = <T>(state: Object, sKeyId: string, data: T, additionalKeys?: Object): SignedData<T> => {
-  if (!state || data === undefined || !sKeyId) throw new TypeError('Invalid invocation')
+export const signedOutgoingData = <T>(stateOrContractID: string | Object, sKeyId: string, data: T, additionalKeys?: Object): SignedData<T> => {
+  if (!stateOrContractID || data === undefined || !sKeyId) throw new TypeError('Invalid invocation')
   const rootState = sbp('chelonia/rootState')
 
   if (!additionalKeys) {
@@ -145,7 +147,7 @@ export const signedOutgoingData = <T>(state: Object, sKeyId: string, data: T, ad
 
   const extraFields = Object.create(null)
 
-  const boundStringValueFn = signData.bind(state, sKeyId, data, extraFields, additionalKeys)
+  const boundStringValueFn = signData.bind(null, stateOrContractID, sKeyId, data, extraFields, additionalKeys)
   const serializefn = (additionalData: ?string) => boundStringValueFn(additionalData || '')
 
   return wrapper({
@@ -162,7 +164,7 @@ export const signedOutgoingData = <T>(state: Object, sKeyId: string, data: T, ad
       return () => data
     },
     get recreate () {
-      return (data: T) => signedOutgoingData(state, sKeyId, data, additionalKeys)
+      return (data: T) => signedOutgoingData(stateOrContractID, sKeyId, data, additionalKeys)
     },
     get get () {
       return (k: string) => extraFields[k]
@@ -193,7 +195,7 @@ export const signedOutgoingDataWithRawKey = <T>(key: Key, data: T, height?: numb
 
   const extraFields = Object.create(null)
 
-  const boundStringValueFn = signData.bind(state, sKeyId, data, extraFields, { [sKeyId]: key })
+  const boundStringValueFn = signData.bind(null, state, sKeyId, data, extraFields, { [sKeyId]: key })
   const serializefn = (additionalData: ?string) => boundStringValueFn(additionalData || '')
 
   return wrapper({

From 9d47c5c75c70ac56f59928df08b886489602514f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Thu, 9 Nov 2023 21:37:14 +0100
Subject: [PATCH 15/29] Move joining #General and adding group key into
 side-effect

---
 frontend/controller/actions/group.js    |  42 --------
 frontend/controller/actions/identity.js |  31 ++++++
 frontend/main.js                        |   2 +
 frontend/model/contracts/group.js       | 122 +++++++++++++++++-------
 frontend/model/contracts/manifests.json |   2 +-
 shared/domains/chelonia/chelonia.js     |   9 +-
 6 files changed, 131 insertions(+), 77 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index fa31a7ad60..a0108b0ca2 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -386,8 +386,6 @@ export default (sbp('sbp/selectors/register', {
         // In this case, we share our profile key with the group, call the
         // inviteAccept action and join the General chatroom
         if (state.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE) {
-          const generalChatRoomId = rootState[params.contractID].generalChatRoomId
-
           const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
 
           // Share our PEK with the group so that group members can see
@@ -403,7 +401,6 @@ export default (sbp('sbp/selectors/register', {
 
           const CSKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'csk')
           const userCSKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'csk')
-          const userCEKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'cek')
 
           await sbp('chelonia/out/keyAdd', {
             contractID: params.contractID,
@@ -431,45 +428,6 @@ export default (sbp('sbp/selectors/register', {
             }
           })
 
-          // Add the group's CSK to our identity contract so that we can receive
-          // key rotation updates and DMs.
-          await sbp('chelonia/out/keyAdd', {
-            contractID: userID,
-            contractName: 'gi.contracts/identity',
-            data: [encryptedOutgoingData(userID, userCEKid, {
-              foreignKey: `sp:${encodeURIComponent(params.contractID)}?keyName=${encodeURIComponent('csk')}`,
-              id: CSKid,
-              data: state._vm.authorizedKeys[CSKid].data,
-              // The OP_ACTION_ENCRYPTED is necessary to let the DM counterparty
-              // that a chatroom has just been created
-              permissions: [GIMessage.OP_ACTION_ENCRYPTED + '#inner'],
-              allowedActions: ['gi.contracts/identity/joinDirectMessage#inner'],
-              purpose: ['sig'],
-              ringLevel: Number.MAX_SAFE_INTEGER,
-              name: `${params.contractID}/${CSKid}`
-            })],
-            signingKeyId: sbp('chelonia/contract/suitableSigningKey', userID, [GIMessage.OP_KEY_ADD], ['sig'])
-          })
-
-          if (generalChatRoomId) {
-            // Join the general chatroom
-            await sbp('gi.actions/group/joinChatRoom', {
-              ...omit(params, ['options', 'data', 'hooks', 'signingKeyId']),
-              data: {
-                chatRoomID: generalChatRoomId
-              },
-              hooks: {
-                prepublish: null,
-                postpublish: params.hooks?.postpublish
-              }
-            })
-          } else {
-            // setTimeout to avoid blocking the main thread
-            setTimeout(() => {
-              alert(L("Couldn't join the #{chatroomName} in the group. Doesn't exist.", { chatroomName: CHATROOM_GENERAL_NAME }))
-            }, 0)
-          }
-
           if (rootState.currentGroupId === params.contractID) {
             await sbp('gi.actions/group/updateLastLoggedIn', { contractID: params.contractID })
           }
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index e7950625f1..9616907910 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -525,6 +525,37 @@ export default (sbp('sbp/selectors/register', {
     sbp('okTurtles.events/emit', LOGOUT)
     sbp('appLogs/pauseCapture', { wipeOut: true }) // clear stored logs to prevent someone else accessing sensitve data
   },
+  'gi.actions/identity/addJoinDirectMessageKey': async (contractID, foreignContractID, keyName) => {
+    const keyId = sbp('chelonia/contract/currentKeyIdByName', foreignContractID, keyName)
+    const CEKid = sbp('chelonia/contract/currentKeyIdByName', contractID, 'cek')
+
+    const rootState = sbp('state/vuex/state')
+    const foreignContractState = rootState[foreignContractID]
+
+    const existingForeignKeys = sbp('chelonia/contract/foreignKeysByContractID', contractID, foreignContractID)
+
+    if (existingForeignKeys?.includes(keyId)) {
+      return
+    }
+
+    return await sbp('chelonia/out/keyAdd', {
+      contractID,
+      contractName: 'gi.contracts/identity',
+      data: [encryptedOutgoingData(contractID, CEKid, {
+        foreignKey: `sp:${encodeURIComponent(foreignContractID)}?keyName=${encodeURIComponent(keyName)}`,
+        id: keyId,
+        data: foreignContractState._vm.authorizedKeys[keyId].data,
+        // The OP_ACTION_ENCRYPTED is necessary to let the DM counterparty
+        // that a chatroom has just been created
+        permissions: [GIMessage.OP_ACTION_ENCRYPTED + '#inner'],
+        allowedActions: ['gi.contracts/identity/joinDirectMessage#inner'],
+        purpose: ['sig'],
+        ringLevel: Number.MAX_SAFE_INTEGER,
+        name: `${foreignContractID}/${keyId}`
+      })],
+      signingKeyId: sbp('chelonia/contract/suitableSigningKey', contractID, [GIMessage.OP_KEY_ADD], ['sig'])
+    })
+  },
   'gi.actions/identity/shareNewPEK': (contractID: string, newKeys) => {
     const rootState = sbp('state/vuex/state')
     const state = rootState[contractID]
diff --git a/frontend/main.js b/frontend/main.js
index 73dc68ab59..577a07ae68 100644
--- a/frontend/main.js
+++ b/frontend/main.js
@@ -112,6 +112,8 @@ async function startApp () {
           'chelonia/contract/suitableSigningKey', 'chelonia/contract/currentKeyIdByName',
           'chelonia/queueInvocation', 'gi.actions/identity/updateLoginStateUponLogin',
           'gi.actions/chatroom/leave', 'gi.actions/group/groupProfileUpdate', 'gi.actions/group/displayMincomeChangedPrompt',
+          'gi.actions/group/joinChatRoom',
+          'gi.actions/identity/addJoinDirectMessageKey',
           'gi.notifications/emit',
           'gi.actions/out/rotateKeys', 'gi.actions/group/shareNewKeys', 'gi.actions/chatroom/shareNewKeys', 'gi.actions/identity/shareNewPEK',
           'chelonia/out/keyDel',
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 3c2028fc68..f4134e2f56 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -10,7 +10,8 @@ import { INVITE_STATUS } from '~/shared/domains/chelonia/constants.js'
 import {
   PROPOSAL_INVITE_MEMBER, PROPOSAL_REMOVE_MEMBER, PROPOSAL_GROUP_SETTING_CHANGE, PROPOSAL_PROPOSAL_SETTING_CHANGE, PROPOSAL_GENERIC,
   STATUS_OPEN, STATUS_CANCELLED, STATUS_EXPIRED, MAX_ARCHIVED_PROPOSALS, MAX_ARCHIVED_PERIODS, PROPOSAL_ARCHIVED, PAYMENTS_ARCHIVED, MAX_SAVED_PERIODS,
-  INVITE_INITIAL_CREATOR, PROFILE_STATUS, INVITE_EXPIRES_IN_DAYS
+  INVITE_INITIAL_CREATOR, PROFILE_STATUS, INVITE_EXPIRES_IN_DAYS,
+  CHATROOM_GENERAL_NAME
 } from './shared/constants.js'
 import { paymentStatusType, paymentType, PAYMENT_COMPLETED } from './shared/payments/index.js'
 import { createPaymentInfo, paymentHashesFromPaymentPeriod } from './shared/functions.js'
@@ -1042,43 +1043,98 @@ sbp('chelonia/defineContract', {
       // They MUST NOT call 'commit'!
       // They should only coordinate the actions of outside contracts.
       // Otherwise `latestContractState` and `handleEvent` will not produce same state!
-      async sideEffect ({ meta, contractID }, { state }) {
-        const rootGetters = sbp('state/vuex/getters')
+      sideEffect ({ meta, contractID }, { state }) {
         const { loggedIn } = sbp('state/vuex/state')
-        const { profiles = {} } = state
 
-        // TODO: per #257 this will ,have to be encompassed in a recoverable transaction
-        // however per #610 that might be handled in handleEvent (?), or per #356 might not be needed
-        if (meta.username === loggedIn.username) {
+        sbp('chelonia/queueInvocation', contractID, async () => {
+          const rootState = sbp('state/vuex/state')
+          const rootGetters = sbp('state/vuex/getters')
+          const state = rootState[contractID]
+          const { profiles = {} } = state
+
+          if (profiles[meta.username].status !== PROFILE_STATUS.ACTIVE) {
+            return
+          }
+
+          // TODO: per #257 this will ,have to be encompassed in a recoverable transaction
+          // however per #610 that might be handled in handleEvent (?), or per #356 might not be needed
+          if (meta.username === loggedIn.username) {
           // we're the person who just accepted the group invite
-          // so subscribe to founder's IdentityContract & everyone else's
-          const lookupResult = await Promise.allSettled(
-            Object.keys(profiles)
-              .filter((name) =>
-                !rootGetters.ourContactProfiles[name] && name !== loggedIn.username)
-              .map(async (name) => await sbp('namespace/lookup', name).then((r) => {
-                if (!r) throw new Error('Cannot lookup username: ' + name)
-                return r
-              }))
-          )
-          const errors = lookupResult
-            .filter(({ status }) => status === 'rejected')
-            .map((r) => (r: any).reason)
-          await sbp('chelonia/contract/sync',
-            lookupResult
-              .filter(({ status }) => status === 'fulfilled')
-              .map((r) => (r: any).value)
-          ).catch(e => errors.push(e))
-          if (errors.length) {
-            const msg = `Encountered ${errors.length} errors while accepting invites`
-            console.error(msg, errors)
-            throw new Error(msg)
+
+            const userID = loggedIn.identityContractID
+
+            // Add the group's CSK to our identity contract so that we can receive
+            // DMs.
+            await sbp('gi.actions/identity/addJoinDirectMessageKey', userID, contractID, 'csk')
+
+            const generalChatRoomId = state.generalChatRoomId
+            if (generalChatRoomId) {
+              // Join the general chatroom
+              if (state.chatRooms[generalChatRoomId]?.users?.[loggedIn.username]?.status !== PROFILE_STATUS.ACTIVE) {
+                sbp('gi.actions/group/joinChatRoom', {
+                  contractID,
+                  data: {
+                    chatRoomID: generalChatRoomId
+                  },
+                  hooks: {
+                    preSendCheck: (_, state) => {
+                      return state.chatRooms[generalChatRoomId]?.users?.[loggedIn.username]?.status !== PROFILE_STATUS.ACTIVE
+                    }
+                  }
+                }).catch((e) => {
+                  console.error('Error while joining the #General chatroom', e)
+                  // setTimeout to avoid blocking the main thread
+                  setTimeout(() => {
+                    // TODO: Replace alert()
+                    alert(L("Couldn't join the #{chatroomName} in the group. An error occurred: #{error}.", { chatroomName: CHATROOM_GENERAL_NAME, error: e?.message || e }))
+                  }, 0)
+                })
+              }
+            } else {
+              // setTimeout to avoid blocking the main thread
+              setTimeout(() => {
+                // TODO: Replace alert()
+                alert(L("Couldn't join the #{chatroomName} in the group. Doesn't exist.", { chatroomName: CHATROOM_GENERAL_NAME }))
+              }, 0)
+            }
+
+            // subscribe to founder's IdentityContract & everyone else's
+            const lookupResult = await Promise.allSettled(
+              Object.keys(profiles)
+                .filter((name) =>
+                  !rootGetters.ourContactProfiles[name] && name !== loggedIn.username)
+                .map(async (name) => await sbp('namespace/lookup', name).then((r) => {
+                  if (!r) throw new Error('Cannot lookup username: ' + name)
+                  return r
+                }))
+            )
+            const errors = lookupResult
+              .filter(({ status }) => status === 'rejected')
+              .map((r) => (r: any).reason)
+
+            await sbp('chelonia/contract/sync',
+              lookupResult
+                .filter(({ status }) => status === 'fulfilled')
+                .map((r) => (r: any).value)
+            ).catch(e => errors.push(e))
+
+            if (errors.length) {
+              const msg = `Encountered ${errors.length} errors while accepting invites`
+              console.error(msg, errors)
+              throw new Error(msg)
+            }
+          } else {
+            // we're an existing member of the group getting notified that a
+            // new member has joined, so subscribe to their identity contract
+            await sbp('chelonia/contract/sync', meta.identityContractID)
           }
-        } else {
+        }).catch(e => {
+          console.error('[gi.contracts/group/inviteAccept/sideEffect]: An error occurred', e)
+        })
+
+        if (meta.username !== loggedIn.username) {
+          const { profiles = {} } = state
           const myProfile = profiles[loggedIn.username]
-          // we're an existing member of the group getting notified that a
-          // new member has joined, so subscribe to their identity contract
-          await sbp('chelonia/contract/sync', meta.identityContractID)
 
           if (isActionYoungerThanUser(meta, myProfile)) {
             sbp('gi.notifications/emit', 'MEMBER_ADDED', { // emit a notification for a member addition.
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 40fc650f9c..c3364f7f46 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNHysv8qLzZ2csKW1FK2mZZxYJcTVCVthj4Gj8aa7cZs71",
-    "gi.contracts/group": "21XWnNGjF4Uby29AUmRZ4QTWBQHp5QQdR7f8htogFjZ8tHXMKR",
+    "gi.contracts/group": "21XWnNKeuzZw2FzFoGuZE4YcnMcgtuDZKG9D8yQV8e5xrrRL4D",
     "gi.contracts/identity": "21XWnNHcybuNT76JtFVbHR6cm7XcGur49ACsAEHRSjCzki2E4K"
   }
 }
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index 4217ac6440..c18ca8de4a 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -18,7 +18,7 @@ import { encryptedOutgoingData, isEncryptedData } from './encryptedData.js'
 import type { EncryptedData } from './encryptedData.js'
 import { signedOutgoingData, signedOutgoingDataWithRawKey } from './signedData.js'
 import './internals.js'
-import { findKeyIdByName, findRevokedKeyIdsByName, findSuitableSecretKeyId, validateKeyAddPermissions, validateKeyDelPermissions, validateKeyUpdatePermissions } from './utils.js'
+import { findForeignKeysByContractID, findKeyIdByName, findRevokedKeyIdsByName, findSuitableSecretKeyId, validateKeyAddPermissions, validateKeyDelPermissions, validateKeyUpdatePermissions } from './utils.js'
 
 // TODO: define ChelContractType for /defineContract
 
@@ -345,6 +345,13 @@ export default (sbp('sbp/selectors/register', {
     }
     return currentKeyId
   },
+  'chelonia/contract/foreignKeysByContractID': function (contractIDOrState: string | Object, foreignContractID: string) {
+    if (typeof contractIDOrState === 'string') {
+      const rootState = sbp(this.config.stateSelector)
+      contractIDOrState = rootState[contractIDOrState]
+    }
+    return findForeignKeysByContractID(contractIDOrState, foreignContractID)
+  },
   'chelonia/contract/historicalKeyIdsByName': function (contractIDOrState: string | Object, name: string) {
     if (typeof contractIDOrState === 'string') {
       const rootState = sbp(this.config.stateSelector)

From d03fcc6f95f818acc91b346b8b9cb35647f48bc9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 10 Nov 2023 19:44:39 +0100
Subject: [PATCH 16/29] Bugfixes

---
 frontend/controller/actions/chatroom.js  |  1 +
 frontend/controller/actions/identity.js  | 27 ++++++--
 frontend/controller/actions/index.js     | 84 +++++++++++++-----------
 shared/domains/chelonia/chelonia.js      |  9 +++
 shared/domains/chelonia/encryptedData.js |  6 +-
 shared/domains/chelonia/signedData.js    |  6 +-
 6 files changed, 83 insertions(+), 50 deletions(-)

diff --git a/frontend/controller/actions/chatroom.js b/frontend/controller/actions/chatroom.js
index 2a32234364..3450a49054 100644
--- a/frontend/controller/actions/chatroom.js
+++ b/frontend/controller/actions/chatroom.js
@@ -231,6 +231,7 @@ export default (sbp('sbp/selectors/register', {
     const isCurrentUserJoining = rootState.loggedIn.identityContractID === userID
 
     if (isCurrentUserJoining) {
+      sbp('chelonia/contract/cancelRemove', params.contractID)
       sbp('okTurtles.data/set', 'JOINING_CHATROOM-' + params.contractID, true)
     }
 
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index 9616907910..f9fab99a97 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -556,12 +556,13 @@ export default (sbp('sbp/selectors/register', {
       signingKeyId: sbp('chelonia/contract/suitableSigningKey', contractID, [GIMessage.OP_KEY_ADD], ['sig'])
     })
   },
-  'gi.actions/identity/shareNewPEK': (contractID: string, newKeys) => {
+  'gi.actions/identity/shareNewPEK': async (contractID: string, newKeys) => {
     const rootState = sbp('state/vuex/state')
     const state = rootState[contractID]
+    const username = state.attributes.username
 
     // TODO: Also share PEK with DMs
-    return Promise.all((state.loginState?.groupIds || []).filter(groupID => !!rootState.contracts[groupID]).map(groupID => {
+    await Promise.all((state.loginState?.groupIds || []).filter(groupID => !!rootState.contracts[groupID]).map(groupID => {
       const CEKid = findKeyIdByName(rootState[groupID], 'cek')
       const CSKid = findKeyIdByName(rootState[groupID], 'csk')
 
@@ -586,9 +587,27 @@ export default (sbp('sbp/selectors/register', {
             }
           }))
         }),
-        signingKeyId: CSKid
+        signingKeyId: CSKid,
+        hooks: {
+          preSendCheck: (_, state) => {
+            // Don't send this message if we're no longer a group member
+            return state?.profiles?.[username]?.status === PROFILE_STATUS.ACTIVE
+          }
+        }
+      }).catch(e => {
+        // We may no longer be a member of the group, so we ignore errors
+        // related to missing keys
+        if (e.name !== 'ChelErrorSignatureKeyNotFound') {
+          throw e
+        }
       })
-    })).then(() => undefined)
+    }))
+
+    // This selector is called by rotateKeys, which will include the keys to
+    // share along with OP_KEY_UPDATE. In this case, we're sharing all keys
+    // to their respective contracts and there are no keys to include in
+    // the same event as OP_KEY_UPDATE. Therefore, we return undefined
+    return undefined
   },
   ...encryptedAction('gi.actions/identity/setAttributes', L('Failed to set profile attributes.'), undefined, 'pek'),
   ...encryptedAction('gi.actions/identity/updateSettings', L('Failed to update profile settings.')),
diff --git a/frontend/controller/actions/index.js b/frontend/controller/actions/index.js
index 3a7502ff4b..6648433044 100644
--- a/frontend/controller/actions/index.js
+++ b/frontend/controller/actions/index.js
@@ -31,51 +31,57 @@ sbp('sbp/selectors/register', {
 
     const contractState = await sbp('chelonia/latestContractState', subjectContractID)
 
-    await sbp('chelonia/contract/sync', contractID)
-    const state = await sbp('chelonia/latestContractState', contractID)
+    try {
+      await sbp('chelonia/contract/sync', contractID, { deferredRemove: true })
+      const state = await sbp('chelonia/latestContractState', contractID)
+      const rSState = sbp('state/vuex/state')[contractID]
+      console.log('@@@@ [gi.actions/out/shareVolatileKeys] state received', { state: window.structuredClone(state), rSState: window.structuredClone(rSState) })
 
-    const CEKid = findKeyIdByName(state, 'cek')
-    const signingKeyId = findSuitableSecretKeyId(state, [GIMessage.OP_KEY_SHARE], ['sig'])
+      const CEKid = findKeyIdByName(state, 'cek')
+      const signingKeyId = findSuitableSecretKeyId(state, [GIMessage.OP_KEY_SHARE], ['sig'])
 
-    if (!CEKid || !state?._vm?.authorizedKeys?.[CEKid]) {
-      throw new Error('Missing CEK; unable to proceed sharing keys')
-    }
+      if (!CEKid || !state?._vm?.authorizedKeys?.[CEKid]) {
+        throw new Error('Missing CEK; unable to proceed sharing keys')
+      }
 
-    const secretKeys = sbp('state/vuex/state')['secretKeys']
-
-    const keysToShare = Array.isArray(keyIds)
-      ? pick(secretKeys, keyIds)
-      : keyIds === '*'
-        ? pick(secretKeys, Object.entries(contractState._vm.authorizedKeys)
-          .filter(([, key]) => {
-            return !!((key: any): GIKey).meta?.private?.content
-          })
-          .map(([id]) => id)
-        )
-        : null
-
-    if (!keysToShare) {
-      throw new TypeError('Invalid parameter: keyIds')
-    }
+      const secretKeys = sbp('state/vuex/state')['secretKeys']
+
+      const keysToShare = Array.isArray(keyIds)
+        ? pick(secretKeys, keyIds)
+        : keyIds === '*'
+          ? pick(secretKeys, Object.entries(contractState._vm.authorizedKeys)
+            .filter(([, key]) => {
+              return !!((key: any): GIKey).meta?.private?.content
+            })
+            .map(([id]) => id)
+          )
+          : null
+
+      if (!keysToShare) {
+        throw new TypeError('Invalid parameter: keyIds')
+      }
 
-    const payload = {
-      contractID: subjectContractID,
-      keys: Object.entries(keysToShare).map(([keyId, key]: [string, mixed]) => ({
-        id: keyId,
-        meta: {
-          private: {
-            content: encryptedOutgoingData(contractID, CEKid, key)
+      const payload = {
+        contractID: subjectContractID,
+        keys: Object.entries(keysToShare).map(([keyId, key]: [string, mixed]) => ({
+          id: keyId,
+          meta: {
+            private: {
+              content: encryptedOutgoingData(contractID, CEKid, key)
+            }
           }
-        }
-      }))
-    }
+        }))
+      }
 
-    await sbp('chelonia/out/keyShare', {
-      contractID,
-      contractName,
-      data: encryptedOutgoingData(contractID, CEKid, payload),
-      signingKeyId: signingKeyId
-    })
+      await sbp('chelonia/out/keyShare', {
+        contractID,
+        contractName,
+        data: encryptedOutgoingData(contractID, CEKid, payload),
+        signingKeyId
+      })
+    } finally {
+      await sbp('chelonia/contract/remove', contractID, { removeIfPending: true })
+    }
   },
   // TODO: Move to chelonia
   'gi.actions/out/rotateKeys': async (
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index c18ca8de4a..6e5ec13b85 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -573,6 +573,15 @@ export default (sbp('sbp/selectors/register', {
   },
   // TODO: implement 'chelonia/contract/release' (see #828)
   // safer version of removeImmediately that waits to finish processing events for contractIDs
+  'chelonia/contract/cancelRemove': function (contractIDs: string | string[]): void {
+    const rootState = sbp(this.config.stateSelector)
+    const listOfIds = typeof contractIDs === 'string' ? [contractIDs] : contractIDs
+    listOfIds.forEach(contractID => {
+      if (rootState?.contracts?.[contractID]?.pendingRemove) {
+        rootState.contracts[contractID].pendingRemove = false
+      }
+    })
+  },
   'chelonia/contract/remove': function (contractIDs: string | string[], params?: { removeIfPending?: boolean}): Promise<*> {
     const rootState = sbp(this.config.stateSelector)
     const listOfIds = typeof contractIDs === 'string' ? [contractIDs] : contractIDs
diff --git a/shared/domains/chelonia/encryptedData.js b/shared/domains/chelonia/encryptedData.js
index 565e5c58ae..78f25ad8f2 100644
--- a/shared/domains/chelonia/encryptedData.js
+++ b/shared/domains/chelonia/encryptedData.js
@@ -39,15 +39,15 @@ const encryptData = function (stateOrContractID: string | Object, eKeyId: string
 
   // Has the key been revoked? If so, attempt to find an authorized key by the same name
   // $FlowFixMe
-  const designatedKey = state._vm?.authorizedKeys?.[eKeyId]
+  const designatedKey = state?._vm?.authorizedKeys?.[eKeyId]
   if (!designatedKey?.purpose.includes(
     'enc'
   )) {
     throw new Error(`Encryption key ID ${eKeyId} is missing or is missing encryption purpose`)
   }
-  if (designatedKey._notAfterHeight !== undefined) {
+  if (designatedKey._notAfterHeight != null) {
     const name = (state._vm: any).authorizedKeys[eKeyId].name
-    const newKeyId = (Object.values(state._vm?.authorizedKeys).find((v: any) => v._notAfterHeight === undefined && v.name === name && v.purpose.includes('enc')): any)?.id
+    const newKeyId = (Object.values(state._vm?.authorizedKeys).find((v: any) => v._notAfterHeight == null && v.name === name && v.purpose.includes('enc')): any)?.id
 
     if (!newKeyId) {
       throw new Error(`Encryption key ID ${eKeyId} has been revoked and no new key exists by the same name (${name})`)
diff --git a/shared/domains/chelonia/signedData.js b/shared/domains/chelonia/signedData.js
index 12a326f1c9..9d64b3e727 100644
--- a/shared/domains/chelonia/signedData.js
+++ b/shared/domains/chelonia/signedData.js
@@ -43,10 +43,9 @@ const signData = function (stateOrContractID: string | Object, sKeyId: string, d
   if (!additionalData) {
     throw new ChelErrorSignatureError('Signature additional data must be provided')
   }
-  // console.debug('@@@@SIGNING_DATA [11]', JSON.parse(JSON.stringify({ state: this, sKeyId, data })))
   // Has the key been revoked? If so, attempt to find an authorized key by the same name
   // $FlowFixMe
-  const designatedKey = state._vm?.authorizedKeys?.[sKeyId]
+  const designatedKey = state?._vm?.authorizedKeys?.[sKeyId]
   if (!designatedKey?.purpose.includes(
     'sig'
   )) {
@@ -54,8 +53,7 @@ const signData = function (stateOrContractID: string | Object, sKeyId: string, d
   }
   if (designatedKey._notAfterHeight != null) {
     const name = (state._vm: any).authorizedKeys[sKeyId].name
-    console.log('@@@@signData', { state })
-    const newKeyId = (Object.values(state._vm?.authorizedKeys).find((v: any) => v._notAfterHeight != null && v.name === name && v.purpose.includes('sig')): any)?.id
+    const newKeyId = (Object.values(state._vm?.authorizedKeys).find((v: any) => v._notAfterHeight == null && v.name === name && v.purpose.includes('sig')): any)?.id
 
     if (!newKeyId) {
       throw new ChelErrorSignatureError(`Signing key ID ${sKeyId} has been revoked and no new key exists by the same name (${name})`)

From 99f6b9dc4e6e7ee4be65540586424a2551def73c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 10 Nov 2023 20:50:37 +0100
Subject: [PATCH 17/29] Clear deferredRemove flag

---
 shared/domains/chelonia/chelonia.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index 6e5ec13b85..bc45c79ca7 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -586,11 +586,16 @@ export default (sbp('sbp/selectors/register', {
     const rootState = sbp(this.config.stateSelector)
     const listOfIds = typeof contractIDs === 'string' ? [contractIDs] : contractIDs
     return Promise.all(listOfIds.map(contractID => {
+      if (!rootState?.contracts?.[contractID]) {
+        return undefined
+      }
+
       if (params?.removeIfPending) {
-        if (!rootState?.contracts?.[contractID]?.pendingRemove) {
+        if (!rootState.contracts[contractID].pendingRemove) {
+          rootState.contracts[contractID].deferredRemove = false
           return undefined
         }
-      } else if (rootState.contracts?.[contractID]?.deferredRemove) {
+      } else if (rootState.contracts[contractID].deferredRemove) {
         rootState.contracts[contractID].pendingRemove = true
         return undefined
       }

From b77a024507561cfbfaa1c80b41f3f6f1f2996e0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 10 Nov 2023 21:34:10 +0100
Subject: [PATCH 18/29] Check if we have the decryption key first

---
 shared/domains/chelonia/encryptedData.js | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/shared/domains/chelonia/encryptedData.js b/shared/domains/chelonia/encryptedData.js
index 78f25ad8f2..27a75c9011 100644
--- a/shared/domains/chelonia/encryptedData.js
+++ b/shared/domains/chelonia/encryptedData.js
@@ -94,6 +94,12 @@ const decryptData = function (height: number, data: any, additionalKeys: Object,
   }
 
   const [eKeyId, message] = data
+  const key = additionalKeys[eKeyId]
+
+  if (!key) {
+    throw new ChelErrorDecryptionKeyNotFound(`Key ${eKeyId} not found`)
+  }
+
   // height as NaN is used to allow checking for revokedKeys as well as
   // authorizedKeys when decrypting data. This is normally inappropriate because
   // revoked keys should be considered compromised and not used for encrypting
@@ -119,7 +125,6 @@ const decryptData = function (height: number, data: any, additionalKeys: Object,
   // any new attack vectors or venues that were not already available using
   // different means.
   const designatedKey = this._vm?.authorizedKeys?.[eKeyId]
-
   if (!designatedKey || (height > designatedKey._notAfterHeight) || (height < designatedKey._notBeforeHeight) || !designatedKey.purpose.includes(
     'enc'
   )) {
@@ -128,12 +133,6 @@ const decryptData = function (height: number, data: any, additionalKeys: Object,
     )
   }
 
-  const key = additionalKeys[eKeyId]
-
-  if (!key) {
-    throw new ChelErrorDecryptionKeyNotFound(`Key ${eKeyId} not found`)
-  }
-
   const deserializedKey = typeof key === 'string' ? deserializeKey(key) : key
 
   try {

From 5db6ff1ba44f0d6c9abe4d7d384816076559a4e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 10 Nov 2023 21:37:59 +0100
Subject: [PATCH 19/29] Updated error message

---
 shared/domains/chelonia/internals.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 3fd45a1379..1b6bb741cf 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -470,10 +470,10 @@ export default (sbp('sbp/selectors/register', {
                 }
               } catch (e) {
                 if (e?.name === 'ChelErrorDecryptionKeyNotFound') {
-                  console.warn(`OP_KEY_SHARE missing secret key: ${e.message}`,
+                  console.warn(`OP_KEY_SHARE (${hash} of ${contractID}) missing secret key: ${e.message}`,
                     e)
                 } else {
-                  console.error(`OP_KEY_SHARE error '${e.message || e}':`,
+                  console.error(`OP_KEY_SHARE (${hash} of ${contractID}) error '${e.message || e}':`,
                     e)
                 }
               }

From 1695b6d92b8664ae669f01e264b4e77b0540a848 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Sat, 11 Nov 2023 20:38:06 +0100
Subject: [PATCH 20/29] Remove debug logs and fix multiple join calls

---
 frontend/controller/actions/identity.js  |  9 +++++----
 frontend/model/contracts/chatroom.js     |  7 -------
 frontend/model/contracts/group.js        | 21 ++++++++-------------
 frontend/model/contracts/identity.js     |  2 +-
 frontend/model/contracts/manifests.json  |  6 +++---
 frontend/views/pages/Join.vue            |  4 ----
 frontend/views/pages/PendingApproval.vue |  6 +++---
 shared/domains/chelonia/internals.js     |  4 ----
 8 files changed, 20 insertions(+), 39 deletions(-)

diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index f9fab99a97..f01b4e22f1 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -437,15 +437,16 @@ export default (sbp('sbp/selectors/register', {
           })
 
           throw new Error('Unable to sync identity contract')
-        }).then(() =>
-          sbp('chelonia/contract/sync', contractIDs, { force: true }).then(async function () {
+        }).then(async () => {
+          await sbp('gi.actions/identity/updateLoginStateUponLogin')
+
+          return sbp('chelonia/contract/sync', contractIDs, { force: true }).then(async function () {
           // contract sync might've triggered an async call to /remove, so wait before proceeding
             await sbp('chelonia/contract/wait', contractIDs)
             // similarly, since removeMember may have triggered saveOurLoginState asynchronously,
             // we must re-sync our identity contract again to ensure we don't rejoin a group we
             // were just kicked out of
             await sbp('chelonia/contract/sync', identityContractID, { force: true })
-            await sbp('gi.actions/identity/updateLoginStateUponLogin')
             await sbp('gi.actions/identity/saveOurLoginState') // will only update it if it's different
 
             // The state above might be null, so we re-grab it
@@ -482,7 +483,7 @@ export default (sbp('sbp/selectors/register', {
           }).finally(() => {
             sbp('okTurtles.events/emit', LOGIN, { username, identityContractID })
           })
-        ).catch((err) => {
+        }).catch((err) => {
           console.error('Error during contract sync upon login', err)
         })
       return identityContractID
diff --git a/frontend/model/contracts/chatroom.js b/frontend/model/contracts/chatroom.js
index 3091eddec3..17a02ec366 100644
--- a/frontend/model/contracts/chatroom.js
+++ b/frontend/model/contracts/chatroom.js
@@ -185,23 +185,16 @@ sbp('chelonia/defineContract', {
       }),
       process ({ data, meta, hash, id }, { state }) {
         const { username } = data
-        console.log('jjjj  1', { state: JSON.parse(JSON.stringify(state)) })
         if (!state.onlyRenderMessage && state.users[username]) {
           throw new Error(`Can not join the chatroom which ${username} is already part of`)
         }
 
-        console.log('jjjj  2', { state: JSON.parse(JSON.stringify(state)) })
-
         Vue.set(state.users, username, { joinedDate: meta.createdDate })
 
-        console.log('jjjj 3', { state: JSON.parse(JSON.stringify(state)) })
-
         if (!state.onlyRenderMessage || state.attributes.type === CHATROOM_TYPES.DIRECT_MESSAGE) {
           return
         }
 
-        console.log('jjjj 4', { state: JSON.parse(JSON.stringify(state)) })
-
         const notificationType = username === meta.username ? MESSAGE_NOTIFICATIONS.JOIN_MEMBER : MESSAGE_NOTIFICATIONS.ADD_MEMBER
         const notificationData = createNotificationData(
           notificationType,
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index f4134e2f56..5db1911cd2 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -263,14 +263,10 @@ function updateGroupStreaks ({ state, getters }) {
 }
 
 const removeGroupChatroomProfile = (state, chatRoomID, member) => {
-  console.log('jjjj removeGroupChatroomProfile', JSON.parse(JSON.stringify({ state, chatRoomID, member })))
   Vue.set(state.chatRooms[chatRoomID], 'users',
     Object.fromEntries(
       Object.entries(state.chatRooms[chatRoomID].users)
         .map(([memberKey, profile]) => {
-          console.log('jjjj removeGroupChatroomProfile ii', {
-            memberKey, member, profile, active: (profile: any)?.status === PROFILE_STATUS.ACTIVE
-          })
           if (memberKey === member && (profile: any)?.status === PROFILE_STATUS.ACTIVE) {
             return [memberKey, { ...profile, status: PROFILE_STATUS.REMOVED }]
           }
@@ -324,7 +320,6 @@ const leaveChatRoomAction = (state, { chatRoomID, member }, meta, leavingGroup)
       }
     }
   }).catch((e) => {
-    console.log('jjj action', { e })
     if (leavingGroup && e?.name === 'GIErrorUIRuntimeError' && e?.cause?.name === 'GIErrorMissingSigningKeyError') {
       // This is fine; it just means we were removed by someone else
       return
@@ -1050,6 +1045,12 @@ sbp('chelonia/defineContract', {
           const rootState = sbp('state/vuex/state')
           const rootGetters = sbp('state/vuex/getters')
           const state = rootState[contractID]
+
+          if (!state) {
+            console.info(`[gi.contracts/group/inviteAccept] Contract ${contractID} has been removed`)
+            return
+          }
+
           const { profiles = {} } = state
 
           if (profiles[meta.username].status !== PROFILE_STATUS.ACTIVE) {
@@ -1573,7 +1574,6 @@ sbp('chelonia/defineContract', {
       const username = rootState.loggedIn.username
 
       if (loggedInUsername !== username || state?.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE || state?.chatRooms?.[chatRoomID]?.users[member]?.status !== PROFILE_STATUS.ACTIVE) {
-        console.log('jjjjj early return some check not met')
         return
       }
 
@@ -1582,11 +1582,9 @@ sbp('chelonia/defineContract', {
       }
 
       if (!sbp('chelonia/contract/canPerformOperation', chatRoomID, '*')) {
-        console.log('jjjj cantperformpop')
         return
       }
 
-      console.log('jjjjj sedingjoin')
       await sbp('gi.actions/chatroom/join', {
         contractID: chatRoomID,
         data: { username: member },
@@ -1594,7 +1592,6 @@ sbp('chelonia/defineContract', {
           preSendCheck: (_, state) => {
             // Avoid sending a duplicate action if the person is already a
             // chatroom member
-            console.log('jjjjj AT PRE-SEND-CHECK')
             return !state?.users?.[member]
           }
         }
@@ -1611,6 +1608,7 @@ sbp('chelonia/defineContract', {
 
       if (!state) {
         console.info(`[gi.contracts/group/leaveGroup] for ${contractID}: contract has been removed`)
+        return
       }
 
       if (state.profiles?.[data.member]?.status !== PROFILE_STATUS.REMOVED || (data.member === username && sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID))) {
@@ -1618,8 +1616,6 @@ sbp('chelonia/defineContract', {
         return
       }
 
-      console.log('@@@@gi.contracts/group/leaveGroup', { contractID })
-
       if (data.member === username) {
         // NOTE: should remove archived data from IndexedStorage
         //       regarding the current group (proposals, payments)
@@ -1628,8 +1624,7 @@ sbp('chelonia/defineContract', {
 
         // grab the groupID of any group that we've successfully finished joining
         const groupIdToSwitch = Object.keys(contracts)
-          .filter(cID => contracts[cID].type === 'gi.contracts/group' && cID !== contractID)
-          .sort((cID1, cID2) => rootState[cID1].profiles?.[username] ? -1 : 1)[0] || null
+          .filter(cID => contracts[cID].type === 'gi.contracts/group' && cID !== contractID && rootState[cID]?.profiles?.[username])[0] || null
         sbp('state/vuex/commit', 'setCurrentChatRoomId', {})
         sbp('state/vuex/commit', 'setCurrentGroupId', groupIdToSwitch)
         // we can't await on this in here, because it will cause a deadlock, since Chelonia processes
diff --git a/frontend/model/contracts/identity.js b/frontend/model/contracts/identity.js
index 8ec342cce4..b3e1840d74 100644
--- a/frontend/model/contracts/identity.js
+++ b/frontend/model/contracts/identity.js
@@ -100,7 +100,7 @@ sbp('chelonia/defineContract', {
       process ({ data }, { state }) {
         Vue.set(state, 'loginState', data)
       },
-      sideEffect ({ contractID }) {
+      sideEffect ({ contractID }, { state }) {
         // it only makes sense to call updateLoginStateUponLogin for ourselves
         if (contractID === sbp('state/vuex/getters').ourIdentityContractId) {
           // makes sure that updateLoginStateUponLogin gets run after the entire identity
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index c3364f7f46..66fc9234d0 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
-    "gi.contracts/chatroom": "21XWnNHysv8qLzZ2csKW1FK2mZZxYJcTVCVthj4Gj8aa7cZs71",
-    "gi.contracts/group": "21XWnNKeuzZw2FzFoGuZE4YcnMcgtuDZKG9D8yQV8e5xrrRL4D",
-    "gi.contracts/identity": "21XWnNHcybuNT76JtFVbHR6cm7XcGur49ACsAEHRSjCzki2E4K"
+    "gi.contracts/chatroom": "21XWnNJ1EFiTvFLp382owBpiZge4b5juebzNixmrd7H8LQYkBa",
+    "gi.contracts/group": "21XWnNN4R3GBQAM4C7Gbz7A3FLi9SJ8JAqmJaVJ4QcBa3qSTnk",
+    "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }
 }
diff --git a/frontend/views/pages/Join.vue b/frontend/views/pages/Join.vue
index 6278156558..60c88774a1 100644
--- a/frontend/views/pages/Join.vue
+++ b/frontend/views/pages/Join.vue
@@ -153,8 +153,6 @@ export default ({
         this.pageStatus = 'SIGNING'
       } catch (e) {
         console.error(e)
-        // eslint-disable-next-line no-debugger
-        debugger
         this.ephemeral.errorMsg = `${L('Something went wrong. Please, try again.')} ${e.message}`
         this.pageStatus = 'INVALID'
       }
@@ -193,8 +191,6 @@ export default ({
         // this.pageStatus = 'WELCOME'
         this.$router.push({ path: '/pending-approval' })
       } catch (e) {
-        // eslint-disable-next-line no-debugger
-        debugger
         console.error('Join.vue accept() error:', e)
         this.ephemeral.errorMsg = e.message
         this.pageStatus = 'INVALID'
diff --git a/frontend/views/pages/PendingApproval.vue b/frontend/views/pages/PendingApproval.vue
index 3ee8608deb..6622e90cb4 100644
--- a/frontend/views/pages/PendingApproval.vue
+++ b/frontend/views/pages/PendingApproval.vue
@@ -35,17 +35,17 @@ export default ({
   computed: {
     ...mapGetters(['groupSettings', 'ourUsername']),
     ...mapState(['currentGroupId']),
-    ourGroupProfile () {
+    haveActiveGroupProfile () {
       if (!this.ephemeral.groupIdWhenMounted) return
       return this.$store.state[this.ephemeral.groupIdWhenMounted]?.profiles?.[this.ourUsername]?.status === PROFILE_STATUS.ACTIVE
     }
   },
   mounted () {
     this.ephemeral.groupIdWhenMounted = this.currentGroupId
-    this.ephemeral.groupJoined = !!this.ourGroupProfile
+    this.ephemeral.groupJoined = !!this.haveActiveGroupProfile
   },
   watch: {
-    ourGroupProfile (to) {
+    haveActiveGroupProfile (to) {
       // if our group profile appears in the group state, it means we've joined the group
       if (to) {
         this.ephemeral.groupJoined = true
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index 1b6bb741cf..f4ce7840e4 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -262,8 +262,6 @@ export default (sbp('sbp/selectors/register', {
     // https://github.com/okTurtles/group-income/issues/608
     hooks?.prepublish?.(entry)
 
-    console.log('jjjjjjj publish entry', { entry })
-
     while (true) {
       // Queued event to ensure that we send the event with whatever the
       // 'latest' state may be for that contract (in case we were receiving
@@ -295,8 +293,6 @@ export default (sbp('sbp/selectors/register', {
         return entry
       })
 
-      console.log('jjjjjjj publish entry updated', { entry })
-
       // If there is no event to send, return
       if (!entry) return
 

From d461dde8c6665027bbb7ad9facc22f806bfbfb0f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Sat, 11 Nov 2023 21:01:23 +0100
Subject: [PATCH 21/29] Remove unnecessary sync of identity contract

---
 frontend/controller/actions/identity.js | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index f01b4e22f1..77ec2463f1 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -441,12 +441,8 @@ export default (sbp('sbp/selectors/register', {
           await sbp('gi.actions/identity/updateLoginStateUponLogin')
 
           return sbp('chelonia/contract/sync', contractIDs, { force: true }).then(async function () {
-          // contract sync might've triggered an async call to /remove, so wait before proceeding
+            // contract sync might've triggered an async call to /remove, so wait before proceeding
             await sbp('chelonia/contract/wait', contractIDs)
-            // similarly, since removeMember may have triggered saveOurLoginState asynchronously,
-            // we must re-sync our identity contract again to ensure we don't rejoin a group we
-            // were just kicked out of
-            await sbp('chelonia/contract/sync', identityContractID, { force: true })
             await sbp('gi.actions/identity/saveOurLoginState') // will only update it if it's different
 
             // The state above might be null, so we re-grab it

From c67ac5412973fd1049707974e3e9ce06090c4449 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Tue, 14 Nov 2023 21:39:05 +0100
Subject: [PATCH 22/29] Bugfixes

---
 frontend/controller/actions/group.js    |  5 ++++-
 frontend/controller/actions/identity.js |  8 ++++++--
 frontend/model/contracts/group.js       | 13 ++++++++++---
 frontend/model/contracts/manifests.json |  2 +-
 shared/domains/chelonia/chelonia.js     | 19 +++++++++++++++----
 shared/domains/chelonia/internals.js    | 19 +++++++++----------
 6 files changed, 45 insertions(+), 21 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index a0108b0ca2..0cf25b0fd6 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -424,7 +424,10 @@ export default (sbp('sbp/selectors/register', {
             ...omit(params, ['options', 'action', 'hooks', 'signingKeyId']),
             hooks: {
               prepublish: params.hooks?.prepublish,
-              postpublish: null
+              postpublish: null,
+              preSendCheck: (_, state) => {
+                return state?.profiles?.[username]?.status !== PROFILE_STATUS.ACTIVE
+              }
             }
           })
 
diff --git a/frontend/controller/actions/identity.js b/frontend/controller/actions/identity.js
index 77ec2463f1..e1eb665d45 100644
--- a/frontend/controller/actions/identity.js
+++ b/frontend/controller/actions/identity.js
@@ -283,6 +283,7 @@ export default (sbp('sbp/selectors/register', {
     const state = sbp('state/vuex/state')
     const ourLoginState = generatedLoginState()
     const contractLoginState = getters.loginState
+    let groupsJoined
     try {
       if (!contractLoginState) {
         console.info('no login state detected in identity contract, will set it')
@@ -291,7 +292,7 @@ export default (sbp('sbp/selectors/register', {
         // we need to update ourselves to it
         // mainly we are only interested if the contractLoginState contains groupIds
         // that we don't have, and if so, join those groups
-        const groupsJoined = difference(contractLoginState.groupIds, ourLoginState.groupIds)
+        groupsJoined = difference(contractLoginState.groupIds, ourLoginState.groupIds)
         console.info('synchronizing login state:', { groupsJoined })
         for (const contractID of groupsJoined) {
           try {
@@ -339,6 +340,7 @@ export default (sbp('sbp/selectors/register', {
     } catch (e) {
       console.error(`updateLoginState: ${e.name}: '${e.message}'`, e)
     }
+    return groupsJoined
   },
   'gi.actions/identity/login': async function ({ username, passwordFn, identityContractID }: {
     username: ?string, passwordFn: ?() => string, identityContractID: ?string
@@ -438,7 +440,7 @@ export default (sbp('sbp/selectors/register', {
 
           throw new Error('Unable to sync identity contract')
         }).then(async () => {
-          await sbp('gi.actions/identity/updateLoginStateUponLogin')
+          const groupsJoined = await sbp('gi.actions/identity/updateLoginStateUponLogin')
 
           return sbp('chelonia/contract/sync', contractIDs, { force: true }).then(async function () {
             // contract sync might've triggered an async call to /remove, so wait before proceeding
@@ -451,6 +453,8 @@ export default (sbp('sbp/selectors/register', {
             // Call 'gi.actions/group/join' on all groups which may need re-joining
             await Promise.all(groupsToRejoin.map(groupId => {
               return (
+                // (0) Avoid re-joining groups for which /join has been called
+                !groupsJoined?.includes(groupId) &&
                 // (1) Check whether the contract exists (may have been removed
                 //     after sync)
                 state.contracts[groupId] &&
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index 5db1911cd2..a8b3a9b45e 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -1321,10 +1321,17 @@ sbp('chelonia/defineContract', {
       process ({ data, meta }, { state }) {
         removeGroupChatroomProfile(state, data.chatroomID, data.member)
       },
-      async sideEffect ({ meta, data, contractID }, { state }) {
+      sideEffect ({ meta, data, contractID }, { state }) {
         const rootState = sbp('state/vuex/state')
-        if (meta.username !== rootState.loggedIn.username || !sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
-          await leaveChatRoomAction(state, data, meta)
+        if (meta.username !== rootState.loggedIn.username && !sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
+          sbp('chelonia/queueInvocation', contractID, () => {
+            const rootState = sbp('state/vuex/state')
+            if (rootState[contractID]?.profiles?.[meta.username]?.status === PROFILE_STATUS.ACTIVE) {
+              return leaveChatRoomAction(state, data, meta)
+            }
+          }).catch((e) => {
+            console.error(`[gi.contracts/group/leaveChatRoom/sideEffect] Error for ${contractID}`, { contractID, data, error: e })
+          })
         }
       }
     },
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 66fc9234d0..c524133278 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNJ1EFiTvFLp382owBpiZge4b5juebzNixmrd7H8LQYkBa",
-    "gi.contracts/group": "21XWnNN4R3GBQAM4C7Gbz7A3FLi9SJ8JAqmJaVJ4QcBa3qSTnk",
+    "gi.contracts/group": "21XWnNXTEcTdAZdywXXf91PzTn9dvy42vUxvimCWMpqhXQjppp",
     "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }
 }
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index bc45c79ca7..d7dcf2a4cb 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -180,6 +180,9 @@ export const ACTION_REGEX: RegExp = /^((([\w.]+)\/([^/]+))(?:\/(?:([^/]+)\/)?)?)
 export default (sbp('sbp/selectors/register', {
   // https://www.wordnik.com/words/chelonia
   // https://gitlab.okturtles.org/okturtles/group-income/-/wikis/E2E-Protocol/Framework.md#alt-names
+  'chelonia/xx': function () {
+    return this.removeCount
+  },
   'chelonia/_init': function () {
     this.config = {
       // TODO: handle connecting to multiple servers for federation
@@ -264,6 +267,7 @@ export default (sbp('sbp/selectors/register', {
       get: secretKeyGetter,
       ownKeys: secretKeyList
     })
+    this.removeCount = Object.create(null)
   },
   'chelonia/config': function () {
     return cloneDeep(this.config)
@@ -547,8 +551,8 @@ export default (sbp('sbp/selectors/register', {
     const rootState = sbp(this.config.stateSelector)
     return Promise.all(listOfIds.map(contractID => {
       if (!forcedSync && has(rootState.contracts, contractID)) {
-        if (params?.deferredRemove && !rootState.contracts[contractID].deferredRemove) {
-          rootState.contracts[contractID].deferredRemove = params.deferredRemove
+        if (params?.deferredRemove) {
+          this.removeCount[contractID] = (this.removeCount[contractID] || 0) + 1
         }
         return undefined
       }
@@ -592,10 +596,16 @@ export default (sbp('sbp/selectors/register', {
 
       if (params?.removeIfPending) {
         if (!rootState.contracts[contractID].pendingRemove) {
-          rootState.contracts[contractID].deferredRemove = false
+          if (has(this.removeCount, contractID)) {
+            if (this.removeCount[contractID] > 1) {
+              this.removeCount[contractID] -= 1
+            } else {
+              delete this.removeCount[contractID]
+            }
+          }
           return undefined
         }
-      } else if (rootState.contracts[contractID].deferredRemove) {
+      } else if (this.removeCount[contractID] >= 1) {
         rootState.contracts[contractID].pendingRemove = true
         return undefined
       }
@@ -610,6 +620,7 @@ export default (sbp('sbp/selectors/register', {
     const state = sbp(this.config.stateSelector)
     this.config.reactiveDel(state.contracts, contractID)
     this.config.reactiveDel(state, contractID)
+    delete this.removeCount[contractID]
     // calling this will make pubsub unsubscribe for events on `contractID`
     sbp('okTurtles.events/emit', CONTRACTS_MODIFIED, state.contracts)
   },
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index f4ce7840e4..a03e8d3eba 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -803,17 +803,17 @@ export default (sbp('sbp/selectors/register', {
     let recent
     if (state.contracts[contractID]) {
       recent = state.contracts[contractID].HEAD
-      if (params?.deferredRemove && !state.contracts[contractID].deferredRemove) {
-        state.contracts[contractID].deferredRemove = params.deferredRemove
+      if (params?.deferredRemove) {
+        this.removeCount[contractID] = (this.removeCount[contractID] || 0) + 1
       }
     } else {
       const entry = state.pending.find((entry) => entry?.contractID === contractID)
       // we're syncing a contract for the first time, make sure to add to pending
       // so that handleEvents knows to expect events from this contract
       if (!entry) {
-        state.pending.push({ contractID, deferredRemove: params?.deferredRemove })
-      } else if (params?.deferredRemove && !entry.deferredRemove) {
-        entry.deferredRemove = params.deferredRemove
+        state.pending.push({ contractID, deferredRemove: params?.deferredRemove ? 1 : 0 })
+      } else {
+        entry.deferredRemove += 1
       }
     }
     sbp('okTurtles.events/emit', CONTRACT_IS_SYNCING, contractID, true)
@@ -1145,7 +1145,7 @@ export default (sbp('sbp/selectors/register', {
             keySharePayload
           )
           : keySharePayload,
-        signingKey: deserializedResponseKey
+        signingKeyId: responseKeyId
       }).then(() => {
         // 4(i). Remove originating contract and update current contract with information
         const payload = { keyRequestHash: hash, success: true }
@@ -1153,7 +1153,7 @@ export default (sbp('sbp/selectors/register', {
           contractID: originatingContractID,
           keys: [
             {
-              id: keyId(deserializedResponseKey),
+              id: responseKeyId,
               meta: {
                 private: {
                   content: encryptedOutgoingData(contractID, findSuitablePublicKeyIds(contractState, [GIMessage.OP_KEY_REQUEST_SEEN], ['enc'])?.[0] || '', responseKey),
@@ -1370,10 +1370,9 @@ const handleEvent = {
       if (!state[contractID]) this.config.reactiveSet(state, contractID, Object.create(null))
       const entry = state.pending.find((entry) => entry?.contractID === contractID)
       if (entry?.deferredRemove) {
-        this.config.reactiveSet(state.contracts, contractID, { type, HEAD: contractID, height: 0, deferredRemove: true })
-      } else {
-        this.config.reactiveSet(state.contracts, contractID, { type, HEAD: contractID, height: 0 })
+        this.removeCount[contractID] = entry?.deferredRemove
       }
+      this.config.reactiveSet(state.contracts, contractID, { type, HEAD: contractID, height: 0 })
       // we've successfully received it back, so remove it from expectation pending
       if (entry) {
         const index = state.pending.indexOf(entry)

From 43db5e13cbb6f8cb9d88e1d007adbaa3bd8cdc63 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 15 Nov 2023 20:03:23 +0100
Subject: [PATCH 23/29] Fix UI inconsistency issues (wrong message when joining
 / leaving; switching to newly created chatroom)

---
 frontend/controller/actions/group.js    | 16 ++++++----------
 frontend/model/contracts/group.js       | 14 ++++++++------
 frontend/model/contracts/manifests.json |  2 +-
 shared/domains/chelonia/internals.js    |  4 ++++
 4 files changed, 19 insertions(+), 17 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index 0cf25b0fd6..05425482c6 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -625,13 +625,7 @@ export default (sbp('sbp/selectors/register', {
       })
     }
 
-    return await sendMessage({
-      ...omit(params, ['options', 'action', 'hooks']),
-      hooks: {
-        prepublish: null,
-        postpublish: params.hooks?.postpublish
-      }
-    })
+    return await sendMessage(omit(params, ['options', 'action']))
   }),
   'gi.actions/group/addAndJoinChatRoom': async function (params: GIActionParams) {
     const message = await sbp('gi.actions/group/addChatRoom', {
@@ -642,15 +636,17 @@ export default (sbp('sbp/selectors/register', {
       }
     })
 
+    const chatRoomID = message.contractID()
+
     await sbp('gi.actions/group/joinChatRoom', {
       ...omit(params, ['options', 'data', 'hooks']),
       data: {
-        chatRoomID: message.contractID()
+        chatRoomID
       },
       hooks: {
         prepublish: (msg) => {
-          sbp('okTurtles.events/once', msg.hash(), (cId, m) => {
-            sbp('state/vuex/commit', 'setCurrentChatRoomId', { chatRoomId: cId })
+          sbp('okTurtles.events/once', msg.id(), (cId) => {
+            sbp('state/vuex/commit', 'setCurrentChatRoomId', { chatRoomId: chatRoomID, groupId: cId })
           })
         },
         postpublish: params.hooks?.postpublish
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index a8b3a9b45e..ce4b6c7d88 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -263,6 +263,7 @@ function updateGroupStreaks ({ state, getters }) {
 }
 
 const removeGroupChatroomProfile = (state, chatRoomID, member) => {
+  console.log(JSON.parse(JSON.stringify({ state, chatRoomID, scr: state.chatRooms[chatRoomID] })))
   Vue.set(state.chatRooms[chatRoomID], 'users',
     Object.fromEntries(
       Object.entries(state.chatRooms[chatRoomID].users)
@@ -1319,11 +1320,11 @@ sbp('chelonia/defineContract', {
         leavingGroup: boolean // leave chatroom by leaving group
       }),
       process ({ data, meta }, { state }) {
-        removeGroupChatroomProfile(state, data.chatroomID, data.member)
+        removeGroupChatroomProfile(state, data.chatRoomID, data.member)
       },
-      sideEffect ({ meta, data, contractID }, { state }) {
+      sideEffect ({ meta, data, contractID, innerSigningContractID }, { state }) {
         const rootState = sbp('state/vuex/state')
-        if (meta.username !== rootState.loggedIn.username && !sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
+        if (innerSigningContractID === rootState.loggedIn.identityContractID && !sbp('okTurtles.data/get', 'JOINING_GROUP-' + contractID)) {
           sbp('chelonia/queueInvocation', contractID, () => {
             const rootState = sbp('state/vuex/state')
             if (rootState[contractID]?.profiles?.[meta.username]?.status === PROFILE_STATUS.ACTIVE) {
@@ -1347,10 +1348,11 @@ sbp('chelonia/defineContract', {
         }
         Vue.set(state.chatRooms[data.chatRoomID].users, username, { status: PROFILE_STATUS.ACTIVE })
       },
-      sideEffect ({ meta, data, contractID }, { state }) {
+      sideEffect ({ meta, data, contractID, innerSigningContractID }, { state }) {
         const rootState = sbp('state/vuex/state')
-        const username = data.username || meta.username
-        if (username === rootState.loggedIn.username) {
+
+        if (innerSigningContractID === rootState.loggedIn.identityContractID) {
+          const username = data.username || meta.username
           sbp('chelonia/queueInvocation', contractID, () => sbp('gi.contracts/group/joinGroupChatrooms', contractID, data.chatRoomID, username, rootState.loggedIn.username)).catch((e) => {
             console.error(`[gi.contracts/group/joinChatRoom/sideEffect] Error syncing chatroom contract for ${contractID}`, { e, data })
           })
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index c524133278..8aec29bf34 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNJ1EFiTvFLp382owBpiZge4b5juebzNixmrd7H8LQYkBa",
-    "gi.contracts/group": "21XWnNXTEcTdAZdywXXf91PzTn9dvy42vUxvimCWMpqhXQjppp",
+    "gi.contracts/group": "21XWnNV5D1vhx9XwDKqxk2bmSQUan1LpB9sxX6sxYdV4PscmHA",
     "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }
 }
diff --git a/shared/domains/chelonia/internals.js b/shared/domains/chelonia/internals.js
index a03e8d3eba..d67e143b6a 100644
--- a/shared/domains/chelonia/internals.js
+++ b/shared/domains/chelonia/internals.js
@@ -496,6 +496,9 @@ export default (sbp('sbp/selectors/register', {
 
             console.log('Inside pendingKeyRequests if')
             // Since we have received new keys, the current contract state might be wrong, so we need to remove the contract and resync
+            // Note: The following may be problematic when several tabs are open
+            // sharing the same state. This is more of a general issue in this
+            // situation, not limited to the following sequence of events
             await sbp('okTurtles.eventQueue/queueEvent', v.contractID, [
               'chelonia/begin',
               ['chelonia/contract/removeImmediately', v.contractID],
@@ -1306,6 +1309,7 @@ export default (sbp('sbp/selectors/register', {
         try {
           postHandleEvent?.(message)
           sbp('okTurtles.events/emit', hash, contractID, message)
+          sbp('okTurtles.events/emit', message.id(), contractID, message)
           sbp('okTurtles.events/emit', EVENT_HANDLED, contractID, message)
         } catch (e) {
           console.error(`[chelonia] ERROR '${e.name}' for ${message.description()} in event post-handling: ${e.message}`, e, { message: message.serialize() })

From e6803744de056ee6a4f618b8679f184c3edb2a69 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Wed, 15 Nov 2023 21:07:44 +0100
Subject: [PATCH 24/29] Encrypt OP_KEY_SHARE envelope

---
 frontend/controller/actions/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/frontend/controller/actions/index.js b/frontend/controller/actions/index.js
index 6648433044..9c30ad3297 100644
--- a/frontend/controller/actions/index.js
+++ b/frontend/controller/actions/index.js
@@ -183,7 +183,7 @@ sbp('sbp/selectors/register', {
         contractID,
         contractName,
         data: [
-          ...keyShares.map((data) => ['chelonia/out/keyShare', { data }]),
+          ...keyShares.map((data) => ['chelonia/out/keyShare', { data: encryptedOutgoingData(contractID, CEKid, data) }]),
           ['chelonia/out/keyUpdate', { data: updatedKeys }]
         ],
         signingKeyId,

From b103de951e727978eca70c3d599387fdad292d9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Thu, 16 Nov 2023 18:49:20 +0100
Subject: [PATCH 25/29] Add missing sync when added to chatroom

---
 frontend/controller/actions/group.js    |  2 +-
 frontend/model/contracts/group.js       | 30 +++++++++++++++++++++++--
 frontend/model/contracts/manifests.json |  2 +-
 frontend/model/state.js                 |  6 -----
 4 files changed, 30 insertions(+), 10 deletions(-)

diff --git a/frontend/controller/actions/group.js b/frontend/controller/actions/group.js
index 05425482c6..7614b688e7 100644
--- a/frontend/controller/actions/group.js
+++ b/frontend/controller/actions/group.js
@@ -616,7 +616,7 @@ export default (sbp('sbp/selectors/register', {
 
     // If we are inviting someone else to join, we need to share the chatroom's keys
     // with them so that they are able to read messages and participate
-    if (username !== me && [CHATROOM_PRIVACY_LEVEL.PRIVATE].includes(rootState[params.data.chatRoomID].attributes.privacyLevel)) {
+    if (username !== me && rootState[params.data.chatRoomID].attributes.privacyLevel === CHATROOM_PRIVACY_LEVEL.PRIVATE) {
       await sbp('gi.actions/out/shareVolatileKeys', {
         contractID: rootGetters.ourContactProfiles[username].contractID,
         contractName: 'gi.contracts/identity',
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index ce4b6c7d88..cd7f79d7dc 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -1346,15 +1346,41 @@ sbp('chelonia/defineContract', {
         if (state.profiles[username]?.status !== PROFILE_STATUS.ACTIVE) {
           throw new Error('Cannot join a chatroom for a group you\'re not a member of')
         }
+        // Here, we could use a list of active members or we could use a
+        // dictionary with an explicit status (as is being done). The reason
+        // to choose the explicit approach is to avoid syncing all the chatroom
+        // contracts in the event that a member leaves the group (in which case
+        // they are removed from all chatrooms).
+        // This leaving process is done in two steps, with the process function
+        // setting the status and the side-effect issuing the relevant action
+        // in the chatroom contract. If we didn't have a way of checking for
+        // removed members, we would need to possibly fetch every chatroom
+        // contract to account for chatrooms for which the removed member is
+        // a part of.
         Vue.set(state.chatRooms[data.chatRoomID].users, username, { status: PROFILE_STATUS.ACTIVE })
       },
       sideEffect ({ meta, data, contractID, innerSigningContractID }, { state }) {
         const rootState = sbp('state/vuex/state')
+        const username = data.username || meta.username
 
+        // If we added someone to the chatroom (including ourselves), we issue
+        // the relevant action to the chatroom contract
         if (innerSigningContractID === rootState.loggedIn.identityContractID) {
-          const username = data.username || meta.username
           sbp('chelonia/queueInvocation', contractID, () => sbp('gi.contracts/group/joinGroupChatrooms', contractID, data.chatRoomID, username, rootState.loggedIn.username)).catch((e) => {
-            console.error(`[gi.contracts/group/joinChatRoom/sideEffect] Error syncing chatroom contract for ${contractID}`, { e, data })
+            console.error(`[gi.contracts/group/joinChatRoom/sideEffect] Error adding member to group chatroom for ${contractID}`, { e, data })
+          })
+        } else if (username === rootState.loggedIn.username) {
+          // If we were the ones added to the chatroom, we sync the chatroom.
+          // This is an `else` block because joinGroupChatrooms already calls
+          // sync
+          sbp('chelonia/queueInvocation', contractID, () => {
+            const rootState = sbp('state/vuex/state')
+
+            if (rootState[contractID]?.chatRooms[data.chatRoomID]?.users[username]?.status === PROFILE_STATUS.ACTIVE) {
+              sbp('chelonia/contract/sync', data.chatRoomID).catch((e) => {
+                console.error(`[gi.contracts/group/joinChatRoom/sideEffect] Error syncing chatroom contract for ${contractID}`, { e, data })
+              })
+            }
           })
         }
       }
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 8aec29bf34..7b18403f1f 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNJ1EFiTvFLp382owBpiZge4b5juebzNixmrd7H8LQYkBa",
-    "gi.contracts/group": "21XWnNV5D1vhx9XwDKqxk2bmSQUan1LpB9sxX6sxYdV4PscmHA",
+    "gi.contracts/group": "21XWnNHPPhQkF4SP6XTVicK3NrLfan9EsU9YHcwFhA7fr2aZZj",
     "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }
 }
diff --git a/frontend/model/state.js b/frontend/model/state.js
index f0985564ce..e88dfa4406 100644
--- a/frontend/model/state.js
+++ b/frontend/model/state.js
@@ -139,12 +139,6 @@ const mutations = {
       messages: state.chatRoomUnread[chatRoomId].messages
         ?.filter(m => new Date(m.createdDate).getTime() > new Date(createdDate).getTime()) || []
     })
-    // eslint-disable-next-line no-lone-blocks
-    {
-      // hack: delete me after upgrade to 0.2.x!
-      Vue.set(state.chatRoomUnread[chatRoomId], 'mentions', [])
-      Vue.set(state.chatRoomUnread[chatRoomId], 'others', [])
-    }
   },
   deleteChatRoomReadUntil (state, { chatRoomId, deletedDate }) {
     if (state.chatRoomUnread[chatRoomId].readUntil) {

From c1240237b2fd39e0d7c61b57cc31d1882624c6a4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Thu, 16 Nov 2023 18:57:05 +0100
Subject: [PATCH 26/29] Remove extraneous logging

---
 frontend/controller/actions/index.js | 2 --
 frontend/views/pages/Join.vue        | 2 --
 2 files changed, 4 deletions(-)

diff --git a/frontend/controller/actions/index.js b/frontend/controller/actions/index.js
index 9c30ad3297..b421143fbb 100644
--- a/frontend/controller/actions/index.js
+++ b/frontend/controller/actions/index.js
@@ -34,8 +34,6 @@ sbp('sbp/selectors/register', {
     try {
       await sbp('chelonia/contract/sync', contractID, { deferredRemove: true })
       const state = await sbp('chelonia/latestContractState', contractID)
-      const rSState = sbp('state/vuex/state')[contractID]
-      console.log('@@@@ [gi.actions/out/shareVolatileKeys] state received', { state: window.structuredClone(state), rSState: window.structuredClone(rSState) })
 
       const CEKid = findKeyIdByName(state, 'cek')
       const signingKeyId = findSuitableSecretKeyId(state, [GIMessage.OP_KEY_SHARE], ['sig'])
diff --git a/frontend/views/pages/Join.vue b/frontend/views/pages/Join.vue
index 60c88774a1..6c4600a374 100644
--- a/frontend/views/pages/Join.vue
+++ b/frontend/views/pages/Join.vue
@@ -132,10 +132,8 @@ export default ({
         }
         if (this.ourUsername) {
           if (this.currentGroupId && [PROFILE_STATUS.ACTIVE, PROFILE_STATUS.PENDING].includes(this.$store.state.contracts[this.ephemeral.query.groupId]?.profiles?.[this.ourUsername])) {
-            console.log('Join.vue, pushing /dashboard')
             this.$router.push({ path: '/dashboard' })
           } else {
-            console.log('Join.vue, calling this.accept()')
             await this.accept()
           }
           return

From 8ef6917c2bb237be6a45b78c6714c3db7172271d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Thu, 16 Nov 2023 20:10:45 +0100
Subject: [PATCH 27/29] Add destructor to leave chatrooms

---
 frontend/model/contracts/chatroom.js         | 25 ++++++++++++++++----
 frontend/model/contracts/manifests.json      |  2 +-
 frontend/model/contracts/shared/functions.js |  7 ------
 shared/domains/chelonia/chelonia.js          | 20 ++++++++++++++++
 4 files changed, 41 insertions(+), 13 deletions(-)

diff --git a/frontend/model/contracts/chatroom.js b/frontend/model/contracts/chatroom.js
index 17a02ec366..ac964ab2e1 100644
--- a/frontend/model/contracts/chatroom.js
+++ b/frontend/model/contracts/chatroom.js
@@ -334,8 +334,8 @@ sbp('chelonia/defineContract', {
         })
         state.messages.push(newMessage)
       },
-      sideEffect ({ data, hash, contractID, meta }, { state }) {
-        sbp('chelonia/queueInvocation', contractID, async () => {
+      sideEffect ({ data, hash, contractID, meta }) {
+        sbp('chelonia/queueInvocation', contractID, () => {
           const rootState = sbp('state/vuex/state')
           const state = rootState[contractID]
 
@@ -345,7 +345,12 @@ sbp('chelonia/defineContract', {
 
           if (data.member === rootState.loggedIn.username) {
             if (!sbp('okTurtles.data/get', 'JOINING_CHATROOM-' + contractID)) {
-              await leaveChatRoom({ contractID })
+              // NOTE: make sure *not* to await on this, since that can cause
+              //       a potential deadlock. See same warning in sideEffect for
+              //       'gi.contracts/group/removeMember'
+              sbp('chelonia/contract/remove', contractID).catch(e => {
+                console.error(`[gi.contracts/chatroom/leave/sideEffect] (${contractID}): remove threw ${e.name}:`, e)
+              })
             }
           } else {
             emitMessageEvent({ contractID, hash })
@@ -378,11 +383,16 @@ sbp('chelonia/defineContract', {
           Vue.delete(state.users, username)
         }
       },
-      async sideEffect ({ meta, contractID }, { state }) {
+      sideEffect ({ meta, contractID }, { state }) {
         if (sbp('chelonia/contract/isSyncing', contractID)) {
           return
         }
-        await leaveChatRoom({ contractID })
+        // NOTE: make sure *not* to await on this, since that can cause
+        //       a potential deadlock. See same warning in sideEffect for
+        //       'gi.contracts/group/removeMember'
+        sbp('chelonia/contract/remove', contractID).catch(e => {
+          console.error(`[gi.contracts/chatroom/delete/sideEffect] (${contractID}): remove threw ${e.name}:`, e)
+        })
       }
     },
     'gi.contracts/chatroom/addMessage': {
@@ -709,6 +719,11 @@ sbp('chelonia/defineContract', {
     }
   },
   methods: {
+    'gi.contracts/chatroom/_cleanup': ({ contractID }) => {
+      leaveChatRoom({ contractID }).catch((e) => {
+        console.error(`[gi.contracts/chatroom/_cleanup] Error for ${contractID}`, e)
+      })
+    },
     'gi.contracts/chatroom/rotateKeys': (contractID, state) => {
       if (!state._volatile) Vue.set(state, '_volatile', Object.create(null))
       if (!state._volatile.pendingKeyRevocations) Vue.set(state._volatile, 'pendingKeyRevocations', Object.create(null))
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index 7b18403f1f..b11fe31770 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,6 +1,6 @@
 {
   "manifests": {
-    "gi.contracts/chatroom": "21XWnNJ1EFiTvFLp382owBpiZge4b5juebzNixmrd7H8LQYkBa",
+    "gi.contracts/chatroom": "21XWnNQYNYECo7bDpoAoYqW4nFExcnyzXSdCeLNZTVwzkn8DxT",
     "gi.contracts/group": "21XWnNHPPhQkF4SP6XTVicK3NrLfan9EsU9YHcwFhA7fr2aZZj",
     "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }
diff --git a/frontend/model/contracts/shared/functions.js b/frontend/model/contracts/shared/functions.js
index aec7eccc48..28ceb8f10a 100644
--- a/frontend/model/contracts/shared/functions.js
+++ b/frontend/model/contracts/shared/functions.js
@@ -118,13 +118,6 @@ export async function leaveChatRoom ({ contractID }: {
 
   sbp('state/vuex/commit', 'deleteChatRoomUnread', { chatRoomId: contractID })
   sbp('state/vuex/commit', 'deleteChatRoomScrollPosition', { chatRoomId: contractID })
-
-  // NOTE: make sure *not* to await on this, since that can cause
-  //       a potential deadlock. See same warning in sideEffect for
-  //       'gi.contracts/group/removeMember'
-  sbp('chelonia/contract/remove', contractID).catch(e => {
-    console.error(`leaveChatRoom(${contractID}): remove threw ${e.name}:`, e)
-  })
 }
 
 export function findMessageIdx (hash: string, messages: Array<Object>): number {
diff --git a/shared/domains/chelonia/chelonia.js b/shared/domains/chelonia/chelonia.js
index d7dcf2a4cb..503510810d 100644
--- a/shared/domains/chelonia/chelonia.js
+++ b/shared/domains/chelonia/chelonia.js
@@ -618,6 +618,26 @@ export default (sbp('sbp/selectors/register', {
   // Warning: avoid using this unless you know what you're doing. Prefer using /remove.
   'chelonia/contract/removeImmediately': function (contractID: string) {
     const state = sbp(this.config.stateSelector)
+    const contractName = state.contracts[contractID]?.type
+    if (!contractName) {
+      console.error('[chelonia/contract/removeImmediately] Called on non-existing contract', { contractID })
+      return
+    }
+
+    const manifestHash = this.config.contracts.manifests[contractName]
+    if (manifestHash) {
+      const destructor = `${manifestHash}/${contractName}/_cleanup`
+      // Check if a destructor is defined
+      if (sbp('sbp/selectors/fn', destructor)) {
+        // And call it
+        try {
+          sbp(destructor, { contractID })
+        } catch (e) {
+          console.error(`[chelonia/contract/removeImmediately] Error at destructor for ${contractID}`, e)
+        }
+      }
+    }
+
     this.config.reactiveDel(state.contracts, contractID)
     this.config.reactiveDel(state, contractID)
     delete this.removeCount[contractID]

From 905bbbcb73290c79cbe17203e80b5b68781c0639 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 17 Nov 2023 17:43:14 +0100
Subject: [PATCH 28/29] Leave chatrooms on removeOurselves

---
 frontend/controller/actions/chatroom.js | 5 +++++
 frontend/model/contracts/group.js       | 9 ++++-----
 frontend/model/contracts/manifests.json | 2 +-
 3 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/frontend/controller/actions/chatroom.js b/frontend/controller/actions/chatroom.js
index 3450a49054..a79ab69ec5 100644
--- a/frontend/controller/actions/chatroom.js
+++ b/frontend/controller/actions/chatroom.js
@@ -231,6 +231,11 @@ export default (sbp('sbp/selectors/register', {
     const isCurrentUserJoining = rootState.loggedIn.identityContractID === userID
 
     if (isCurrentUserJoining) {
+      // Cancel remove when sending this (join) action. This is because if we're
+      // trying to join a chatroom that we've previously left, it'll be removed
+      // by its side-effects. Calling 'chelonia/contract/cancelRemove' clears
+      // the pendingRemove flag in the contract, preventing it from being
+      // removed (which is the intent here, as we're re-joining)
       sbp('chelonia/contract/cancelRemove', params.contractID)
       sbp('okTurtles.data/set', 'JOINING_CHATROOM-' + params.contractID, true)
     }
diff --git a/frontend/model/contracts/group.js b/frontend/model/contracts/group.js
index cd7f79d7dc..97af18dcae 100644
--- a/frontend/model/contracts/group.js
+++ b/frontend/model/contracts/group.js
@@ -156,6 +156,10 @@ function memberLeaves ({ username, dateLeft }, { contractID, meta, state, getter
   state.profiles[username].departedDate = dateLeft
   // remove any todos for this member from the adjusted distribution
   updateCurrentDistribution({ contractID, meta, state, getters })
+
+  Object.keys(state.chatRooms).forEach((chatroomID) => {
+    removeGroupChatroomProfile(state, chatroomID, username)
+  })
 }
 
 function isActionYoungerThanUser (actionMeta: Object, userProfile: ?Object): boolean {
@@ -263,7 +267,6 @@ function updateGroupStreaks ({ state, getters }) {
 }
 
 const removeGroupChatroomProfile = (state, chatRoomID, member) => {
-  console.log(JSON.parse(JSON.stringify({ state, chatRoomID, scr: state.chatRooms[chatRoomID] })))
   Vue.set(state.chatRooms[chatRoomID], 'users',
     Object.fromEntries(
       Object.entries(state.chatRooms[chatRoomID].users)
@@ -984,10 +987,6 @@ sbp('chelonia/defineContract', {
           { username: data.member, dateLeft: meta.createdDate },
           { contractID, meta, state, getters }
         )
-
-        Object.keys(state.chatRooms).forEach((chatroomID) => {
-          removeGroupChatroomProfile(state, chatroomID, data.member)
-        })
       },
       sideEffect ({ data, meta, contractID }, { state, getters }) {
         // Put this invocation at the end of a sync to ensure that leaving and
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index b11fe31770..f97a677b47 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,7 +1,7 @@
 {
   "manifests": {
     "gi.contracts/chatroom": "21XWnNQYNYECo7bDpoAoYqW4nFExcnyzXSdCeLNZTVwzkn8DxT",
-    "gi.contracts/group": "21XWnNHPPhQkF4SP6XTVicK3NrLfan9EsU9YHcwFhA7fr2aZZj",
+    "gi.contracts/group": "21XWnNUErbdJNLCf8nfmMvEhV5TT38kXFsMV9hBugHiZYkjLJH",
     "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }
 }

From 7b2a3a2c317eb3c03e0689efd72ff2f43c38356f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ricardo=20Iv=C3=A1n=20Vieitez=20Parra?=
 <3857362+corrideat@users.noreply.github.com>
Date: Fri, 17 Nov 2023 18:10:47 +0100
Subject: [PATCH 29/29] Remove JOINING_CHATROOM

---
 frontend/controller/actions/chatroom.js | 47 +++++++++++--------------
 frontend/model/contracts/chatroom.js    | 14 ++++----
 frontend/model/contracts/manifests.json |  2 +-
 3 files changed, 27 insertions(+), 36 deletions(-)

diff --git a/frontend/controller/actions/chatroom.js b/frontend/controller/actions/chatroom.js
index a79ab69ec5..d75fd5dca8 100644
--- a/frontend/controller/actions/chatroom.js
+++ b/frontend/controller/actions/chatroom.js
@@ -237,37 +237,30 @@ export default (sbp('sbp/selectors/register', {
       // the pendingRemove flag in the contract, preventing it from being
       // removed (which is the intent here, as we're re-joining)
       sbp('chelonia/contract/cancelRemove', params.contractID)
-      sbp('okTurtles.data/set', 'JOINING_CHATROOM-' + params.contractID, true)
     }
 
-    try {
-      const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
-      const userCSKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'csk')
+    const CEKid = sbp('chelonia/contract/currentKeyIdByName', params.contractID, 'cek')
+    const userCSKid = sbp('chelonia/contract/currentKeyIdByName', userID, 'csk')
 
-      // Add the user's CSK to the contract
-      await sbp('chelonia/out/keyAdd', {
-        contractID: params.contractID,
-        contractName: 'gi.contracts/chatroom',
-        // TODO: Find a way to have this wrapping be done by Chelonia directly
-        data: [encryptedOutgoingData(params.contractID, CEKid, {
-          foreignKey: `sp:${encodeURIComponent(userID)}?keyName=${encodeURIComponent('csk')}`,
-          id: userCSKid,
-          data: rootState[userID]._vm.authorizedKeys[userCSKid].data,
-          permissions: [GIMessage.OP_ACTION_ENCRYPTED + '#inner'],
-          allowedActions: '*',
-          purpose: ['sig'],
-          ringLevel: Number.MAX_SAFE_INTEGER,
-          name: `${userID}/${userCSKid}`
-        })],
-        signingKeyId
-      })
+    // Add the user's CSK to the contract
+    await sbp('chelonia/out/keyAdd', {
+      contractID: params.contractID,
+      contractName: 'gi.contracts/chatroom',
+      // TODO: Find a way to have this wrapping be done by Chelonia directly
+      data: [encryptedOutgoingData(params.contractID, CEKid, {
+        foreignKey: `sp:${encodeURIComponent(userID)}?keyName=${encodeURIComponent('csk')}`,
+        id: userCSKid,
+        data: rootState[userID]._vm.authorizedKeys[userCSKid].data,
+        permissions: [GIMessage.OP_ACTION_ENCRYPTED + '#inner'],
+        allowedActions: '*',
+        purpose: ['sig'],
+        ringLevel: Number.MAX_SAFE_INTEGER,
+        name: `${userID}/${userCSKid}`
+      })],
+      signingKeyId
+    })
 
-      return await sendMessage(params)
-    } finally {
-      if (isCurrentUserJoining) {
-        sbp('okTurtles.data/set', 'JOINING_CHATROOM-' + params.contractID, false)
-      }
-    }
+    return await sendMessage(params)
   }),
   ...encryptedAction('gi.actions/chatroom/rename', L('Failed to rename chat channel.')),
   ...encryptedAction('gi.actions/chatroom/changeDescription', L('Failed to change chat channel description.')),
diff --git a/frontend/model/contracts/chatroom.js b/frontend/model/contracts/chatroom.js
index ac964ab2e1..09453d84f0 100644
--- a/frontend/model/contracts/chatroom.js
+++ b/frontend/model/contracts/chatroom.js
@@ -344,14 +344,12 @@ sbp('chelonia/defineContract', {
           }
 
           if (data.member === rootState.loggedIn.username) {
-            if (!sbp('okTurtles.data/get', 'JOINING_CHATROOM-' + contractID)) {
-              // NOTE: make sure *not* to await on this, since that can cause
-              //       a potential deadlock. See same warning in sideEffect for
-              //       'gi.contracts/group/removeMember'
-              sbp('chelonia/contract/remove', contractID).catch(e => {
-                console.error(`[gi.contracts/chatroom/leave/sideEffect] (${contractID}): remove threw ${e.name}:`, e)
-              })
-            }
+            // NOTE: make sure *not* to await on this, since that can cause
+            //       a potential deadlock. See same warning in sideEffect for
+            //       'gi.contracts/group/removeMember'
+            sbp('chelonia/contract/remove', contractID).catch(e => {
+              console.error(`[gi.contracts/chatroom/leave/sideEffect] (${contractID}): remove threw ${e.name}:`, e)
+            })
           } else {
             emitMessageEvent({ contractID, hash })
             setReadUntilWhileJoining({ contractID, hash, createdDate: meta.createdDate })
diff --git a/frontend/model/contracts/manifests.json b/frontend/model/contracts/manifests.json
index f97a677b47..a8ffb0ce00 100644
--- a/frontend/model/contracts/manifests.json
+++ b/frontend/model/contracts/manifests.json
@@ -1,6 +1,6 @@
 {
   "manifests": {
-    "gi.contracts/chatroom": "21XWnNQYNYECo7bDpoAoYqW4nFExcnyzXSdCeLNZTVwzkn8DxT",
+    "gi.contracts/chatroom": "21XWnNFVtteM9V8qwUkYkYYnEnvfLxqKnrZbZLybVJwwSQXzEm",
     "gi.contracts/group": "21XWnNUErbdJNLCf8nfmMvEhV5TT38kXFsMV9hBugHiZYkjLJH",
     "gi.contracts/identity": "21XWnNFzk2b6jLnCddLSr1SGRMyVhnX1KNomN8FeGQH8FTUGSo"
   }