fix: Emit MsgsNoticed on receipt of an IMAP-seen message

`imap::Session::sync_seen_flags()` emits `MsgsNoticed` for existing messages seen on other devices,
so `receive_imf` should do the same when it receives a seen message. Otherwise a multi-device user
may see a new message notification on device A, just swipe it, then see another new message
notification and mark it as read, and when a device B goes online, it will show a notification for
the first message, and it won't be removed because `MsgsNoticed` isn't emitted. I have checked this
with my DC Android and Desktop. With this fix the notification can be removed if UIs handle
`MsgsNoticed` accordingly, though currently i can't achieve this behaviour in Desktop.

Also add blocked chat's messages and silent group changes messages as `InNoticed` instead of
`InSeen`, they don't need to cause `MsgsNoticed` events. This doesn't change any UX, checked this in
Desktop.

.github/workflows/ci.yml

@@ -20,7 +20,7 @@ permissions: {}
 
 env:
   RUSTFLAGS: -Dwarnings
-  RUST_VERSION: 1.87.0
+  RUST_VERSION: 1.89.0
 
   # Minimum Supported Rust Version
   MSRV: 1.85.0
@@ -30,7 +30,7 @@ jobs:
     name: Lint Rust
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -53,7 +53,7 @@ jobs:
     name: cargo deny
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -67,7 +67,7 @@ jobs:
     name: Check provider database
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -80,7 +80,7 @@ jobs:
     env:
       RUSTDOCFLAGS: -Dwarnings
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -115,7 +115,7 @@ jobs:
         shell: bash
         if: matrix.rust == 'latest'
 
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -154,7 +154,7 @@ jobs:
         os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -179,7 +179,7 @@ jobs:
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -201,7 +201,7 @@ jobs:
     name: Python lint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -244,13 +244,13 @@ jobs:
 
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
 
       - name: Download libdeltachat.a
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: ${{ matrix.os }}-libdeltachat.a
           path: target/debug
@@ -297,7 +297,7 @@ jobs:
 
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -311,7 +311,7 @@ jobs:
         run: pip install tox
 
       - name: Download deltachat-rpc-server
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: ${{ matrix.os }}-deltachat-rpc-server
           path: target/debug

.github/workflows/deltachat-rpc-server.yml

@@ -30,7 +30,7 @@ jobs:
         arch: [aarch64, armv7l, armv6l, i686, x86_64]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -54,7 +54,7 @@ jobs:
         arch: [win32, win64]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -79,7 +79,7 @@ jobs:
 
     runs-on: macos-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -105,7 +105,7 @@ jobs:
         arch: [arm64-v8a, armeabi-v7a]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -132,74 +132,74 @@ jobs:
       contents: write
     runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
       - uses: DeterminateSystems/nix-installer-action@main
 
       - name: Download Linux aarch64 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-aarch64-linux
           path: deltachat-rpc-server-aarch64-linux.d
 
       - name: Download Linux armv7l binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-armv7l-linux
           path: deltachat-rpc-server-armv7l-linux.d
 
       - name: Download Linux armv6l binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-armv6l-linux
           path: deltachat-rpc-server-armv6l-linux.d
 
       - name: Download Linux i686 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-i686-linux
           path: deltachat-rpc-server-i686-linux.d
 
       - name: Download Linux x86_64 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-x86_64-linux
           path: deltachat-rpc-server-x86_64-linux.d
 
       - name: Download Win32 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-win32
           path: deltachat-rpc-server-win32.d
 
       - name: Download Win64 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-win64
           path: deltachat-rpc-server-win64.d
 
       - name: Download macOS binary for x86_64
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-x86_64-macos
           path: deltachat-rpc-server-x86_64-macos.d
 
       - name: Download macOS binary for aarch64
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-aarch64-macos
           path: deltachat-rpc-server-aarch64-macos.d
 
       - name: Download Android binary for arm64-v8a
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-arm64-v8a-android
           path: deltachat-rpc-server-arm64-v8a-android.d
 
       - name: Download Android binary for armeabi-v7a
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-armeabi-v7a-android
           path: deltachat-rpc-server-armeabi-v7a-android.d
@@ -285,7 +285,7 @@ jobs:
       # Needed to publish the binaries to the release.
       contents: write
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -294,67 +294,67 @@ jobs:
           python-version: "3.11"
 
       - name: Download Linux aarch64 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-aarch64-linux
           path: deltachat-rpc-server-aarch64-linux.d
 
       - name: Download Linux armv7l binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-armv7l-linux
           path: deltachat-rpc-server-armv7l-linux.d
 
       - name: Download Linux armv6l binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-armv6l-linux
           path: deltachat-rpc-server-armv6l-linux.d
 
       - name: Download Linux i686 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-i686-linux
           path: deltachat-rpc-server-i686-linux.d
 
       - name: Download Linux x86_64 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-x86_64-linux
           path: deltachat-rpc-server-x86_64-linux.d
 
       - name: Download Win32 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-win32
           path: deltachat-rpc-server-win32.d
 
       - name: Download Win64 binary
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-win64
           path: deltachat-rpc-server-win64.d
 
       - name: Download macOS binary for x86_64
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-x86_64-macos
           path: deltachat-rpc-server-x86_64-macos.d
 
       - name: Download macOS binary for aarch64
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-aarch64-macos
           path: deltachat-rpc-server-aarch64-macos.d
 
       - name: Download Android binary for arm64-v8a
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-arm64-v8a-android
           path: deltachat-rpc-server-arm64-v8a-android.d
 
       - name: Download Android binary for armeabi-v7a
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: deltachat-rpc-server-armeabi-v7a-android
           path: deltachat-rpc-server-armeabi-v7a-android.d

.github/workflows/jsonrpc-client-npm-package.yml

@@ -14,7 +14,7 @@ jobs:
       id-token: write
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/jsonrpc.yml

@@ -16,7 +16,7 @@ jobs:
   build_and_test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/nix.yml

@@ -19,7 +19,7 @@ jobs:
     name: check flake formatting
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -81,7 +81,7 @@ jobs:
           #- deltachat-rpc-server-x86_64-android
           #- deltachat-rpc-server-x86-android
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -101,7 +101,7 @@ jobs:
           # - deltachat-rpc-server-aarch64-darwin
           # - deltachat-rpc-server-x86_64-darwin
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/publish-deltachat-rpc-client-pypi.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Download all the dists
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: python-package-distributions
           path: dist/

.github/workflows/repl.yml

@@ -14,7 +14,7 @@ jobs:
     name: Build REPL example
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/upload-docs.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -31,7 +31,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -50,7 +50,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false
@@ -72,7 +72,7 @@ jobs:
         working-directory: ./deltachat-jsonrpc/typescript
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/upload-ffi-docs.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           show-progress: false
           persist-credentials: false

.github/workflows/zizmor-scan.yml

@@ -14,7 +14,7 @@ jobs:
       security-events: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
 

CHANGELOG.md

@@ -1,5 +1,315 @@
 # Changelog
 
+## [2.12.0] - 2025-08-26
+
+### API-Changes
+
+- api!(python): remove remaining broken API for reactions
+
+### Features / Changes
+
+- Use Group ID for chat color generation instead of the name for encrypted groups.
+- Use key fingerprints instead of addresses for key-contacts color generation.
+- Replace HSLuv colors with OKLCh.
+- `wal_checkpoint()`: Do `wal_checkpoint(PASSIVE)` and `wal_checkpoint(FULL)` before `wal_checkpoint(TRUNCATE)`.
+- Assign messages to key-contacts based on Issuer Fingerprint.
+- Create_group_ex(): Log and replace invalid chat name with "…".
+
+### Fixes
+
+- Do not create a group if the sender includes self in the `To` field.
+- Do not reverify already verified contacts via gossip.
+- `get_connectivity()`: Get rid of locking SchedulerState::inner ([#7124](https://github.com/chatmail/core/pull/7124)).
+- Make reaction message hidden only if there are no other parts.
+
+### Refactor
+
+- Do not return `Result` from `valid_signature_fingerprints()`.
+- Make `ConnectivityStore` use a non-async lock ([#7129](https://github.com/chatmail/core/pull/7129)).
+
+### Documentation
+
+- Remove broken link from documentation comments.
+- Remove the comment about Color Vision Deficiency correction.
+
+## [2.11.0] - 2025-08-13
+
+### Features / Changes
+
+- Contact::lookup_id_by_addr_ex: Prefer returning key-contact.
+- Contact::lookup_id_by_addr_ex: Prefer returning accepted contacts.
+- Better string when using disappearing messages of one year (365..367 days, so it can be tweaked later).
+- Do not require resent messages to be from the same chat.
+- `lookup_key_contact_by_address()`: Allow looking up ContactId::SELF without chat id.
+- `get_securejoin_qr()`: Log error if group doesn't have grpid.
+- `receive_imf::add_parts()`: Get rid of extra `Chat::load_from_db()` calls.
+
+### Fixes
+
+- Ignore case when trying to detect 'invalid unencrypted mail' and add an info-message.
+- Run wal_checkpoint during housekeeping ([#6089](https://github.com/chatmail/core/pull/6089)).
+- Allow receiving empty files.
+- Set correct sent_timestamp for saved outgoing messages.
+- Do not remove query parameters from URLs.
+- Log and set imex progress error ([#7091](https://github.com/chatmail/core/pull/7091)).
+- Do not add key-contacts to unencrypted groups.
+- Do not reset `GuaranteeE2ee` in the database when resending messages.
+- Assign messages to a group if there is a `Chat-Group-Name`.
+- Take `Chat-Group-Name` into account when matching ad hoc groups.
+- Don't break long group names with non-ASCII characters.
+- Add messages that can't be verified as `DownloadState::Available` ([#7059](https://github.com/chatmail/core/pull/7059)).
+
+### Tests
+
+- Log the number of the test account if there are multiple alices ([#7087](https://github.com/chatmail/core/pull/7087)).
+
+### CI
+
+- Update Rust to 1.89.0.
+
+### Refactor
+
+- Rename icon-address-contact to icon-unencrypted.
+- Skip loading the contact of 1:1 unencrypted chat to show the avatar.
+- Chat::is_encrypted(): Make one query instead of two for 1:1 chats.
+
+### Miscellaneous Tasks
+
+- cargo: Bump toml from 0.8.23 to 0.9.4.
+- cargo: Bump human-panic from 2.0.2 to 2.0.3.
+- deny.toml: Add exception for duplicate toml_datetime 0.6.11 dependency.
+- deps: Bump actions/checkout from 4 to 5.
+- deps: Bump actions/download-artifact from 4 to 5.
+
+## [2.10.0] - 2025-08-04
+
+### Features / Changes
+
+- Also lookup key contacts in lookup_id_by_addr() ([#7073](https://github.com/chatmail/core/pull/7073)).
+
+### Miscellaneous Tasks
+
+- cargo: Bump serde_json from 1.0.140 to 1.0.142.
+- cargo: Bump bolero from 0.13.3 to 0.13.4.
+- cargo: Bump async-channel from 2.3.1 to 2.5.0.
+- cargo: Bump hyper-util from 0.1.14 to 0.1.16.
+- cargo: Bump criterion from 0.6.0 to 0.7.0.
+- cargo: Bump strum from 0.27.1 to 0.27.2.
+- cargo: Bump strum_macros from 0.27.1 to 0.27.2.
+- Upgrade async-imap to 0.11.1.
+
+## [2.9.0] - 2025-07-31
+
+### Features / Changes
+
+- repl: Add import-vcard and make-vcard commands ([#7048](https://github.com/chatmail/core/pull/7048)).
+
+### Fixes
+
+- Display correct timer value for ephemeral timer changes.
+- Get_chat_msgs_ex(): Report local midnight in ChatItem::DayMarker.
+
+### Refactor
+
+- Rename add_or_lookup_key_contacts_by_address_list() to add_or_lookup_key_contacts().
+- Don't call add_or_lookup_key_contacts() in advance.
+
+## [2.8.0] - 2025-07-28
+
+### Features / Changes
+
+- Remove ProtectionBroken, make such  chats Unprotected ([#7041](https://github.com/chatmail/core/pull/7041)).
+
+### Fixes
+
+- Lookup self by address if there is no fingerprint or gossip.
+
+## [2.7.0] - 2025-07-26
+
+### Features / Changes
+
+- Mimefactory: Order message recipients by time of addition ([#6872](https://github.com/chatmail/core/pull/6872)).
+- Put the debug/release build version into the info ([#7034](https://github.com/chatmail/core/pull/7034)).
+
+### Fixes
+
+- Realtime late join ([#6869](https://github.com/chatmail/core/pull/6869)).
+- Do not fail to upgrade if the verifier of a contact doesn't exist anymore ([#7044](https://github.com/chatmail/core/pull/7044)).
+
+### Tests
+
+- Add regression test for verification-gossiping crash ([#7033](https://github.com/chatmail/core/pull/7033)).
+
+## [2.6.0] - 2025-07-23
+
+### Fixes
+
+- Fix crash when receiving a verification-gossiping message which a contact also sends to itself ([#7032](https://github.com/chatmail/core/pull/7032)).
+
+## [2.5.0] - 2025-07-22
+
+### Fixes
+
+- Correctly migrate "verified by me".
+- Mark all email chats as unprotected in the migration ([#7026](https://github.com/chatmail/core/pull/7026)).
+- Do not ignore errors in add_flag_finalized_with_set.
+
+### Documentation
+
+- Deprecate protection-broken and related stuff ([#7018](https://github.com/chatmail/core/pull/7018)).
+- Clarify the meaning of is_verified() vs verifier_id() ([#7027](https://github.com/chatmail/core/pull/7027)).
+- STYLE.md: Prefer `try_next()` over `next()`.
+
+## [2.4.0] - 2025-07-21
+
+### Fixes
+
+- Do not ignore errors when draining FETCH responses. This avoids IMAP loop getting stuck in an infinite loop retrying reading from the connection.
+- Update `tokio-io-timeout` to 1.2.1. This release includes a fix to reset timeout after every error, so timeout error is returned at most once a minute if read is attempted after a timeout.
+
+### Miscellaneous Tasks
+
+- Update async-imap to 0.11.0.
+
+### Refactor
+
+- Use `try_next()` when processing FETCH responses.
+
+## [2.3.0] - 2025-07-19
+
+### Features / Changes
+
+- Add "e2ee encrypted" info message to all e2ee chats ([#7008](https://github.com/chatmail/core/pull/7008)).
+- repl: Print errors and debug logs to stderr.
+- `{ensure_and,logged}_debug_assert`: Don't evaluate condition twice.
+- Log when background fetch of all accounts finishes successfully.
+- Log the number of read/written bytes on IMAP stream read error ([#6924](https://github.com/chatmail/core/pull/6924)).
+
+### Fixes
+
+- Ignore protected headers in outer message part ([#6357](https://github.com/chatmail/core/pull/6357)).
+- List e-mail contacts in repl listcontacts command.
+- Save peer address for LoggingStream early.
+
+## [2.2.0] - 2025-07-14
+
+### API-Changes
+
+- Add chat::create_group_ex(), deprecate create_group_chat() ([#6927](https://github.com/chatmail/core/pull/6927)).
+- jsonrpc: Add CommandApi::create_group_chat_unencrypted() ([#6927](https://github.com/chatmail/core/pull/6927)).
+- [**breaking**] In ChatListItem, replace is_group and is_(out_)broadcast with chat_type property ([#7003](https://github.com/chatmail/core/pull/7003)).
+
+### Features / Changes
+
+- Log failed debug assertions in all configurations.
+- Donation request device message ([#6913](https://github.com/chatmail/core/pull/6913)).
+- Advance next UID even if connection fails while fetching.
+
+### Fixes
+
+- Always prefer the last header.
+
+### Tests
+
+- Tune down DELTACHAT_SAVE_TMP_DB hint ([#6998](https://github.com/chatmail/core/pull/6998)).
+- Unencrypted group creation ([#6927](https://github.com/chatmail/core/pull/6927)).
+
+## [2.1.0] - 2025-07-11
+
+### Features / Changes
+
+- Add account ordering functionality ([#6993](https://github.com/chatmail/core/pull/6993)).
+- feat: Make it possible to leave broadcast channels ([#6984](https://github.com/chatmail/core/pull/6984))
+- Migrations: Use tools::Time to measure time for logging.
+- Log emitted logging events with `tracing`.
+- Ensure_and_debug_assert{,_eq,_ne} macros combining `debug_assert*` and anyhow::ensure ([#6907](https://github.com/chatmail/core/pull/6907)).
+
+### Fixes
+
+- Use Viewtype::File for messages with invalid images, images of unknown size, images > 50 Mpx ([#6825](https://github.com/chatmail/core/pull/6825)).
+- Don't apply chat name and avatar changes from non-members.
+
+### Documentation
+
+- Update showpadlock ffi.
+
+### Miscellaneous Tasks
+
+- cargo: Update cordyceps from 0.3.2 to 0.3.4.
+
+### Tests
+
+- Add option to save database on test failure ([#6992](https://github.com/chatmail/core/pull/6992)).
+
+## [2.0.0] - 2025-07-09
+
+This release changes the way the core handles contact keys.
+Instead of tracking OpenPGP keys corresponding to the
+contacts in [Autocrypt](https://autocrypt.org/) peerstate,
+the core creates a new "key-contact" for each known public key.
+Reception of a message signed with a new unknown key
+no longer results in warnings about setup changes,
+but creates a new contact and a new 1:1 chat if necessary.
+Additionally, there are "address-contacts" corresponding
+to the e-mail addresses.
+
+### Features / Changes
+
+- Key-contacts ([#6796](https://github.com/chatmail/core/pull/6796), [#6941](https://github.com/chatmail/core/pull/6941)).
+- Increase event channel size from 1000 to 10000.
+- Minimize the amount of data preserved for trashed messages.
+- Show broadcast channels in their own, proper "Channel" chat ([#6901](https://github.com/chatmail/core/pull/6901), [#6975](https://github.com/chatmail/core/pull/6975)).
+- Check images passed as `File` before making them `Image`.
+
+### API-Changes
+
+- CFFI: Add dc_contact_is_key_contact() ([#6955](https://github.com/chatmail/core/pull/6955)).
+- Contact::get_all(): Support listing address-contacts.
+- [**breaking**] Add InBroadcastChannel, OutBroadcastChannel chattypes, add create_broadcast_channel() ([#6901](https://github.com/chatmail/core/pull/6901)).
+- deltachat-rpc-client: Add Message.get_read_receipts().
+
+### Fixes
+
+- Remove display name from get_info(). This information usually goes at the top of the log and we don't want users to include it in bug reports.
+- Wait for scheduler tasks shutdown in parallel.
+- Update deltachat-repl help and autocomplete to match implementation ([#6978](https://github.com/chatmail/core/pull/6978), ([#6979](https://github.com/chatmail/core/pull/6979)).
+- Send Autocrypt header in MDNs. This is needed to assign MDNs to key-contacts.
+- Prefer encrypted List-Id header ([#6983](https://github.com/chatmail/core/pull/6983)).
+- Treat "tgs" as Viewtype::File.
+- Treat and send images that can't be decoded as Viewtype::File.
+- Decide on filename used for sending depending on the original Viewtype.
+- Migrate_key_contacts(): Remove "id>9" from encrypted messages SELECT.
+- Save msgs to key-contacts migration state and run migration periodically ([#6956](https://github.com/chatmail/core/pull/6956)).
+- Do not try to lookup key-contacts for unencrypted 1:1 messages.
+- Add query to post request for account creation ([#6989](https://github.com/chatmail/core/pull/6989)).
+
+### CI
+
+- Update Rust to 1.88.0.
+
+### Documentation
+
+- Remove outdated comment that says MDNs are unencrypted.
+
+### Refactor
+
+- Upgrade to Rust 2024.
+- Build_body_file(): Remove guessing mimetype by file extension.
+
+### Tests
+
+- Add online test for read receipts.
+- Add a test reproducing chat assignment bug.
+
+### Miscellaneous Tasks
+
+- cargo: Bump smallvec from 1.15.0 to 1.15.1.
+- cargo: Bump syn from 2.0.101 to 2.0.104.
+- cargo: Bump hyper-util from 0.1.13 to 0.1.14.
+- cargo: Bump toml from 0.8.19 to 0.8.23.
+- cargo: Bump proptest from 1.6.0 to 1.7.0.
+- cargo: Bump libc from 0.2.172 to 0.2.174.
+
 ## [1.160.0] - 2025-06-22
 
 ### API-Changes
@@ -289,8 +599,8 @@
 
 - Use vCard in TestContext.add_or_lookup_contact().
 - Remove test_group_with_removed_message_id.
-- Use add_or_lookup_email_contact() in get_chat().
-- Use add_or_lookup_email_contact in test_setup_contact_ex.
+- Use add_or_lookup_address_contact() in get_chat().
+- Use add_or_lookup_address_contact in test_setup_contact_ex.
 - Use vCards more in Python tests.
 - Use TestContextManager in more tests.
 - Use vCards to create contacts in more Rust tests.
@@ -6356,3 +6666,16 @@ https://github.com/chatmail/core/pulls?q=is%3Apr+is%3Aclosed
 [1.159.4]: https://github.com/chatmail/core/compare/v1.159.3..v1.159.4
 [1.159.5]: https://github.com/chatmail/core/compare/v1.159.4..v1.159.5
 [1.160.0]: https://github.com/chatmail/core/compare/v1.159.5..v1.160.0
+[2.0.0]: https://github.com/chatmail/core/compare/v1.160.0..v2.0.0
+[2.1.0]: https://github.com/chatmail/core/compare/v2.0.0..v2.1.0
+[2.2.0]: https://github.com/chatmail/core/compare/v2.1.0..v2.2.0
+[2.3.0]: https://github.com/chatmail/core/compare/v2.2.0..v2.3.0
+[2.4.0]: https://github.com/chatmail/core/compare/v2.3.0..v2.4.0
+[2.5.0]: https://github.com/chatmail/core/compare/v2.4.0..v2.5.0
+[2.6.0]: https://github.com/chatmail/core/compare/v2.5.0..v2.6.0
+[2.7.0]: https://github.com/chatmail/core/compare/v2.6.0..v2.7.0
+[2.8.0]: https://github.com/chatmail/core/compare/v2.7.0..v2.8.0
+[2.9.0]: https://github.com/chatmail/core/compare/v2.8.0..v2.9.0
+[2.10.0]: https://github.com/chatmail/core/compare/v2.9.0..v2.10.0
+[2.11.0]: https://github.com/chatmail/core/compare/v2.10.0..v2.11.0
+[2.12.0]: https://github.com/chatmail/core/compare/v2.11.0..v2.12.0

Cargo.toml

@@ -1,7 +1,7 @@
 [package]
 name = "deltachat"
-version = "1.160.0"
-edition = "2021"
+version = "2.12.0"
+edition = "2024"
 license = "MPL-2.0"
 rust-version = "1.85"
 repository = "https://github.com/chatmail/core"
@@ -44,14 +44,16 @@ ratelimit = { path = "./deltachat-ratelimit" }
 anyhow = { workspace = true }
 async-broadcast = "0.7.2"
 async-channel = { workspace = true }
-async-imap = { version = "0.10.4", default-features = false, features = ["runtime-tokio", "compress"] }
+async-imap = { version = "0.11.1", default-features = false, features = ["runtime-tokio", "compress"] }
 async-native-tls = { version = "0.5", default-features = false, features = ["runtime-tokio"] }
 async-smtp = { version = "0.10.2", default-features = false, features = ["runtime-tokio"] }
 async_zip = { version = "0.0.17", default-features = false, features = ["deflate", "tokio-fs"] }
 base64 = { workspace = true }
+blake3 = "1.8.2"
 brotli = { version = "8", default-features=false, features = ["std"] }
 bytes = "1"
 chrono = { workspace = true, features = ["alloc", "clock", "std"] }
+colorutils-rs = { version = "0.7.5", default-features = false }
 data-encoding = "2.9.0"
 escaper = "0.1"
 fast-socks5 = "0.10"
@@ -63,13 +65,13 @@ hickory-resolver = "0.25.2"
 http-body-util = "0.1.3"
 humansize = "2"
 hyper = "1"
-hyper-util = "0.1.13"
+hyper-util = "0.1.16"
 image = { version = "0.25.6", default-features=false, features = ["gif", "jpeg", "ico", "png", "pnm", "webp", "bmp"] }
 iroh-gossip = { version = "0.35", default-features = false, features = ["net"] }
 iroh = { version = "0.35", default-features = false }
 kamadak-exif = "0.6.1"
 libc = { workspace = true }
-mail-builder = { version = "0.4.3", default-features = false }
+mail-builder = { version = "0.4.4", default-features = false }
 mailparse = { workspace = true }
 mime = "0.3.17"
 num_cpus = "1.17"
@@ -85,7 +87,6 @@ quoted_printable = "0.5"
 rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
-rust-hsluv = "0.1"
 rustls-pki-types = "1.12.0"
 rustls = { version = "0.23.22", default-features = false }
 sanitize-filename = { workspace = true }
@@ -95,27 +96,27 @@ serde = { workspace = true, features = ["derive"] }
 sha-1 = "0.10"
 sha2 = "0.10"
 shadowsocks = { version = "1.23.1", default-features = false, features = ["aead-cipher", "aead-cipher-2022"] }
-smallvec = "1.15.0"
+smallvec = "1.15.1"
 strum = "0.27"
 strum_macros = "0.27"
 tagger = "4.3.4"
 textwrap = "0.16.2"
 thiserror = { workspace = true }
-tokio-io-timeout = "1.2.0"
+tokio-io-timeout = "1.2.1"
 tokio-rustls = { version = "0.26.2", default-features = false }
 tokio-stream = { version = "0.1.17", features = ["fs"] }
 tokio-tar = { version = "0.3" } # TODO: integrate tokio into async-tar
 tokio-util = { workspace = true }
 tokio = { workspace = true, features = ["fs", "rt-multi-thread", "macros"] }
-toml = "0.8"
+toml = "0.9"
+tracing = "0.1.41"
 url = "2"
 uuid = { version = "1", features = ["serde", "v4"] }
 webpki-roots = "0.26.8"
-blake3 = "1.8.2"
 
 [dev-dependencies]
 anyhow = { workspace = true, features = ["backtrace"] } # Enable `backtrace` feature in tests.
-criterion = { version = "0.6.0", features = ["async_tokio"] }
+criterion = { version = "0.7.0", features = ["async_tokio"] }
 futures-lite = { workspace = true }
 log = { workspace = true }
 nu-ansi-term = { workspace = true }
@@ -174,7 +175,7 @@ harness = false
 
 [workspace.dependencies]
 anyhow = "1"
-async-channel = "2.3.1"
+async-channel = "2.5.0"
 base64 = "0.22"
 chrono = { version = "0.4.41", default-features = false }
 deltachat-contact-tools = { path = "deltachat-contact-tools" }

README.md

@@ -80,30 +80,41 @@ Connect to your mail server (if already configured):
 > connect
 ```
 
-Create a contact:
+Export your public key to a vCard file:
+
+```
+> make-vcard my.vcard 1
+```
+
+Create contacts by address or vCard file:
 
 ```
 > addcontact yourfriends@email.org
-Command executed successfully.
+> import-vcard key-contact.vcard
 ```
 
 List contacts:
 
 ```
 > listcontacts
-Contact#10: <name unset> <yourfriends@email.org>
-Contact#1: Me √√ <your@email.org>
+Contact#Contact#11: key-contact@email.org <key-contact@email.org>
+Contact#Contact#Self: Me √ <your@email.org>
+2 key contacts.
+Contact#Contact#10: yourfriends@email.org <yourfriends@email.org>
+1 address contacts.
 ```
 
 Create a chat with your friend and send a message:
 
 ```
 > createchat 10
-Single#10 created successfully.
-> chat 10
-Single#10: yourfriends@email.org [yourfriends@email.org]
+Single#Chat#12 created successfully.
+> chat 12
+Selecting chat Chat#12
+Single#Chat#12: yourfriends@email.org [yourfriends@email.org] Icon: profile-db-blobs/4138c52e5bc1c576cda7dd44d088c07.png
+0 messages.
+81.252µs to create this list, 123.625µs to mark all messages as noticed.
 > send hi
-Message sent.
 ```
 
 List messages when inside a chat:

STYLE.md

@@ -78,6 +78,27 @@ All errors should be handled in one of these ways:
 - With `.log_err().ok()`.
 - Bubbled up with `?`.
 
+When working with [async streams](https://docs.rs/futures/0.3.31/futures/stream/index.html),
+prefer [`try_next`](https://docs.rs/futures/0.3.31/futures/stream/trait.TryStreamExt.html#method.try_next) over `next()`, e.g. do
+```
+while let Some(event) = stream.try_next().await? {
+    todo!();
+}
+```
+instead of
+```
+while let Some(event_res) = stream.next().await {
+    todo!();
+}
+```
+as it allows bubbling up the error early with `?`
+with no way to accidentally skip error processing
+with early `continue` or `break`.
+Some streams reading from a connection
+return infinite number of `Some(Err(_))`
+items when connection breaks and not processing
+errors may result in infinite loop.
+
 `backtrace` feature is enabled for `anyhow` crate
 and `debug = 1` option is set in the test profile.
 This allows to run `RUST_BACKTRACE=1 cargo test`

assets/icon-unencrypted.svg

@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg
+   height="480"
+   viewBox="0 -960 9600 9600"
+   width="480"
+   fill="#ffffff"
+   version="1.1"
+   id="svg1"
+   sodipodi:docname="icon-email.svg"
+   inkscape:version="1.4.2 (ebf0e940d0, 2025-05-08)"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:svg="http://www.w3.org/2000/svg">
+  <defs
+     id="defs1" />
+  <sodipodi:namedview
+     id="namedview1"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:showpageshadow="2"
+     inkscape:pageopacity="0.0"
+     inkscape:pagecheckerboard="0"
+     inkscape:deskcolor="#d1d1d1"
+     inkscape:zoom="0.99091847"
+     inkscape:cx="263.392"
+     inkscape:cy="177.613"
+     inkscape:window-width="1884"
+     inkscape:window-height="1052"
+     inkscape:window-x="36"
+     inkscape:window-y="0"
+     inkscape:window-maximized="1"
+     inkscape:current-layer="svg1" />
+  <rect
+     style="fill:#8c8c8c;fill-opacity:1;stroke:none;stroke-width:680.523;stroke-dasharray:none;paint-order:markers fill stroke"
+     id="rect1"
+     width="9951.9541"
+     height="9767.4756"
+     x="-71.697792"
+     y="-1012.83"
+     ry="0.43547946" />
+  <path
+     d="m 2948.0033,5553.6941 q -130.7292,0 -228.7761,-96.3953 -98.0468,-96.3953 -98.0468,-224.9223 V 2447.6234 q 0,-128.527 98.0468,-224.9223 98.0469,-96.3953 228.7761,-96.3953 h 3703.9934 q 130.7292,0 228.776,96.3953 98.0469,96.3953 98.0469,224.9223 v 2784.7531 q 0,128.527 -98.0469,224.9223 -98.0468,96.3953 -228.776,96.3953 z M 4800,3936.3952 2948.0033,2742.1646 V 5232.3765 H 6651.9967 V 2742.1646 Z m 0,-321.3176 1830.2085,-1167.4541 h -3654.97 z m -1851.9967,-872.913 v -294.5412 2784.7531 z"
+     id="path1"
+     style="stroke-width:5.40098" />
+</svg>

assets/self-reporting-bot.vcf

@@ -0,0 +1,7 @@
+BEGIN:VCARD
+VERSION:4.0
+EMAIL:self_reporting@testrun.org
+FN:Statistics bot
+KEY:data:application/pgp-keys;base64,xjMEZbfBlBYJKwYBBAHaRw8BAQdABpLWS2PUIGGo4pslVt4R8sylP5wZihmhf1DTDr3oCMPNHDxzZWxmX3JlcG9ydGluZ0B0ZXN0cnVuLm9yZz7CiwQQFggAMwIZAQUCZbfBlAIbAwQLCQgHBhUICQoLAgMWAgEWIQTS2i16sHeYTckGn284K3M5Z4oohAAKCRA4K3M5Z4oohD8dAQCQV7CoH6UP4PD+NqI4kW5tbbqdh2AnDROg60qotmLExAEAxDfd3QHAK9f8b9qQUbLmHIztCLxhEuVbWPBEYeVW0gvOOARlt8GUEgorBgEEAZdVAQUBAQdAMBUhYoAAcI625vGZqnM5maPX4sGJ7qvJxPAFILPy6AcDAQgHwngEGBYIACAFAmW3wZQCGwwWIQTS2i16sHeYTckGn284K3M5Z4oohAAKCRA4K3M5Z4oohPwCAQCvzk1ObIkj2GqsuIfaULlgdnfdZY8LNary425CEfHZDQD5AblXVrlMO1frdlc/Vo9z3pEeCrfYdD7ITD3/OeVoiQ4=
+REV:20250412T195751Z
+END:VCARD

benches/contacts.rs

@@ -1,11 +1,11 @@
 #![recursion_limit = "256"]
 use std::hint::black_box;
 
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
+use deltachat::Events;
 use deltachat::contact::Contact;
 use deltachat::context::Context;
 use deltachat::stock_str::StockStrings;
-use deltachat::Events;
 use tempfile::tempdir;
 
 async fn address_book_benchmark(n: u32, read_count: u32) {

benches/create_account.rs

@@ -2,7 +2,7 @@
 use std::hint::black_box;
 use std::path::PathBuf;
 
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
 use deltachat::accounts::Accounts;
 use tempfile::tempdir;
 

benches/get_chat_msgs.rs

@@ -2,12 +2,12 @@
 use std::hint::black_box;
 use std::path::Path;
 
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
+use deltachat::Events;
 use deltachat::chat::{self, ChatId};
 use deltachat::chatlist::Chatlist;
 use deltachat::context::Context;
 use deltachat::stock_str::StockStrings;
-use deltachat::Events;
 
 async fn get_chat_msgs_benchmark(dbfile: &Path, chats: &[ChatId]) {
     let id = 100;

benches/get_chatlist.rs

@@ -2,11 +2,11 @@
 use std::hint::black_box;
 use std::path::Path;
 
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
+use deltachat::Events;
 use deltachat::chatlist::Chatlist;
 use deltachat::context::Context;
 use deltachat::stock_str::StockStrings;
-use deltachat::Events;
 
 async fn get_chat_list_benchmark(context: &Context) {
     Chatlist::try_load(context, 0, None, None).await.unwrap();

benches/marknoticed_chat.rs

@@ -2,12 +2,12 @@
 use std::hint::black_box;
 use std::path::Path;
 
-use criterion::{criterion_group, criterion_main, BatchSize, Criterion};
+use criterion::{BatchSize, Criterion, criterion_group, criterion_main};
+use deltachat::Events;
 use deltachat::chat::{self, ChatId};
 use deltachat::chatlist::Chatlist;
 use deltachat::context::Context;
 use deltachat::stock_str::StockStrings;
-use deltachat::Events;
 use futures_lite::future::block_on;
 use tempfile::tempdir;
 

benches/receive_emails.rs

@@ -2,14 +2,14 @@
 use std::hint::black_box;
 use std::path::PathBuf;
 
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
 use deltachat::{
+    Events,
     config::Config,
     context::Context,
-    imex::{imex, ImexMode},
+    imex::{ImexMode, imex},
     receive_imf::receive_imf,
     stock_str::StockStrings,
-    Events,
 };
 use tempfile::tempdir;
 

benches/search_msgs.rs

@@ -2,10 +2,10 @@
 use std::hint::black_box;
 use std::path::Path;
 
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
+use deltachat::Events;
 use deltachat::context::Context;
 use deltachat::stock_str::StockStrings;
-use deltachat::Events;
 
 async fn search_benchmark(dbfile: impl AsRef<Path>) {
     let id = 100;

benches/send_events.rs

@@ -1,5 +1,5 @@
 #![recursion_limit = "256"]
-use criterion::{criterion_group, criterion_main, Criterion};
+use criterion::{Criterion, criterion_group, criterion_main};
 
 use deltachat::context::Context;
 use deltachat::stock_str::StockStrings;

deltachat-ffi/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat_ffi"
-version = "1.160.0"
+version = "2.12.0"
 description = "Deltachat FFI"
 edition = "2018"
 readme = "README.md"

deltachat-ffi/deltachat.h

@@ -503,13 +503,6 @@ char*           dc_get_blobdir               (const dc_context_t* context);
  * - `gossip_period` = How often to gossip Autocrypt keys in chats with multiple recipients, in
  *                    seconds. 2 days by default.
  *                    This is not supposed to be changed by UIs and only used for testing.
- * - `verified_one_on_one_chats` = Feature flag for verified 1:1 chats; the UI should set it
- *                    to 1 if it supports verified 1:1 chats.
- *                    Regardless of this setting, `dc_chat_is_protected()` returns true while the key is verified,
- *                    and when the key changes, an info message is posted into the chat.
- *                    0=Nothing else happens when the key changes.
- *                    1=After the key changed, `dc_chat_can_send()` returns false and `dc_chat_is_protection_broken()` returns true
- *                    until `dc_accept_chat()` is called.
  * - `is_chatmail` = 1 if the the server is a chatmail server, 0 otherwise.
  * - `is_muted`     = Whether a context is muted by the user.
  *                    Muted contexts should not sound, vibrate or show notifications.
@@ -1222,6 +1215,103 @@ void             dc_set_webxdc_integration (dc_context_t* context, const char* f
 uint32_t        dc_init_webxdc_integration    (dc_context_t* context, uint32_t chat_id);
 
 
+/**
+ * Start an outgoing call.
+ * This sends a message with all relevant information to the callee,
+ * who will get informed by an #DC_EVENT_INCOMING_CALL event and rings.
+ *
+ * Possible actions during ringing:
+ *
+ * - caller cancels the call using dc_end_call():
+ *   callee receives #DC_EVENT_CALL_ENDED
+ *
+ * - callee accepts using dc_accept_incoming_call():
+ *   caller receives #DC_EVENT_OUTGOING_CALL_ACCEPTED.
+ *   callee's devices receive #DC_EVENT_INCOMING_CALL_ACCEPTED, call starts
+ *
+ * - callee rejects using dc_end_call():
+ *   caller receives #DC_EVENT_CALL_ENDED after 1 minute timeout.
+ *   callee's other devices receive #DC_EVENT_CALL_ENDED
+ *
+ * - callee is already in a call:
+ *   in this case, UI may decide to show a notification instead of ringing.
+ *   otherwise, this is same as timeout
+ *
+ * - timeout:
+ *   after 1 minute without action,
+ *   caller and callee receive #DC_EVENT_CALL_ENDED
+ *   to prevent endless ringing of callee
+ *   in case caller got offline without being able to send cancellation message
+ *
+ * Actions during the call:
+ *
+ * - caller ends the call using dc_end_call():
+ *   callee receives #DC_EVENT_CALL_ENDED
+ *
+ * - callee ends the call using dc_end_call():
+ *   caller receives #DC_EVENT_CALL_ENDED
+ *
+ * Note, that the events are for updating the call screen,
+ * possible status messages are added and updated as usual, including the known events.
+ * In the UI, the sorted chatlist is used as an overview about calls as well as messages.
+ * To place a call with a contact that has no chat yet, use dc_create_chat_by_contact_id() first.
+ *
+ * UI will usually allow only one call at the same time,
+ * this has to be tracked by UI across profile, the core does not track this.
+ *
+ * @memberof dc_context_t
+ * @param context The context object.
+ * @param chat_id The chat to place a call for.
+ *     This needs to be a one-to-one chat.
+ * @param place_call_info any data that other devices receive
+ *     in #DC_EVENT_INCOMING_CALL.
+ * @return ID of the system message announcing the call.
+ */
+uint32_t        dc_place_outgoing_call       (dc_context_t* context, uint32_t chat_id, const char* place_call_info);
+
+
+/**
+ * Accept incoming call.
+ *
+ * This implicitly accepts the contact request, if not yet done.
+ * All affected devices will receive
+ * either #DC_EVENT_OUTGOING_CALL_ACCEPTED or #DC_EVENT_INCOMING_CALL_ACCEPTED.
+ *
+ * @memberof dc_context_t
+ * @param context The context object.
+ * @param msg_id The ID of the call to accept.
+ *     This is the ID reported by #DC_EVENT_INCOMING_CALL
+ *     and equals to the ID of the corresponding info message.
+ * @param accept_call_info any data that other devices receive
+ *     in #DC_EVENT_OUTGOING_CALL_ACCEPTED or #DC_EVENT_INCOMING_CALL_ACCEPTED.
+ * @return 1=success, 0=error
+ */
+ int            dc_accept_incoming_call      (dc_context_t* context, uint32_t msg_id, const char* accept_call_info);
+
+
+ /**
+  * End incoming or outgoing call.
+  *
+  * From the view of the caller, a "cancellation",
+  * from the view of callee, a "rejection".
+  * If the call was accepted, this is a "hangup".
+  *
+  * For accepted calls,
+  * all participant devices get informed about the ended call via #DC_EVENT_CALL_ENDED.
+  * For not accepted calls, only the caller will inform the callee.
+  *
+  * If the callee rejects, the caller will get a timeout or give up at some point -
+  * same as for all other reasons the call cannot be established: Device not in reach, device muted, connectivity etc.
+  * This is to protect privacy of the callee, avoiding to check if callee is online.
+  *
+  * @memberof dc_context_t
+  * @param context The context object.
+  * @param msg_id the ID of the call.
+  * @return 1=success, 0=error
+  */
+ int            dc_end_call                  (dc_context_t* context, uint32_t msg_id);
+
+
 /**
  * Save a draft for a chat in the database.
  *
@@ -1339,12 +1429,14 @@ dc_msg_t*       dc_get_draft                 (dc_context_t* context, uint32_t ch
  * Optionally, some special markers added to the ID array may help to
  * implement virtual lists.
  *
+ * To get the concrete time of the message, use dc_array_get_timestamp().
+ *
  * @memberof dc_context_t
  * @param context The context object as returned from dc_context_new().
  * @param chat_id The chat ID of which the messages IDs should be queried.
  * @param flags If set to DC_GCM_ADDDAYMARKER, the marker DC_MSG_ID_DAYMARKER will
  *     be added before each day (regarding the local timezone). Set this to 0 if you do not want this behaviour.
- *     To get the concrete time of the marker, use dc_array_get_timestamp().
+ *     The day marker timestamp is the midnight one for the corresponding (following) day in the local timezone.
  *     If set to DC_GCM_INFO_ONLY, only system messages will be returned, can be combined with DC_GCM_ADDDAYMARKER.
  * @param marker1before Deprecated, set this to 0.
  * @return Array of message IDs, must be dc_array_unref()'d when no longer used.
@@ -2094,9 +2186,19 @@ int             dc_may_be_valid_addr         (const char* addr);
 
 
 /**
- * Check if an e-mail address belongs to a known and unblocked contact.
+ * Looks up a known and unblocked contact with a given e-mail address.
  * To get a list of all known and unblocked contacts, use dc_get_contacts().
  *
+ * **POTENTIAL SECURITY ISSUE**: If there are multiple contacts with this address
+ * (e.g. an address-contact and a key-contact),
+ * this looks up the most recently seen contact,
+ * i.e. which contact is returned depends on which contact last sent a message.
+ * If the user just clicked on a mailto: link, then this is the best thing you can do.
+ * But **DO NOT** internally represent contacts by their email address
+ * and do not use this function to look them up;
+ * otherwise this function will sometimes look up the wrong contact.
+ * Instead, you should internally represent contacts by their ids.
+ *
  * To validate an e-mail address independently of the contact database
  * use dc_may_be_valid_addr().
  *
@@ -2118,6 +2220,13 @@ uint32_t        dc_lookup_contact_id_by_addr (dc_context_t* context, const char*
  * To add a number of contacts, see dc_add_address_book() which is much faster for adding
  * a bunch of addresses.
  *
+ * This will always create or look up an address-contact,
+ * i.e. a contact identified by an email address,
+ * with all messages sent to and from this contact being unencrypted.
+ * If the user just clicked on an email address,
+ * you should first check `lookup_contact_id_by_addr`,
+ * and only if there is no contact yet, call this function here.
+ *
  * May result in a #DC_EVENT_CONTACTS_CHANGED event.
  *
  * @memberof dc_context_t
@@ -2137,6 +2246,7 @@ uint32_t        dc_create_contact            (dc_context_t* context, const char*
 #define         DC_GCL_DEPRECATED_VERIFIED_ONLY         0x01
 
 #define         DC_GCL_ADD_SELF              0x02
+#define         DC_GCL_ADDRESS               0x04
 
 
 /**
@@ -2192,11 +2302,13 @@ dc_array_t*     dc_import_vcard              (dc_context_t* context, const char*
  * Returns known and unblocked contacts.
  *
  * To get information about a single contact, see dc_get_contact().
+ * By default, key-contacts are listed.
  *
  * @memberof dc_context_t
  * @param context The context object.
  * @param flags A combination of flags:
- *     - if the flag DC_GCL_ADD_SELF is set, SELF is added to the list unless filtered by other parameters
+ *     - DC_GCL_ADD_SELF: SELF is added to the list unless filtered by other parameters
+ *     - DC_GCL_ADDRESS: List address-contacts instead of key-contacts.
  * @param query A string to filter the list. Typically used to implement an
  *     incremental search. NULL for no filtering.
  * @return An array containing all contact IDs. Must be dc_array_unref()'d
@@ -3815,21 +3927,12 @@ int             dc_chat_can_send              (const dc_chat_t* chat);
 /**
  * Check if a chat is protected.
  *
- * End-to-end encryption is guaranteed in protected chats
- * and only verified contacts
+ * Only verified contacts
  * as determined by dc_contact_is_verified()
  * can be added to protected chats.
  *
  * Protected chats are created using dc_create_group_chat()
  * by setting the 'protect' parameter to 1.
- * 1:1 chats become protected or unprotected automatically
- * if `verified_one_on_one_chats` setting is enabled.
- *
- * UI should display a green checkmark
- * in the chat title,
- * in the chatlist item
- * and in the chat profile
- * if chat protection is enabled.
  *
  * @memberof dc_chat_t
  * @param chat The chat object.
@@ -3838,6 +3941,21 @@ int             dc_chat_can_send              (const dc_chat_t* chat);
 int             dc_chat_is_protected         (const dc_chat_t* chat);
 
 
+/**
+ * Check if the chat is encrypted.
+ *
+ * 1:1 chats with key-contacts and group chats with key-contacts
+ * are encrypted.
+ * 1:1 chats with emails contacts and ad-hoc groups
+ * created for email threads are not encrypted.
+ *
+ * @memberof dc_chat_t
+ * @param chat The chat object.
+ * @return 1=chat is encrypted, 0=chat is not encrypted.
+ */
+int             dc_chat_is_encrypted         (const dc_chat_t *chat);
+
+
 /**
  * Checks if the chat was protected, and then an incoming message broke this protection.
  *
@@ -3851,6 +3969,8 @@ int             dc_chat_is_protected         (const dc_chat_t* chat);
  *
  * The UI should let the user confirm that this is OK with a message like
  * `Bob sent a message from another device. Tap to learn more` and then call dc_accept_chat().
+ *
+ * @deprecated 2025-07 chats protection cannot break any longer
  * @memberof dc_chat_t
  * @param chat The chat object.
  * @return 1=chat protection broken, 0=otherwise.
@@ -4285,11 +4405,16 @@ int             dc_msg_get_duration           (const dc_msg_t* msg);
 
 
 /**
- * Check if a padlock should be shown beside the message.
+ * Check if message was correctly encrypted and signed.
+ *
+ * Historically, UIs showed a small padlock on the message then.
+ * Today, the UIs should instead
+ * show a small email-icon on the message if the message is not encrypted or signed,
+ * and nothing otherwise.
  *
  * @memberof dc_msg_t
  * @param msg The message object.
- * @return 1=padlock should be shown beside message, 0=do not show a padlock beside the message.
+ * @return 1=message correctly encrypted and signed, no need to show anything; 0=show email-icon beside the message.
  */
 int             dc_msg_get_showpadlock        (const dc_msg_t* msg);
 
@@ -4512,12 +4637,14 @@ int             dc_msg_is_info                (const dc_msg_t* msg);
  * - DC_INFO_MEMBER_ADDED_TO_GROUP (4) - "Member CONTACT added by OTHER_CONTACT"
  * - DC_INFO_MEMBER_REMOVED_FROM_GROUP (5) - "Member CONTACT removed by OTHER_CONTACT"
  * - DC_INFO_EPHEMERAL_TIMER_CHANGED (10) - "Disappearing messages CHANGED_TO by CONTACT"
- * - DC_INFO_PROTECTION_ENABLED (11) - Info-message for "Chat is now protected"
- * - DC_INFO_PROTECTION_DISABLED (12) - Info-message for "Chat is no longer protected"
+ * - DC_INFO_PROTECTION_ENABLED (11) - Info-message for "Chat is protected"
  * - DC_INFO_INVALID_UNENCRYPTED_MAIL (13) - Info-message for "Provider requires end-to-end encryption which is not setup yet",
  *   the UI should change the corresponding string using #DC_STR_INVALID_UNENCRYPTED_MAIL
  *   and also offer a way to fix the encryption, eg. by a button offering a QR scan
  * - DC_INFO_WEBXDC_INFO_MESSAGE (32) - Info-message created by webxdc app sending `update.info`
+ * - DC_INFO_CHAT_E2EE (50) - Info-message for "Chat is end-to-end-encrypted"
+ * - DC_INFO_OUTGOING_CALL (60) - Info-message refers to an outgoing call
+ * - DC_INFO_INCOMING_CALL (65) - Info-message refers to an incoming call
  *
  * For the messages that refer to a CONTACT,
  * dc_msg_get_info_contact_id() returns the contact ID.
@@ -4570,9 +4697,12 @@ uint32_t        dc_msg_get_info_contact_id    (const dc_msg_t* msg);
 #define         DC_INFO_LOCATION_ONLY              9
 #define         DC_INFO_EPHEMERAL_TIMER_CHANGED   10
 #define         DC_INFO_PROTECTION_ENABLED        11
-#define         DC_INFO_PROTECTION_DISABLED       12
+#define         DC_INFO_PROTECTION_DISABLED       12 // deprecated 2025-07
 #define         DC_INFO_INVALID_UNENCRYPTED_MAIL  13
 #define         DC_INFO_WEBXDC_INFO_MESSAGE       32
+#define         DC_INFO_CHAT_E2EE                 50
+#define         DC_INFO_OUTGOING_CALL             60
+#define         DC_INFO_INCOMING_CALL             65
 
 
 /**
@@ -5243,20 +5373,14 @@ int             dc_contact_is_blocked        (const dc_contact_t* contact);
 
 /**
  * Check if the contact
- * can be added to verified chats,
- * i.e. has a verified key
- * and Autocrypt key matches the verified key.
+ * can be added to protected chats.
  *
- * If contact is verified
- * UI should display green checkmark after the contact name
- * in contact list items,
- * in chat member list items
- * and in profiles if no chat with the contact exist (otherwise, use dc_chat_is_protected()).
+ * See dc_contact_get_verifier_id() for a guidance how to display these information.
  *
  * @memberof dc_contact_t
  * @param contact The contact object.
  * @return 0: contact is not verified.
- *    2: SELF and contact have verified their fingerprints in both directions; in the UI typically checkmarks are shown.
+ *    2: SELF and contact have verified their fingerprints in both directions.
  */
 int             dc_contact_is_verified       (dc_contact_t* contact);
 
@@ -5270,19 +5394,39 @@ int             dc_contact_is_verified       (dc_contact_t* contact);
 int             dc_contact_is_bot            (dc_contact_t* contact);
 
 
+/**
+ * Returns whether contact is a key-contact,
+ * i.e. it is identified by the public key
+ * rather than the email address.
+ *
+ * If so, all messages to and from this contact are encrypted.
+ *
+ * @memberof dc_contact_t
+ * @param contact The contact object.
+ * @return 1 if the contact is a key-contact, 0 if it is an address-contact.
+ */
+int             dc_contact_is_key_contact    (dc_contact_t* contact);
+
+
 /**
  * Return the contact ID that verified a contact.
  *
- * If the function returns non-zero result,
- * display green checkmark in the profile and "Introduced by ..." line
- * with the name and address of the contact
- * formatted by dc_contact_get_name_n_addr.
+ * As verifier may be unknown,
+ * use dc_contact_is_verified() to check if a contact can be added to a protected chat.
  *
- * If this function returns a verifier,
- * this does not necessarily mean
- * you can add the contact to verified chats.
- * Use dc_contact_is_verified() to check
- * if a contact can be added to a verified chat instead.
+ * UI should display the information in the contact's profile as follows:
+ *
+ * - If dc_contact_get_verifier_id() != 0,
+ *   display text "Introduced by ..."
+ *   with the name and address of the contact
+ *   formatted by dc_contact_get_name_n_addr().
+ *   Prefix the text by a green checkmark.
+ *
+ * - If dc_contact_get_verifier_id() == 0 and dc_contact_is_verified() != 0,
+ *   display "Introduced" prefixed by a green checkmark.
+ *
+ * - if dc_contact_get_verifier_id() == 0 and dc_contact_is_verified() == 0,
+ *   display nothing
  *
  * @memberof dc_contact_t
  * @param contact The contact object.
@@ -5715,9 +5859,33 @@ int64_t         dc_lot_get_timestamp     (const dc_lot_t* lot);
 #define         DC_CHAT_TYPE_MAILINGLIST     140
 
 /**
- * A broadcast list. See dc_chat_get_type() for details.
+ * Outgoing broadcast channel, called "Channel" in the UI.
+ *
+ * The user can send into this chat,
+ * and all recipients will receive messages
+ * in a `DC_CHAT_TYPE_IN_BROADCAST`.
+ *
+ * Called `broadcast` here rather than `channel`,
+ * because the word "channel" already appears a lot in the code,
+ * which would make it hard to grep for it.
  */
-#define         DC_CHAT_TYPE_BROADCAST       160
+#define         DC_CHAT_TYPE_OUT_BROADCAST   160
+
+/**
+ * Incoming broadcast channel, called "Channel" in the UI.
+ *
+ * This chat is read-only,
+ * and we do not know who the other recipients are.
+ *
+ * This is similar to `DC_CHAT_TYPE_MAILINGLIST`,
+ * with the main difference being that
+ * broadcasts are encrypted.
+ *
+ * Called `broadcast` here rather than `channel`,
+ * because the word "channel" already appears a lot in the code,
+ * which would make it hard to grep for it.
+ */
+#define         DC_CHAT_TYPE_IN_BROADCAST    165
 
 /**
  * @}
@@ -6324,7 +6492,6 @@ void dc_event_unref(dc_event_t* event);
 
 /**
  * Chat changed. The name or the image of a chat group was changed or members were added or removed.
- * Or the verify state of a chat has changed.
  * See dc_set_chat_name(), dc_set_chat_profile_image(), dc_add_contact_to_chat()
  * and dc_remove_contact_from_chat().
  *
@@ -6570,6 +6737,63 @@ void dc_event_unref(dc_event_t* event);
  */
 #define DC_EVENT_CHANNEL_OVERFLOW              2400
 
+
+
+/**
+ * Incoming call.
+ * UI will usually start ringing,
+ * or show a notification if there is already a call in some profile.
+ *
+ * Together with this event,
+ * an info-message is added to the corresponding chat.
+ * The info-message, however, is _not_ additionally notified using #DC_EVENT_INCOMING_MSG,
+ * if needed, this has to be done by the UI explicitly.
+ *
+ * If user takes action, dc_accept_incoming_call() or dc_end_call() should be called.
+ *
+ * Otherwise, ringing should end on #DC_EVENT_CALL_ENDED
+ * or #DC_EVENT_INCOMING_CALL_ACCEPTED
+ *
+ * @param data1 (int) msg_id ID of the info-message referring to the call.
+ * @param data2 (char*) place_call_info, text passed to dc_place_outgoing_call()
+ */
+#define DC_EVENT_INCOMING_CALL                            2550
+
+/**
+ * The callee accepted an incoming call on another device using dc_accept_incoming_call().
+ * The caller gets the event #DC_EVENT_OUTGOING_CALL_ACCEPTED at the same time.
+ *
+ * The event is sent unconditionally when the corresponding message is received.
+ * UI should only take action in case call UI was opened before, otherwise the event should be ignored.
+ *
+ * @param data1 (int) msg_id ID of the info-message referring to the call
+ * @param data2 (char*) accept_call_info, text passed to dc_place_outgoing_call()
+ */
+ #define DC_EVENT_INCOMING_CALL_ACCEPTED                  2560
+
+/**
+ * A call placed using dc_place_outgoing_call() was accepted by the callee using dc_accept_incoming_call().
+ *
+ * The event is sent unconditionally when the corresponding message is received.
+ * UI should only take action in case call UI was opened before, otherwise the event should be ignored.
+ *
+ * @param data1 (int) msg_id ID of the info-message referring to the call
+ * @param data2 (char*) accept_call_info, text passed to dc_accept_incoming_call()
+ */
+#define DC_EVENT_OUTGOING_CALL_ACCEPTED                   2570
+
+/**
+ * An incoming or outgoing call was ended using dc_end_call().
+ * Moreover, the event is sent when the call was not accepted within 1 minute timeout.
+ *
+ * The event is sent unconditionally when the corresponding message is received.
+ * UI should only take action in case call UI was opened before, otherwise the event should be ignored.
+ *
+ * @param data1 (int) msg_id ID of the info-message referring to the call
+ */
+#define DC_EVENT_CALL_ENDED                               2580
+
+
 /**
  * @}
  */
@@ -6837,9 +7061,7 @@ void dc_event_unref(dc_event_t* event);
 /// Used in summaries.
 #define DC_STR_GIF                        23
 
-/// "Encrypted message"
-///
-/// Used in subjects of outgoing messages.
+/// @deprecated 2025-07, this string is no longer needed.
 #define DC_STR_ENCRYPTEDMSG               24
 
 /// "End-to-end encryption available."
@@ -6886,6 +7108,7 @@ void dc_event_unref(dc_event_t* event);
 /// "End-to-end encryption preferred."
 ///
 /// Used to build the string returned by dc_get_contact_encrinfo().
+/// @deprecated 2025-06-05
 #define DC_STR_E2E_PREFERRED              34
 
 /// "%1$s verified"
@@ -6898,12 +7121,14 @@ void dc_event_unref(dc_event_t* event);
 ///
 /// Used in status messages.
 /// - %1$s will be replaced by the name of the contact that cannot be verified
+/// @deprecated 2025-06-05
 #define DC_STR_CONTACT_NOT_VERIFIED       36
 
 /// "Changed setup for %1$s."
 ///
 /// Used in status messages.
 /// - %1$s will be replaced by the name of the contact with the changed setup
+/// @deprecated 2025-06-05
 #define DC_STR_CONTACT_SETUP_CHANGED      37
 
 /// "Archived chats"
@@ -7293,6 +7518,7 @@ void dc_event_unref(dc_event_t* event);
 /// "%1$s changed their address from %2$s to %3$s"
 ///
 /// Used as an info message to chats with contacts that changed their address.
+/// @deprecated 2025-06-05
 #define DC_STR_AEAP_ADDR_CHANGED          122
 
 /// "You changed your email address from %1$s to %2$s.
@@ -7359,7 +7585,7 @@ void dc_event_unref(dc_event_t* event);
 /// Used in status messages.
 #define DC_STR_REMOVE_MEMBER_BY_OTHER 131
 
-/// "You left the group."
+/// "You left."
 ///
 /// Used in status messages.
 #define DC_STR_GROUP_LEFT_BY_YOU 132
@@ -7530,6 +7756,18 @@ void dc_event_unref(dc_event_t* event);
 /// `%2$s` will be replaced by name and address of the contact.
 #define DC_STR_EPHEMERAL_TIMER_WEEKS_BY_OTHER 157
 
+/// "You set message deletion timer to 1 year."
+///
+/// Used in status messages.
+#define DC_STR_EPHEMERAL_TIMER_1_YEAR_BY_YOU 158
+
+/// "Message deletion timer is set to 1 year by %1$s."
+///
+/// `%1$s` will be replaced by name and address of the contact.
+///
+/// Used in status messages.
+#define DC_STR_EPHEMERAL_TIMER_1_YEAR_BY_OTHER 159
+
 /// "Scan to set up second device for %1$s"
 ///
 /// `%1$s` will be replaced by name and address of the account.
@@ -7540,7 +7778,7 @@ void dc_event_unref(dc_event_t* event);
 /// Used as a device message after a successful backup transfer.
 #define DC_STR_BACKUP_TRANSFER_MSG_BODY 163
 
-/// "Messages are guaranteed to be end-to-end encrypted from now on."
+/// "Messages are end-to-end encrypted."
 ///
 /// Used in info messages.
 #define DC_STR_CHAT_PROTECTION_ENABLED 170
@@ -7548,6 +7786,7 @@ void dc_event_unref(dc_event_t* event);
 /// "%1$s sent a message from another device."
 ///
 /// Used in info messages.
+/// @deprecated 2025-07
 #define DC_STR_CHAT_PROTECTION_DISABLED 171
 
 /// "Others will only see this group after you sent a first message."
@@ -7599,8 +7838,12 @@ void dc_event_unref(dc_event_t* event);
 /// "The contact must be online to proceed. This process will continue automatically in background."
 ///
 /// Used as info message.
+/// @deprecated 2025-06-05
 #define DC_STR_SECUREJOIN_TAKES_LONGER 192
 
+/// "❤️ Seems you're enjoying Delta Chat!"… (donation request device message)
+#define DC_STR_DONATION_REQUEST 193
+
 /// "Contact". Deprecated, currently unused.
 #define DC_STR_CONTACT 200
 

deltachat-ffi/src/lib.rs

@@ -375,7 +375,7 @@ pub unsafe extern "C" fn dc_get_connectivity(context: *const dc_context_t) -> li
         return 0;
     }
     let ctx = &*context;
-    block_on(ctx.get_connectivity()) as u32 as libc::c_int
+    ctx.get_connectivity() as u32 as libc::c_int
 }
 
 #[no_mangle]
@@ -556,6 +556,10 @@ pub unsafe extern "C" fn dc_event_get_id(event: *mut dc_event_t) -> libc::c_int
         EventType::AccountsChanged => 2302,
         EventType::AccountsItemChanged => 2303,
         EventType::EventChannelOverflow { .. } => 2400,
+        EventType::IncomingCall { .. } => 2550,
+        EventType::IncomingCallAccepted { .. } => 2560,
+        EventType::OutgoingCallAccepted { .. } => 2570,
+        EventType::CallEnded { .. } => 2580,
         #[allow(unreachable_patterns)]
         #[cfg(test)]
         _ => unreachable!("This is just to silence a rust_analyzer false-positive"),
@@ -619,7 +623,11 @@ pub unsafe extern "C" fn dc_event_get_data1_int(event: *mut dc_event_t) -> libc:
         EventType::WebxdcRealtimeData { msg_id, .. }
         | EventType::WebxdcStatusUpdate { msg_id, .. }
         | EventType::WebxdcRealtimeAdvertisementReceived { msg_id }
-        | EventType::WebxdcInstanceDeleted { msg_id, .. } => msg_id.to_u32() as libc::c_int,
+        | EventType::WebxdcInstanceDeleted { msg_id, .. }
+        | EventType::IncomingCall { msg_id, .. }
+        | EventType::IncomingCallAccepted { msg_id, .. }
+        | EventType::OutgoingCallAccepted { msg_id, .. }
+        | EventType::CallEnded { msg_id, .. } => msg_id.to_u32() as libc::c_int,
         EventType::ChatlistItemChanged { chat_id } => {
             chat_id.unwrap_or_default().to_u32() as libc::c_int
         }
@@ -671,6 +679,10 @@ pub unsafe extern "C" fn dc_event_get_data2_int(event: *mut dc_event_t) -> libc:
         | EventType::ChatModified(_)
         | EventType::ChatDeleted { .. }
         | EventType::WebxdcRealtimeAdvertisementReceived { .. }
+        | EventType::IncomingCall { .. }
+        | EventType::IncomingCallAccepted { .. }
+        | EventType::OutgoingCallAccepted { .. }
+        | EventType::CallEnded { .. }
         | EventType::EventChannelOverflow { .. } => 0,
         EventType::MsgsChanged { msg_id, .. }
         | EventType::ReactionsChanged { msg_id, .. }
@@ -767,8 +779,23 @@ pub unsafe extern "C" fn dc_event_get_data2_str(event: *mut dc_event_t) -> *mut
         | EventType::ChatlistChanged
         | EventType::AccountsChanged
         | EventType::AccountsItemChanged
-        | EventType::WebxdcRealtimeAdvertisementReceived { .. }
-        | EventType::EventChannelOverflow { .. } => ptr::null_mut(),
+        | EventType::WebxdcRealtimeAdvertisementReceived { .. } => ptr::null_mut(),
+        EventType::IncomingCall {
+            place_call_info, ..
+        } => {
+            let data2 = place_call_info.to_c_string().unwrap_or_default();
+            data2.into_raw()
+        }
+        EventType::IncomingCallAccepted {
+            accept_call_info, ..
+        }
+        | EventType::OutgoingCallAccepted {
+            accept_call_info, ..
+        } => {
+            let data2 = accept_call_info.to_c_string().unwrap_or_default();
+            data2.into_raw()
+        }
+        EventType::CallEnded { .. } | EventType::EventChannelOverflow { .. } => ptr::null_mut(),
         EventType::ConfigureProgress { comment, .. } => {
             if let Some(comment) = comment {
                 comment.to_c_string().unwrap_or_default().into_raw()
@@ -1167,6 +1194,61 @@ pub unsafe extern "C" fn dc_init_webxdc_integration(
         .unwrap_or(0)
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_place_outgoing_call(
+    context: *mut dc_context_t,
+    chat_id: u32,
+    place_call_info: *const libc::c_char,
+) -> u32 {
+    if context.is_null() || chat_id == 0 {
+        eprintln!("ignoring careless call to dc_place_outgoing_call()");
+        return 0;
+    }
+    let ctx = &*context;
+    let chat_id = ChatId::new(chat_id);
+    let place_call_info = to_string_lossy(place_call_info);
+
+    block_on(ctx.place_outgoing_call(chat_id, place_call_info))
+        .context("Failed to place call")
+        .log_err(ctx)
+        .map(|msg_id| msg_id.to_u32())
+        .unwrap_or_log_default(ctx, "Failed to place call")
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_accept_incoming_call(
+    context: *mut dc_context_t,
+    msg_id: u32,
+    accept_call_info: *const libc::c_char,
+) -> libc::c_int {
+    if context.is_null() || msg_id == 0 {
+        eprintln!("ignoring careless call to dc_accept_incoming_call()");
+        return 0;
+    }
+    let ctx = &*context;
+    let msg_id = MsgId::new(msg_id);
+    let accept_call_info = to_string_lossy(accept_call_info);
+
+    block_on(ctx.accept_incoming_call(msg_id, accept_call_info))
+        .context("Failed to accept call")
+        .is_ok() as libc::c_int
+}
+
+#[no_mangle]
+pub unsafe extern "C" fn dc_end_call(context: *mut dc_context_t, msg_id: u32) -> libc::c_int {
+    if context.is_null() || msg_id == 0 {
+        eprintln!("ignoring careless call to dc_end_call()");
+        return 0;
+    }
+    let ctx = &*context;
+    let msg_id = MsgId::new(msg_id);
+
+    block_on(ctx.end_call(msg_id))
+        .context("Failed to end call")
+        .log_err(ctx)
+        .is_ok() as libc::c_int
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_set_draft(
     context: *mut dc_context_t,
@@ -1692,8 +1774,8 @@ pub unsafe extern "C" fn dc_create_broadcast_list(context: *mut dc_context_t) ->
         return 0;
     }
     let ctx = &*context;
-    block_on(chat::create_broadcast_list(ctx))
-        .context("Failed to create broadcast list")
+    block_on(chat::create_broadcast(ctx, "Channel".to_string()))
+        .context("Failed to create broadcast channel")
         .log_err(ctx)
         .map(|id| id.to_u32())
         .unwrap_or(0)
@@ -3153,6 +3235,18 @@ pub unsafe extern "C" fn dc_chat_is_protected(chat: *mut dc_chat_t) -> libc::c_i
     ffi_chat.chat.is_protected() as libc::c_int
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_chat_is_encrypted(chat: *mut dc_chat_t) -> libc::c_int {
+    if chat.is_null() {
+        eprintln!("ignoring careless call to dc_chat_is_encrypted()");
+        return 0;
+    }
+    let ffi_chat = &*chat;
+
+    block_on(ffi_chat.chat.is_encrypted(&ffi_chat.context))
+        .unwrap_or_log_default(&ffi_chat.context, "Failed dc_chat_is_encrypted") as libc::c_int
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_chat_is_protection_broken(chat: *mut dc_chat_t) -> libc::c_int {
     if chat.is_null() {
@@ -4291,6 +4385,15 @@ pub unsafe extern "C" fn dc_contact_is_bot(contact: *mut dc_contact_t) -> libc::
     (*contact).contact.is_bot() as libc::c_int
 }
 
+#[no_mangle]
+pub unsafe extern "C" fn dc_contact_is_key_contact(contact: *mut dc_contact_t) -> libc::c_int {
+    if contact.is_null() {
+        eprintln!("ignoring careless call to dc_contact_is_key_contact()");
+        return 0;
+    }
+    (*contact).contact.is_key_contact() as libc::c_int
+}
+
 #[no_mangle]
 pub unsafe extern "C" fn dc_contact_get_verifier_id(contact: *mut dc_contact_t) -> u32 {
     if contact.is_null() {
@@ -4303,6 +4406,7 @@ pub unsafe extern "C" fn dc_contact_get_verifier_id(contact: *mut dc_contact_t)
         .context("failed to get verifier")
         .log_err(ctx)
         .unwrap_or_default()
+        .unwrap_or_default()
         .unwrap_or_default();
 
     verifier_contact_id.to_u32()

deltachat-jsonrpc/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-jsonrpc"
-version = "1.160.0"
+version = "2.12.0"
 description = "DeltaChat JSON-RPC API"
 edition = "2021"
 license = "MPL-2.0"

deltachat-jsonrpc/src/api.rs

@@ -224,6 +224,14 @@ impl CommandApi {
         self.accounts.read().await.get_selected_account_id()
     }
 
+    /// Set the order of accounts.
+    /// The provided list should contain all account IDs in the desired order.
+    /// If an account ID is missing from the list, it will be appended at the end.
+    /// If the list contains non-existent account IDs, they will be ignored.
+    async fn set_accounts_order(&self, order: Vec<u32>) -> Result<()> {
+        self.accounts.write().await.set_accounts_order(order).await
+    }
+
     /// Get a list of all configured accounts.
     async fn get_all_accounts(&self) -> Result<Vec<Account>> {
         let mut accounts = Vec::new();
@@ -354,6 +362,20 @@ impl CommandApi {
         Ok(ctx.get_blobdir().to_str().map(|s| s.to_owned()))
     }
 
+    /// If there was an error while the account was opened
+    /// and migrated to the current version,
+    /// then this function returns it.
+    ///
+    /// This function is useful because the key-contacts migration could fail due to bugs
+    /// and then the account will not work properly.
+    ///
+    /// After opening an account, the UI should call this function
+    /// and show the error string if one is returned.
+    async fn get_migration_error(&self, account_id: u32) -> Result<Option<String>> {
+        let ctx = self.get_context(account_id).await?;
+        Ok(ctx.get_migration_error())
+    }
+
     /// Copy file to blob dir.
     async fn copy_to_blob_dir(&self, account_id: u32, path: String) -> Result<PathBuf> {
         let ctx = self.get_context(account_id).await?;
@@ -912,7 +934,7 @@ impl CommandApi {
     ///   explicitly as it may happen that oneself gets removed from a still existing
     ///   group
     ///
-    /// - for broadcasts, all recipients are returned, DC_CONTACT_ID_SELF is not included
+    /// - for broadcast channels, all recipients are returned, DC_CONTACT_ID_SELF is not included
     ///
     /// - for mailing lists, the behavior is not documented currently, we will decide on that later.
     ///   for now, the UI should not show the list for mailing lists.
@@ -931,7 +953,7 @@ impl CommandApi {
         Ok(contacts.iter().map(|id| id.to_u32()).collect::<Vec<u32>>())
     }
 
-    /// Create a new group chat.
+    /// Create a new encrypted group chat (with key-contacts).
     ///
     /// After creation,
     /// the group has one member with the ID DC_CONTACT_ID_SELF
@@ -949,30 +971,52 @@ impl CommandApi {
     ///
     /// @param protect If set to 1 the function creates group with protection initially enabled.
     ///     Only verified members are allowed in these groups
-    ///     and end-to-end-encryption is always enabled.
     async fn create_group_chat(&self, account_id: u32, name: String, protect: bool) -> Result<u32> {
         let ctx = self.get_context(account_id).await?;
         let protect = match protect {
             true => ProtectionStatus::Protected,
             false => ProtectionStatus::Unprotected,
         };
-        chat::create_group_chat(&ctx, protect, &name)
+        chat::create_group_ex(&ctx, Some(protect), &name)
             .await
             .map(|id| id.to_u32())
     }
 
-    /// Create a new broadcast list.
+    /// Create a new unencrypted group chat.
     ///
-    /// Broadcast lists are similar to groups on the sending device,
-    /// however, recipients get the messages in a read-only chat
-    /// and will see who the other members are.
-    ///
-    /// For historical reasons, this function does not take a name directly,
-    /// instead you have to set the name using dc_set_chat_name()
-    /// after creating the broadcast list.
-    async fn create_broadcast_list(&self, account_id: u32) -> Result<u32> {
+    /// Same as [`Self::create_group_chat`], but the chat is unencrypted and can only have
+    /// address-contacts.
+    async fn create_group_chat_unencrypted(&self, account_id: u32, name: String) -> Result<u32> {
         let ctx = self.get_context(account_id).await?;
-        chat::create_broadcast_list(&ctx)
+        chat::create_group_ex(&ctx, None, &name)
+            .await
+            .map(|id| id.to_u32())
+    }
+
+    /// Deprecated 2025-07 in favor of create_broadcast().
+    async fn create_broadcast_list(&self, account_id: u32) -> Result<u32> {
+        self.create_broadcast(account_id, "Channel".to_string())
+            .await
+    }
+
+    /// Create a new **broadcast channel**
+    /// (called "Channel" in the UI).
+    ///
+    /// Broadcast channels are similar to groups on the sending device,
+    /// however, recipients get the messages in a read-only chat
+    /// and will not see who the other members are.
+    ///
+    /// Called `broadcast` here rather than `channel`,
+    /// because the word "channel" already appears a lot in the code,
+    /// which would make it hard to grep for it.
+    ///
+    /// After creation, the chat contains no recipients and is in _unpromoted_ state;
+    /// see [`CommandApi::create_group_chat`] for more information on the unpromoted state.
+    ///
+    /// Returns the created chat's id.
+    async fn create_broadcast(&self, account_id: u32, chat_name: String) -> Result<u32> {
+        let ctx = self.get_context(account_id).await?;
+        chat::create_broadcast(&ctx, chat_name)
             .await
             .map(|id| id.to_u32())
     }
@@ -1183,8 +1227,10 @@ impl CommandApi {
     }
 
     /// Returns all messages of a particular chat.
-    /// If `add_daymarker` is `true`, it will return them as
-    /// `DC_MSG_ID_DAYMARKER`, e.g. [1234, 1237, 9, 1239].
+    ///
+    /// * `add_daymarker` - If `true`, add day markers as `DC_MSG_ID_DAYMARKER` to the result,
+    ///   e.g. [1234, 1237, 9, 1239]. The day marker timestamp is the midnight one for the
+    ///   corresponding (following) day in the local timezone.
     async fn get_message_ids(
         &self,
         account_id: u32,
@@ -1427,7 +1473,14 @@ impl CommandApi {
 
     /// Add a single contact as a result of an explicit user action.
     ///
-    /// Returns contact id of the created or existing contact
+    /// This will always create or look up an address-contact,
+    /// i.e. a contact identified by an email address,
+    /// with all messages sent to and from this contact being unencrypted.
+    /// If the user just clicked on an email address,
+    /// you should first check [`Self::lookup_contact_id_by_addr`]/`lookupContactIdByAddr.`,
+    /// and only if there is no contact yet, call this function here.
+    ///
+    /// Returns contact id of the created or existing contact.
     async fn create_contact(
         &self,
         account_id: u32,
@@ -1479,6 +1532,14 @@ impl CommandApi {
         Ok(contacts)
     }
 
+    /// Returns ids of known and unblocked contacts.
+    ///
+    /// By default, key-contacts are listed.
+    ///
+    /// * `list_flags` - A combination of flags:
+    ///   - `DC_GCL_ADD_SELF` - Add SELF unless filtered by other parameters.
+    ///   - `DC_GCL_ADDRESS` - List address-contacts instead of key-contacts.
+    /// * `query` - A string to filter the list.
     async fn get_contact_ids(
         &self,
         account_id: u32,
@@ -1490,8 +1551,10 @@ impl CommandApi {
         Ok(contacts.into_iter().map(|c| c.to_u32()).collect())
     }
 
-    /// Get a list of contacts.
-    /// (formerly called getContacts2 in desktop)
+    /// Returns known and unblocked contacts.
+    ///
+    /// Formerly called `getContacts2` in Desktop.
+    /// See [`Self::get_contact_ids`] for parameters and more info.
     async fn get_contacts(
         &self,
         account_id: u32,
@@ -1542,15 +1605,6 @@ impl CommandApi {
         Ok(())
     }
 
-    /// Resets contact encryption.
-    async fn reset_contact_encryption(&self, account_id: u32, contact_id: u32) -> Result<()> {
-        let ctx = self.get_context(account_id).await?;
-        let contact_id = ContactId::new(contact_id);
-
-        contact_id.reset_encryption(&ctx).await?;
-        Ok(())
-    }
-
     /// Sets display name for existing contact.
     async fn change_contact_name(
         &self,
@@ -1576,9 +1630,19 @@ impl CommandApi {
         Contact::get_encrinfo(&ctx, ContactId::new(contact_id)).await
     }
 
-    /// Check if an e-mail address belongs to a known and unblocked contact.
+    /// Looks up a known and unblocked contact with a given e-mail address.
     /// To get a list of all known and unblocked contacts, use contacts_get_contacts().
     ///
+    /// **POTENTIAL SECURITY ISSUE**: If there are multiple contacts with this address
+    /// (e.g. an address-contact and a key-contact),
+    /// this looks up the most recently seen contact,
+    /// i.e. which contact is returned depends on which contact last sent a message.
+    /// If the user just clicked on a mailto: link, then this is the best thing you can do.
+    /// But **DO NOT** internally represent contacts by their email address
+    /// and do not use this function to look them up;
+    /// otherwise this function will sometimes look up the wrong contact.
+    /// Instead, you should internally represent contacts by their ids.
+    ///
     /// To validate an e-mail address independently of the contact database
     /// use check_email_validity().
     async fn lookup_contact_id_by_addr(
@@ -1844,7 +1908,7 @@ impl CommandApi {
     /// If the connectivity changes, a #DC_EVENT_CONNECTIVITY_CHANGED will be emitted.
     async fn get_connectivity(&self, account_id: u32) -> Result<u32> {
         let ctx = self.get_context(account_id).await?;
-        Ok(ctx.get_connectivity().await as u32)
+        Ok(ctx.get_connectivity() as u32)
     }
 
     /// Get an overview of the current connectivity, and possibly more statistics.

deltachat-jsonrpc/src/api/types/chat.rs

@@ -21,15 +21,39 @@ pub struct FullChat {
 
     /// True if the chat is protected.
     ///
-    /// UI should display a green checkmark
-    /// in the chat title,
-    /// in the chat profile title and
-    /// in the chatlist item
-    /// if chat protection is enabled.
-    /// UI should also display a green checkmark
-    /// in the contact profile
-    /// if 1:1 chat with this contact exists and is protected.
+    /// Only verified contacts
+    /// as determined by [`ContactObject::is_verified`] / `Contact.isVerified`
+    /// can be added to protected chats.
+    ///
+    /// Protected chats are created using [`create_group_chat`] / `createGroupChat()`
+    /// by setting the 'protect' parameter to true.
+    ///
+    /// [`create_group_chat`]: crate::api::CommandApi::create_group_chat
     is_protected: bool,
+
+    /// True if the chat is encrypted.
+    /// This means that all messages in the chat are encrypted,
+    /// and all contacts in the chat are "key-contacts",
+    /// i.e. identified by the PGP key fingerprint.
+    ///
+    /// False if the chat is unencrypted.
+    /// This means that all messages in the chat are unencrypted,
+    /// and all contacts in the chat are "address-contacts",
+    /// i.e. identified by the email address.
+    /// The UI should mark this chat e.g. with a mail-letter icon.
+    ///
+    /// Unencrypted groups are called "ad-hoc groups"
+    /// and the user can't add/remove members,
+    /// create a QR invite code,
+    /// or set an avatar.
+    /// These options should therefore be disabled in the UI.
+    ///
+    /// Note that it can happen that an encrypted chat
+    /// contains unencrypted messages that were received in core <= v1.159.*
+    /// and vice versa.
+    ///
+    /// See also `is_key_contact` on `Contact`.
+    is_encrypted: bool,
     profile_image: Option<String>, //BLOBS ?
     archived: bool,
     pinned: bool,
@@ -47,7 +71,9 @@ pub struct FullChat {
     fresh_message_counter: usize,
     // is_group - please check over chat.type in frontend instead
     is_contact_request: bool,
+    /// Deprecated 2025-07. Chats protection cannot break any longer.
     is_protection_broken: bool,
+
     is_device_chat: bool,
     self_in_group: bool,
     is_muted: bool,
@@ -108,6 +134,7 @@ impl FullChat {
             id: chat_id,
             name: chat.name.clone(),
             is_protected: chat.is_protected(),
+            is_encrypted: chat.is_encrypted(context).await?,
             profile_image, //BLOBS ?
             archived: chat.get_visibility() == chat::ChatVisibility::Archived,
             pinned: chat.get_visibility() == chat::ChatVisibility::Pinned,
@@ -159,6 +186,30 @@ pub struct BasicChat {
     /// in the contact profile
     /// if 1:1 chat with this contact exists and is protected.
     is_protected: bool,
+
+    /// True if the chat is encrypted.
+    /// This means that all messages in the chat are encrypted,
+    /// and all contacts in the chat are "key-contacts",
+    /// i.e. identified by the PGP key fingerprint.
+    ///
+    /// False if the chat is unencrypted.
+    /// This means that all messages in the chat are unencrypted,
+    /// and all contacts in the chat are "address-contacts",
+    /// i.e. identified by the email address.
+    /// The UI should mark this chat e.g. with a mail-letter icon.
+    ///
+    /// Unencrypted groups are called "ad-hoc groups"
+    /// and the user can't add/remove members,
+    /// create a QR invite code,
+    /// or set an avatar.
+    /// These options should therefore be disabled in the UI.
+    ///
+    /// Note that it can happen that an encrypted chat
+    /// contains unencrypted messages that were received in core <= v1.159.*
+    /// and vice versa.
+    ///
+    /// See also `is_key_contact` on `Contact`.
+    is_encrypted: bool,
     profile_image: Option<String>, //BLOBS ?
     archived: bool,
     pinned: bool,
@@ -167,7 +218,9 @@ pub struct BasicChat {
     is_self_talk: bool,
     color: String,
     is_contact_request: bool,
+    /// Deprecated 2025-07. Chats protection cannot break any longer.
     is_protection_broken: bool,
+
     is_device_chat: bool,
     is_muted: bool,
 }
@@ -187,6 +240,7 @@ impl BasicChat {
             id: chat_id,
             name: chat.name.clone(),
             is_protected: chat.is_protected(),
+            is_encrypted: chat.is_encrypted(context).await?,
             profile_image, //BLOBS ?
             archived: chat.get_visibility() == chat::ChatVisibility::Archived,
             pinned: chat.get_visibility() == chat::ChatVisibility::Pinned,

deltachat-jsonrpc/src/api/types/chat_list.rs

@@ -23,6 +23,7 @@ pub enum ChatListItemFetchResult {
         name: String,
         avatar_path: Option<String>,
         color: String,
+        chat_type: u32,
         last_updated: Option<i64>,
         summary_text1: String,
         summary_text2: String,
@@ -30,6 +31,31 @@ pub enum ChatListItemFetchResult {
         /// showing preview if last chat message is image
         summary_preview_image: Option<String>,
         is_protected: bool,
+
+        /// True if the chat is encrypted.
+        /// This means that all messages in the chat are encrypted,
+        /// and all contacts in the chat are "key-contacts",
+        /// i.e. identified by the PGP key fingerprint.
+        ///
+        /// False if the chat is unencrypted.
+        /// This means that all messages in the chat are unencrypted,
+        /// and all contacts in the chat are "address-contacts",
+        /// i.e. identified by the email address.
+        /// The UI should mark this chat e.g. with a mail-letter icon.
+        ///
+        /// Unencrypted groups are called "ad-hoc groups"
+        /// and the user can't add/remove members,
+        /// create a QR invite code,
+        /// or set an avatar.
+        /// These options should therefore be disabled in the UI.
+        ///
+        /// Note that it can happen that an encrypted chat
+        /// contains unencrypted messages that were received in core <= v1.159.*
+        /// and vice versa.
+        ///
+        /// See also `is_key_contact` on `Contact`.
+        is_encrypted: bool,
+        /// deprecated 2025-07, use chat_type instead
         is_group: bool,
         fresh_message_counter: usize,
         is_self_talk: bool,
@@ -40,8 +66,6 @@ pub enum ChatListItemFetchResult {
         is_pinned: bool,
         is_muted: bool,
         is_contact_request: bool,
-        /// true when chat is a broadcastlist
-        is_broadcast: bool,
         /// contact id if this is a dm chat (for view profile entry in context menu)
         dm_chat_contact: Option<u32>,
         was_seen_recently: bool,
@@ -131,12 +155,14 @@ pub(crate) async fn get_chat_list_item_by_id(
         name: chat.get_name().to_owned(),
         avatar_path,
         color,
+        chat_type: chat.get_type().to_u32().context("unknown chat type id")?,
         last_updated,
         summary_text1,
         summary_text2,
         summary_status: summary.state.to_u32().expect("impossible"), // idea and a function to transform the constant to strings? or return string enum
         summary_preview_image,
         is_protected: chat.is_protected(),
+        is_encrypted: chat.is_encrypted(ctx).await?,
         is_group: chat.get_type() == Chattype::Group,
         fresh_message_counter,
         is_self_talk: chat.is_self_talk(),
@@ -147,7 +173,6 @@ pub(crate) async fn get_chat_list_item_by_id(
         is_pinned: visibility == ChatVisibility::Pinned,
         is_muted: chat.is_muted(),
         is_contact_request: chat.is_contact_request(),
-        is_broadcast: chat.get_type() == Chattype::Broadcast,
         dm_chat_contact,
         was_seen_recently,
         last_message_type: message_type,

deltachat-jsonrpc/src/api/types/contact.rs

@@ -19,15 +19,23 @@ pub struct ContactObject {
     profile_image: Option<String>, // BLOBS
     name_and_addr: String,
     is_blocked: bool,
+
+    /// Is the contact a key contact.
+    is_key_contact: bool,
+
+    /// Is encryption available for this contact.
+    ///
+    /// This can only be true for key-contacts.
+    /// However, it is possible to have a key-contact
+    /// for which encryption is not available because we don't have a key yet,
+    /// e.g. if we just scanned the fingerprint from a QR code.
     e2ee_avail: bool,
 
-    /// True if the contact can be added to verified groups.
+    /// True if the contact
+    /// can be added to protected chats
+    /// because SELF and contact have verified their fingerprints in both directions.
     ///
-    /// If this is true
-    /// UI should display green checkmark after the contact name
-    /// in contact list items,
-    /// in chat member list items
-    /// and in profiles if no chat with the contact exist.
+    /// See [`Self::verifier_id`]/`Contact.verifierId` for a guidance how to display these information.
     is_verified: bool,
 
     /// True if the contact profile title should have a green checkmark.
@@ -36,12 +44,29 @@ pub struct ContactObject {
     /// or will have a green checkmark if created.
     is_profile_verified: bool,
 
-    /// The ID of the contact that verified this contact.
+    /// The contact ID that verified a contact.
     ///
-    /// If this is present,
-    /// display a green checkmark and "Introduced by ..."
-    /// string followed by the verifier contact name and address
-    /// in the contact profile.
+    /// As verifier may be unknown,
+    /// use [`Self::is_verified`]/`Contact.isVerified` to check if a contact can be added to a protected chat.
+    ///
+    /// UI should display the information in the contact's profile as follows:
+    ///
+    /// - If `verifierId` != 0,
+    ///   display text "Introduced by ..."
+    ///   with the name and address of the contact
+    ///   formatted by `name_and_addr`/`nameAndAddr`.
+    ///   Prefix the text by a green checkmark.
+    ///
+    /// - If `verifierId` == 0 and `isVerified` != 0,
+    ///   display "Introduced" prefixed by a green checkmark.
+    ///
+    /// - if `verifierId` == 0 and `isVerified` == 0,
+    ///   display nothing
+    ///
+    /// This contains the contact ID of the verifier.
+    /// If it is `DC_CONTACT_ID_SELF`, we verified the contact ourself.
+    /// If it is None/Null, we don't have verifier information or
+    /// the contact is not verified.
     verifier_id: Option<u32>,
 
     /// the contact's last seen timestamp
@@ -67,6 +92,7 @@ impl ContactObject {
         let verifier_id = contact
             .get_verifier_id(context)
             .await?
+            .flatten()
             .map(|contact_id| contact_id.to_u32());
 
         Ok(ContactObject {
@@ -80,6 +106,7 @@ impl ContactObject {
             profile_image, //BLOBS
             name_and_addr: contact.get_name_n_addr(),
             is_blocked: contact.is_blocked(),
+            is_key_contact: contact.is_key_contact(),
             e2ee_avail: contact.e2ee_avail(context).await?,
             is_verified,
             is_profile_verified,

deltachat-jsonrpc/src/api/types/events.rs

@@ -224,7 +224,6 @@ pub enum EventType {
     },
 
     /// Chat changed.  The name or the image of a chat group was changed or members were added or removed.
-    /// Or the verify state of a chat has changed.
     /// See setChatName(), setChatProfileImage(), addContactToChat()
     /// and removeContactFromChat().
     ///
@@ -417,6 +416,37 @@ pub enum EventType {
         /// Number of events skipped.
         n: u64,
     },
+
+    /// Incoming call.
+    IncomingCall {
+        /// ID of the info message referring to the call.
+        msg_id: u32,
+        /// User-defined info as passed to place_outgoing_call()
+        place_call_info: String,
+    },
+
+    /// Incoming call accepted.
+    /// This is esp. interesting to stop ringing on other devices.
+    IncomingCallAccepted {
+        /// ID of the info message referring to the call.
+        msg_id: u32,
+        /// User-defined info passed to dc_accept_incoming_call()
+        accept_call_info: String,
+    },
+
+    /// Outgoing call accepted.
+    OutgoingCallAccepted {
+        /// ID of the info message referring to the call.
+        msg_id: u32,
+        /// User-defined info passed to dc_accept_incoming_call(
+        accept_call_info: String,
+    },
+
+    /// Call ended.
+    CallEnded {
+        /// ID of the info message referring to the call.
+        msg_id: u32,
+    },
 }
 
 impl From<CoreEventType> for EventType {
@@ -567,6 +597,30 @@ impl From<CoreEventType> for EventType {
             CoreEventType::EventChannelOverflow { n } => EventChannelOverflow { n },
             CoreEventType::AccountsChanged => AccountsChanged,
             CoreEventType::AccountsItemChanged => AccountsItemChanged,
+            CoreEventType::IncomingCall {
+                msg_id,
+                place_call_info,
+            } => IncomingCall {
+                msg_id: msg_id.to_u32(),
+                place_call_info,
+            },
+            CoreEventType::IncomingCallAccepted {
+                msg_id,
+                accept_call_info,
+            } => IncomingCallAccepted {
+                msg_id: msg_id.to_u32(),
+                accept_call_info,
+            },
+            CoreEventType::OutgoingCallAccepted {
+                msg_id,
+                accept_call_info,
+            } => OutgoingCallAccepted {
+                msg_id: msg_id.to_u32(),
+                accept_call_info,
+            },
+            CoreEventType::CallEnded { msg_id } => CallEnded {
+                msg_id: msg_id.to_u32(),
+            },
             #[allow(unreachable_patterns)]
             #[cfg(test)]
             _ => unreachable!("This is just to silence a rust_analyzer false-positive"),

deltachat-jsonrpc/src/api/types/message.rs

@@ -59,6 +59,13 @@ pub struct MessageObject {
 
     // summary - use/create another function if you need it
     subject: String,
+
+    /// True if the message was correctly encrypted&signed, false otherwise.
+    /// Historically, UIs showed a small padlock on the message then.
+    ///
+    /// Today, the UIs should instead show a small email-icon on the message
+    /// if `show_padlock` is `false`,
+    /// and nothing if it is `true`.
     show_padlock: bool,
     is_setupmessage: bool,
     is_info: bool,
@@ -409,6 +416,9 @@ pub enum SystemMessageType {
     /// Chat ephemeral message timer is changed.
     EphemeralTimerChanged,
 
+    // Chat is e2ee
+    ChatE2ee,
+
     // Chat protection state changed
     ChatProtectionEnabled,
     ChatProtectionDisabled,
@@ -427,6 +437,11 @@ pub enum SystemMessageType {
 
     /// This message contains a users iroh node address.
     IrohNodeAddr,
+
+    OutgoingCall,
+    IncomingCall,
+    CallAccepted,
+    CallEnded,
 }
 
 impl From<deltachat::mimeparser::SystemMessage> for SystemMessageType {
@@ -443,6 +458,7 @@ impl From<deltachat::mimeparser::SystemMessage> for SystemMessageType {
             SystemMessage::LocationStreamingEnabled => SystemMessageType::LocationStreamingEnabled,
             SystemMessage::LocationOnly => SystemMessageType::LocationOnly,
             SystemMessage::EphemeralTimerChanged => SystemMessageType::EphemeralTimerChanged,
+            SystemMessage::ChatE2ee => SystemMessageType::ChatE2ee,
             SystemMessage::ChatProtectionEnabled => SystemMessageType::ChatProtectionEnabled,
             SystemMessage::ChatProtectionDisabled => SystemMessageType::ChatProtectionDisabled,
             SystemMessage::MultiDeviceSync => SystemMessageType::MultiDeviceSync,
@@ -452,6 +468,10 @@ impl From<deltachat::mimeparser::SystemMessage> for SystemMessageType {
             SystemMessage::IrohNodeAddr => SystemMessageType::IrohNodeAddr,
             SystemMessage::SecurejoinWait => SystemMessageType::SecurejoinWait,
             SystemMessage::SecurejoinWaitTimeout => SystemMessageType::SecurejoinWaitTimeout,
+            SystemMessage::OutgoingCall => SystemMessageType::OutgoingCall,
+            SystemMessage::IncomingCall => SystemMessageType::IncomingCall,
+            SystemMessage::CallAccepted => SystemMessageType::CallAccepted,
+            SystemMessage::CallEnded => SystemMessageType::CallEnded,
         }
     }
 }

deltachat-jsonrpc/typescript/package.json

@@ -54,5 +54,5 @@
   },
   "type": "module",
   "types": "dist/deltachat.d.ts",
-  "version": "1.160.0"
+  "version": "2.12.0"
 }

deltachat-jsonrpc/typescript/test/online.ts

@@ -95,8 +95,10 @@ describe("online tests", function () {
       false,
     );
 
-    expect(messageList).have.length(1);
-    const message = await dc.rpc.getMessage(accountId2, messageList[0]);
+    // There are 2 messages in the chat:
+    // 'Messages are end-to-end encrypted' (info message) and 'Hello'
+    expect(messageList).have.length(2);
+    const message = await dc.rpc.getMessage(accountId2, messageList[1]);
     expect(message.text).equal("Hello");
     expect(message.showPadlock).equal(true);
   });

deltachat-repl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-repl"
-version = "1.160.0"
+version = "2.12.0"
 license = "MPL-2.0"
 edition = "2021"
 repository = "https://github.com/chatmail/core"

deltachat-repl/src/cmdline.rs

@@ -20,7 +20,6 @@ use deltachat::log::LogExt;
 use deltachat::message::{self, Message, MessageState, MsgId, Viewtype};
 use deltachat::mimeparser::SystemMessage;
 use deltachat::peer_channels::{send_webxdc_realtime_advertisement, send_webxdc_realtime_data};
-use deltachat::peerstate::*;
 use deltachat::qr::*;
 use deltachat::qr_code_generator::create_qr_svg;
 use deltachat::reaction::send_reaction;
@@ -35,14 +34,6 @@ use tokio::fs;
 /// e.g. bitmask 7 triggers actions defined with bits 1, 2 and 4.
 async fn reset_tables(context: &Context, bits: i32) {
     println!("Resetting tables ({bits})...");
-    if 0 != bits & 2 {
-        context
-            .sql()
-            .execute("DELETE FROM acpeerstates;", ())
-            .await
-            .unwrap();
-        println!("(2) Peerstates reset.");
-    }
     if 0 != bits & 4 {
         context
             .sql()
@@ -96,7 +87,7 @@ async fn poke_eml_file(context: &Context, filename: &Path) -> Result<()> {
     let data = read_file(context, filename).await?;
 
     if let Err(err) = receive_imf(context, &data, false).await {
-        println!("receive_imf errored: {err:?}");
+        eprintln!("receive_imf errored: {err:?}");
     }
     Ok(())
 }
@@ -277,7 +268,7 @@ async fn log_msglist(context: &Context, msglist: &[MsgId]) -> Result<()> {
 
 async fn log_contactlist(context: &Context, contacts: &[ContactId]) -> Result<()> {
     for contact_id in contacts {
-        let mut line2 = "".to_string();
+        let line2 = "".to_string();
         let contact = Contact::get_by_id(context, *contact_id).await?;
         let name = contact.get_display_name();
         let addr = contact.get_addr();
@@ -296,15 +287,6 @@ async fn log_contactlist(context: &Context, contacts: &[ContactId]) -> Result<()
             verified_str,
             if !addr.is_empty() { addr } else { "addr unset" }
         );
-        let peerstate = Peerstate::from_addr(context, addr)
-            .await
-            .expect("peerstate error");
-        if peerstate.is_some() && *contact_id != ContactId::SELF {
-            line2 = format!(
-                ", prefer-encrypt={}",
-                peerstate.as_ref().unwrap().prefer_encrypt
-            );
-        }
 
         println!("Contact#{}: {}{}", *contact_id, line, line2);
     }
@@ -342,7 +324,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                  send-backup\n\
                  receive-backup <qr>\n\
                  export-keys\n\
-                 import-keys\n\
+                 import-keys <key-file>\n\
                  poke [<eml-file>|<folder>|<addr> <key-file>]\n\
                  reset <flags>\n\
                  stop\n\
@@ -351,8 +333,6 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             _ => println!(
                 "==========================Database commands==\n\
                  info\n\
-                 open <file to open or create>\n\
-                 close\n\
                  set <configuration-key> [<value>]\n\
                  get <configuration-key>\n\
                  oauth2\n\
@@ -367,21 +347,24 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                  ==============================Chat commands==\n\
                  listchats [<query>]\n\
                  listarchived\n\
+                 start-realtime <msg-id>\n\
+                 send-realtime <msg-id> <data>\n\
                  chat [<chat-id>|0]\n\
                  createchat <contact-id>\n\
                  creategroup <name>\n\
-                 createbroadcast\n\
+                 createbroadcast <name>\n\
                  createprotected <name>\n\
                  addmember <contact-id>\n\
                  removemember <contact-id>\n\
                  groupname <name>\n\
-                 groupimage [<file>]\n\
+                 groupimage <image>\n\
                  chatinfo\n\
                  sendlocations <seconds>\n\
                  setlocation <lat> <lng>\n\
                  dellocations\n\
                  getlocations [<contact-id>]\n\
                  send <text>\n\
+                 sendempty\n\
                  sendimage <file> [<text>]\n\
                  sendsticker <file> [<text>]\n\
                  sendfile <file> [<text>]\n\
@@ -400,7 +383,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                  unmute <chat-id>\n\
                  delchat <chat-id>\n\
                  accept <chat-id>\n\
-                 decline <chat-id>\n\
+                 blockchat <chat-id>\n\
                  ===========================Message commands==\n\
                  listmsgs <query>\n\
                  msginfo <msg-id>\n\
@@ -414,14 +397,14 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                  react <msg-id> [<reaction>]\n\
                  ===========================Contact commands==\n\
                  listcontacts [<query>]\n\
-                 listverified [<query>]\n\
                  addcontact [<name>] <addr>\n\
                  contactinfo <contact-id>\n\
                  delcontact <contact-id>\n\
-                 cleanupcontacts\n\
                  block <contact-id>\n\
                  unblock <contact-id>\n\
                  listblocked\n\
+                 import-vcard <file>\n\
+                 make-vcard <file> <contact-id> [contact-id ...]\n\
                  ======================================Misc.==\n\
                  getqr [<chat-id>]\n\
                  getqrsvg [<chat-id>]\n\
@@ -508,13 +491,17 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             println!("Exported to {}.", dir.to_string_lossy());
         }
         "import-keys" => {
+            ensure!(!arg1.is_empty(), "Argument <key-file> missing.");
             imex(&context, ImexMode::ImportSelfKeys, arg1.as_ref(), None).await?;
         }
         "poke" => {
             ensure!(poke_spec(&context, Some(arg1)).await, "Poke failed");
         }
         "reset" => {
-            ensure!(!arg1.is_empty(), "Argument <bits> missing: 1=jobs, 2=peerstates, 4=private keys, 8=rest but server config");
+            ensure!(
+                !arg1.is_empty(),
+                "Argument <bits> missing: 4=private keys, 8=rest but server config"
+            );
             let bits: i32 = arg1.parse()?;
             ensure!(bits < 16, "<bits> must be lower than 16.");
             reset_tables(&context, bits).await;
@@ -636,7 +623,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                 println!("Location streaming enabled.");
             }
             println!("{cnt} chats");
-            println!("{time_needed:?} to create this list");
+            eprintln!("{time_needed:?} to create this list");
         }
         "start-realtime" => {
             if arg1.is_empty() {
@@ -746,7 +733,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             chat::marknoticed_chat(&context, sel_chat.get_id()).await?;
             let time_noticed_needed = time_noticed_start.elapsed().unwrap_or_default();
 
-            println!(
+            eprintln!(
                 "{time_needed:?} to create this list, {time_noticed_needed:?} to mark all messages as noticed."
             );
         }
@@ -765,7 +752,8 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             println!("Group#{chat_id} created successfully.");
         }
         "createbroadcast" => {
-            let chat_id = chat::create_broadcast_list(&context).await?;
+            ensure!(!arg1.is_empty(), "Argument <name> missing.");
+            let chat_id = chat::create_broadcast(&context, arg1.to_string()).await?;
 
             println!("Broadcast#{chat_id} created successfully.");
         }
@@ -999,7 +987,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
                 },
                 query,
             );
-            println!("{time_needed:?} to create this list");
+            eprintln!("{time_needed:?} to create this list");
         }
         "draft" => {
             ensure!(sel_chat.is_some(), "No chat selected.");
@@ -1165,7 +1153,10 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
         "listcontacts" | "contacts" => {
             let contacts = Contact::get_all(&context, DC_GCL_ADD_SELF, Some(arg1)).await?;
             log_contactlist(&context, &contacts).await?;
-            println!("{} contacts.", contacts.len());
+            println!("{} key contacts.", contacts.len());
+            let addrcontacts = Contact::get_all(&context, DC_GCL_ADDRESS, Some(arg1)).await?;
+            log_contactlist(&context, &addrcontacts).await?;
+            println!("{} address contacts.", addrcontacts.len());
         }
         "addcontact" => {
             ensure!(!arg1.is_empty(), "Arguments [<name>] <addr> expected.");
@@ -1229,6 +1220,24 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             log_contactlist(&context, &contacts).await?;
             println!("{} blocked contacts.", contacts.len());
         }
+        "import-vcard" => {
+            ensure!(!arg1.is_empty(), "Argument <file> missing.");
+            let vcard_content = fs::read_to_string(&arg1.to_string()).await?;
+            let contacts = import_vcard(&context, &vcard_content).await?;
+            println!("vCard contacts imported:");
+            log_contactlist(&context, &contacts).await?;
+        }
+        "make-vcard" => {
+            ensure!(!arg1.is_empty(), "Argument <file> missing.");
+            ensure!(!arg2.is_empty(), "Argument <contact-id> missing.");
+            let mut contact_ids = vec![];
+            for x in arg2.split_whitespace() {
+                contact_ids.push(ContactId::new(x.parse()?))
+            }
+            let vcard_content = make_vcard(&context, &contact_ids).await?;
+            fs::write(&arg1.to_string(), vcard_content).await?;
+            println!("vCard written to: {arg1}");
+        }
         "checkqr" => {
             ensure!(!arg1.is_empty(), "Argument <qr-content> missing.");
             let qr = check_qr(&context, arg1).await?;
@@ -1238,7 +1247,7 @@ pub async fn cmdline(context: Context, line: &str, chat_id: &mut ChatId) -> Resu
             ensure!(!arg1.is_empty(), "Argument <qr-content> missing.");
             match set_config_from_qr(&context, arg1).await {
                 Ok(()) => println!("Config set from QR code, you can now call 'configure'"),
-                Err(err) => println!("Cannot set config from QR code: {err:?}"),
+                Err(err) => eprintln!("Cannot set config from QR code: {err:?}"),
             }
         }
         "createqrsvg" => {

deltachat-repl/src/main.rs

@@ -179,9 +179,11 @@ const DB_COMMANDS: [&str; 11] = [
     "housekeeping",
 ];
 
-const CHAT_COMMANDS: [&str; 36] = [
+const CHAT_COMMANDS: [&str; 39] = [
     "listchats",
     "listarchived",
+    "start-realtime",
+    "send-realtime",
     "chat",
     "createchat",
     "creategroup",
@@ -197,13 +199,16 @@ const CHAT_COMMANDS: [&str; 36] = [
     "dellocations",
     "getlocations",
     "send",
+    "sendempty",
     "sendimage",
+    "sendsticker",
     "sendfile",
     "sendhtml",
     "sendsyncmsg",
     "sendupdate",
     "videochat",
     "draft",
+    "devicemsg",
     "listmedia",
     "archive",
     "unarchive",
@@ -211,47 +216,48 @@ const CHAT_COMMANDS: [&str; 36] = [
     "unpin",
     "mute",
     "unmute",
-    "protect",
-    "unprotect",
     "delchat",
     "accept",
     "blockchat",
 ];
-const MESSAGE_COMMANDS: [&str; 9] = [
+const MESSAGE_COMMANDS: [&str; 10] = [
     "listmsgs",
     "msginfo",
+    "download",
+    "html",
     "listfresh",
     "forward",
     "resend",
     "markseen",
     "delmsg",
-    "download",
     "react",
 ];
 const CONTACT_COMMANDS: [&str; 9] = [
     "listcontacts",
-    "listverified",
     "addcontact",
     "contactinfo",
     "delcontact",
-    "cleanupcontacts",
     "block",
     "unblock",
     "listblocked",
+    "import-vcard",
+    "make-vcard",
 ];
-const MISC_COMMANDS: [&str; 12] = [
+const MISC_COMMANDS: [&str; 14] = [
     "getqr",
     "getqrsvg",
     "getbadqr",
     "checkqr",
     "joinqr",
+    "setqr",
     "createqrsvg",
+    "providerinfo",
     "fileinfo",
+    "estimatedeletion",
     "clear",
     "exit",
     "quit",
     "help",
-    "estimatedeletion",
 ];
 
 impl Hinter for DcHelper {
@@ -307,7 +313,7 @@ impl Validator for DcHelper {}
 
 async fn start(args: Vec<String>) -> Result<(), Error> {
     if args.len() < 2 {
-        println!("Error: Bad arguments, expected [db-name].");
+        eprintln!("Error: Bad arguments, expected [db-name].");
         bail!("No db-name specified");
     }
     let context = ContextBuilder::new(args[1].clone().into())
@@ -362,7 +368,7 @@ async fn start(args: Vec<String>) -> Result<(), Error> {
                                 false
                             }
                             Err(err) => {
-                                println!("Error: {err:#}");
+                                eprintln!("Error: {err:#}");
                                 true
                             }
                         }
@@ -377,7 +383,7 @@ async fn start(args: Vec<String>) -> Result<(), Error> {
                     break;
                 }
                 Err(err) => {
-                    println!("Error: {err:#}");
+                    eprintln!("Error: {err:#}");
                     break;
                 }
             }

deltachat-rpc-client/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat-rpc-client"
-version = "1.160.0"
+version = "2.12.0"
 description = "Python client for Delta Chat core JSON-RPC interface"
 classifiers = [
     "Development Status :: 5 - Production/Stable",

deltachat-rpc-client/src/deltachat_rpc_client/account.py

@@ -185,7 +185,21 @@ class Account:
         return Contact(self, contact_id)
 
     def get_contact_by_addr(self, address: str) -> Optional[Contact]:
-        """Check if an e-mail address belongs to a known and unblocked contact."""
+        """Looks up a known and unblocked contact with a given e-mail address.
+        To get a list of all known and unblocked contacts, use contacts_get_contacts().
+
+        **POTENTIAL SECURITY ISSUE**: If there are multiple contacts with this address
+        (e.g. an address-contact and a key-contact),
+        this looks up the most recently seen contact,
+        i.e. which contact is returned depends on which contact last sent a message.
+        If the user just clicked on a mailto: link, then this is the best thing you can do.
+        But **DO NOT** internally represent contacts by their email address
+        and do not use this function to look them up;
+        otherwise this function will sometimes look up the wrong contact.
+        Instead, you should internally represent contacts by their ids.
+
+        To validate an e-mail address independently of the contact database
+        use check_email_validity()."""
         contact_id = self._rpc.lookup_contact_id_by_addr(self.id, address)
         return contact_id and Contact(self, contact_id)
 
@@ -288,10 +302,46 @@ class Account:
     def create_group(self, name: str, protect: bool = False) -> Chat:
         """Create a new group chat.
 
-        After creation, the group has only self-contact as member and is in unpromoted state.
+        After creation,
+        the group has only self-contact as member one member (see `SpecialContactId.SELF`)
+        and is in _unpromoted_ state.
+        This means, you can add or remove members, change the name,
+        the group image and so on without messages being sent to all group members.
+
+        This changes as soon as the first message is sent to the group members
+        and the group becomes _promoted_.
+        After that, all changes are synced with all group members
+        by sending status message.
+
+        To check, if a chat is still unpromoted, you can look at the `is_unpromoted` property of a chat
+        (see `get_full_snapshot()` / `get_basic_snapshot()`).
+        This may be useful if you want to show some help for just created groups.
+
+        :param protect: If set to 1 the function creates group with protection initially enabled.
+                        Only verified members are allowed in these groups
+                        and end-to-end-encryption is always enabled.
         """
         return Chat(self, self._rpc.create_group_chat(self.id, name, protect))
 
+    def create_broadcast(self, name: str) -> Chat:
+        """Create a new **broadcast channel**
+        (called "Channel" in the UI).
+
+        Broadcast channels are similar to groups on the sending device,
+        however, recipients get the messages in a read-only chat
+        and will not see who the other members are.
+
+        Called `broadcast` here rather than `channel`,
+        because the word "channel" already appears a lot in the code,
+        which would make it hard to grep for it.
+
+        After creation, the chat contains no recipients and is in _unpromoted_ state;
+        see `create_group()` for more information on the unpromoted state.
+
+        Returns the created chat.
+        """
+        return Chat(self, self._rpc.create_broadcast(self.id, name))
+
     def get_chat_by_id(self, chat_id: int) -> Chat:
         """Return the Chat instance with the given ID."""
         return Chat(self, chat_id)

deltachat-rpc-client/src/deltachat_rpc_client/const.py

@@ -9,6 +9,7 @@ class ContactFlag(IntEnum):
     """Bit flags for get_contacts() method."""
 
     ADD_SELF = 0x02
+    ADDRESS = 0x04
 
 
 class ChatlistFlag(IntEnum):
@@ -90,10 +91,40 @@ class ChatType(IntEnum):
     """Chat type."""
 
     UNDEFINED = 0
+
     SINGLE = 100
+    """1:1 chat, i.e. a direct chat with a single contact"""
+
     GROUP = 120
+
     MAILINGLIST = 140
-    BROADCAST = 160
+
+    OUT_BROADCAST = 160
+    """Outgoing broadcast channel, called "Channel" in the UI.
+
+    The user can send into this channel,
+    and all recipients will receive messages
+    in an `IN_BROADCAST`.
+
+    Called `broadcast` here rather than `channel`,
+    because the word "channel" already appears a lot in the code,
+    which would make it hard to grep for it.
+    """
+
+    IN_BROADCAST = 165
+    """Incoming broadcast channel, called "Channel" in the UI.
+
+    This channel is read-only,
+    and we do not know who the other recipients are.
+
+    This is similar to a `MAILINGLIST`,
+    with the main difference being that
+    `IN_BROADCAST`s are encrypted.
+
+    Called `broadcast` here rather than `channel`,
+    because the word "channel" already appears a lot in the code,
+    which would make it hard to grep for it.
+    """
 
 
 class ChatVisibility(str, Enum):

deltachat-rpc-client/src/deltachat_rpc_client/contact.py

@@ -37,10 +37,6 @@ class Contact:
         """Delete contact."""
         self._rpc.delete_contact(self.account.id, self.id)
 
-    def reset_encryption(self) -> None:
-        """Reset contact encryption."""
-        self._rpc.reset_contact_encryption(self.account.id, self.id)
-
     def set_name(self, name: str) -> None:
         """Change the name of this contact."""
         self._rpc.change_contact_name(self.account.id, self.id, name)

deltachat-rpc-client/src/deltachat_rpc_client/message.py

@@ -2,7 +2,7 @@
 
 import json
 from dataclasses import dataclass
-from typing import TYPE_CHECKING, Optional, Union
+from typing import TYPE_CHECKING, List, Optional, Union
 
 from ._utils import AttrDict, futuremethod
 from .const import EventType
@@ -39,6 +39,11 @@ class Message:
         snapshot["message"] = self
         return snapshot
 
+    def get_read_receipts(self) -> List[AttrDict]:
+        """Get message read receipts."""
+        read_receipts = self._rpc.get_message_read_receipts(self.account.id, self.id)
+        return [AttrDict(read_receipt) for read_receipt in read_receipts]
+
     def get_reactions(self) -> Optional[AttrDict]:
         """Get message reactions."""
         reactions = self._rpc.get_message_reactions(self.account.id, self.id)

deltachat-rpc-client/src/deltachat_rpc_client/pytestplugin.py

@@ -13,6 +13,12 @@ from . import Account, AttrDict, Bot, Chat, Client, DeltaChat, EventType, Messag
 from ._utils import futuremethod
 from .rpc import Rpc
 
+E2EE_INFO_MSGS = 1
+"""
+The number of info messages added to new e2ee chats.
+Currently this is "End-to-end encryption available".
+"""
+
 
 class ACFactory:
     """Test account factory."""

deltachat-rpc-client/tests/test_multidevice.py

@@ -36,6 +36,9 @@ def test_one_account_send_bcc_setting(acfactory, log, direct_imap):
     assert ac1.get_config("bcc_self") == "1"
 
     # Second client receives only second message, but not the first.
+    ev_msg = ac1_clone.wait_for_event(EventType.MSGS_CHANGED)
+    assert ac1_clone.get_message_by_id(ev_msg.msg_id).get_snapshot().text == "Messages are end-to-end encrypted."
+
     ev_msg = ac1_clone.wait_for_event(EventType.MSGS_CHANGED)
     assert ac1_clone.get_message_by_id(ev_msg.msg_id).get_snapshot().text == msg_out.get_snapshot().text
 

deltachat-rpc-client/tests/test_securejoin.py

@@ -1,5 +1,4 @@
 import logging
-import time
 
 import pytest
 
@@ -16,14 +15,14 @@ def test_qr_setup_contact(acfactory, tmp_path) -> None:
     alice.wait_for_securejoin_inviter_success()
 
     # Test that Alice verified Bob's profile.
-    alice_contact_bob = alice.get_contact_by_addr(bob.get_config("addr"))
+    alice_contact_bob = alice.create_contact(bob)
     alice_contact_bob_snapshot = alice_contact_bob.get_snapshot()
     assert alice_contact_bob_snapshot.is_verified
 
     bob.wait_for_securejoin_joiner_success()
 
     # Test that Bob verified Alice's profile.
-    bob_contact_alice = bob.get_contact_by_addr(alice.get_config("addr"))
+    bob_contact_alice = bob.create_contact(alice)
     bob_contact_alice_snapshot = bob_contact_alice.get_snapshot()
     assert bob_contact_alice_snapshot.is_verified
 
@@ -84,7 +83,7 @@ def test_qr_securejoin(acfactory, protect):
     bob.wait_for_securejoin_joiner_success()
 
     # Test that Alice verified Bob's profile.
-    alice_contact_bob = alice.get_contact_by_addr(bob.get_config("addr"))
+    alice_contact_bob = alice.create_contact(bob)
     alice_contact_bob_snapshot = alice_contact_bob.get_snapshot()
     assert alice_contact_bob_snapshot.is_verified
 
@@ -93,7 +92,7 @@ def test_qr_securejoin(acfactory, protect):
     assert snapshot.chat.get_basic_snapshot().is_protected == protect
 
     # Test that Bob verified Alice's profile.
-    bob_contact_alice = bob.get_contact_by_addr(alice.get_config("addr"))
+    bob_contact_alice = bob.create_contact(alice)
     bob_contact_alice_snapshot = bob_contact_alice.get_snapshot()
     assert bob_contact_alice_snapshot.is_verified
 
@@ -101,7 +100,7 @@ def test_qr_securejoin(acfactory, protect):
     # Alice observes securejoin protocol and verifies Bob on second device.
     alice2.start_io()
     alice2.wait_for_securejoin_inviter_success()
-    alice2_contact_bob = alice2.get_contact_by_addr(bob.get_config("addr"))
+    alice2_contact_bob = alice2.create_contact(bob)
     alice2_contact_bob_snapshot = alice2_contact_bob.get_snapshot()
     assert alice2_contact_bob_snapshot.is_verified
 
@@ -213,72 +212,8 @@ def test_setup_contact_resetup(acfactory) -> None:
     bob.wait_for_securejoin_joiner_success()
 
 
-def test_verified_group_recovery(acfactory) -> None:
-    """Tests verified group recovery by reverifying a member and sending a message in a group."""
-    ac1, ac2, ac3 = acfactory.get_online_accounts(3)
-
-    logging.info("ac1 creates verified group")
-    chat = ac1.create_group("Verified group", protect=True)
-    assert chat.get_basic_snapshot().is_protected
-
-    logging.info("ac2 joins verified group")
-    qr_code = chat.get_qr_code()
-    ac2.secure_join(qr_code)
-    ac2.wait_for_securejoin_joiner_success()
-
-    # ac1 has ac2 directly verified.
-    ac1_contact_ac2 = ac1.get_contact_by_addr(ac2.get_config("addr"))
-    assert ac1_contact_ac2.get_snapshot().verifier_id == SpecialContactId.SELF
-
-    logging.info("ac3 joins verified group")
-    ac3_chat = ac3.secure_join(qr_code)
-    ac3.wait_for_securejoin_joiner_success()
-    ac3.wait_for_incoming_msg_event()  # Member added
-
-    logging.info("ac2 logs in on a new device")
-    ac2 = acfactory.resetup_account(ac2)
-
-    logging.info("ac2 reverifies with ac3")
-    qr_code = ac3.get_qr_code()
-    ac2.secure_join(qr_code)
-    ac2.wait_for_securejoin_joiner_success()
-
-    logging.info("ac3 sends a message to the group")
-    assert len(ac3_chat.get_contacts()) == 3
-    ac3_chat.send_text("Hi!")
-
-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
-    assert snapshot.text == "Hi!"
-
-    msg_id = ac2.wait_for_incoming_msg_event().msg_id
-    message = ac2.get_message_by_id(msg_id)
-    snapshot = message.get_snapshot()
-    assert snapshot.text == "Hi!"
-
-    # ac1 contact is verified for ac2 because ac3 gossiped ac1 key in the "Hi!" message.
-    ac1_contact = ac2.get_contact_by_addr(ac1.get_config("addr"))
-    assert ac1_contact.get_snapshot().is_verified
-
-    # ac2 can write messages to the group.
-    snapshot.chat.send_text("Works again!")
-
-    snapshot = ac3.get_message_by_id(ac3.wait_for_incoming_msg_event().msg_id).get_snapshot()
-    assert snapshot.text == "Works again!"
-
-    snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
-    assert snapshot.text == "Works again!"
-
-    ac1_chat_messages = snapshot.chat.get_messages()
-    ac2_addr = ac2.get_config("addr")
-    assert ac1_chat_messages[-2].get_snapshot().text == f"Changed setup for {ac2_addr}"
-
-    # ac2 is now verified by ac3 for ac1
-    ac1_contact_ac3 = ac1.get_contact_by_addr(ac3.get_config("addr"))
-    assert ac1_contact_ac2.get_snapshot().verifier_id == ac1_contact_ac3.id
-
-
 def test_verified_group_member_added_recovery(acfactory) -> None:
-    """Tests verified group recovery by reverifiying than removing and adding a member back."""
+    """Tests verified group recovery by reverifying then removing and adding a member back."""
     ac1, ac2, ac3 = acfactory.get_online_accounts(3)
 
     logging.info("ac1 creates verified group")
@@ -291,7 +226,7 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
     ac2.wait_for_securejoin_joiner_success()
 
     # ac1 has ac2 directly verified.
-    ac1_contact_ac2 = ac1.get_contact_by_addr(ac2.get_config("addr"))
+    ac1_contact_ac2 = ac1.create_contact(ac2)
     assert ac1_contact_ac2.get_snapshot().verifier_id == SpecialContactId.SELF
 
     logging.info("ac3 joins verified group")
@@ -299,6 +234,8 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
     ac3.wait_for_securejoin_joiner_success()
     ac3.wait_for_incoming_msg_event()  # Member added
 
+    ac3_contact_ac2_old = ac3.create_contact(ac2)
+
     logging.info("ac2 logs in on a new device")
     ac2 = acfactory.resetup_account(ac2)
 
@@ -311,21 +248,10 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
     assert len(ac3_chat.get_contacts()) == 3
     ac3_chat.send_text("Hi!")
 
-    msg_id = ac2.wait_for_incoming_msg_event().msg_id
-    message = ac2.get_message_by_id(msg_id)
-    snapshot = message.get_snapshot()
-    logging.info("Received message %s", snapshot.text)
-    assert snapshot.text == "Hi!"
-
     ac1.wait_for_incoming_msg_event()  # Hi!
 
-    ac3_contact_ac2 = ac3.get_contact_by_addr(ac2.get_config("addr"))
-    ac3_chat.remove_contact(ac3_contact_ac2)
-
-    msg_id = ac2.wait_for_incoming_msg_event().msg_id
-    message = ac2.get_message_by_id(msg_id)
-    snapshot = message.get_snapshot()
-    assert "removed" in snapshot.text
+    ac3_contact_ac2 = ac3.create_contact(ac2)
+    ac3_chat.remove_contact(ac3_contact_ac2_old)
 
     snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
     assert "removed" in snapshot.text
@@ -354,19 +280,16 @@ def test_verified_group_member_added_recovery(acfactory) -> None:
     snapshot = ac1.get_message_by_id(ac1.wait_for_incoming_msg_event().msg_id).get_snapshot()
     assert snapshot.text == "Works again!"
 
-    ac1_contact_ac2 = ac1.get_contact_by_addr(ac2.get_config("addr"))
+    ac1_contact_ac2 = ac1.create_contact(ac2)
+    ac1_contact_ac3 = ac1.create_contact(ac3)
     ac1_contact_ac2_snapshot = ac1_contact_ac2.get_snapshot()
     assert ac1_contact_ac2_snapshot.is_verified
-    assert ac1_contact_ac2_snapshot.verifier_id == ac1.get_contact_by_addr(ac3.get_config("addr")).id
-
-    # ac2 is now verified by ac3 for ac1
-    ac1_contact_ac3 = ac1.get_contact_by_addr(ac3.get_config("addr"))
-    assert ac1_contact_ac2.get_snapshot().verifier_id == ac1_contact_ac3.id
+    assert ac1_contact_ac2_snapshot.verifier_id == ac1_contact_ac3.id
 
 
 def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory):
     """Regression test for
-    issue <https://github.com/deltachat/deltachat-core-rust/issues/4894>.
+    issue <https://github.com/chatmail/core/issues/4894>.
     """
     ac1, ac2, ac3, ac4 = acfactory.get_online_accounts(4)
 
@@ -400,12 +323,12 @@ def test_qr_join_chat_with_pending_bobstate_issue4894(acfactory):
     logging.info("ac2 now has pending bobstate but ac1 is shutoff")
 
     # we meanwhile expect ac3/ac2 verification started in the beginning to have completed
-    assert ac3.get_contact_by_addr(ac2.get_config("addr")).get_snapshot().is_verified
-    assert ac2.get_contact_by_addr(ac3.get_config("addr")).get_snapshot().is_verified
+    assert ac3.create_contact(ac2).get_snapshot().is_verified
+    assert ac2.create_contact(ac3).get_snapshot().is_verified
 
     logging.info("ac3: create a verified group VG with ac2")
     vg = ac3.create_group("ac3-created", protect=True)
-    vg.add_contact(ac3.get_contact_by_addr(ac2.get_config("addr")))
+    vg.add_contact(ac3.create_contact(ac2))
 
     # ensure ac2 receives message in VG
     vg.send_text("hello")
@@ -443,7 +366,7 @@ def test_qr_new_group_unblocked(acfactory):
     ac1.wait_for_securejoin_inviter_success()
 
     ac1_new_chat = ac1.create_group("Another group")
-    ac1_new_chat.add_contact(ac1.get_contact_by_addr(ac2.get_config("addr")))
+    ac1_new_chat.add_contact(ac1.create_contact(ac2))
     # Receive "Member added" message.
     ac2.wait_for_incoming_msg_event()
 
@@ -577,30 +500,8 @@ def test_securejoin_after_contact_resetup(acfactory) -> None:
 
     # ac1 resetups the account.
     ac1 = acfactory.resetup_account(ac1)
-
-    # Loop sending message from ac1 to ac2
-    # until ac2 accepts new ac1 key.
-    #
-    # This may not happen immediately because resetup of ac1
-    # rewinds "smeared timestamp" so Date: header for messages
-    # sent by new ac1 are in the past compared to the last Date:
-    # header sent by old ac1.
-    while True:
-        # ac1 sends a message to ac2.
-        ac1_contact_ac2 = ac1.create_contact(ac2, "")
-        ac1_chat_ac2 = ac1_contact_ac2.create_chat()
-        ac1_chat_ac2.send_text("Hello!")
-
-        # ac2 receives a message.
-        snapshot = ac2.get_message_by_id(ac2.wait_for_incoming_msg_event().msg_id).get_snapshot()
-        assert snapshot.text == "Hello!"
-        logging.info("ac2 received Hello!")
-
-        # ac1 is no longer verified for ac2 as new Autocrypt key is not the same as old verified key.
-        logging.info("ac2 addr={}, ac1 addr={}".format(ac2.get_config("addr"), ac1.get_config("addr")))
-        if not ac2_contact_ac1.get_snapshot().is_verified:
-            break
-        time.sleep(1)
+    ac2_contact_ac1 = ac2.create_contact(ac1, "")
+    assert not ac2_contact_ac1.get_snapshot().is_verified
 
     # ac1 goes offline.
     ac1.remove()

deltachat-rpc-client/tests/test_something.py

@@ -11,7 +11,8 @@ from unittest.mock import MagicMock
 import pytest
 
 from deltachat_rpc_client import Contact, EventType, Message, events
-from deltachat_rpc_client.const import DownloadState, MessageState
+from deltachat_rpc_client.const import ChatType, DownloadState, MessageState
+from deltachat_rpc_client.pytestplugin import E2EE_INFO_MSGS
 from deltachat_rpc_client.rpc import JsonRpcError
 
 
@@ -170,7 +171,10 @@ def test_account(acfactory) -> None:
     assert alice.get_size()
     assert alice.is_configured()
     assert not alice.get_avatar()
-    assert alice.get_contact_by_addr(bob_addr) == alice_contact_bob
+    # get_contact_by_addr() can lookup a key contact by address:
+    bob_contact = alice.get_contact_by_addr(bob_addr).get_snapshot()
+    assert bob_contact.display_name == "Bob"
+    assert bob_contact.is_key_contact
     assert alice.get_contacts()
     assert alice.get_contacts(snapshot=True)
     assert alice.self_contact
@@ -287,7 +291,6 @@ def test_contact(acfactory) -> None:
     assert repr(alice_contact_bob)
     alice_contact_bob.block()
     alice_contact_bob.unblock()
-    alice_contact_bob.reset_encryption()
     alice_contact_bob.set_name("new name")
     alice_contact_bob.get_encryption_info()
     snapshot = alice_contact_bob.get_snapshot()
@@ -458,8 +461,12 @@ def test_wait_next_messages(acfactory) -> None:
         alice_chat_bot.send_text("Hello!")
 
         next_messages = next_messages_task.result()
-        assert len(next_messages) == 1
-        snapshot = next_messages[0].get_snapshot()
+
+        if len(next_messages) == E2EE_INFO_MSGS:
+            next_messages += bot.wait_next_messages()
+
+        assert len(next_messages) == 1 + E2EE_INFO_MSGS
+        snapshot = next_messages[0 + E2EE_INFO_MSGS].get_snapshot()
         assert snapshot.text == "Hello!"
 
 
@@ -727,6 +734,26 @@ def test_markseen_contact_request(acfactory):
     assert message2.get_snapshot().state == MessageState.IN_SEEN
 
 
+def test_read_receipt(acfactory):
+    """
+    Test sending a read receipt and ensure it is attributed to the correct contact.
+    """
+    alice, bob = acfactory.get_online_accounts(2)
+
+    alice_chat_bob = alice.create_chat(bob)
+    alice_contact_bob = alice.create_contact(bob)
+    bob.create_chat(alice)  # Accept the chat
+
+    alice_chat_bob.send_text("Hello Bob!")
+    msg = bob.wait_for_incoming_msg()
+    msg.mark_seen()
+
+    read_msg = alice.get_message_by_id(alice.wait_for_event(EventType.MSG_READ).msg_id)
+    read_receipts = read_msg.get_read_receipts()
+    assert len(read_receipts) == 1
+    assert read_receipts[0].contact_id == alice_contact_bob.id
+
+
 def test_get_http_response(acfactory):
     alice = acfactory.new_configured_account()
     http_response = alice._rpc.get_http_response(alice.id, "https://example.org")
@@ -847,3 +874,36 @@ def test_delete_deltachat_folder(acfactory, direct_imap):
     assert msg.text == "hello"
 
     assert "DeltaChat" in ac1_direct_imap.list_folders()
+
+
+def test_broadcast(acfactory):
+    alice, bob = acfactory.get_online_accounts(2)
+
+    alice_chat = alice.create_broadcast("My great channel")
+    snapshot = alice_chat.get_basic_snapshot()
+    assert snapshot.name == "My great channel"
+    assert snapshot.is_unpromoted
+    assert snapshot.is_encrypted
+    assert snapshot.chat_type == ChatType.OUT_BROADCAST
+
+    alice_contact_bob = alice.create_contact(bob, "Bob")
+    alice_chat.add_contact(alice_contact_bob)
+
+    alice_msg = alice_chat.send_message(text="hello").get_snapshot()
+    assert alice_msg.text == "hello"
+    assert alice_msg.show_padlock
+
+    bob_msg = bob.wait_for_incoming_msg().get_snapshot()
+    assert bob_msg.text == "hello"
+    assert bob_msg.show_padlock
+    assert bob_msg.error is None
+
+    bob_chat = bob.get_chat_by_id(bob_msg.chat_id)
+    bob_chat_snapshot = bob_chat.get_basic_snapshot()
+    assert bob_chat_snapshot.name == "My great channel"
+    assert not bob_chat_snapshot.is_unpromoted
+    assert bob_chat_snapshot.is_encrypted
+    assert bob_chat_snapshot.chat_type == ChatType.IN_BROADCAST
+    assert bob_chat_snapshot.is_contact_request
+
+    assert not bob_chat.can_send()

deltachat-rpc-server/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "deltachat-rpc-server"
-version = "1.160.0"
+version = "2.12.0"
 description = "DeltaChat JSON-RPC server"
 edition = "2021"
 readme = "README.md"

deltachat-rpc-server/npm-package/package.json

@@ -15,5 +15,5 @@
   },
   "type": "module",
   "types": "index.d.ts",
-  "version": "1.160.0"
+  "version": "2.12.0"
 }

deny.toml

@@ -25,23 +25,20 @@ skip = [
      { name = "derive_more-impl", version = "1.0.0" },
      { name = "derive_more", version = "1.0.0" },
      { name = "event-listener", version = "2.5.3" },
-     { name = "generator", version = "0.7.5" },
      { name = "getrandom", version = "0.2.12" },
      { name = "hashbrown", version = "0.14.5" },
      { name = "heck", version = "0.4.1" },
      { name = "http", version = "0.2.12" },
      { name = "linux-raw-sys", version = "0.4.14" },
-     { name = "loom", version = "0.5.6" },
      { name = "lru", version = "0.12.3" },
      { name = "netlink-packet-route", version = "0.17.1" },
      { name = "nom", version = "7.1.3" },
+     { name = "nu-ansi-term", version = "0.46.0" },
      { name = "rand_chacha", version = "0.3.1" },
      { name = "rand_core", version = "0.6.4" },
      { name = "rand", version = "0.8.5" },
      { name = "redox_syscall", version = "0.3.5" },
      { name = "redox_syscall", version = "0.4.1" },
-     { name = "regex-automata", version = "0.1.10" },
-     { name = "regex-syntax", version = "0.6.29" },
      { name = "rustix", version = "0.38.44" },
      { name = "serdect", version = "0.2.0" },
      { name = "spin", version = "0.9.8" },
@@ -50,6 +47,7 @@ skip = [
      { name = "syn", version = "1.0.109" },
      { name = "thiserror-impl", version = "1.0.69" },
      { name = "thiserror", version = "1.0.69" },
+     { name = "toml_datetime", version = "0.6.11" },
      { name = "wasi", version = "0.11.0+wasi-snapshot-preview1" },
      { name = "windows" },
      { name = "windows_aarch64_gnullvm" },

fuzz/Cargo.toml

@@ -6,7 +6,7 @@ edition = "2021"
 license = "MPL-2.0"
 
 [dev-dependencies]
-bolero = "0.13.3"
+bolero = "0.13.4"
 
 [dependencies]
 mailparse = { workspace = true }

python/examples/group_tracking.py

@@ -1,49 +0,0 @@
-# content of group_tracking.py
-
-from deltachat import account_hookimpl, run_cmdline
-
-
-class GroupTrackingPlugin:
-    @account_hookimpl
-    def ac_incoming_message(self, message):
-        print("process_incoming message", message)
-        if message.text.strip() == "/quit":
-            message.account.shutdown()
-        else:
-            # unconditionally accept the chat
-            message.create_chat()
-            addr = message.get_sender_contact().addr
-            text = message.text
-            message.chat.send_text(f"echoing from {addr}:\n{text}")
-
-    @account_hookimpl
-    def ac_outgoing_message(self, message):
-        print("ac_outgoing_message:", message)
-
-    @account_hookimpl
-    def ac_configure_completed(self, success):
-        print("ac_configure_completed:", success)
-
-    @account_hookimpl
-    def ac_chat_modified(self, chat):
-        print("ac_chat_modified:", chat.id, chat.get_name())
-        for member in chat.get_contacts():
-            print(f"chat member: {member.addr}")
-
-    @account_hookimpl
-    def ac_member_added(self, chat, contact, actor, message):
-        print(f"ac_member_added {contact.addr} to chat {chat.id} from {actor or message.get_sender_contact().addr}")
-        for member in chat.get_contacts():
-            print(f"chat member: {member.addr}")
-
-    @account_hookimpl
-    def ac_member_removed(self, chat, contact, actor, message):
-        print(f"ac_member_removed {contact.addr} from chat {chat.id} by {actor or message.get_sender_contact().addr}")
-
-
-def main(argv=None):
-    run_cmdline(argv=argv, account_plugins=[GroupTrackingPlugin()])
-
-
-if __name__ == "__main__":
-    main()

python/examples/test_examples.py

@@ -1,10 +1,7 @@
 import echo_and_quit
-import group_tracking
 import py
 import pytest
 
-from deltachat.events import FFIEventLogger
-
 
 @pytest.fixture(scope="session")
 def datadir():
@@ -36,55 +33,3 @@ def test_echo_quit_plugin(acfactory, lp):
     lp.sec("send quit sequence")
     bot_chat.send_text("/quit")
     botproc.wait()
-
-
-def test_group_tracking_plugin(acfactory, lp):
-    lp.sec("creating one group-tracking bot and two temp accounts")
-    botproc = acfactory.run_bot_process(group_tracking)
-
-    ac1, ac2 = acfactory.get_online_accounts(2)
-
-    ac1.add_account_plugin(FFIEventLogger(ac1))
-    ac2.add_account_plugin(FFIEventLogger(ac2))
-
-    lp.sec("creating bot test group with bot")
-    bot_chat = ac1.qr_setup_contact(botproc.qr)
-    ac1._evtracker.wait_securejoin_joiner_progress(1000)
-    bot_contact = bot_chat.get_contacts()[0]
-    ch = ac1.create_group_chat("bot test group")
-    ch.add_contact(bot_contact)
-    ch.send_text("hello")
-
-    botproc.fnmatch_lines(
-        """
-        *ac_chat_modified*bot test group*
-    """,
-    )
-
-    lp.sec("adding third member {}".format(ac2.get_config("addr")))
-    contact3 = ac1.create_contact(ac2)
-    ch.add_contact(contact3)
-
-    reply = ac1._evtracker.wait_next_incoming_message()
-    assert "hello" in reply.text
-
-    lp.sec("now looking at what the bot received")
-    botproc.fnmatch_lines(
-        """
-        *ac_member_added {}*from*{}*
-    """.format(
-            contact3.addr,
-            ac1.get_config("addr"),
-        ),
-    )
-
-    lp.sec("contact successfully added, now removing")
-    ch.remove_contact(contact3)
-    botproc.fnmatch_lines(
-        """
-        *ac_member_removed {}*from*{}*
-    """.format(
-            contact3.addr,
-            ac1.get_config("addr"),
-        ),
-    )

python/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deltachat"
-version = "1.160.0"
+version = "2.12.0"
 description = "Python bindings for the Delta Chat Core library using CFFI against the Rust-implemented libdeltachat"
 readme = "README.rst"
 requires-python = ">=3.8"

python/src/deltachat/account.py

@@ -293,6 +293,8 @@ class Account:
         return Contact(self, contact_id)
 
     def get_contact(self, obj) -> Optional[Contact]:
+        if isinstance(obj, Account):
+            return self.create_contact(obj)
         if isinstance(obj, Contact):
             return obj
         (_, addr) = self.get_contact_addr_and_name(obj)
@@ -328,7 +330,21 @@ class Account:
         return bool(lib.dc_delete_contact(self._dc_context, contact_id))
 
     def get_contact_by_addr(self, email: str) -> Optional[Contact]:
-        """get a contact for the email address or None if it's blocked or doesn't exist."""
+        """Looks up a known and unblocked contact with a given e-mail address.
+        To get a list of all known and unblocked contacts, use contacts_get_contacts().
+
+        **POTENTIAL SECURITY ISSUE**: If there are multiple contacts with this address
+        (e.g. an address-contact and a key-contact),
+        this looks up the most recently seen contact,
+        i.e. which contact is returned depends on which contact last sent a message.
+        If the user just clicked on a mailto: link, then this is the best thing you can do.
+        But **DO NOT** internally represent contacts by their email address
+        and do not use this function to look them up;
+        otherwise this function will sometimes look up the wrong contact.
+        Instead, you should internally represent contacts by their ids.
+
+        To validate an e-mail address independently of the contact database
+        use check_email_validity()."""
         _, addr = parseaddr(email)
         addr = as_dc_charpointer(addr)
         contact_id = lib.dc_lookup_contact_id_by_addr(self._dc_context, addr)

python/src/deltachat/chat.py

@@ -417,7 +417,13 @@ class Chat:
         :raises ValueError: if contact could not be added
         :returns: None
         """
-        contact = self.account.create_contact(obj)
+        from .contact import Contact
+
+        if isinstance(obj, Contact):
+            contact = obj
+        else:
+            contact = self.account.create_contact(obj)
+
         ret = lib.dc_add_contact_to_chat(self.account._dc_context, self.id, contact.id)
         if ret != 1:
             raise ValueError(f"could not add contact {contact!r} to chat")

python/src/deltachat/events.py

@@ -13,7 +13,6 @@ from .account import Account
 from .capi import ffi, lib
 from .cutil import from_optional_dc_charpointer
 from .hookspec import account_hookimpl
-from .message import map_system_message
 
 
 def get_dc_event_name(integer, _DC_EVENTNAME_MAP={}):
@@ -304,21 +303,15 @@ class EventThread(threading.Thread):
         elif name == "DC_EVENT_INCOMING_MSG":
             msg = account.get_message_by_id(ffi_event.data2)
             if msg is not None:
-                yield map_system_message(msg) or ("ac_incoming_message", {"message": msg})
+                yield ("ac_incoming_message", {"message": msg})
         elif name == "DC_EVENT_MSGS_CHANGED":
             if ffi_event.data2 != 0:
                 msg = account.get_message_by_id(ffi_event.data2)
                 if msg is not None:
                     if msg.is_outgoing():
-                        res = map_system_message(msg)
-                        if res and res[0].startswith("ac_member"):
-                            yield res
                         yield "ac_outgoing_message", {"message": msg}
                     elif msg.is_in_fresh():
-                        yield map_system_message(msg) or (
-                            "ac_incoming_message",
-                            {"message": msg},
-                        )
+                        yield "ac_incoming_message", {"message": msg}
         elif name == "DC_EVENT_REACTIONS_CHANGED":
             assert ffi_event.data1 > 0
             msg = account.get_message_by_id(ffi_event.data2)

python/src/deltachat/message.py

@@ -2,14 +2,12 @@
 
 import json
 import os
-import re
 from datetime import datetime, timezone
 from typing import Optional, Union
 
 from . import const, props
 from .capi import ffi, lib
 from .cutil import as_dc_charpointer, from_dc_charpointer, from_optional_dc_charpointer
-from .reactions import Reactions
 
 
 class Message:
@@ -165,17 +163,6 @@ class Message:
             ),
         )
 
-    def send_reaction(self, reaction: str):
-        """Send a reaction to message and return the resulting Message instance."""
-        msg_id = lib.dc_send_reaction(self.account._dc_context, self.id, as_dc_charpointer(reaction))
-        if msg_id == 0:
-            raise ValueError("reaction could not be send")
-        return Message.from_db(self.account, msg_id)
-
-    def get_reactions(self) -> Reactions:
-        """Get :class:`deltachat.reactions.Reactions` to the message."""
-        return Reactions.from_msg(self)
-
     def is_system_message(self):
         """return True if this message is a system/info message."""
         return bool(lib.dc_msg_is_info(self._dc_msg))
@@ -504,56 +491,3 @@ def get_viewtype_code_from_name(view_type_name):
     raise ValueError(
         f"message typecode not found for {view_type_name!r}, available {list(_view_type_mapping.keys())!r}",
     )
-
-
-#
-# some helper code for turning system messages into hook events
-#
-
-
-def map_system_message(msg):
-    if msg.is_system_message():
-        res = parse_system_add_remove(msg.text)
-        if not res:
-            return None
-        action, affected, actor = res
-        affected = msg.account.get_contact_by_addr(affected)
-        actor = None if actor == "me" else msg.account.get_contact_by_addr(actor)
-        d = {"chat": msg.chat, "contact": affected, "actor": actor, "message": msg}
-        return "ac_member_" + res[0], d
-
-
-def extract_addr(text):
-    m = re.match(r".*\((.+@.+)\)", text)
-    if m:
-        text = m.group(1)
-    text = text.rstrip(".")
-    return text.strip()
-
-
-def parse_system_add_remove(text):
-    """return add/remove info from parsing the given system message text.
-
-    returns a (action, affected, actor) triple
-    """
-    # You removed member a@b.
-    # You added member a@b.
-    # Member Me (x@y) removed by a@b.
-    # Member x@y added by a@b
-    # Member With space (tmp1@x.org) removed by tmp2@x.org.
-    # Member With space (tmp1@x.org) removed by Another member (tmp2@x.org).",
-    # Group left by some one (tmp1@x.org).
-    # Group left by tmp1@x.org.
-    text = text.lower()
-    m = re.match(r"member (.+) (removed|added) by (.+)", text)
-    if m:
-        affected, action, actor = m.groups()
-        return action, extract_addr(affected), extract_addr(actor)
-    m = re.match(r"you (removed|added) member (.+)", text)
-    if m:
-        action, affected = m.groups()
-        return action, extract_addr(affected), "me"
-    if text.startswith("group left by "):
-        addr = extract_addr(text[13:])
-        if addr:
-            return "removed", addr, addr

python/src/deltachat/reactions.py

@@ -1,43 +0,0 @@
-"""The Reactions object."""
-
-from .capi import ffi, lib
-from .cutil import from_dc_charpointer, iter_array
-
-
-class Reactions:
-    """Reactions object.
-
-    You obtain instances of it through :class:`deltachat.message.Message`.
-    """
-
-    def __init__(self, account, dc_reactions) -> None:
-        assert isinstance(account._dc_context, ffi.CData)
-        assert isinstance(dc_reactions, ffi.CData)
-        assert dc_reactions != ffi.NULL
-        self.account = account
-        self._dc_reactions = dc_reactions
-
-    def __repr__(self) -> str:
-        return f"<Reactions dc_reactions={self._dc_reactions}>"
-
-    @classmethod
-    def from_msg(cls, msg):
-        assert msg.id > 0
-        return cls(
-            msg.account,
-            ffi.gc(lib.dc_get_msg_reactions(msg.account._dc_context, msg.id), lib.dc_reactions_unref),
-        )
-
-    def get_contacts(self) -> list:
-        """Get list of contacts reacted to the message.
-
-        :returns: list of :class:`deltachat.contact.Contact` objects for this reaction.
-        """
-        from .contact import Contact
-
-        dc_array = ffi.gc(lib.dc_reactions_get_contacts(self._dc_reactions), lib.dc_array_unref)
-        return list(iter_array(dc_array, lambda x: Contact(self.account, x)))
-
-    def get_by_contact(self, contact) -> str:
-        """Get a string containing space-separated reactions of a single :class:`deltachat.contact.Contact`."""
-        return from_dc_charpointer(lib.dc_reactions_get_by_contact_id(self._dc_reactions, contact.id))

python/src/deltachat/testplugin.py

@@ -20,6 +20,12 @@ import deltachat
 from . import Account, account_hookimpl, const, get_core_info
 from .events import FFIEventLogger, FFIEventTracker
 
+E2EE_INFO_MSGS = 1
+"""
+The number of info messages added to new e2ee chats.
+Currently this is "End-to-end encryption available".
+"""
+
 
 def pytest_addoption(parser):
     group = parser.getgroup("deltachat testplugin options")
@@ -606,7 +612,7 @@ class ACFactory:
         ev = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED")
         msg = ac2.get_message_by_id(ev.data2)
         assert msg is not None
-        assert msg.text == "Messages are guaranteed to be end-to-end encrypted from now on."
+        assert msg.text == "Messages are end-to-end encrypted."
         msg = ac2._evtracker.wait_next_incoming_message()
         assert msg is not None
         assert "Member Me " in msg.text and " added by " in msg.text

python/tests/test_0_complex_or_slow.py

@@ -133,8 +133,7 @@ def test_qr_verified_group_and_chatting(acfactory, lp):
     assert "added" in msg.text.lower()
 
     assert any(
-        m.is_system_message() and m.text == "Messages are guaranteed to be end-to-end encrypted from now on."
-        for m in msg.chat.get_messages()
+        m.is_system_message() and m.text == "Messages are end-to-end encrypted." for m in msg.chat.get_messages()
     )
     lp.sec("ac1: send message")
     msg_out = chat1.send_text("hello")
@@ -187,83 +186,6 @@ def test_qr_verified_group_and_chatting(acfactory, lp):
     assert msg.is_encrypted()
 
 
-def test_undecipherable_group(acfactory, lp):
-    """Test how group messages that cannot be decrypted are
-    handled.
-
-    Group name is encrypted and plaintext subject is set to "..." in
-    this case, so we should assign the messages to existing chat
-    instead of creating a new one. Since there is no existing group
-    chat, the messages should be assigned to 1-1 chat with the sender
-    of the message.
-    """
-
-    lp.sec("creating and configuring three accounts")
-    ac1, ac2, ac3 = acfactory.get_online_accounts(3)
-
-    acfactory.introduce_each_other([ac1, ac2, ac3])
-
-    lp.sec("ac3 reinstalls DC and generates a new key")
-    ac3.stop_io()
-    acfactory.remove_preconfigured_keys()
-    ac4 = acfactory.new_online_configuring_account(cloned_from=ac3)
-    acfactory.wait_configured(ac4)
-    # Create contacts to make sure incoming messages are not treated as contact requests
-    chat41 = ac4.create_chat(ac1)
-    chat42 = ac4.create_chat(ac2)
-    ac4.start_io()
-    ac4._evtracker.wait_idle_inbox_ready()
-
-    lp.sec("ac1: creating group chat with 2 other members")
-    chat = ac1.create_group_chat("title", contacts=[ac2, ac3])
-
-    lp.sec("ac1: send message to new group chat")
-    msg = chat.send_text("hello")
-
-    lp.sec("ac2: checking that the chat arrived correctly")
-    msg = ac2._evtracker.wait_next_incoming_message()
-    assert msg.text == "hello"
-    assert msg.is_encrypted(), "Message is not encrypted"
-
-    # ac4 cannot decrypt the message.
-    # Error message should be assigned to the chat with ac1.
-    lp.sec("ac4: checking that message is assigned to the sender chat")
-    error_msg = ac4._evtracker.wait_next_incoming_message()
-    assert error_msg.error  # There is an error decrypting the message
-    assert error_msg.chat == chat41
-
-    lp.sec("ac2: sending a reply to the chat")
-    msg.chat.send_text("reply")
-    reply = ac1._evtracker.wait_next_incoming_message()
-    assert reply.text == "reply"
-    assert reply.is_encrypted(), "Reply is not encrypted"
-
-    lp.sec("ac4: checking that reply is assigned to ac2 chat")
-    error_reply = ac4._evtracker.wait_next_incoming_message()
-    assert error_reply.error  # There is an error decrypting the message
-    assert error_reply.chat == chat42
-
-    # Test that ac4 replies to error messages don't appear in the
-    # group chat on ac1 and ac2.
-    lp.sec("ac4: replying to ac1 and ac2")
-
-    # Otherwise reply becomes a contact request.
-    chat41.send_text("I can't decrypt your message, ac1!")
-    chat42.send_text("I can't decrypt your message, ac2!")
-
-    msg = ac1._evtracker.wait_next_incoming_message()
-    assert msg.error is None
-    assert msg.text == "I can't decrypt your message, ac1!"
-    assert msg.is_encrypted(), "Message is not encrypted"
-    assert msg.chat == ac1.create_chat(ac3)
-
-    msg = ac2._evtracker.wait_next_incoming_message()
-    assert msg.error is None
-    assert msg.text == "I can't decrypt your message, ac2!"
-    assert msg.is_encrypted(), "Message is not encrypted"
-    assert msg.chat == ac2.create_chat(ac4)
-
-
 def test_ephemeral_timer(acfactory, lp):
     ac1, ac2 = acfactory.get_online_accounts(2)
 
@@ -415,7 +337,7 @@ def test_use_new_verified_group_after_going_online(acfactory, data, tmp_path, lp
     assert contact.addr == ac1.get_config("addr")
     chat2 = msg_in.chat
     assert chat2.is_protected()
-    assert chat2.get_messages()[0].text == "Messages are guaranteed to be end-to-end encrypted from now on."
+    assert chat2.get_messages()[0].text == "Messages are end-to-end encrypted."
     assert open(contact.get_profile_image(), "rb").read() == open(avatar_path, "rb").read()
 
     lp.sec("ac2_offl: sending message")
@@ -489,7 +411,7 @@ def test_verified_group_vs_delete_server_after(acfactory, tmp_path, lp):
     ev = ac2_offl._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
     msg_in = ac2_offl.get_message_by_id(ev.data2)
     assert msg_in.is_system_message()
-    assert msg_in.text == "Messages are guaranteed to be end-to-end encrypted from now on."
+    assert msg_in.text == "Messages are end-to-end encrypted."
 
     # We need to consume one event that has data2=0
     ev = ac2_offl._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")

python/tests/test_1_online.py

@@ -10,6 +10,7 @@ from imap_tools import AND, U
 import deltachat as dc
 from deltachat import account_hookimpl, Message
 from deltachat.tracker import ImexTracker
+from deltachat.testplugin import E2EE_INFO_MSGS
 
 
 def test_basic_imap_api(acfactory, tmp_path):
@@ -159,32 +160,6 @@ def test_html_message(acfactory, lp):
     assert html_text in msg2.html
 
 
-def test_videochat_invitation_message(acfactory, lp):
-    ac1, ac2 = acfactory.get_online_accounts(2)
-    chat = acfactory.get_accepted_chat(ac1, ac2)
-    text = "You are invited to a video chat, click https://meet.jit.si/WxEGad0gGzX to join."
-
-    lp.sec("ac1: prepare and send text message to ac2")
-    msg1 = chat.send_text("message0")
-    assert not msg1.is_videochat_invitation()
-
-    lp.sec("wait for ac2 to receive message")
-    msg2 = ac2._evtracker.wait_next_incoming_message()
-    assert msg2.text == "message0"
-    assert not msg2.is_videochat_invitation()
-
-    lp.sec("ac1: prepare and send videochat invitation to ac2")
-    msg1 = Message.new_empty(ac1, "videochat")
-    msg1.set_text(text)
-    msg1 = chat.send_msg(msg1)
-    assert msg1.is_videochat_invitation()
-
-    lp.sec("wait for ac2 to receive message")
-    msg2 = ac2._evtracker.wait_next_incoming_message()
-    assert msg2.text == text
-    assert msg2.is_videochat_invitation()
-
-
 def test_webxdc_message(acfactory, data, lp):
     ac1, ac2 = acfactory.get_online_accounts(2)
     chat = acfactory.get_accepted_chat(ac1, ac2)
@@ -408,6 +383,10 @@ def test_forward_messages(acfactory, lp):
     msg_out = chat.send_text("message2")
 
     lp.sec("ac2: wait for receive")
+    ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
+    msg_in = ac2.get_message_by_id(ev.data2)
+    assert msg_in.text == "Messages are end-to-end encrypted."
+
     ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
     assert ev.data2 == msg_out.id
     msg_in = ac2.get_message_by_id(msg_out.id)
@@ -622,6 +601,11 @@ def test_moved_markseen(acfactory):
 
     with ac2.direct_imap.idle() as idle2:
         ac2.start_io()
+
+        ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
+        msg = ac2.get_message_by_id(ev.data2)
+        assert msg.text == "Messages are end-to-end encrypted."
+
         ev = ac2._evtracker.get_matching("DC_EVENT_INCOMING_MSG|DC_EVENT_MSGS_CHANGED")
         msg = ac2.get_message_by_id(ev.data2)
 
@@ -738,7 +722,7 @@ def test_mdn_asymmetric(acfactory, lp):
     lp.sec("sending text message from ac1 to ac2")
     msg_out = chat.send_text("message1")
 
-    assert len(chat.get_messages()) == 1
+    assert len(chat.get_messages()) == 1 + E2EE_INFO_MSGS
 
     lp.sec("disable ac1 MDNs")
     ac1.set_config("mdns_enabled", "0")
@@ -746,7 +730,7 @@ def test_mdn_asymmetric(acfactory, lp):
     lp.sec("wait for ac2 to receive message")
     msg = ac2._evtracker.wait_next_incoming_message()
 
-    assert len(msg.chat.get_messages()) == 1
+    assert len(msg.chat.get_messages()) == 1 + E2EE_INFO_MSGS
 
     lp.sec("ac2: mark incoming message as seen")
     ac2.mark_seen_messages([msg])
@@ -755,7 +739,7 @@ def test_mdn_asymmetric(acfactory, lp):
     # MDN should be moved even though MDNs are already disabled
     ac1._evtracker.get_matching("DC_EVENT_IMAP_MESSAGE_MOVED")
 
-    assert len(chat.get_messages()) == 1
+    assert len(chat.get_messages()) == 1 + E2EE_INFO_MSGS
 
     # Wait for the message to be marked as seen on IMAP.
     ac1._evtracker.get_info_contains("Marked messages [0-9]+ in folder DeltaChat as seen.")
@@ -767,7 +751,7 @@ def test_mdn_asymmetric(acfactory, lp):
     assert len(list(ac1.direct_imap.conn.fetch(AND(seen=True)))) == 1
 
 
-def test_send_and_receive_will_encrypt_decrypt(acfactory, lp):
+def test_send_receive_encrypt(acfactory, lp):
     ac1, ac2 = acfactory.get_online_accounts(2)
 
     ac1.get_device_chat().mark_noticed()
@@ -798,12 +782,11 @@ def test_send_and_receive_will_encrypt_decrypt(acfactory, lp):
     msg3.mark_seen()
     assert not list(ac1.get_fresh_messages())
 
-    lp.sec("create group chat with two members, one of which has no encrypt state")
+    lp.sec("create group chat with two members")
     chat = ac1.create_group_chat("encryption test")
     chat.add_contact(ac2)
-    chat.add_contact(ac1.create_contact("notexisting@testrun.org"))
     msg = chat.send_text("test not encrypt")
-    assert not msg.is_encrypted()
+    assert msg.is_encrypted()
     ac1._evtracker.get_matching("DC_EVENT_SMTP_MESSAGE_SENT")
 
 
@@ -1124,6 +1107,11 @@ def test_send_and_receive_image(acfactory, lp, data):
     assert m == msg_out
 
     lp.sec("wait for ac2 to receive message")
+
+    ev = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED|DC_EVENT_INCOMING_MSG")
+    msg_in = ac2.get_message_by_id(ev.data2)
+    assert msg_in.text == "Messages are end-to-end encrypted."
+
     ev = ac2._evtracker.get_matching("DC_EVENT_MSGS_CHANGED|DC_EVENT_INCOMING_MSG")
     assert ev.data2 == msg_out.id
     msg_in = ac2.get_message_by_id(msg_out.id)
@@ -1139,9 +1127,9 @@ def test_import_export_online_all(acfactory, tmp_path, data, lp):
 
     lp.sec("create some chat content")
     some1_addr = some1.get_config("addr")
-    chat1 = ac1.create_contact(some1_addr, name="some1").create_chat()
+    chat1 = ac1.create_contact(some1).create_chat()
     chat1.send_text("msg1")
-    assert len(ac1.get_contacts(query="some1")) == 1
+    assert len(ac1.get_contacts()) == 1
 
     original_image_path = data.get_path("d.png")
     chat1.send_image(original_image_path)
@@ -1153,16 +1141,16 @@ def test_import_export_online_all(acfactory, tmp_path, data, lp):
     chat1.send_file(str(path))
 
     def assert_account_is_proper(ac):
-        contacts = ac.get_contacts(query="some1")
+        contacts = ac.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
         assert contact2.addr == some1_addr
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 3
-        assert messages[0].text == "msg1"
-        assert messages[1].filemime == "image/png"
-        assert os.stat(messages[1].filename).st_size == os.stat(original_image_path).st_size
+        assert len(messages) == 3 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert messages[1 + E2EE_INFO_MSGS].filemime == "image/png"
+        assert os.stat(messages[1 + E2EE_INFO_MSGS].filename).st_size == os.stat(original_image_path).st_size
         ac.set_config("displayname", "new displayname")
         assert ac.get_config("displayname") == "new displayname"
 
@@ -1288,79 +1276,6 @@ def test_set_get_contact_avatar(acfactory, data, lp):
     assert msg6.get_sender_contact().get_profile_image() is None
 
 
-def test_add_remove_member_remote_events(acfactory, lp):
-    ac1, ac2, ac3 = acfactory.get_online_accounts(3)
-    ac1_addr = ac1.get_config("addr")
-    ac3_addr = ac3.get_config("addr")
-    # activate local plugin for ac2
-    in_list = queue.Queue()
-
-    class EventHolder:
-        def __init__(self, **kwargs) -> None:
-            self.__dict__.update(kwargs)
-
-    class InPlugin:
-        @account_hookimpl
-        def ac_incoming_message(self, message):
-            # we immediately accept the sender because
-            # otherwise we won't see member_added contacts
-            message.create_chat()
-
-        @account_hookimpl
-        def ac_chat_modified(self, chat):
-            in_list.put(EventHolder(action="chat-modified", chat=chat))
-
-        @account_hookimpl
-        def ac_member_added(self, chat, contact, message):
-            in_list.put(EventHolder(action="added", chat=chat, contact=contact, message=message))
-
-        @account_hookimpl
-        def ac_member_removed(self, chat, contact, message):
-            in_list.put(EventHolder(action="removed", chat=chat, contact=contact, message=message))
-
-    ac2.add_account_plugin(InPlugin())
-
-    lp.sec("ac1: create group chat with ac2")
-    chat = ac1.create_group_chat("hello", contacts=[ac2])
-
-    lp.sec("ac1: send a message to group chat to promote the group")
-    chat.send_text("afterwards promoted")
-    ev = in_list.get()
-    assert ev.action == "chat-modified"
-    assert chat.is_promoted()
-    assert sorted(x.addr for x in chat.get_contacts()) == sorted(x.addr for x in ev.chat.get_contacts())
-
-    lp.sec("ac1: add address2")
-    # note that if the above create_chat() would not
-    # happen we would not receive a proper member_added event
-    contact2 = chat.add_contact(ac3)
-    ev = in_list.get()
-    assert ev.action == "chat-modified"
-    ev = in_list.get()
-    assert ev.action == "chat-modified"
-    ev = in_list.get()
-    assert ev.action == "added"
-    assert ev.message.get_sender_contact().addr == ac1_addr
-    assert ev.contact.addr == ac3_addr
-
-    lp.sec("ac1: remove address2")
-    chat.remove_contact(contact2)
-    ev = in_list.get()
-    assert ev.action == "chat-modified"
-    ev = in_list.get()
-    assert ev.action == "removed"
-    assert ev.contact.addr == contact2.addr
-    assert ev.message.get_sender_contact().addr == ac1_addr
-
-    lp.sec("ac1: remove ac2 contact from chat")
-    chat.remove_contact(ac2)
-    ev = in_list.get()
-    assert ev.action == "chat-modified"
-    ev = in_list.get()
-    assert ev.action == "removed"
-    assert ev.message.get_sender_contact().addr == ac1_addr
-
-
 def test_system_group_msg_from_blocked_user(acfactory, lp):
     """
     Tests that a blocked user removes you from a group.
@@ -1488,8 +1403,8 @@ def test_connectivity(acfactory, lp):
     ac1.maybe_network()
     ac1._evtracker.wait_for_connectivity(dc.const.DC_CONNECTIVITY_CONNECTED)
     msgs = ac1.create_chat(ac2).get_messages()
-    assert len(msgs) == 1
-    assert msgs[0].text == "Hi"
+    assert len(msgs) == 1 + E2EE_INFO_MSGS
+    assert msgs[0 + E2EE_INFO_MSGS].text == "Hi"
 
     lp.sec("Test that the connectivity changes to WORKING while new messages are fetched")
 
@@ -1499,8 +1414,8 @@ def test_connectivity(acfactory, lp):
     ac1._evtracker.wait_for_connectivity_change(dc.const.DC_CONNECTIVITY_WORKING, dc.const.DC_CONNECTIVITY_CONNECTED)
 
     msgs = ac1.create_chat(ac2).get_messages()
-    assert len(msgs) == 2
-    assert msgs[1].text == "Hi 2"
+    assert len(msgs) == 2 + E2EE_INFO_MSGS
+    assert msgs[1 + E2EE_INFO_MSGS].text == "Hi 2"
 
 
 def test_fetch_deleted_msg(acfactory, lp):
@@ -1760,44 +1675,6 @@ def test_configure_error_msgs_invalid_server(acfactory):
     assert "configuration" not in ev.data2.lower()
 
 
-def test_name_changes(acfactory):
-    ac1, ac2 = acfactory.get_online_accounts(2)
-    ac1.set_config("displayname", "Account 1")
-
-    chat12 = acfactory.get_accepted_chat(ac1, ac2)
-    contact = None
-
-    def update_name():
-        """Send a message from ac1 to ac2 to update the name"""
-        nonlocal contact
-        chat12.send_text("Hello")
-        msg = ac2._evtracker.wait_next_incoming_message()
-        contact = msg.get_sender_contact()
-        return contact.name
-
-    assert update_name() == "Account 1"
-
-    ac1.set_config("displayname", "Account 1 revision 2")
-    assert update_name() == "Account 1 revision 2"
-
-    # Explicitly rename contact on ac2 to "Renamed"
-    ac2.create_contact(contact, name="Renamed")
-    assert contact.name == "Renamed"
-    ev = ac2._evtracker.get_matching("DC_EVENT_CONTACTS_CHANGED")
-    assert ev.data1 == contact.id
-
-    # ac1 also renames itself into "Renamed"
-    assert update_name() == "Renamed"
-    ac1.set_config("displayname", "Renamed")
-    assert update_name() == "Renamed"
-
-    # Contact name was set to "Renamed" explicitly before,
-    # so it should not be changed.
-    ac1.set_config("displayname", "Renamed again")
-    updated_name = update_name()
-    assert updated_name == "Renamed"
-
-
 def test_status(acfactory):
     """Test that status is transferred over the network."""
     ac1, ac2 = acfactory.get_online_accounts(2)

python/tests/test_3_offline.py

@@ -1,51 +1,12 @@
 import os
-import time
 from datetime import datetime, timedelta, timezone
 
 import pytest
 
 import deltachat as dc
 from deltachat.tracker import ImexFailed
-from deltachat import Account, account_hookimpl, Message
-
-
-@pytest.mark.parametrize(
-    ("msgtext", "res"),
-    [
-        (
-            "Member Me (tmp1@x.org) removed by tmp2@x.org.",
-            ("removed", "tmp1@x.org", "tmp2@x.org"),
-        ),
-        (
-            "Member With space (tmp1@x.org) removed by tmp2@x.org.",
-            ("removed", "tmp1@x.org", "tmp2@x.org"),
-        ),
-        (
-            "Member With space (tmp1@x.org) removed by Another member (tmp2@x.org).",
-            ("removed", "tmp1@x.org", "tmp2@x.org"),
-        ),
-        (
-            "Member With space (tmp1@x.org) removed by me",
-            ("removed", "tmp1@x.org", "me"),
-        ),
-        (
-            "Group left by some one (tmp1@x.org).",
-            ("removed", "tmp1@x.org", "tmp1@x.org"),
-        ),
-        ("Group left by tmp1@x.org.", ("removed", "tmp1@x.org", "tmp1@x.org")),
-        (
-            "Member tmp1@x.org added by tmp2@x.org.",
-            ("added", "tmp1@x.org", "tmp2@x.org"),
-        ),
-        ("Member nothing bla bla", None),
-        ("Another unknown system message", None),
-    ],
-)
-def test_parse_system_add_remove(msgtext, res):
-    from deltachat.message import parse_system_add_remove
-
-    out = parse_system_add_remove(msgtext)
-    assert out == res
+from deltachat import Account, Message
+from deltachat.testplugin import E2EE_INFO_MSGS
 
 
 class TestOfflineAccountBasic:
@@ -177,14 +138,15 @@ class TestOfflineContact:
 
     def test_get_contacts_and_delete(self, acfactory):
         ac1 = acfactory.get_pseudo_configured_account()
-        contact1 = ac1.create_contact("some1@example.org", name="some1")
+        ac2 = acfactory.get_pseudo_configured_account()
+        contact1 = ac1.create_contact(ac2)
         contacts = ac1.get_contacts()
         assert len(contacts) == 1
-        assert contact1 in contacts
 
         assert not ac1.get_contacts(query="some2")
-        assert ac1.get_contacts(query="some1")
+        assert not ac1.get_contacts(query="some1")
         assert len(ac1.get_contacts(with_self=True)) == 2
+        assert contact1 in ac1.get_contacts()
 
         assert ac1.delete_contact(contact1)
         assert contact1 not in ac1.get_contacts()
@@ -199,9 +161,9 @@ class TestOfflineContact:
     def test_create_chat_flexibility(self, acfactory):
         ac1 = acfactory.get_pseudo_configured_account()
         ac2 = acfactory.get_pseudo_configured_account()
-        chat1 = ac1.create_chat(ac2)
-        chat2 = ac1.create_chat(ac2.get_self_contact().addr)
-        assert chat1 == chat2
+        chat1 = ac1.create_chat(ac2)  # This creates a key-contact chat
+        chat2 = ac1.create_chat(ac2.get_self_contact().addr)  # This creates address-contact chat
+        assert chat1 != chat2
         ac3 = acfactory.get_unconfigured_account()
         with pytest.raises(ValueError):
             ac1.create_chat(ac3)
@@ -259,17 +221,18 @@ class TestOfflineChat:
         ac1 = acfactory.get_pseudo_configured_account()
         ac2 = acfactory.get_pseudo_configured_account()
         chat = ac1.create_group_chat(name="title1")
-        with pytest.raises(ValueError):
-            chat.add_contact(ac2.get_self_contact())
         contact = chat.add_contact(ac2)
         assert contact.addr == ac2.get_config("addr")
         assert contact.name == ac2.get_config("displayname")
         assert contact.account == ac1
         chat.remove_contact(ac2)
 
-    def test_group_chat_creation(self, ac1):
-        contact1 = ac1.create_contact("some1@example.org", name="some1")
-        contact2 = ac1.create_contact("some2@example.org", name="some2")
+    def test_group_chat_creation(self, acfactory):
+        ac1 = acfactory.get_pseudo_configured_account()
+        ac2 = acfactory.get_pseudo_configured_account()
+        ac3 = acfactory.get_pseudo_configured_account()
+        contact1 = ac1.create_contact(ac2)
+        contact2 = ac1.create_contact(ac3)
         chat = ac1.create_group_chat(name="title1", contacts=[contact1, contact2])
         assert chat.get_name() == "title1"
         assert contact1 in chat.get_contacts()
@@ -316,13 +279,14 @@ class TestOfflineChat:
         qr = chat.get_join_qr()
         assert ac2.check_qr(qr).is_ask_verifygroup
 
-    def test_removing_blocked_user_from_group(self, ac1, lp):
+    def test_removing_blocked_user_from_group(self, ac1, acfactory, lp):
         """
         Test that blocked contact is not unblocked when removed from a group.
         See https://github.com/deltachat/deltachat-core-rust/issues/2030
         """
         lp.sec("Create a group chat with a contact")
-        contact = ac1.create_contact("some1@example.org")
+        ac2 = acfactory.get_pseudo_configured_account()
+        contact = ac1.create_contact(ac2)
         group = ac1.create_group_chat("title", contacts=[contact])
         group.send_text("First group message")
 
@@ -334,10 +298,6 @@ class TestOfflineChat:
         group.remove_contact(contact)
         assert contact.is_blocked()
 
-        lp.sec("ac1 adding blocked contact unblocks it")
-        group.add_contact(contact)
-        assert not contact.is_blocked()
-
     def test_get_set_profile_image_simple(self, ac1, data):
         chat = ac1.create_group_chat(name="title1")
         p = data.get_path("d.png")
@@ -480,7 +440,8 @@ class TestOfflineChat:
         backupdir = tmp_path / "backup"
         backupdir.mkdir()
         ac1 = acfactory.get_pseudo_configured_account()
-        chat = ac1.create_contact("some1 <some1@example.org>").create_chat()
+        ac_contact = acfactory.get_pseudo_configured_account()
+        chat = ac1.create_contact(ac_contact).create_chat()
         # send a text message
         msg = chat.send_text("msg1")
         # send a binary file
@@ -495,15 +456,15 @@ class TestOfflineChat:
         assert os.path.exists(path)
         ac2 = acfactory.get_unconfigured_account()
         ac2.import_all(path)
-        contacts = ac2.get_contacts(query="some1")
+        contacts = ac2.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
-        assert contact2.addr == "some1@example.org"
+        assert contact2.addr == ac_contact.get_config("addr")
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 2
-        assert messages[0].text == "msg1"
-        assert os.path.exists(messages[1].filename)
+        assert len(messages) == 2 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert os.path.exists(messages[1 + E2EE_INFO_MSGS].filename)
 
     def test_import_export_on_encrypted_acct(self, acfactory, tmp_path):
         passphrase1 = "passphrase1"
@@ -511,8 +472,9 @@ class TestOfflineChat:
         backupdir = tmp_path / "backup"
         backupdir.mkdir()
         ac1 = acfactory.get_pseudo_configured_account(passphrase=passphrase1)
+        ac2 = acfactory.get_pseudo_configured_account()
 
-        chat = ac1.create_contact("some1 <some1@example.org>").create_chat()
+        chat = ac1.create_contact(ac2).create_chat()
         # send a text message
         msg = chat.send_text("msg1")
         # send a binary file
@@ -533,15 +495,15 @@ class TestOfflineChat:
         ac2.import_all(path)
 
         # check data integrity
-        contacts = ac2.get_contacts(query="some1")
+        contacts = ac2.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
-        assert contact2.addr == "some1@example.org"
+        contact2_addr = contact2.addr
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 2
-        assert messages[0].text == "msg1"
-        assert os.path.exists(messages[1].filename)
+        assert len(messages) == 2 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert os.path.exists(messages[1 + E2EE_INFO_MSGS].filename)
 
         ac2.shutdown()
 
@@ -550,15 +512,15 @@ class TestOfflineChat:
         ac2.open(passphrase2)
 
         # check data integrity
-        contacts = ac2.get_contacts(query="some1")
+        contacts = ac2.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
-        assert contact2.addr == "some1@example.org"
+        assert contact2.addr == contact2_addr
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 2
-        assert messages[0].text == "msg1"
-        assert os.path.exists(messages[1].filename)
+        assert len(messages) == 2 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert os.path.exists(messages[1 + E2EE_INFO_MSGS].filename)
 
     def test_import_export_with_passphrase(self, acfactory, tmp_path):
         passphrase = "test_passphrase"
@@ -566,8 +528,9 @@ class TestOfflineChat:
         backupdir = tmp_path / "backup"
         backupdir.mkdir()
         ac1 = acfactory.get_pseudo_configured_account()
+        ac_contact = acfactory.get_pseudo_configured_account()
 
-        chat = ac1.create_contact("some1 <some1@example.org>").create_chat()
+        chat = ac1.create_contact(ac_contact).create_chat()
         # send a text message
         msg = chat.send_text("msg1")
         # send a binary file
@@ -589,15 +552,15 @@ class TestOfflineChat:
         ac2.import_all(path, passphrase)
 
         # check data integrity
-        contacts = ac2.get_contacts(query="some1")
+        contacts = ac2.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
-        assert contact2.addr == "some1@example.org"
+        assert contact2.addr == ac_contact.get_config("addr")
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 2
-        assert messages[0].text == "msg1"
-        assert os.path.exists(messages[1].filename)
+        assert len(messages) == 2 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert os.path.exists(messages[1 + E2EE_INFO_MSGS].filename)
 
     def test_import_encrypted_bak_into_encrypted_acct(self, acfactory, tmp_path):
         """
@@ -611,7 +574,8 @@ class TestOfflineChat:
         backupdir.mkdir()
 
         ac1 = acfactory.get_pseudo_configured_account()
-        chat = ac1.create_contact("some1 <some1@example.org>").create_chat()
+        ac_contact = acfactory.get_pseudo_configured_account()
+        chat = ac1.create_contact(ac_contact).create_chat()
         # send a text message
         msg = chat.send_text("msg1")
         # send a binary file
@@ -634,15 +598,15 @@ class TestOfflineChat:
         ac2.import_all(path, bak_passphrase)
 
         # check data integrity
-        contacts = ac2.get_contacts(query="some1")
+        contacts = ac2.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
-        assert contact2.addr == "some1@example.org"
+        assert contact2.addr == ac_contact.get_config("addr")
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 2
-        assert messages[0].text == "msg1"
-        assert os.path.exists(messages[1].filename)
+        assert len(messages) == 2 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert os.path.exists(messages[1 + E2EE_INFO_MSGS].filename)
 
         ac2.shutdown()
 
@@ -651,15 +615,15 @@ class TestOfflineChat:
         ac2.open(acct_passphrase)
 
         # check data integrity
-        contacts = ac2.get_contacts(query="some1")
+        contacts = ac2.get_contacts()
         assert len(contacts) == 1
         contact2 = contacts[0]
-        assert contact2.addr == "some1@example.org"
+        assert contact2.addr == ac_contact.get_config("addr")
         chat2 = contact2.create_chat()
         messages = chat2.get_messages()
-        assert len(messages) == 2
-        assert messages[0].text == "msg1"
-        assert os.path.exists(messages[1].filename)
+        assert len(messages) == 2 + E2EE_INFO_MSGS
+        assert messages[0 + E2EE_INFO_MSGS].text == "msg1"
+        assert os.path.exists(messages[1 + E2EE_INFO_MSGS].filename)
 
     def test_set_get_draft(self, chat1):
         msg1 = Message.new_empty(chat1.account, "text")
@@ -681,78 +645,10 @@ class TestOfflineChat:
         assert not res.is_ask_verifygroup()
         assert res.contact_id == 10
 
-    def test_group_chat_many_members_add_remove(self, ac1, lp):
-        lp.sec("ac1: creating group chat with 10 other members")
-        chat = ac1.create_group_chat(name="title1")
-        # promote chat
-        chat.send_text("hello")
-        assert chat.is_promoted()
+    def test_audit_log_view_without_daymarker(self, acfactory, lp):
+        ac1 = acfactory.get_pseudo_configured_account()
+        ac2 = acfactory.get_pseudo_configured_account()
 
-        # activate local plugin
-        in_list = []
-
-        class InPlugin:
-            @account_hookimpl
-            def ac_member_added(self, chat, contact, actor):
-                in_list.append(("added", chat, contact, actor))
-
-            @account_hookimpl
-            def ac_member_removed(self, chat, contact, actor):
-                in_list.append(("removed", chat, contact, actor))
-
-        ac1.add_account_plugin(InPlugin())
-
-        # perform add contact many times
-        contacts = []
-        for i in range(10):
-            lp.sec("create contact")
-            contact = ac1.create_contact(f"some{i}@example.org")
-            contacts.append(contact)
-            lp.sec("add contact")
-            chat.add_contact(contact)
-
-        assert chat.num_contacts() == 11
-
-        # let's make sure the events perform plugin hooks
-        def wait_events(cond):
-            now = time.time()
-            while time.time() < now + 5:
-                if cond():
-                    break
-                time.sleep(0.1)
-            else:
-                pytest.fail("failed to get events")
-
-        wait_events(lambda: len(in_list) == 10)
-
-        assert len(in_list) == 10
-        chat_contacts = chat.get_contacts()
-        for in_cmd, in_chat, in_contact, in_actor in in_list:
-            assert in_cmd == "added"
-            assert in_chat == chat
-            assert in_contact in chat_contacts
-            assert in_actor is None
-            chat_contacts.remove(in_contact)
-
-        assert chat_contacts[0].id == 1  # self contact
-
-        in_list[:] = []
-
-        lp.sec("ac1: removing two contacts and checking things are right")
-        chat.remove_contact(contacts[9])
-        chat.remove_contact(contacts[3])
-        assert chat.num_contacts() == 9
-
-        wait_events(lambda: len(in_list) == 2)
-        assert len(in_list) == 2
-        assert in_list[0][0] == "removed"
-        assert in_list[0][1] == chat
-        assert in_list[0][2] == contacts[9]
-        assert in_list[1][0] == "removed"
-        assert in_list[1][1] == chat
-        assert in_list[1][2] == contacts[3]
-
-    def test_audit_log_view_without_daymarker(self, ac1, lp):
         lp.sec("ac1: test audit log (show only system messages)")
         chat = ac1.create_group_chat(name="audit log sample data")
 
@@ -761,7 +657,7 @@ class TestOfflineChat:
         assert chat.is_promoted()
 
         lp.sec("create test data")
-        chat.add_contact(ac1.create_contact("some-1@example.org"))
+        chat.add_contact(ac2)
         chat.set_name("audit log test group")
         chat.send_text("a message in between")
 

release-date.in

@@ -1 +1 @@
-2025-06-22
+2025-08-26

scripts/coredeps/install-rust.sh

@@ -7,7 +7,7 @@ set -euo pipefail
 #
 # Avoid using rustup here as it depends on reading /proc/self/exe and
 # has problems running under QEMU.
-RUST_VERSION=1.87.0
+RUST_VERSION=1.89.0
 
 ARCH="$(uname -m)"
 test -f "/lib/libc.musl-$ARCH.so.1" && LIBC=musl || LIBC=gnu

scripts/update-provider-database.sh

@@ -15,7 +15,7 @@ cd "$TMP"
 git checkout "$REV"
 DATE=$(git show -s --format=%cs)
 "$CORE_ROOT"/scripts/create-provider-data-rs.py "$TMP/_providers" "$DATE" >"$CORE_ROOT/src/provider/data.rs"
-rustfmt "$CORE_ROOT/src/provider/data.rs"
+rustfmt --edition 2024 "$CORE_ROOT/src/provider/data.rs"
 rm -fr "$TMP"
 
 cd "$CORE_ROOT"

src/accounts.rs

@@ -1,10 +1,10 @@
 //! # Account manager module.
 
-use std::collections::BTreeMap;
+use std::collections::{BTreeMap, BTreeSet};
 use std::future::Future;
 use std::path::{Path, PathBuf};
 
-use anyhow::{bail, ensure, Context as _, Result};
+use anyhow::{Context as _, Result, bail, ensure};
 use serde::{Deserialize, Serialize};
 use tokio::fs;
 use tokio::io::AsyncWriteExt;
@@ -14,7 +14,7 @@ use uuid::Uuid;
 #[cfg(not(target_os = "ios"))]
 use tokio::sync::oneshot;
 #[cfg(not(target_os = "ios"))]
-use tokio::time::{sleep, Duration};
+use tokio::time::{Duration, sleep};
 
 use crate::context::{Context, ContextBuilder};
 use crate::events::{Event, EventEmitter, EventType, Events};
@@ -53,6 +53,14 @@ impl Accounts {
         Accounts::open(dir, writable).await
     }
 
+    /// Get the ID used to log events.
+    ///
+    /// Account manager logs events with ID 0
+    /// which is not used by any accounts.
+    fn get_id(&self) -> u32 {
+        0
+    }
+
     /// Creates a new default structure.
     async fn create(dir: &Path) -> Result<()> {
         fs::create_dir_all(dir)
@@ -262,9 +270,51 @@ impl Accounts {
         }
     }
 
-    /// Get a list of all account ids.
+    /// Gets a list of all account ids in the user-configured order.
     pub fn get_all(&self) -> Vec<u32> {
-        self.accounts.keys().copied().collect()
+        let mut ordered_ids = Vec::new();
+        let mut all_ids: BTreeSet<u32> = self.accounts.keys().copied().collect();
+
+        // First, add accounts in the configured order
+        for &id in &self.config.inner.accounts_order {
+            if all_ids.remove(&id) {
+                ordered_ids.push(id);
+            }
+        }
+
+        // Then add any accounts not in the order list (newly added accounts)
+        for id in all_ids {
+            ordered_ids.push(id);
+        }
+
+        ordered_ids
+    }
+
+    /// Sets the order of accounts.
+    ///
+    /// The provided list should contain all account IDs in the desired order.
+    /// If an account ID is missing from the list, it will be appended at the end.
+    /// If the list contains non-existent account IDs, they will be ignored.
+    pub async fn set_accounts_order(&mut self, order: Vec<u32>) -> Result<()> {
+        let existing_ids: BTreeSet<u32> = self.accounts.keys().copied().collect();
+
+        // Filter out non-existent account IDs
+        let mut filtered_order: Vec<u32> = order
+            .into_iter()
+            .filter(|id| existing_ids.contains(id))
+            .collect();
+
+        // Add any missing account IDs at the end
+        for &id in &existing_ids {
+            if !filtered_order.contains(&id) {
+                filtered_order.push(id);
+            }
+        }
+
+        self.config.inner.accounts_order = filtered_order;
+        self.config.sync().await?;
+        self.emit_event(EventType::AccountsChanged);
+        Ok(())
     }
 
     /// Starts background tasks such as IMAP and SMTP loops for all accounts.
@@ -303,11 +353,11 @@ impl Accounts {
     /// This is an auxiliary function and not part of public API.
     /// Use [Accounts::background_fetch] instead.
     async fn background_fetch_no_timeout(accounts: Vec<Context>, events: Events) {
+        let n_accounts = accounts.len();
         events.emit(Event {
             id: 0,
             typ: EventType::Info(format!(
-                "Starting background fetch for {} accounts.",
-                accounts.len()
+                "Starting background fetch for {n_accounts} accounts."
             )),
         });
         let mut set = JoinSet::new();
@@ -319,6 +369,12 @@ impl Accounts {
             });
         }
         set.join_all().await;
+        events.emit(Event {
+            id: 0,
+            typ: EventType::Info(format!(
+                "Finished background fetch for {n_accounts} accounts."
+            )),
+        });
     }
 
     /// Auxiliary function for [Accounts::background_fetch].
@@ -352,7 +408,10 @@ impl Accounts {
     ///
     /// Returns a future that resolves when background fetch is done,
     /// but does not capture `&self`.
-    pub fn background_fetch(&self, timeout: std::time::Duration) -> impl Future<Output = ()> {
+    pub fn background_fetch(
+        &self,
+        timeout: std::time::Duration,
+    ) -> impl Future<Output = ()> + use<> {
         let accounts: Vec<Context> = self.accounts.values().cloned().collect();
         let events = self.events.clone();
         Self::background_fetch_with_timeout(accounts, events, timeout)
@@ -404,6 +463,10 @@ struct InnerConfig {
     pub selected_account: u32,
     pub next_id: u32,
     pub accounts: Vec<AccountConfig>,
+    /// Ordered list of account IDs, representing the user's preferred order.
+    /// If an account ID is not in this list, it will be appended at the end.
+    #[serde(default)]
+    pub accounts_order: Vec<u32>,
 }
 
 impl Drop for Config {
@@ -456,7 +519,9 @@ impl Config {
             Ok(())
         });
         if locked_rx.await.is_err() {
-            bail!("Delta Chat is already running. To use Delta Chat, you must first close the existing Delta Chat process, or restart your device. (accounts.lock file is already locked)");
+            bail!(
+                "Delta Chat is already running. To use Delta Chat, you must first close the existing Delta Chat process, or restart your device. (accounts.lock file is already locked)"
+            );
         };
         Ok(Some(lock_task))
     }
@@ -468,6 +533,7 @@ impl Config {
             accounts: Vec::new(),
             selected_account: 0,
             next_id: 1,
+            accounts_order: Vec::new(),
         };
         if !lock {
             let cfg = Self {
@@ -500,11 +566,13 @@ impl Config {
     /// protects from parallel calls resulting to a wrong file contents.
     async fn sync(&mut self) -> Result<()> {
         #[cfg(not(target_os = "ios"))]
-        ensure!(!self
-            .lock_task
-            .as_ref()
-            .context("Config is read-only")?
-            .is_finished());
+        ensure!(
+            !self
+                .lock_task
+                .as_ref()
+                .context("Config is read-only")?
+                .is_finished()
+        );
 
         let tmp_path = self.file.with_extension("toml.tmp");
         let mut file = fs::File::create(&tmp_path)
@@ -598,6 +666,10 @@ impl Config {
                 uuid,
             });
             self.inner.next_id += 1;
+
+            // Add new account to the end of the order list
+            self.inner.accounts_order.push(id);
+
             id
         };
 
@@ -619,6 +691,10 @@ impl Config {
                 // remove account from the configs
                 self.inner.accounts.remove(idx);
             }
+
+            // Remove from order list as well
+            self.inner.accounts_order.retain(|&x| x != id);
+
             if self.inner.selected_account == id {
                 // reset selected account
                 self.inner.selected_account = self
@@ -962,9 +1038,11 @@ mod tests {
 
         // Test that event emitter does not return `None` immediately.
         let duration = std::time::Duration::from_millis(1);
-        assert!(tokio::time::timeout(duration, event_emitter.recv())
-            .await
-            .is_err());
+        assert!(
+            tokio::time::timeout(duration, event_emitter.recv())
+                .await
+                .is_err()
+        );
 
         // When account manager is dropped, event emitter is exhausted.
         drop(accounts);

src/aheader.rs

@@ -6,7 +6,7 @@ use std::collections::BTreeMap;
 use std::fmt;
 use std::str::FromStr;
 
-use anyhow::{bail, Context as _, Error, Result};
+use anyhow::{Context as _, Error, Result, bail};
 
 use crate::key::{DcKey, SignedPublicKey};
 
@@ -217,7 +217,9 @@ mod tests {
         let rendered = ah.to_string();
         assert_eq!(rendered, fixed_header);
 
-        let ah = Aheader::from_str(&format!(" _foo; __FOO=BAR ;;; addr = a@b.example.org ;\r\n   prefer-encrypt = mutual ; keydata = {RAWKEY}"))?;
+        let ah = Aheader::from_str(&format!(
+            " _foo; __FOO=BAR ;;; addr = a@b.example.org ;\r\n   prefer-encrypt = mutual ; keydata = {RAWKEY}"
+        ))?;
         assert_eq!(ah.addr, "a@b.example.org");
         assert_eq!(ah.prefer_encrypt, EncryptPreference::Mutual);
 
@@ -240,38 +242,44 @@ mod tests {
 
     #[test]
     fn test_display_aheader() {
-        assert!(format!(
-            "{}",
-            Aheader::new(
-                "test@example.com".to_string(),
-                SignedPublicKey::from_base64(RAWKEY).unwrap(),
-                EncryptPreference::Mutual
+        assert!(
+            format!(
+                "{}",
+                Aheader::new(
+                    "test@example.com".to_string(),
+                    SignedPublicKey::from_base64(RAWKEY).unwrap(),
+                    EncryptPreference::Mutual
+                )
             )
-        )
-        .contains("prefer-encrypt=mutual;"));
+            .contains("prefer-encrypt=mutual;")
+        );
 
         // According to Autocrypt Level 1 specification,
         // only "prefer-encrypt=mutual;" can be used.
         // If the setting is nopreference, the whole attribute is omitted.
-        assert!(!format!(
-            "{}",
-            Aheader::new(
-                "test@example.com".to_string(),
-                SignedPublicKey::from_base64(RAWKEY).unwrap(),
-                EncryptPreference::NoPreference
+        assert!(
+            !format!(
+                "{}",
+                Aheader::new(
+                    "test@example.com".to_string(),
+                    SignedPublicKey::from_base64(RAWKEY).unwrap(),
+                    EncryptPreference::NoPreference
+                )
             )
-        )
-        .contains("prefer-encrypt"));
+            .contains("prefer-encrypt")
+        );
 
         // Always lowercase the address in the header.
-        assert!(format!(
-            "{}",
-            Aheader::new(
-                "TeSt@eXaMpLe.cOm".to_string(),
-                SignedPublicKey::from_base64(RAWKEY).unwrap(),
-                EncryptPreference::Mutual
+        assert!(
+            format!(
+                "{}",
+                Aheader::new(
+                    "TeSt@eXaMpLe.cOm".to_string(),
+                    SignedPublicKey::from_base64(RAWKEY).unwrap(),
+                    EncryptPreference::Mutual
+                )
             )
-        )
-        .contains("test@example.com"));
+            .contains("test@example.com")
+        );
     }
 }

src/authres.rs

@@ -266,7 +266,6 @@ mod tests {
 
     use super::*;
     use crate::mimeparser;
-    use crate::peerstate::Peerstate;
     use crate::test_utils::TestContext;
     use crate::test_utils::TestContextManager;
     use crate::tools;
@@ -520,41 +519,6 @@ Authentication-Results: dkim=";
         handle_authres(&t, &mail, "invalid@rom.com").await.unwrap();
     }
 
-    // Test that Autocrypt works with mailing list.
-    //
-    // Previous versions of Delta Chat ignored Autocrypt based on the List-Post header.
-    // This is not needed: comparing of the From address to Autocrypt header address is enough.
-    // If the mailing list is not rewriting the From header, Autocrypt should be applied.
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_autocrypt_in_mailinglist_not_ignored() -> Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let bob = tcm.bob().await;
-
-        let alice_bob_chat = alice.create_chat(&bob).await;
-        let bob_alice_chat = bob.create_chat(&alice).await;
-        let mut sent = alice.send_text(alice_bob_chat.id, "hellooo").await;
-        sent.payload
-            .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
-        bob.recv_msg(&sent).await;
-        let peerstate = Peerstate::from_addr(&bob, "alice@example.org").await?;
-        assert!(peerstate.is_some());
-
-        // Bob can now write encrypted to Alice:
-        let mut sent = bob
-            .send_text(bob_alice_chat.id, "hellooo in the mailinglist again")
-            .await;
-        assert!(sent.load_from_db().await.get_showpadlock());
-
-        sent.payload
-            .insert_str(0, "List-Post: <mailto:deltachat-community.example.net>\n");
-        let rcvd = alice.recv_msg(&sent).await;
-        assert!(rcvd.get_showpadlock());
-        assert_eq!(&rcvd.text, "hellooo in the mailinglist again");
-
-        Ok(())
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_authres_in_mailinglist_ignored() -> Result<()> {
         let mut tcm = TestContextManager::new();
@@ -584,12 +548,13 @@ Authentication-Results: dkim=";
         let rcvd = bob.recv_msg(&sent).await;
 
         // The message info should contain a warning:
-        assert!(rcvd
-            .id
-            .get_info(&bob)
-            .await
-            .unwrap()
-            .contains("DKIM Results: Passed=false"));
+        assert!(
+            rcvd.id
+                .get_info(&bob)
+                .await
+                .unwrap()
+                .contains("DKIM Results: Passed=false")
+        );
 
         Ok(())
     }

src/blob.rs

@@ -6,11 +6,11 @@ use std::iter::FusedIterator;
 use std::mem;
 use std::path::{Path, PathBuf};
 
-use anyhow::{ensure, format_err, Context as _, Result};
+use anyhow::{Context as _, Result, ensure, format_err};
 use base64::Engine as _;
 use futures::StreamExt;
-use image::codecs::jpeg::JpegEncoder;
 use image::ImageReader;
+use image::codecs::jpeg::JpegEncoder;
 use image::{DynamicImage, GenericImage, GenericImageView, ImageFormat, Pixel, Rgba};
 use num_traits::FromPrimitive;
 use tokio::{fs, task};
@@ -20,7 +20,8 @@ use crate::config::Config;
 use crate::constants::{self, MediaQuality};
 use crate::context::Context;
 use crate::events::EventType;
-use crate::log::{error, info, warn, LogExt};
+use crate::log::{LogExt, error, info, warn};
+use crate::message::Viewtype;
 use crate::tools::sanitize_filename;
 
 /// Represents a file in the blob directory.
@@ -205,11 +206,7 @@ impl<'a> BlobObject<'a> {
     /// to be lowercase.
     pub fn suffix(&self) -> Option<&str> {
         let ext = self.name.rsplit('.').next();
-        if ext == Some(&self.name) {
-            None
-        } else {
-            ext
-        }
+        if ext == Some(&self.name) { None } else { ext }
     }
 
     /// Checks whether a name is a valid blob name.
@@ -267,32 +264,30 @@ impl<'a> BlobObject<'a> {
                 }
             };
 
-        let maybe_sticker = &mut false;
+        let viewtype = &mut Viewtype::Image;
         let is_avatar = true;
-        self.recode_to_size(
-            context,
-            None, // The name of an avatar doesn't matter
-            maybe_sticker,
-            img_wh,
-            max_bytes,
-            is_avatar,
+        self.check_or_recode_to_size(
+            context, None, // The name of an avatar doesn't matter
+            viewtype, img_wh, max_bytes, is_avatar,
         )?;
 
         Ok(())
     }
 
-    /// Recodes an image pointed by a [BlobObject] so that it fits into limits on the image width,
-    /// height and file size specified by the config.
+    /// Checks or recodes an image pointed by the [BlobObject] so that it fits into limits on the
+    /// image width, height and file size specified by the config.
     ///
-    /// On some platforms images are passed to the core as [`crate::message::Viewtype::Sticker`] in
-    /// which case `maybe_sticker` flag should be set. We recheck if an image is a true sticker
-    /// assuming that it must have at least one fully transparent corner, otherwise this flag is
-    /// reset.
-    pub async fn recode_to_image_size(
+    /// Recoding is only done for [`Viewtype::Image`]. For [`Viewtype::File`], if it's a correct
+    /// image, `*viewtype` is set to [`Viewtype::Image`].
+    ///
+    /// On some platforms images are passed to Core as [`Viewtype::Sticker`]. We recheck if the
+    /// image is a true sticker assuming that it must have at least one fully transparent corner,
+    /// otherwise `*viewtype` is set to [`Viewtype::Image`].
+    pub async fn check_or_recode_image(
         &mut self,
         context: &Context,
         name: Option<String>,
-        maybe_sticker: &mut bool,
+        viewtype: &mut Viewtype,
     ) -> Result<String> {
         let (img_wh, max_bytes) =
             match MediaQuality::from_i32(context.get_config_int(Config::MediaQuality).await?)
@@ -305,13 +300,10 @@ impl<'a> BlobObject<'a> {
                 MediaQuality::Worse => (constants::WORSE_IMAGE_SIZE, constants::WORSE_IMAGE_BYTES),
             };
         let is_avatar = false;
-        let new_name =
-            self.recode_to_size(context, name, maybe_sticker, img_wh, max_bytes, is_avatar)?;
-
-        Ok(new_name)
+        self.check_or_recode_to_size(context, name, viewtype, img_wh, max_bytes, is_avatar)
     }
 
-    /// Recodes the image so that it fits into limits on width/height and byte size.
+    /// Checks or recodes the image so that it fits into limits on width/height and byte size.
     ///
     /// If `!is_avatar`, then if `max_bytes` is exceeded, reduces the image to `img_wh` and proceeds
     /// with the result without rechecking.
@@ -322,11 +314,11 @@ impl<'a> BlobObject<'a> {
     /// then the updated user-visible filename will be returned;
     /// this may be necessary because the format may be changed to JPG,
     /// i.e. "image.png" -> "image.jpg".
-    fn recode_to_size(
+    fn check_or_recode_to_size(
         &mut self,
         context: &Context,
         name: Option<String>,
-        maybe_sticker: &mut bool,
+        viewtype: &mut Viewtype,
         mut img_wh: u32,
         max_bytes: usize,
         is_avatar: bool,
@@ -337,6 +329,7 @@ impl<'a> BlobObject<'a> {
         let no_exif_ref = &mut no_exif;
         let mut name = name.unwrap_or_else(|| self.name.clone());
         let original_name = name.clone();
+        let vt = &mut *viewtype;
         let res: Result<String> = tokio::task::block_in_place(move || {
             let mut file = std::fs::File::open(self.to_abs_path())?;
             let (nr_bytes, exif) = image_metadata(&file)?;
@@ -355,21 +348,28 @@ impl<'a> BlobObject<'a> {
                     )
                 }
             };
-            let fmt = imgreader.format().context("No format??")?;
+            let fmt = imgreader.format().context("Unknown format")?;
+            if *vt == Viewtype::File {
+                *vt = Viewtype::Image;
+                return Ok(name);
+            }
             let mut img = imgreader.decode().context("image decode failure")?;
             let orientation = exif.as_ref().map(|exif| exif_orientation(exif, context));
             let mut encoded = Vec::new();
 
-            if *maybe_sticker {
+            if *vt == Viewtype::Sticker {
                 let x_max = img.width().saturating_sub(1);
                 let y_max = img.height().saturating_sub(1);
-                *maybe_sticker = img.in_bounds(x_max, y_max)
-                    && (img.get_pixel(0, 0).0[3] == 0
+                if !img.in_bounds(x_max, y_max)
+                    || !(img.get_pixel(0, 0).0[3] == 0
                         || img.get_pixel(x_max, 0).0[3] == 0
                         || img.get_pixel(0, y_max).0[3] == 0
-                        || img.get_pixel(x_max, y_max).0[3] == 0);
+                        || img.get_pixel(x_max, y_max).0[3] == 0)
+                {
+                    *vt = Viewtype::Image;
+                }
             }
-            if *maybe_sticker && exif.is_none() {
+            if *vt == Viewtype::Sticker && exif.is_none() {
                 return Ok(name);
             }
 
@@ -504,10 +504,11 @@ impl<'a> BlobObject<'a> {
             Ok(_) => res,
             Err(err) => {
                 if !is_avatar && no_exif {
-                    warn!(
+                    error!(
                         context,
-                        "Cannot recode image, using original data: {err:#}.",
+                        "Cannot check/recode image, using original data: {err:#}.",
                     );
+                    *viewtype = Viewtype::File;
                     Ok(original_name)
                 } else {
                     Err(err)

src/blob/blob_tests.rs

@@ -4,7 +4,7 @@ use super::*;
 use crate::message::{Message, Viewtype};
 use crate::param::Param;
 use crate::sql;
-use crate::test_utils::{self, TestContext};
+use crate::test_utils::{self, AVATAR_64x64_BYTES, AVATAR_64x64_DEDUPLICATED, TestContext};
 use crate::tools::SystemTime;
 
 fn check_image_size(path: impl AsRef<Path>, width: u32, height: u32) -> image::DynamicImage {
@@ -140,9 +140,9 @@ async fn test_add_white_bg() {
 
         let mut blob = BlobObject::create_and_deduplicate(&t, &avatar_src, &avatar_src).unwrap();
         let img_wh = 128;
-        let maybe_sticker = &mut false;
+        let viewtype = &mut Viewtype::Image;
         let strict_limits = true;
-        blob.recode_to_size(&t, None, maybe_sticker, img_wh, 20_000, strict_limits)
+        blob.check_or_recode_to_size(&t, None, viewtype, img_wh, 20_000, strict_limits)
             .unwrap();
         tokio::task::block_in_place(move || {
             let img = ImageReader::open(blob.to_abs_path())
@@ -188,9 +188,9 @@ async fn test_selfavatar_outside_blobdir() {
     );
 
     let mut blob = BlobObject::create_and_deduplicate(&t, avatar_path, avatar_path).unwrap();
-    let maybe_sticker = &mut false;
+    let viewtype = &mut Viewtype::Image;
     let strict_limits = true;
-    blob.recode_to_size(&t, None, maybe_sticker, 1000, 3000, strict_limits)
+    blob.check_or_recode_to_size(&t, None, viewtype, 1000, 3000, strict_limits)
         .unwrap();
     let new_file_size = file_size(&blob.to_abs_path()).await;
     assert!(new_file_size <= 3000);
@@ -241,9 +241,8 @@ async fn test_selfavatar_in_blobdir() {
 async fn test_selfavatar_copy_without_recode() {
     let t = TestContext::new().await;
     let avatar_src = t.dir.path().join("avatar.png");
-    let avatar_bytes = include_bytes!("../../test-data/image/avatar64x64.png");
-    fs::write(&avatar_src, avatar_bytes).await.unwrap();
-    let avatar_blob = t.get_blobdir().join("e9b6c7a78aa2e4f415644f55a553e73.png");
+    fs::write(&avatar_src, AVATAR_64x64_BYTES).await.unwrap();
+    let avatar_blob = t.get_blobdir().join(AVATAR_64x64_DEDUPLICATED);
     assert!(!avatar_blob.exists());
     t.set_config(Config::Selfavatar, Some(avatar_src.to_str().unwrap()))
         .await
@@ -251,7 +250,7 @@ async fn test_selfavatar_copy_without_recode() {
     assert!(avatar_blob.exists());
     assert_eq!(
         fs::metadata(&avatar_blob).await.unwrap().len(),
-        avatar_bytes.len() as u64
+        AVATAR_64x64_BYTES.len() as u64
     );
     let avatar_cfg = t.get_config(Config::Selfavatar).await.unwrap();
     assert_eq!(avatar_cfg, avatar_blob.to_str().map(|s| s.to_string()));
@@ -400,7 +399,7 @@ async fn test_recode_image_balanced_png() {
     .await
     .unwrap();
 
-    // This will be sent as Image, see [`BlobObject::maybe_sticker`] for explanation.
+    // This will be sent as Image, see [`BlobObject::check_or_recode_image()`] for explanation.
     SendImageCheckMediaquality {
         viewtype: Viewtype::Sticker,
         media_quality_config: "0",
@@ -580,20 +579,23 @@ impl SendImageCheckMediaquality<'_> {
 }
 
 fn assert_extension(context: &TestContext, msg: Message, extension: &str) {
-    assert!(msg
-        .param
-        .get(Param::File)
-        .unwrap()
-        .ends_with(&format!(".{extension}")));
-    assert!(msg
-        .param
-        .get(Param::Filename)
-        .unwrap()
-        .ends_with(&format!(".{extension}")));
-    assert!(msg
-        .get_filename()
-        .unwrap()
-        .ends_with(&format!(".{extension}")));
+    assert!(
+        msg.param
+            .get(Param::File)
+            .unwrap()
+            .ends_with(&format!(".{extension}"))
+    );
+    assert!(
+        msg.param
+            .get(Param::Filename)
+            .unwrap()
+            .ends_with(&format!(".{extension}"))
+    );
+    assert!(
+        msg.get_filename()
+            .unwrap()
+            .ends_with(&format!(".{extension}"))
+    );
     assert_eq!(
         msg.get_file(context)
             .unwrap()

src/calls.rs

@@ -0,0 +1,307 @@
+//! # Handle calls.
+//!
+//! Internally, calls are bound to the user-visible info message initializing the call.
+//! This means, the "Call ID" is a "Message ID" currently - similar to webxdc.
+use crate::chat::{Chat, ChatId, send_msg};
+use crate::constants::Chattype;
+use crate::context::Context;
+use crate::events::EventType;
+use crate::headerdef::HeaderDef;
+use crate::message::{self, Message, MsgId, Viewtype, rfc724_mid_exists};
+use crate::mimeparser::{MimeMessage, SystemMessage};
+use crate::param::Param;
+use crate::sync::SyncData;
+use crate::tools::time;
+use anyhow::{Result, ensure};
+use std::time::Duration;
+use tokio::task;
+use tokio::time::sleep;
+
+/// How long callee's or caller's phone ring.
+///
+/// For the callee, this is to prevent endless ringing
+/// in case the initial "call" is received, but then the caller went offline.
+/// Moreover, this prevents outdated calls to ring
+/// in case the initial "call" message arrives delayed.
+///
+/// For the caller, this means they should also not wait longer,
+/// as the callee won't start the call afterwards.
+const RINGING_SECONDS: i64 = 60;
+
+/// Information about the status of a call.
+#[derive(Debug, Default)]
+pub struct CallInfo {
+    /// Incoming or outgoing call?
+    pub is_incoming: bool,
+
+    /// Was an incoming call accepted on this device?
+    /// For privacy reasons, only for accepted incoming calls, callee sends a message to caller on `end_call()`.
+    /// On other devices and for outgoing calls, `is_accepted` is never set.
+    pub is_accepted: bool,
+
+    /// User-defined text as given to place_outgoing_call()
+    pub place_call_info: String,
+
+    /// User-defined text as given to accept_incoming_call()
+    pub accept_call_info: String,
+
+    /// Info message referring to the call.
+    pub msg: Message,
+}
+
+impl CallInfo {
+    fn is_stale_call(&self) -> bool {
+        self.remaining_ring_seconds() <= 0
+    }
+
+    fn remaining_ring_seconds(&self) -> i64 {
+        let remaining_seconds = self.msg.timestamp_sent + RINGING_SECONDS - time();
+        remaining_seconds.clamp(0, RINGING_SECONDS)
+    }
+
+    async fn update_text(&self, context: &Context, text: &str) -> Result<()> {
+        context
+            .sql
+            .execute(
+                "UPDATE msgs SET txt=?, txt_normalized=? WHERE id=?",
+                (text, message::normalize_text(text), self.msg.id),
+            )
+            .await?;
+        Ok(())
+    }
+}
+
+impl Context {
+    /// Start an outgoing call.
+    pub async fn place_outgoing_call(
+        &self,
+        chat_id: ChatId,
+        place_call_info: String,
+    ) -> Result<MsgId> {
+        let chat = Chat::load_from_db(self, chat_id).await?;
+        ensure!(chat.typ == Chattype::Single && !chat.is_self_talk());
+
+        let mut call = Message {
+            viewtype: Viewtype::Text,
+            text: "Calling...".into(),
+            ..Default::default()
+        };
+        call.param.set_cmd(SystemMessage::OutgoingCall);
+        call.param.set(Param::WebrtcRoom, &place_call_info);
+        call.id = send_msg(self, chat_id, &mut call).await?;
+
+        let wait = RINGING_SECONDS;
+        task::spawn(Context::emit_end_call_if_unaccepted(
+            self.clone(),
+            wait.try_into()?,
+            call.id,
+        ));
+
+        Ok(call.id)
+    }
+
+    /// Accept an incoming call.
+    pub async fn accept_incoming_call(
+        &self,
+        call_id: MsgId,
+        accept_call_info: String,
+    ) -> Result<()> {
+        let mut call: CallInfo = self.load_call_by_id(call_id).await?;
+        ensure!(call.is_incoming);
+
+        let chat = Chat::load_from_db(self, call.msg.chat_id).await?;
+        if chat.is_contact_request() {
+            chat.id.accept(self).await?;
+        }
+
+        call.msg
+            .mark_call_as_accepted(self, accept_call_info.to_string())
+            .await?;
+
+        // send an acceptance message around: to the caller as well as to the other devices of the callee
+        let mut msg = Message {
+            viewtype: Viewtype::Text,
+            text: "Call accepted".into(),
+            ..Default::default()
+        };
+        msg.param.set_cmd(SystemMessage::CallAccepted);
+        msg.param
+            .set(Param::WebrtcAccepted, accept_call_info.to_string());
+        msg.set_quote(self, Some(&call.msg)).await?;
+        msg.id = send_msg(self, call.msg.chat_id, &mut msg).await?;
+        self.emit_event(EventType::IncomingCallAccepted {
+            msg_id: call.msg.id,
+            accept_call_info,
+        });
+        Ok(())
+    }
+
+    /// Cancel, reject or hangup an incoming or outgoing call.
+    pub async fn end_call(&self, call_id: MsgId) -> Result<()> {
+        let call: CallInfo = self.load_call_by_id(call_id).await?;
+
+        if call.is_accepted || !call.is_incoming {
+            let mut msg = Message {
+                viewtype: Viewtype::Text,
+                text: "Call ended".into(),
+                ..Default::default()
+            };
+            msg.param.set_cmd(SystemMessage::CallEnded);
+            msg.set_quote(self, Some(&call.msg)).await?;
+            msg.id = send_msg(self, call.msg.chat_id, &mut msg).await?;
+        } else if call.is_incoming {
+            // to protect privacy, we do not send a message to others from callee for unaccepted calls
+            self.add_sync_item(SyncData::RejectIncomingCall {
+                msg: call.msg.rfc724_mid,
+            })
+            .await?;
+            self.scheduler.interrupt_inbox().await;
+        }
+
+        self.emit_event(EventType::CallEnded {
+            msg_id: call.msg.id,
+        });
+        Ok(())
+    }
+
+    async fn emit_end_call_if_unaccepted(
+        context: Context,
+        wait: u64,
+        call_id: MsgId,
+    ) -> Result<()> {
+        sleep(Duration::from_secs(wait)).await;
+        let call = context.load_call_by_id(call_id).await?;
+        if !call.is_accepted {
+            context.emit_event(EventType::CallEnded {
+                msg_id: call.msg.id,
+            });
+        }
+        Ok(())
+    }
+
+    pub(crate) async fn handle_call_msg(
+        &self,
+        mime_message: &MimeMessage,
+        call_id: MsgId,
+    ) -> Result<()> {
+        match mime_message.is_system_message {
+            SystemMessage::IncomingCall => {
+                let call = self.load_call_by_id(call_id).await?;
+                if call.is_incoming {
+                    if call.is_stale_call() {
+                        call.update_text(self, "Missed call").await?;
+                        self.emit_incoming_msg(call.msg.chat_id, call_id);
+                    } else {
+                        self.emit_msgs_changed(call.msg.chat_id, call_id);
+                        self.emit_event(EventType::IncomingCall {
+                            msg_id: call.msg.id,
+                            place_call_info: call.place_call_info.to_string(),
+                        });
+                        let wait = call.remaining_ring_seconds();
+                        task::spawn(Context::emit_end_call_if_unaccepted(
+                            self.clone(),
+                            wait.try_into()?,
+                            call.msg.id,
+                        ));
+                    }
+                } else {
+                    self.emit_msgs_changed(call.msg.chat_id, call_id);
+                }
+            }
+            SystemMessage::CallAccepted => {
+                let call = self.load_call_by_id(call_id).await?;
+                self.emit_msgs_changed(call.msg.chat_id, call_id);
+                if call.is_incoming {
+                    self.emit_event(EventType::IncomingCallAccepted {
+                        msg_id: call.msg.id,
+                        accept_call_info: call.accept_call_info,
+                    });
+                } else {
+                    let accept_call_info = mime_message
+                        .get_header(HeaderDef::ChatWebrtcAccepted)
+                        .unwrap_or_default();
+                    call.msg
+                        .clone()
+                        .mark_call_as_accepted(self, accept_call_info.to_string())
+                        .await?;
+                    self.emit_event(EventType::OutgoingCallAccepted {
+                        msg_id: call.msg.id,
+                        accept_call_info: accept_call_info.to_string(),
+                    });
+                }
+            }
+            SystemMessage::CallEnded => {
+                let call = self.load_call_by_id(call_id).await?;
+                self.emit_msgs_changed(call.msg.chat_id, call_id);
+                self.emit_event(EventType::CallEnded {
+                    msg_id: call.msg.id,
+                });
+            }
+            _ => {}
+        }
+        Ok(())
+    }
+
+    pub(crate) async fn sync_call_rejection(&self, rfc724_mid: &str) -> Result<()> {
+        if let Some((msg_id, _)) = rfc724_mid_exists(self, rfc724_mid).await? {
+            self.emit_event(EventType::CallEnded { msg_id });
+        }
+        Ok(())
+    }
+
+    async fn load_call_by_id(&self, call_id: MsgId) -> Result<CallInfo> {
+        let call = Message::load_from_db(self, call_id).await?;
+        self.load_call_by_message(call)
+    }
+
+    fn load_call_by_message(&self, call: Message) -> Result<CallInfo> {
+        ensure!(
+            call.get_info_type() == SystemMessage::IncomingCall
+                || call.get_info_type() == SystemMessage::OutgoingCall
+        );
+
+        Ok(CallInfo {
+            is_incoming: call.get_info_type() == SystemMessage::IncomingCall,
+            is_accepted: call.is_call_accepted()?,
+            place_call_info: call
+                .param
+                .get(Param::WebrtcRoom)
+                .unwrap_or_default()
+                .to_string(),
+            accept_call_info: call
+                .param
+                .get(Param::WebrtcAccepted)
+                .unwrap_or_default()
+                .to_string(),
+            msg: call,
+        })
+    }
+}
+
+impl Message {
+    async fn mark_call_as_accepted(
+        &mut self,
+        context: &Context,
+        accept_call_info: String,
+    ) -> Result<()> {
+        ensure!(
+            self.get_info_type() == SystemMessage::IncomingCall
+                || self.get_info_type() == SystemMessage::OutgoingCall
+        );
+        self.param.set_int(Param::Arg, 1);
+        self.param.set(Param::WebrtcAccepted, accept_call_info);
+        self.update_param(context).await?;
+        Ok(())
+    }
+
+    fn is_call_accepted(&self) -> Result<bool> {
+        ensure!(
+            self.get_info_type() == SystemMessage::IncomingCall
+                || self.get_info_type() == SystemMessage::OutgoingCall
+        );
+        Ok(self.param.get_int(Param::Arg) == Some(1))
+    }
+}
+
+#[cfg(test)]
+mod calls_tests;

src/calls/calls_tests.rs

@@ -0,0 +1,372 @@
+use super::*;
+use crate::config::Config;
+use crate::test_utils::{TestContext, TestContextManager, sync};
+
+struct CallSetup {
+    pub alice: TestContext,
+    pub alice2: TestContext,
+    pub alice_call: Message,
+    pub bob: TestContext,
+    pub bob2: TestContext,
+    pub bob_call: Message,
+    pub bob2_call: Message,
+}
+
+async fn setup_call() -> Result<CallSetup> {
+    let mut tcm = TestContextManager::new();
+    let alice = tcm.alice().await;
+    let alice2 = tcm.alice().await;
+    let bob = tcm.bob().await;
+    let bob2 = tcm.bob().await;
+    for t in [&alice, &alice2, &bob, &bob2] {
+        t.set_config_bool(Config::SyncMsgs, true).await?;
+    }
+
+    // Alice creates a chat with Bob and places an outgoing call there.
+    // Alice's other device sees the same message as an outgoing call.
+    let alice_chat = alice.create_chat(&bob).await;
+    let test_msg_id = alice
+        .place_outgoing_call(alice_chat.id, "place_info".to_string())
+        .await?;
+    let sent1 = alice.pop_sent_msg().await;
+    assert_eq!(sent1.sender_msg_id, test_msg_id);
+    let alice_call = Message::load_from_db(&alice, sent1.sender_msg_id).await?;
+    let alice2_call = alice2.recv_msg(&sent1).await;
+    for (t, m) in [(&alice, &alice_call), (&alice2, &alice2_call)] {
+        assert!(m.is_info());
+        assert_eq!(m.get_info_type(), SystemMessage::OutgoingCall);
+        let info = t.load_call_by_id(m.id).await?;
+        assert!(!info.is_accepted);
+        assert_eq!(info.place_call_info, "place_info");
+    }
+
+    // Bob receives the message referring to the call on two devices;
+    // it is an incoming call from the view of Bob
+    let bob_call = bob.recv_msg(&sent1).await;
+    let bob2_call = bob2.recv_msg(&sent1).await;
+    for (t, m) in [(&bob, &bob_call), (&bob2, &bob2_call)] {
+        assert!(m.is_info());
+        assert_eq!(m.get_info_type(), SystemMessage::IncomingCall);
+        t.evtracker
+            .get_matching(|evt| matches!(evt, EventType::IncomingCall { .. }))
+            .await;
+        let info = t.load_call_by_id(m.id).await?;
+        assert!(!info.is_accepted);
+        assert_eq!(info.place_call_info, "place_info");
+    }
+
+    Ok(CallSetup {
+        alice,
+        alice2,
+        alice_call,
+        bob,
+        bob2,
+        bob_call,
+        bob2_call,
+    })
+}
+
+async fn accept_call() -> Result<CallSetup> {
+    let CallSetup {
+        alice,
+        alice2,
+        alice_call,
+        bob,
+        bob2,
+        bob_call,
+        bob2_call,
+    } = setup_call().await?;
+
+    // Bob accepts the incoming call, this does not add an additional message to the chat
+    bob.accept_incoming_call(bob_call.id, "accepted_info".to_string())
+        .await?;
+    bob.evtracker
+        .get_matching(|evt| matches!(evt, EventType::IncomingCallAccepted { .. }))
+        .await;
+    let sent2 = bob.pop_sent_msg().await;
+    let info = bob.load_call_by_id(bob_call.id).await?;
+    assert!(info.is_accepted);
+    assert_eq!(info.place_call_info, "place_info");
+    assert_eq!(info.accept_call_info, "accepted_info");
+
+    let bob_accept_msg = bob2.recv_msg(&sent2).await;
+    assert!(bob_accept_msg.is_info());
+    assert_eq!(bob_accept_msg.get_info_type(), SystemMessage::CallAccepted);
+    bob2.evtracker
+        .get_matching(|evt| matches!(evt, EventType::IncomingCallAccepted { .. }))
+        .await;
+    let info = bob2.load_call_by_id(bob2_call.id).await?;
+    assert!(!info.is_accepted); // "accepted" is only true on the device that does the call
+
+    // Alice receives the acceptance message
+    let alice_accept_msg = alice.recv_msg(&sent2).await;
+    assert!(alice_accept_msg.is_info());
+    assert_eq!(
+        alice_accept_msg.get_info_type(),
+        SystemMessage::CallAccepted
+    );
+    alice
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::OutgoingCallAccepted { .. }))
+        .await;
+    let info = alice.load_call_by_id(alice_call.id).await?;
+    assert!(info.is_accepted);
+    assert_eq!(info.place_call_info, "place_info");
+    assert_eq!(info.accept_call_info, "accepted_info");
+
+    let alice2_accept_msg = alice2.recv_msg(&sent2).await;
+    assert!(alice2_accept_msg.is_info());
+    assert_eq!(
+        alice2_accept_msg.get_info_type(),
+        SystemMessage::CallAccepted
+    );
+    alice2
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::OutgoingCallAccepted { .. }))
+        .await;
+
+    Ok(CallSetup {
+        alice,
+        alice2,
+        alice_call,
+        bob,
+        bob2,
+        bob_call,
+        bob2_call,
+    })
+}
+
+fn assert_is_call_ended_info_msg(msg: Message) {
+    assert!(msg.is_info());
+    assert_eq!(msg.get_info_type(), SystemMessage::CallEnded);
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_accept_call_callee_ends() -> Result<()> {
+    // Alice calls Bob, Bob accepts
+    let CallSetup {
+        alice,
+        alice2,
+        bob,
+        bob2,
+        bob_call,
+        ..
+    } = accept_call().await?;
+
+    // Bob has accepted the call and also ends it
+    bob.end_call(bob_call.id).await?;
+    bob.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+    let sent3 = bob.pop_sent_msg().await;
+
+    let bob2_end_call_msg = bob2.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(bob2_end_call_msg);
+    bob2.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    // Alice receives the ending message
+    let alice_end_call_msg = alice.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(alice_end_call_msg);
+    alice
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    let alice2_end_call_msg = alice2.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(alice2_end_call_msg);
+    alice2
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_accept_call_caller_ends() -> Result<()> {
+    // Alice calls Bob, Bob accepts
+    let CallSetup {
+        alice,
+        alice2,
+        bob,
+        bob2,
+        bob_call,
+        ..
+    } = accept_call().await?;
+
+    // Bob has accepted the call but Alice ends it
+    alice.end_call(bob_call.id).await?;
+    alice
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+    let sent3 = alice.pop_sent_msg().await;
+
+    let alice2_end_call_msg = alice2.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(alice2_end_call_msg);
+    alice2
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    // Bob receives the ending message
+    let bob_end_call_msg = bob.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(bob_end_call_msg);
+    bob.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    let bob2_end_call_msg = bob2.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(bob2_end_call_msg);
+    bob2.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_callee_rejects_call() -> Result<()> {
+    // Alice calls Bob
+    let CallSetup {
+        bob,
+        bob2,
+        bob_call,
+        ..
+    } = setup_call().await?;
+
+    // Bob does not want to talk with Alice.
+    // To protect Bob's privacy, no message is sent to Alice (who will time out).
+    // To let Bob close the call window on all devices, a sync message is used instead.
+    bob.end_call(bob_call.id).await?;
+    bob.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    sync(&bob, &bob2).await;
+    bob2.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_caller_cancels_call() -> Result<()> {
+    // Alice calls Bob
+    let CallSetup {
+        alice,
+        alice2,
+        alice_call,
+        bob,
+        bob2,
+        ..
+    } = setup_call().await?;
+
+    // Alice changes their mind before Bob picks up
+    alice.end_call(alice_call.id).await?;
+    alice
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+    let sent3 = alice.pop_sent_msg().await;
+
+    let alice2_call_ended_msg = alice2.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(alice2_call_ended_msg);
+    alice2
+        .evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    // Bob receives the ending message
+    let bob_call_ended_msg = bob.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(bob_call_ended_msg);
+    bob.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    let bob2_call_ended_msg = bob2.recv_msg(&sent3).await;
+    assert_is_call_ended_info_msg(bob2_call_ended_msg);
+    bob2.evtracker
+        .get_matching(|evt| matches!(evt, EventType::CallEnded { .. }))
+        .await;
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_is_stale_call() -> Result<()> {
+    // a call started now is not stale
+    let call_info = CallInfo {
+        msg: Message {
+            timestamp_sent: time(),
+            ..Default::default()
+        },
+        ..Default::default()
+    };
+    assert!(!call_info.is_stale_call());
+    let remaining_seconds = call_info.remaining_ring_seconds();
+    assert!(remaining_seconds == RINGING_SECONDS || remaining_seconds == RINGING_SECONDS - 1);
+
+    // call started 5 seconds ago, this is not stale as well
+    let call_info = CallInfo {
+        msg: Message {
+            timestamp_sent: time() - 5,
+            ..Default::default()
+        },
+        ..Default::default()
+    };
+    assert!(!call_info.is_stale_call());
+    let remaining_seconds = call_info.remaining_ring_seconds();
+    assert!(remaining_seconds == RINGING_SECONDS - 5 || remaining_seconds == RINGING_SECONDS - 6);
+
+    // a call started one hour ago is clearly stale
+    let call_info = CallInfo {
+        msg: Message {
+            timestamp_sent: time() - 3600,
+            ..Default::default()
+        },
+        ..Default::default()
+    };
+    assert!(call_info.is_stale_call());
+    assert_eq!(call_info.remaining_ring_seconds(), 0);
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_mark_call_as_accepted() -> Result<()> {
+    let CallSetup {
+        alice, alice_call, ..
+    } = setup_call().await?;
+    assert!(!alice_call.is_call_accepted()?);
+
+    let mut alice_call = Message::load_from_db(&alice, alice_call.id).await?;
+    assert!(!alice_call.is_call_accepted()?);
+    alice_call
+        .mark_call_as_accepted(&alice, "accepted_info".to_string())
+        .await?;
+    assert!(alice_call.is_call_accepted()?);
+
+    let alice_call = Message::load_from_db(&alice, alice_call.id).await?;
+    assert!(alice_call.is_call_accepted()?);
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_udpate_call_text() -> Result<()> {
+    let CallSetup {
+        alice, alice_call, ..
+    } = setup_call().await?;
+
+    let call_info = alice.load_call_by_id(alice_call.id).await?;
+    call_info.update_text(&alice, "foo bar").await?;
+
+    let alice_call = Message::load_from_db(&alice, alice_call.id).await?;
+    assert_eq!(alice_call.get_text(), "foo bar");
+
+    Ok(())
+}

src/chatlist.rs

@@ -1,9 +1,9 @@
 //! # Chat list module.
 
-use anyhow::{ensure, Context as _, Result};
+use anyhow::{Context as _, Result, ensure};
 use std::sync::LazyLock;
 
-use crate::chat::{update_special_chat_names, Chat, ChatId, ChatVisibility};
+use crate::chat::{Chat, ChatId, ChatVisibility, update_special_chat_names};
 use crate::constants::{
     Blocked, Chattype, DC_CHAT_ID_ALLDONE_HINT, DC_CHAT_ID_ARCHIVED_LINK, DC_GCL_ADD_ALLDONE_HINT,
     DC_GCL_ARCHIVED_ONLY, DC_GCL_FOR_FORWARDING, DC_GCL_NO_SPECIALS,
@@ -245,9 +245,6 @@ impl Chatlist {
                     .collect::<std::result::Result<Vec<_>, _>>()
                     .map_err(Into::into)
                 };
-                // Return ProtectionBroken chats also, as that may happen to a verified chat at any
-                // time. It may be confusing if a chat that is normally in the list disappears
-                // suddenly. The UI need to deal with that case anyway.
                 context.sql.query_map(
                     "SELECT c.id, c.type, c.param, m.id
                      FROM chats c
@@ -409,7 +406,8 @@ impl Chatlist {
             if lastmsg.from_id == ContactId::SELF {
                 None
             } else if chat.typ == Chattype::Group
-                || chat.typ == Chattype::Broadcast
+                || chat.typ == Chattype::OutBroadcast
+                || chat.typ == Chattype::InBroadcast
                 || chat.typ == Chattype::Mailinglist
                 || chat.is_self_talk()
             {
@@ -483,8 +481,8 @@ mod tests {
     use super::*;
     use crate::chat::save_msgs;
     use crate::chat::{
-        add_contact_to_chat, create_group_chat, get_chat_contacts, remove_contact_from_chat,
-        send_text_msg, ProtectionStatus,
+        ProtectionStatus, add_contact_to_chat, create_group_chat, get_chat_contacts,
+        remove_contact_from_chat, send_text_msg,
     };
     use crate::receive_imf::receive_imf;
     use crate::stock_str::StockMessage;
@@ -572,7 +570,7 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_sort_self_talk_up_on_forward() {
-        let t = TestContext::new().await;
+        let t = TestContext::new_alice().await;
         t.update_device_chats().await.unwrap();
         create_group_chat(&t, ProtectionStatus::Unprotected, "a chat")
             .await
@@ -580,19 +578,23 @@ mod tests {
 
         let chats = Chatlist::try_load(&t, 0, None, None).await.unwrap();
         assert_eq!(chats.len(), 3);
-        assert!(!Chat::load_from_db(&t, chats.get_chat_id(0).unwrap())
-            .await
-            .unwrap()
-            .is_self_talk());
+        assert!(
+            !Chat::load_from_db(&t, chats.get_chat_id(0).unwrap())
+                .await
+                .unwrap()
+                .is_self_talk()
+        );
 
         let chats = Chatlist::try_load(&t, DC_GCL_FOR_FORWARDING, None, None)
             .await
             .unwrap();
         assert_eq!(chats.len(), 2); // device chat cannot be written and is skipped on forwarding
-        assert!(Chat::load_from_db(&t, chats.get_chat_id(0).unwrap())
-            .await
-            .unwrap()
-            .is_self_talk());
+        assert!(
+            Chat::load_from_db(&t, chats.get_chat_id(0).unwrap())
+                .await
+                .unwrap()
+                .is_self_talk()
+        );
 
         remove_contact_from_chat(&t, chats.get_chat_id(1).unwrap(), ContactId::SELF)
             .await
@@ -605,7 +607,7 @@ mod tests {
 
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_search_special_chat_names() {
-        let t = TestContext::new().await;
+        let t = TestContext::new_alice().await;
         t.update_device_chats().await.unwrap();
 
         let chats = Chatlist::try_load(&t, 0, Some("t-1234-s"), None)

src/color.rs

@@ -1,38 +1,39 @@
-//! Implementation of Consistent Color Generation.
+//! Color generation.
 //!
-//! Consistent Color Generation is defined in XEP-0392.
-//!
-//! Color Vision Deficiency correction is not implemented as Delta Chat does not offer
-//! corresponding settings.
-use hsluv::hsluv_to_rgb;
+//! This is similar to Consistent Color Generation defined in XEP-0392,
+//! but uses OKLCh colorspace instead of HSLuv
+//! to ensure that colors have the same lightness.
+use colorutils_rs::{Oklch, Rgb, TransferFunction};
 use sha1::{Digest, Sha1};
 
 /// Converts an identifier to Hue angle.
-fn str_to_angle(s: &str) -> f64 {
+fn str_to_angle(s: &str) -> f32 {
     let bytes = s.as_bytes();
     let result = Sha1::digest(bytes);
     let checksum: u16 = result.first().map_or(0, |&x| u16::from(x))
         + 256 * result.get(1).map_or(0, |&x| u16::from(x));
-    f64::from(checksum) / 65536.0 * 360.0
+    f32::from(checksum) / 65536.0 * 360.0
 }
 
 /// Converts RGB tuple to a 24-bit number.
 ///
 /// Returns a 24-bit number with 8 least significant bits corresponding to the blue color and 8
 /// most significant bits corresponding to the red color.
-fn rgb_to_u32((r, g, b): (f64, f64, f64)) -> u32 {
-    let r = ((r * 256.0) as u32).min(255);
-    let g = ((g * 256.0) as u32).min(255);
-    let b = ((b * 256.0) as u32).min(255);
-    65536 * r + 256 * g + b
+fn rgb_to_u32(rgb: Rgb<u8>) -> u32 {
+    65536 * u32::from(rgb.r) + 256 * u32::from(rgb.g) + u32::from(rgb.b)
 }
 
 /// Converts an identifier to RGB color.
 ///
-/// Saturation is set to maximum (100.0) to make colors distinguishable, and lightness is set to
-/// half (50.0) to make colors suitable both for light and dark theme.
+/// Lightness is set to half (0.5) to make colors suitable both for light and dark theme.
 pub fn str_to_color(s: &str) -> u32 {
-    rgb_to_u32(hsluv_to_rgb((str_to_angle(s), 100.0, 50.0)))
+    let lightness = 0.5;
+    let chroma = 0.22;
+    let angle = str_to_angle(s);
+    let oklch = Oklch::new(lightness, chroma, angle);
+    let rgb = oklch.to_rgb(TransferFunction::Srgb);
+
+    rgb_to_u32(rgb)
 }
 
 /// Returns color as a "#RRGGBB" `String` where R, G, B are hex digits.
@@ -45,6 +46,7 @@ mod tests {
     use super::*;
 
     #[test]
+    #[allow(clippy::excessive_precision)]
     fn test_str_to_angle() {
         // Test against test vectors from
         // <https://xmpp.org/extensions/xep-0392.html#testvectors-fullrange-no-cvd>
@@ -57,11 +59,11 @@ mod tests {
 
     #[test]
     fn test_rgb_to_u32() {
-        assert_eq!(rgb_to_u32((0.0, 0.0, 0.0)), 0);
-        assert_eq!(rgb_to_u32((1.0, 1.0, 1.0)), 0xffffff);
-        assert_eq!(rgb_to_u32((0.0, 0.0, 1.0)), 0x0000ff);
-        assert_eq!(rgb_to_u32((0.0, 1.0, 0.0)), 0x00ff00);
-        assert_eq!(rgb_to_u32((1.0, 0.0, 0.0)), 0xff0000);
-        assert_eq!(rgb_to_u32((1.0, 0.5, 0.0)), 0xff8000);
+        assert_eq!(rgb_to_u32(Rgb::new(0, 0, 0)), 0);
+        assert_eq!(rgb_to_u32(Rgb::new(0xff, 0xff, 0xff)), 0xffffff);
+        assert_eq!(rgb_to_u32(Rgb::new(0, 0, 0xff)), 0x0000ff);
+        assert_eq!(rgb_to_u32(Rgb::new(0, 0xff, 0)), 0x00ff00);
+        assert_eq!(rgb_to_u32(Rgb::new(0xff, 0, 0)), 0xff0000);
+        assert_eq!(rgb_to_u32(Rgb::new(0xff, 0x80, 0)), 0xff8000);
     }
 }

src/config.rs

@@ -4,7 +4,7 @@ use std::env;
 use std::path::Path;
 use std::str::FromStr;
 
-use anyhow::{bail, ensure, Context as _, Result};
+use anyhow::{Context as _, Result, bail, ensure};
 use base64::Engine as _;
 use deltachat_contact_tools::{addr_cmp, sanitize_single_line};
 use serde::{Deserialize, Serialize};
@@ -17,10 +17,10 @@ use crate::configure::EnteredLoginParam;
 use crate::constants;
 use crate::context::Context;
 use crate::events::EventType;
-use crate::log::{info, LogExt};
+use crate::log::{LogExt, info};
 use crate::login_param::ConfiguredLoginParam;
 use crate::mimefactory::RECOMMENDED_FILE_SIZE;
-use crate::provider::{get_provider_by_id, Provider};
+use crate::provider::{Provider, get_provider_by_id};
 use crate::sync::{self, Sync::*, SyncData};
 use crate::tools::get_abs_path;
 
@@ -369,6 +369,9 @@ pub enum Config {
     #[strum(props(default = "0"))]
     DisableIdle,
 
+    /// Timestamp of the next check for donation request need.
+    DonationRequestNextCheck,
+
     /// Defines the max. size (in bytes) of messages downloaded automatically.
     /// 0 = no limit.
     #[strum(props(default = "0"))]
@@ -414,7 +417,7 @@ pub enum Config {
     #[strum(props(default = "172800"))]
     GossipPeriod,
 
-    /// Feature flag for verified 1:1 chats; the UI should set it
+    /// Deprecated 2025-07. Feature flag for verified 1:1 chats; the UI should set it
     /// to 1 if it supports verified 1:1 chats.
     /// Regardless of this setting, `chat.is_protected()` returns true while the key is verified,
     /// and when the key changes, an info message is posted into the chat.
@@ -731,7 +734,7 @@ impl Context {
         Self::check_config(key, value)?;
 
         let _pause = match key.needs_io_restart() {
-            true => self.scheduler.pause(self.clone()).await?,
+            true => self.scheduler.pause(self).await?,
             _ => Default::default(),
         };
         self.set_config_internal(key, value).await?;
@@ -813,7 +816,10 @@ impl Context {
                     bail!("Cannot change ConfiguredAddr");
                 }
                 if let Some(addr) = value {
-                    info!(self, "Creating a pseudo configured account which will not be able to send or receive messages. Only meant for tests!");
+                    info!(
+                        self,
+                        "Creating a pseudo configured account which will not be able to send or receive messages. Only meant for tests!"
+                    );
                     ConfiguredLoginParam::from_json(&format!(
                         r#"{{"addr":"{addr}","imap":[],"imap_user":"","imap_password":"","smtp":[],"smtp_user":"","smtp_password":"","certificate_checks":"Automatic","oauth2":false}}"#
                     ))?

src/config/config_tests.rs

@@ -1,7 +1,7 @@
 use num_traits::FromPrimitive;
 
 use super::*;
-use crate::test_utils::{sync, TestContext, TestContextManager};
+use crate::test_utils::{TestContext, TestContextManager, sync};
 
 #[test]
 fn test_to_string() {
@@ -20,10 +20,11 @@ async fn test_set_config_addr() {
     let t = TestContext::new().await;
 
     // Test that uppercase address get lowercased.
-    assert!(t
-        .set_config(Config::Addr, Some("Foobar@eXample.oRg"))
-        .await
-        .is_ok());
+    assert!(
+        t.set_config(Config::Addr, Some("Foobar@eXample.oRg"))
+            .await
+            .is_ok()
+    );
     assert_eq!(
         t.get_config(Config::Addr).await.unwrap().unwrap(),
         "foobar@example.org"
@@ -263,11 +264,13 @@ async fn test_sync() -> Result<()> {
         self_chat_avatar_path,
         alice0.get_blobdir().join(SAVED_MESSAGES_DEDUPLICATED_FILE)
     );
-    assert!(alice1
-        .get_config(Config::Selfavatar)
-        .await?
-        .filter(|path| path.ends_with(".png"))
-        .is_some());
+    assert!(
+        alice1
+            .get_config(Config::Selfavatar)
+            .await?
+            .filter(|path| path.ends_with(".png"))
+            .is_some()
+    );
     alice0.set_config(Config::Selfavatar, None).await?;
     sync(&alice0, &alice1).await;
     assert!(alice1.get_config(Config::Selfavatar).await?.is_none());
@@ -321,17 +324,21 @@ async fn test_no_sync_on_self_sent_msg() -> Result<()> {
         .await?;
     let sent_msg = alice0.send_text(a0b_chat_id, "hi").await;
     alice1.recv_msg(&sent_msg).await;
-    assert!(alice1
-        .get_config(Config::Selfavatar)
-        .await?
-        .filter(|path| path.ends_with(".png"))
-        .is_some());
+    assert!(
+        alice1
+            .get_config(Config::Selfavatar)
+            .await?
+            .filter(|path| path.ends_with(".png"))
+            .is_some()
+    );
     sync(alice1, alice0).await;
-    assert!(alice0
-        .get_config(Config::Selfavatar)
-        .await?
-        .filter(|path| path.ends_with(".jpg"))
-        .is_some());
+    assert!(
+        alice0
+            .get_config(Config::Selfavatar)
+            .await?
+            .filter(|path| path.ends_with(".jpg"))
+            .is_some()
+    );
 
     Ok(())
 }

src/configure.rs

@@ -13,21 +13,21 @@ mod auto_mozilla;
 mod auto_outlook;
 pub(crate) mod server_params;
 
-use anyhow::{bail, ensure, format_err, Context as _, Result};
+use anyhow::{Context as _, Result, bail, ensure, format_err};
 use auto_mozilla::moz_autoconfigure;
 use auto_outlook::outlk_autodiscover;
-use deltachat_contact_tools::{addr_normalize, EmailAddress};
+use deltachat_contact_tools::{EmailAddress, addr_normalize};
 use futures::FutureExt;
 use futures_lite::FutureExt as _;
 use percent_encoding::utf8_percent_encode;
-use server_params::{expand_param_vector, ServerParams};
+use server_params::{ServerParams, expand_param_vector};
 use tokio::task;
 
 use crate::config::{self, Config};
 use crate::constants::NON_ALPHANUMERIC_WITHOUT_DOT;
 use crate::context::Context;
 use crate::imap::Imap;
-use crate::log::{info, warn, LogExt};
+use crate::log::{LogExt, info, warn};
 pub use crate::login_param::EnteredLoginParam;
 use crate::login_param::{
     ConfiguredCertificateChecks, ConfiguredLoginParam, ConfiguredServerLoginParam,
@@ -39,8 +39,8 @@ use crate::provider::{Protocol, Provider, Socket, UsernamePattern};
 use crate::smtp::Smtp;
 use crate::sync::Sync::*;
 use crate::tools::time;
+use crate::{EventType, stock_str};
 use crate::{chat, provider};
-use crate::{stock_str, EventType};
 use deltachat_contact_tools::addr_cmp;
 
 macro_rules! progress {
@@ -215,7 +215,9 @@ impl Context {
     /// (i.e. [EnteredLoginParam::addr]).
     #[expect(clippy::unused_async)]
     pub async fn delete_transport(&self, _addr: &str) -> Result<()> {
-        bail!("Adding and removing additional transports is not supported yet. Check back in a few months!")
+        bail!(
+            "Adding and removing additional transports is not supported yet. Check back in a few months!"
+        )
     }
 
     async fn inner_configure(&self, param: &EnteredLoginParam) -> Result<()> {

src/constants.rs

@@ -89,6 +89,7 @@ pub const DC_GCL_ADD_ALLDONE_HINT: usize = 0x04;
 pub const DC_GCL_FOR_FORWARDING: usize = 0x08;
 
 pub const DC_GCL_ADD_SELF: u32 = 0x02;
+pub const DC_GCL_ADDRESS: u32 = 0x04;
 
 // unchanged user avatars are resent to the recipients every some days
 pub(crate) const DC_RESEND_USER_AVATAR_DAYS: i64 = 14;
@@ -126,17 +127,46 @@ pub const DC_CHAT_ID_LAST_SPECIAL: ChatId = ChatId::new(9);
 )]
 #[repr(u32)]
 pub enum Chattype {
-    /// 1:1 chat.
+    /// A 1:1 chat, i.e. a normal chat with a single contact.
+    ///
+    /// Created by [`ChatId::create_for_contact`].
     Single = 100,
 
     /// Group chat.
+    ///
+    /// Created by [`crate::chat::create_group_chat`].
     Group = 120,
 
-    /// Mailing list.
+    /// An (unencrypted) mailing list,
+    /// created by an incoming mailing list email.
     Mailinglist = 140,
 
-    /// Broadcast list.
-    Broadcast = 160,
+    /// Outgoing broadcast channel, called "Channel" in the UI.
+    ///
+    /// The user can send into this chat,
+    /// and all recipients will receive messages
+    /// in an `InBroadcast`.
+    ///
+    /// Called `broadcast` here rather than `channel`,
+    /// because the word "channel" already appears a lot in the code,
+    /// which would make it hard to grep for it.
+    ///
+    /// Created by [`crate::chat::create_broadcast`].
+    OutBroadcast = 160,
+
+    /// Incoming broadcast channel, called "Channel" in the UI.
+    ///
+    /// This chat is read-only,
+    /// and we do not know who the other recipients are.
+    ///
+    /// This is similar to a `MailingList`,
+    /// with the main difference being that
+    /// `InBroadcast`s are encrypted.
+    ///
+    /// Called `broadcast` here rather than `channel`,
+    /// because the word "channel" already appears a lot in the code,
+    /// which would make it hard to grep for it.
+    InBroadcast = 165,
 }
 
 pub const DC_MSG_ID_DAYMARKER: u32 = 9;
@@ -193,6 +223,10 @@ pub(crate) const WORSE_AVATAR_BYTES: usize = 20_000; // this also fits to Outloo
 pub const BALANCED_IMAGE_SIZE: u32 = 1280;
 pub const WORSE_IMAGE_SIZE: u32 = 640;
 
+/// Limit for received images size. Bigger images become `Viewtype::File` to avoid excessive memory
+/// usage by UIs.
+pub const MAX_RCVD_IMAGE_PIXELS: u32 = 50_000_000;
+
 // Key for the folder configuration version (see below).
 pub(crate) const DC_FOLDERS_CONFIGURED_KEY: &str = "folders_configured";
 // this value can be increased if the folder configuration is changed and must be redone on next program start
@@ -210,11 +244,6 @@ pub(crate) const DC_BACKGROUND_FETCH_QUOTA_CHECK_RATELIMIT: u64 = 12 * 60 * 60;
 /// in the group membership consistency algo to reject outdated membership changes.
 pub(crate) const TIMESTAMP_SENT_TOLERANCE: i64 = 60;
 
-/// How long a 1:1 chat can't be used for sending while the SecureJoin is in progress. This should
-/// be 10-20 seconds so that we are reasonably sure that the app remains active and receiving also
-/// on mobile devices. See also [`crate::chat::CantSendReason::SecurejoinWait`].
-pub(crate) const SECUREJOIN_WAIT_TIMEOUT: u64 = 15;
-
 // To make text edits clearer for Non-Delta-MUA or old Delta Chats, edited text will be prefixed by EDITED_PREFIX.
 // Newer Delta Chats will remove the prefix as needed.
 pub(crate) const EDITED_PREFIX: &str = "✏️";
@@ -232,6 +261,9 @@ pub(crate) const ASM_BODY: &str = "This is the Autocrypt Setup Message \
     If you see this message in a chatmail client (Delta Chat, Arcane Chat, Delta Touch ...), \
     use \"Settings / Add Second Device\" instead.";
 
+/// Period between `sql::housekeeping()` runs.
+pub(crate) const HOUSEKEEPING_PERIOD: i64 = 24 * 60 * 60;
+
 #[cfg(test)]
 mod tests {
     use num_traits::FromPrimitive;
@@ -244,7 +276,7 @@ mod tests {
         assert_eq!(Chattype::Single, Chattype::from_i32(100).unwrap());
         assert_eq!(Chattype::Group, Chattype::from_i32(120).unwrap());
         assert_eq!(Chattype::Mailinglist, Chattype::from_i32(140).unwrap());
-        assert_eq!(Chattype::Broadcast, Chattype::from_i32(160).unwrap());
+        assert_eq!(Chattype::OutBroadcast, Chattype::from_i32(160).unwrap());
     }
 
     #[test]

src/contact.rs

@@ -1,42 +1,43 @@
 //! Contacts module
 
-use std::cmp::{min, Reverse};
+use std::cmp::Reverse;
 use std::collections::{BinaryHeap, HashSet};
 use std::fmt;
 use std::path::{Path, PathBuf};
 use std::time::UNIX_EPOCH;
 
-use anyhow::{bail, ensure, Context as _, Result};
+use anyhow::{Context as _, Result, bail, ensure};
 use async_channel::{self as channel, Receiver, Sender};
 use base64::Engine as _;
 pub use deltachat_contact_tools::may_be_valid_addr;
 use deltachat_contact_tools::{
-    self as contact_tools, addr_cmp, addr_normalize, sanitize_name, sanitize_name_and_addr,
-    ContactAddress, VcardContact,
+    self as contact_tools, ContactAddress, VcardContact, addr_normalize, sanitize_name,
+    sanitize_name_and_addr,
 };
 use deltachat_derive::{FromSql, ToSql};
 use rusqlite::OptionalExtension;
 use serde::{Deserialize, Serialize};
 use tokio::task;
-use tokio::time::{timeout, Duration};
+use tokio::time::{Duration, timeout};
 
-use crate::aheader::{Aheader, EncryptPreference};
 use crate::blob::BlobObject;
 use crate::chat::{ChatId, ChatIdBlocked, ProtectionStatus};
 use crate::color::str_to_color;
 use crate::config::Config;
-use crate::constants::{Blocked, Chattype, DC_GCL_ADD_SELF};
+use crate::constants::{self, Blocked, Chattype};
 use crate::context::Context;
 use crate::events::EventType;
-use crate::key::{load_self_public_key, DcKey, SignedPublicKey};
-use crate::log::{info, warn, LogExt};
+use crate::key::{
+    DcKey, Fingerprint, SignedPublicKey, load_self_public_key, self_fingerprint,
+    self_fingerprint_opt,
+};
+use crate::log::{LogExt, info, warn};
 use crate::message::MessageState;
 use crate::mimeparser::AvatarAction;
 use crate::param::{Param, Params};
-use crate::peerstate::Peerstate;
 use crate::sync::{self, Sync::*};
-use crate::tools::{duration_to_str, get_abs_path, smeared_time, time, SystemTime};
-use crate::{chat, chatlist_events, stock_str};
+use crate::tools::{SystemTime, duration_to_str, get_abs_path, time};
+use crate::{chat, chatlist_events, ensure_and_debug_assert_ne, stock_str};
 
 /// Time during which a contact is considered as seen recently.
 const SEEN_RECENTLY_SECONDS: i64 = 600;
@@ -102,7 +103,16 @@ impl ContactId {
     /// for this contact will switch to the
     /// contact's authorized name.
     pub async fn set_name(self, context: &Context, name: &str) -> Result<()> {
-        let addr = context
+        self.set_name_ex(context, Sync, name).await
+    }
+
+    pub(crate) async fn set_name_ex(
+        self,
+        context: &Context,
+        sync: sync::Sync,
+        name: &str,
+    ) -> Result<()> {
+        let row = context
             .sql
             .transaction(|transaction| {
                 let is_changed = transaction.execute(
@@ -111,30 +121,45 @@ impl ContactId {
                 )? > 0;
                 if is_changed {
                     update_chat_names(context, transaction, self)?;
-                    let addr = transaction.query_row(
-                        "SELECT addr FROM contacts WHERE id=?",
+                    let (addr, fingerprint) = transaction.query_row(
+                        "SELECT addr, fingerprint FROM contacts WHERE id=?",
                         (self,),
                         |row| {
                             let addr: String = row.get(0)?;
-                            Ok(addr)
+                            let fingerprint: String = row.get(1)?;
+                            Ok((addr, fingerprint))
                         },
                     )?;
-                    Ok(Some(addr))
+                    context.emit_event(EventType::ContactsChanged(Some(self)));
+                    Ok(Some((addr, fingerprint)))
                 } else {
                     Ok(None)
                 }
             })
             .await?;
 
-        if let Some(addr) = addr {
-            chat::sync(
-                context,
-                chat::SyncId::ContactAddr(addr.to_string()),
-                chat::SyncAction::Rename(name.to_string()),
-            )
-            .await
-            .log_err(context)
-            .ok();
+        if sync.into() {
+            if let Some((addr, fingerprint)) = row {
+                if fingerprint.is_empty() {
+                    chat::sync(
+                        context,
+                        chat::SyncId::ContactAddr(addr),
+                        chat::SyncAction::Rename(name.to_string()),
+                    )
+                    .await
+                    .log_err(context)
+                    .ok();
+                } else {
+                    chat::sync(
+                        context,
+                        chat::SyncId::ContactFingerprint(fingerprint),
+                        chat::SyncAction::Rename(name.to_string()),
+                    )
+                    .await
+                    .log_err(context)
+                    .ok();
+                }
+            }
         }
         Ok(())
     }
@@ -196,31 +221,6 @@ impl ContactId {
             .await?;
         Ok(addr)
     }
-
-    /// Resets encryption with the contact.
-    ///
-    /// Effect is similar to receiving a message without Autocrypt header
-    /// from the contact, but this action is triggered manually by the user.
-    ///
-    /// For example, this will result in sending the next message
-    /// to 1:1 chat unencrypted, but will not remove existing verified keys.
-    pub async fn reset_encryption(self, context: &Context) -> Result<()> {
-        let now = time();
-
-        let addr = self.addr(context).await?;
-        if let Some(mut peerstate) = Peerstate::from_addr(context, &addr).await? {
-            peerstate.degrade_encryption(now);
-            peerstate.save_to_db(&context.sql).await?;
-        }
-
-        // Reset 1:1 chat protection.
-        if let Some(chat_id) = ChatId::lookup_by_contact(context, self).await? {
-            chat_id
-                .set_protection(context, ProtectionStatus::Unprotected, now, Some(self))
-                .await?;
-        }
-        Ok(())
-    }
 }
 
 impl fmt::Display for ContactId {
@@ -267,14 +267,8 @@ pub async fn make_vcard(context: &Context, contacts: &[ContactId]) -> Result<Str
     let mut vcard_contacts = Vec::with_capacity(contacts.len());
     for id in contacts {
         let c = Contact::get_by_id(context, *id).await?;
-        let key = match *id {
-            ContactId::SELF => Some(load_self_public_key(context).await?),
-            _ => Peerstate::from_addr(context, &c.addr)
-                .await?
-                .and_then(|peerstate| peerstate.take_key(false)),
-        };
-        let key = key.map(|k| k.to_base64());
-        let profile_image = match c.get_profile_image(context).await? {
+        let key = c.public_key(context).await?.map(|k| k.to_base64());
+        let profile_image = match c.get_profile_image_ex(context, false).await? {
             None => None,
             Some(path) => tokio::fs::read(path)
                 .await
@@ -330,15 +324,6 @@ async fn import_vcard_contact(context: &Context, contact: &VcardContact) -> Resu
     // mustn't use `Origin::AddressBook` here because the vCard may be created not by us, also we
     // want `contact.authname` to be saved as the authname and not a locally given name.
     let origin = Origin::CreateChat;
-    let (id, modified) =
-        match Contact::add_or_lookup(context, &contact.authname, &addr, origin).await {
-            Err(e) => return Err(e).context("Contact::add_or_lookup() failed"),
-            Ok((ContactId::SELF, _)) => return Ok(ContactId::SELF),
-            Ok(val) => val,
-        };
-    if modified != Modifier::None {
-        context.emit_event(EventType::ContactsChanged(Some(id)));
-    }
     let key = contact.key.as_ref().and_then(|k| {
         SignedPublicKey::from_base64(k)
             .with_context(|| {
@@ -350,50 +335,35 @@ async fn import_vcard_contact(context: &Context, contact: &VcardContact) -> Resu
             .log_err(context)
             .ok()
     });
+
+    let fingerprint;
     if let Some(public_key) = key {
-        let timestamp = contact
-            .timestamp
-            .as_ref()
-            .map_or(0, |&t| min(t, smeared_time(context)));
-        let aheader = Aheader {
-            addr: contact.addr.clone(),
-            public_key,
-            prefer_encrypt: EncryptPreference::Mutual,
-        };
-        let peerstate = match Peerstate::from_addr(context, &aheader.addr).await {
-            Err(e) => {
-                warn!(
-                    context,
-                    "import_vcard_contact: Cannot create peerstate from {}: {e:#}.", contact.addr
-                );
-                return Ok(id);
-            }
-            Ok(p) => p,
-        };
-        let peerstate = if let Some(mut p) = peerstate {
-            p.apply_gossip(&aheader, timestamp);
-            p
-        } else {
-            Peerstate::from_gossip(&aheader, timestamp)
-        };
-        if let Err(e) = peerstate.save_to_db(&context.sql).await {
-            warn!(
-                context,
-                "import_vcard_contact: Could not save peerstate for {}: {e:#}.", contact.addr
-            );
-            return Ok(id);
-        }
-        if let Err(e) = peerstate
-            .handle_fingerprint_change(context, timestamp)
+        fingerprint = public_key.dc_fingerprint().hex();
+
+        context
+            .sql
+            .execute(
+                "INSERT INTO public_keys (fingerprint, public_key)
+                 VALUES (?, ?)
+                 ON CONFLICT (fingerprint)
+                 DO NOTHING",
+                (&fingerprint, public_key.to_bytes()),
+            )
+            .await?;
+    } else {
+        fingerprint = String::new();
+    }
+
+    let (id, modified) =
+        match Contact::add_or_lookup_ex(context, &contact.authname, &addr, &fingerprint, origin)
             .await
         {
-            warn!(
-                context,
-                "import_vcard_contact: handle_fingerprint_change() failed for {}: {e:#}.",
-                contact.addr
-            );
-            return Ok(id);
-        }
+            Err(e) => return Err(e).context("Contact::add_or_lookup() failed"),
+            Ok((ContactId::SELF, _)) => return Ok(ContactId::SELF),
+            Ok(val) => val,
+        };
+    if modified != Modifier::None {
+        context.emit_event(EventType::ContactsChanged(Some(id)));
     }
     if modified != Modifier::Created {
         return Ok(id);
@@ -465,6 +435,11 @@ pub struct Contact {
     /// E-Mail-Address of the contact. It is recommended to use `Contact::get_addr` to access this field.
     addr: String,
 
+    /// OpenPGP key fingerprint.
+    /// Non-empty iff the contact is a key-contact,
+    /// identified by this fingerprint.
+    fingerprint: Option<String>,
+
     /// Blocked state. Use contact_is_blocked to access this field.
     pub blocked: bool,
 
@@ -614,7 +589,7 @@ impl Contact {
             .sql
             .query_row_optional(
                 "SELECT c.name, c.addr, c.origin, c.blocked, c.last_seen,
-                c.authname, c.param, c.status, c.is_bot
+                c.authname, c.param, c.status, c.is_bot, c.fingerprint
                FROM contacts c
               WHERE c.id=?;",
                 (contact_id,),
@@ -628,11 +603,14 @@ impl Contact {
                     let param: String = row.get(6)?;
                     let status: Option<String> = row.get(7)?;
                     let is_bot: bool = row.get(8)?;
+                    let fingerprint: Option<String> =
+                        Some(row.get(9)?).filter(|s: &String| !s.is_empty());
                     let contact = Self {
                         id: contact_id,
                         name,
                         authname,
                         addr,
+                        fingerprint,
                         blocked: blocked.unwrap_or_default(),
                         last_seen,
                         origin,
@@ -655,6 +633,9 @@ impl Contact {
                     .get_config(Config::ConfiguredAddr)
                     .await?
                     .unwrap_or_default();
+                if let Some(self_fp) = self_fingerprint_opt(context).await? {
+                    contact.fingerprint = Some(self_fp.to_string());
+                }
                 contact.status = context
                     .get_config(Config::Selfstatus)
                     .await?
@@ -774,7 +755,19 @@ impl Contact {
         self.is_bot
     }
 
-    /// Check if an e-mail address belongs to a known and unblocked contact.
+    /// Looks up a known and unblocked contact with a given e-mail address.
+    /// To get a list of all known and unblocked contacts, use contacts_get_contacts().
+    ///
+    ///
+    /// **POTENTIAL SECURITY ISSUE**: If there are multiple contacts with this address
+    /// (e.g. an address-contact and a key-contact),
+    /// this looks up the most recently seen contact,
+    /// i.e. which contact is returned depends on which contact last sent a message.
+    /// If the user just clicked on a mailto: link, then this is the best thing you can do.
+    /// But **DO NOT** internally represent contacts by their email address
+    /// and do not use this function to look them up;
+    /// otherwise this function will sometimes look up the wrong contact.
+    /// Instead, you should internally represent contacts by their ids.
     ///
     /// Known and unblocked contacts will be returned by `get_contacts()`.
     ///
@@ -805,30 +798,56 @@ impl Contact {
 
         let addr_normalized = addr_normalize(addr);
 
-        if context.is_self_addr(&addr_normalized).await? {
+        if context.is_configured().await? && context.is_self_addr(addr).await? {
             return Ok(Some(ContactId::SELF));
         }
 
         let id = context
             .sql
             .query_get_value(
-                "SELECT id FROM contacts \
-            WHERE addr=?1 COLLATE NOCASE \
-            AND id>?2 AND origin>=?3 AND (? OR blocked=?)",
+                "SELECT id FROM contacts
+                 WHERE addr=?1 COLLATE NOCASE
+                     AND id>?2 AND origin>=?3 AND (? OR blocked=?)
+                 ORDER BY
+                     (
+                         SELECT COUNT(*) FROM chats c
+                         INNER JOIN chats_contacts cc
+                         ON c.id=cc.chat_id
+                         WHERE c.type=?
+                             AND c.id>?
+                             AND c.blocked=?
+                             AND cc.contact_id=contacts.id
+                     ) DESC,
+                     last_seen DESC, fingerprint DESC
+                 LIMIT 1",
                 (
                     &addr_normalized,
                     ContactId::LAST_SPECIAL,
                     min_origin as u32,
                     blocked.is_none(),
-                    blocked.unwrap_or_default(),
+                    blocked.unwrap_or(Blocked::Not),
+                    Chattype::Single,
+                    constants::DC_CHAT_ID_LAST_SPECIAL,
+                    blocked.unwrap_or(Blocked::Not),
                 ),
             )
             .await?;
         Ok(id)
     }
 
+    pub(crate) async fn add_or_lookup(
+        context: &Context,
+        name: &str,
+        addr: &ContactAddress,
+        origin: Origin,
+    ) -> Result<(ContactId, Modifier)> {
+        Self::add_or_lookup_ex(context, name, addr, "", origin).await
+    }
+
     /// Lookup a contact and create it if it does not exist yet.
-    /// The contact is identified by the email-address, a name and an "origin" can be given.
+    /// If `fingerprint` is non-empty, a key-contact with this fingerprint is added / looked up.
+    /// Otherwise, an address-contact with `addr` is added / looked up.
+    /// A name and an "origin" can be given.
     ///
     /// The "origin" is where the address comes from -
     /// from-header, cc-header, addressbook, qr, manual-edit etc.
@@ -852,21 +871,34 @@ impl Contact {
     ///   Depending on the origin, both, "row_name" and "row_authname" are updated from "name".
     ///
     /// Returns the contact_id and a `Modifier` value indicating if a modification occurred.
-    pub(crate) async fn add_or_lookup(
+    pub(crate) async fn add_or_lookup_ex(
         context: &Context,
         name: &str,
-        addr: &ContactAddress,
+        addr: &str,
+        fingerprint: &str,
         mut origin: Origin,
     ) -> Result<(ContactId, Modifier)> {
         let mut sth_modified = Modifier::None;
 
-        ensure!(!addr.is_empty(), "Can not add_or_lookup empty address");
+        ensure!(
+            !addr.is_empty() || !fingerprint.is_empty(),
+            "Can not add_or_lookup empty address"
+        );
         ensure!(origin != Origin::Unknown, "Missing valid origin");
 
-        if context.is_self_addr(addr).await? {
+        if context.is_configured().await? && context.is_self_addr(addr).await? {
             return Ok((ContactId::SELF, sth_modified));
         }
 
+        if !fingerprint.is_empty() && context.is_configured().await? {
+            let fingerprint_self = self_fingerprint(context)
+                .await
+                .context("self_fingerprint")?;
+            if fingerprint == fingerprint_self {
+                return Ok((ContactId::SELF, sth_modified));
+            }
+        }
+
         let mut name = sanitize_name(name);
         if origin <= Origin::OutgoingTo {
             // The user may accidentally have written to a "noreply" address with another MUA:
@@ -902,8 +934,10 @@ impl Contact {
                 let row = transaction
                     .query_row(
                         "SELECT id, name, addr, origin, authname
-                 FROM contacts WHERE addr=? COLLATE NOCASE",
-                        (addr,),
+                         FROM contacts
+                         WHERE fingerprint=?1 AND
+                         (?1<>'' OR addr=?2 COLLATE NOCASE)",
+                        (fingerprint, addr),
                         |row| {
                             let row_id: u32 = row.get(0)?;
                             let row_name: String = row.get(1)?;
@@ -927,7 +961,7 @@ impl Contact {
                             || row_authname.is_empty());
 
                     row_id = id;
-                    if origin >= row_origin && addr.as_ref() != row_addr {
+                    if origin >= row_origin && addr != row_addr {
                         update_addr = true;
                     }
                     if update_name || update_authname || update_addr || origin > row_origin {
@@ -971,11 +1005,12 @@ impl Contact {
                     let update_authname = !manual;
 
                     transaction.execute(
-                        "INSERT INTO contacts (name, addr, origin, authname)
-                         VALUES (?, ?, ?, ?);",
+                        "INSERT INTO contacts (name, addr, fingerprint, origin, authname)
+                         VALUES (?, ?, ?, ?, ?);",
                         (
                             if update_name { &name } else { "" },
                             &addr,
+                            fingerprint,
                             origin,
                             if update_authname { &name } else { "" },
                         ),
@@ -983,7 +1018,14 @@ impl Contact {
 
                     sth_modified = Modifier::Created;
                     row_id = u32::try_from(transaction.last_insert_rowid())?;
-                    info!(context, "Added contact id={row_id} addr={addr}.");
+                    if fingerprint.is_empty() {
+                        info!(context, "Added contact id={row_id} addr={addr}.");
+                    } else {
+                        info!(
+                            context,
+                            "Added contact id={row_id} fpr={fingerprint} addr={addr}."
+                        );
+                    }
                 }
                 Ok(row_id)
             })
@@ -1047,11 +1089,12 @@ impl Contact {
     /// Returns known and unblocked contacts.
     ///
     /// To get information about a single contact, see get_contact().
+    /// By default, key-contacts are listed.
     ///
-    /// `listflags` is a combination of flags:
-    /// - if the flag DC_GCL_ADD_SELF is set, SELF is added to the list unless filtered by other parameters
-    ///
-    /// `query` is a string to filter the list.
+    /// * `listflags` - A combination of flags:
+    ///   - `DC_GCL_ADD_SELF` - Add SELF unless filtered by other parameters.
+    ///   - `DC_GCL_ADDRESS` - List address-contacts instead of key-contacts.
+    /// * `query` - A string to filter the list.
     pub async fn get_all(
         context: &Context,
         listflags: u32,
@@ -1064,7 +1107,8 @@ impl Contact {
             .collect::<HashSet<_>>();
         let mut add_self = false;
         let mut ret = Vec::new();
-        let flag_add_self = (listflags & DC_GCL_ADD_SELF) != 0;
+        let flag_add_self = (listflags & constants::DC_GCL_ADD_SELF) != 0;
+        let flag_address = (listflags & constants::DC_GCL_ADDRESS) != 0;
         let minimal_origin = if context.get_config_bool(Config::Bot).await? {
             Origin::Unknown
         } else {
@@ -1076,14 +1120,15 @@ impl Contact {
                 .sql
                 .query_map(
                     "SELECT c.id, c.addr FROM contacts c
-                 LEFT JOIN acpeerstates ps ON c.addr=ps.addr  \
                  WHERE c.id>?
+                 AND (c.fingerprint='')=?
                  AND c.origin>=? \
                  AND c.blocked=0 \
                  AND (iif(c.name='',c.authname,c.name) LIKE ? OR c.addr LIKE ?) \
                  ORDER BY c.last_seen DESC, c.id DESC;",
                     (
                         ContactId::LAST_SPECIAL,
+                        flag_address,
                         minimal_origin,
                         &s3str_like_cmd,
                         &s3str_like_cmd,
@@ -1133,10 +1178,11 @@ impl Contact {
                 .query_map(
                     "SELECT id, addr FROM contacts
                  WHERE id>?
+                 AND (fingerprint='')=?
                  AND origin>=?
                  AND blocked=0
                  ORDER BY last_seen DESC, id DESC;",
-                    (ContactId::LAST_SPECIAL, minimal_origin),
+                    (ContactId::LAST_SPECIAL, flag_address, minimal_origin),
                     |row| {
                         let id: ContactId = row.get(0)?;
                         let addr: String = row.get(1)?;
@@ -1162,7 +1208,7 @@ impl Contact {
         Ok(ret)
     }
 
-    /// Adds blocked mailinglists as contacts
+    /// Adds blocked mailinglists and broadcast channels as pseudo-contacts
     /// to allow unblocking them as if they are contacts
     /// (this way, only one unblock-ffi is needed and only one set of ui-functions,
     /// from the users perspective,
@@ -1171,15 +1217,20 @@ impl Contact {
         context
             .sql
             .transaction(move |transaction| {
-                let mut stmt = transaction
-                    .prepare("SELECT name, grpid FROM chats WHERE type=? AND blocked=?")?;
-                let rows = stmt.query_map((Chattype::Mailinglist, Blocked::Yes), |row| {
-                    let name: String = row.get(0)?;
-                    let grpid: String = row.get(1)?;
-                    Ok((name, grpid))
-                })?;
+                let mut stmt = transaction.prepare(
+                    "SELECT name, grpid, type FROM chats WHERE (type=? OR type=?) AND blocked=?",
+                )?;
+                let rows = stmt.query_map(
+                    (Chattype::Mailinglist, Chattype::InBroadcast, Blocked::Yes),
+                    |row| {
+                        let name: String = row.get(0)?;
+                        let grpid: String = row.get(1)?;
+                        let typ: Chattype = row.get(2)?;
+                        Ok((name, grpid, typ))
+                    },
+                )?;
                 let blocked_mailinglists = rows.collect::<std::result::Result<Vec<_>, _>>()?;
-                for (name, grpid) in blocked_mailinglists {
+                for (name, grpid, typ) in blocked_mailinglists {
                     let count = transaction.query_row(
                         "SELECT COUNT(id) FROM contacts WHERE addr=?",
                         [&grpid],
@@ -1192,10 +1243,17 @@ impl Contact {
                         transaction.execute("INSERT INTO contacts (addr) VALUES (?)", [&grpid])?;
                     }
 
+                    let fingerprint = if typ == Chattype::InBroadcast {
+                        // Set some fingerprint so that is_pgp_contact() returns true,
+                        // and the contact isn't marked with a letter icon.
+                        "Blocked_broadcast"
+                    } else {
+                        ""
+                    };
                     // Always do an update in case the blocking is reset or name is changed.
                     transaction.execute(
-                        "UPDATE contacts SET name=?, origin=?, blocked=1 WHERE addr=?",
-                        (&name, Origin::MailinglistAddress, &grpid),
+                        "UPDATE contacts SET name=?, origin=?, blocked=1, fingerprint=? WHERE addr=?",
+                        (&name, Origin::MailinglistAddress, fingerprint, &grpid),
                     )?;
                 }
                 Ok(())
@@ -1253,17 +1311,16 @@ impl Contact {
             .get_config(Config::ConfiguredAddr)
             .await?
             .unwrap_or_default();
-        let peerstate = Peerstate::from_addr(context, &contact.addr).await?;
 
-        let Some(peerstate) = peerstate.filter(|peerstate| peerstate.peek_key(false).is_some())
-        else {
+        let Some(fingerprint_other) = contact.fingerprint() else {
             return Ok(stock_str::encr_none(context).await);
         };
+        let fingerprint_other = fingerprint_other.to_string();
 
-        let stock_message = match peerstate.prefer_encrypt {
-            EncryptPreference::Mutual => stock_str::e2e_preferred(context).await,
-            EncryptPreference::NoPreference => stock_str::e2e_available(context).await,
-            EncryptPreference::Reset => stock_str::encr_none(context).await,
+        let stock_message = if contact.public_key(context).await?.is_some() {
+            stock_str::e2e_available(context).await
+        } else {
+            stock_str::encr_none(context).await
         };
 
         let finger_prints = stock_str::finger_prints(context).await;
@@ -1273,43 +1330,31 @@ impl Contact {
             .await?
             .dc_fingerprint()
             .to_string();
-        let fingerprint_other_verified = peerstate
-            .peek_key(true)
-            .map(|k| k.dc_fingerprint().to_string())
-            .unwrap_or_default();
-        let fingerprint_other_unverified = peerstate
-            .peek_key(false)
-            .map(|k| k.dc_fingerprint().to_string())
-            .unwrap_or_default();
-        if addr < peerstate.addr {
+        if addr < contact.addr {
             cat_fingerprint(
                 &mut ret,
                 &stock_str::self_msg(context).await,
                 &addr,
                 &fingerprint_self,
-                "",
             );
             cat_fingerprint(
                 &mut ret,
                 contact.get_display_name(),
-                &peerstate.addr,
-                &fingerprint_other_verified,
-                &fingerprint_other_unverified,
+                &contact.addr,
+                &fingerprint_other,
             );
         } else {
             cat_fingerprint(
                 &mut ret,
                 contact.get_display_name(),
-                &peerstate.addr,
-                &fingerprint_other_verified,
-                &fingerprint_other_unverified,
+                &contact.addr,
+                &fingerprint_other,
             );
             cat_fingerprint(
                 &mut ret,
                 &stock_str::self_msg(context).await,
                 &addr,
                 &fingerprint_self,
-                "",
             );
         }
 
@@ -1382,6 +1427,59 @@ impl Contact {
         &self.addr
     }
 
+    /// Returns true if the contact is a key-contact.
+    /// Otherwise it is an addresss-contact.
+    pub fn is_key_contact(&self) -> bool {
+        self.fingerprint.is_some()
+    }
+
+    /// Returns OpenPGP fingerprint of a contact.
+    ///
+    /// `None` for address-contacts.
+    pub fn fingerprint(&self) -> Option<Fingerprint> {
+        if let Some(fingerprint) = &self.fingerprint {
+            fingerprint.parse().ok()
+        } else {
+            None
+        }
+    }
+
+    /// Returns OpenPGP public key of a contact.
+    ///
+    /// Returns `None` if the contact is not a key-contact
+    /// or if the key is not available.
+    /// It is possible for a key-contact to not have a key,
+    /// e.g. if only the fingerprint is known from a QR-code.
+    pub async fn public_key(&self, context: &Context) -> Result<Option<SignedPublicKey>> {
+        if self.id == ContactId::SELF {
+            return Ok(Some(load_self_public_key(context).await?));
+        }
+
+        if let Some(fingerprint) = &self.fingerprint {
+            if let Some(public_key_bytes) = context
+                .sql
+                .query_row_optional(
+                    "SELECT public_key
+                     FROM public_keys
+                     WHERE fingerprint=?",
+                    (fingerprint,),
+                    |row| {
+                        let bytes: Vec<u8> = row.get(0)?;
+                        Ok(bytes)
+                    },
+                )
+                .await?
+            {
+                let public_key = SignedPublicKey::from_slice(&public_key_bytes)?;
+                Ok(Some(public_key))
+            } else {
+                Ok(None)
+            }
+        } else {
+            Ok(None)
+        }
+    }
+
     /// Get name authorized by the contact.
     pub fn get_authname(&self) -> &str {
         &self.authname
@@ -1447,11 +1545,28 @@ impl Contact {
     /// This is the image set by each remote user on their own
     /// using set_config(context, "selfavatar", image).
     pub async fn get_profile_image(&self, context: &Context) -> Result<Option<PathBuf>> {
+        self.get_profile_image_ex(context, true).await
+    }
+
+    /// Get the contact's profile image.
+    /// This is the image set by each remote user on their own
+    /// using set_config(context, "selfavatar", image).
+    async fn get_profile_image_ex(
+        &self,
+        context: &Context,
+        show_fallback_icon: bool,
+    ) -> Result<Option<PathBuf>> {
         if self.id == ContactId::SELF {
             if let Some(p) = context.get_config(Config::Selfavatar).await? {
                 return Ok(Some(PathBuf::from(p))); // get_config() calls get_abs_path() internally already
             }
-        } else if let Some(image_rel) = self.param.get(Param::ProfileImage) {
+        } else if self.id == ContactId::DEVICE {
+            return Ok(Some(chat::get_device_icon(context).await?));
+        }
+        if show_fallback_icon && !self.id.is_special() && !self.is_key_contact() {
+            return Ok(Some(chat::get_unencrypted_icon(context).await?));
+        }
+        if let Some(image_rel) = self.param.get(Param::ProfileImage) {
             if !image_rel.is_empty() {
                 return Ok(Some(get_abs_path(context, Path::new(image_rel))));
             }
@@ -1460,11 +1575,16 @@ impl Contact {
     }
 
     /// Get a color for the contact.
-    /// The color is calculated from the contact's email address
-    /// and can be used for an fallback avatar with white initials
+    /// The color is calculated from the contact's fingerprint (for key-contacts)
+    /// or email address (for address-contacts) and can be used
+    /// for an fallback avatar with white initials
     /// as well as for headlines in bubbles of group chats.
     pub fn get_color(&self) -> u32 {
-        str_to_color(&self.addr.to_lowercase())
+        if let Some(fingerprint) = self.fingerprint() {
+            str_to_color(&fingerprint.hex())
+        } else {
+            str_to_color(&self.addr.to_lowercase())
+        }
     }
 
     /// Gets the contact's status.
@@ -1477,25 +1597,21 @@ impl Contact {
     /// Returns whether end-to-end encryption to the contact is available.
     pub async fn e2ee_avail(&self, context: &Context) -> Result<bool> {
         if self.id == ContactId::SELF {
+            // We don't need to check if we have our own key.
             return Ok(true);
         }
-        let Some(peerstate) = Peerstate::from_addr(context, &self.addr).await? else {
-            return Ok(false);
-        };
-        Ok(peerstate.peek_key(false).is_some())
+        Ok(self.public_key(context).await?.is_some())
     }
 
     /// Returns true if the contact
-    /// can be added to verified chats,
-    /// i.e. has a verified key
-    /// and Autocrypt key matches the verified key.
+    /// can be added to verified chats.
     ///
     /// If contact is verified
     /// UI should display green checkmark after the contact name
     /// in contact list items and
     /// in chat member list items.
     ///
-    /// In contact profile view, us this function only if there is no chat with the contact,
+    /// In contact profile view, use this function only if there is no chat with the contact,
     /// otherwise use is_chat_protected().
     /// Use [Self::get_verifier_id] to display the verifier contact
     /// in the info section of the contact profile.
@@ -1506,64 +1622,31 @@ impl Contact {
             return Ok(true);
         }
 
-        let Some(peerstate) = Peerstate::from_addr(context, &self.addr).await? else {
-            return Ok(false);
-        };
-
-        let forward_verified = peerstate.is_using_verified_key();
-        let backward_verified = peerstate.is_backward_verified(context).await?;
-        Ok(forward_verified && backward_verified)
-    }
-
-    /// Returns true if we have a verified key for the contact
-    /// and it is the same as Autocrypt key.
-    /// This is enough to send messages to the contact in verified chat
-    /// and verify received messages, but not enough to display green checkmark
-    /// or add the contact to verified groups.
-    pub async fn is_forward_verified(&self, context: &Context) -> Result<bool> {
-        if self.id == ContactId::SELF {
-            return Ok(true);
-        }
-
-        let Some(peerstate) = Peerstate::from_addr(context, &self.addr).await? else {
-            return Ok(false);
-        };
-
-        Ok(peerstate.is_using_verified_key())
+        Ok(self.get_verifier_id(context).await?.is_some())
     }
 
     /// Returns the `ContactId` that verified the contact.
     ///
-    /// If the function returns non-zero result,
+    /// If this returns Some(_),
     /// display green checkmark in the profile and "Introduced by ..." line
     /// with the name and address of the contact
     /// formatted by [Self::get_name_n_addr].
     ///
-    /// If this function returns a verifier,
-    /// this does not necessarily mean
-    /// you can add the contact to verified chats.
-    /// Use [Self::is_verified] to check
-    /// if a contact can be added to a verified chat instead.
-    pub async fn get_verifier_id(&self, context: &Context) -> Result<Option<ContactId>> {
-        let Some(verifier_addr) = Peerstate::from_addr(context, self.get_addr())
+    /// If this returns `Some(None)`, then the contact is verified,
+    /// but it's unclear by whom.
+    pub async fn get_verifier_id(&self, context: &Context) -> Result<Option<Option<ContactId>>> {
+        let verifier_id: u32 = context
+            .sql
+            .query_get_value("SELECT verifier FROM contacts WHERE id=?", (self.id,))
             .await?
-            .and_then(|peerstate| peerstate.get_verifier().map(|addr| addr.to_owned()))
-        else {
-            return Ok(None);
-        };
+            .with_context(|| format!("Contact {} does not exist", self.id))?;
 
-        if addr_cmp(&verifier_addr, &self.addr) {
-            // Contact is directly verified via QR code.
-            return Ok(Some(ContactId::SELF));
-        }
-
-        match Contact::lookup_id_by_addr(context, &verifier_addr, Origin::Unknown).await? {
-            Some(contact_id) => Ok(Some(contact_id)),
-            None => {
-                let addr = &self.addr;
-                warn!(context, "Could not lookup contact with address {verifier_addr} which introduced {addr}.");
-                Ok(None)
-            }
+        if verifier_id == 0 {
+            Ok(None)
+        } else if verifier_id == self.id.to_u32() {
+            Ok(Some(None))
+        } else {
+            Ok(Some(Some(ContactId::new(verifier_id))))
         }
     }
 
@@ -1735,14 +1818,16 @@ WHERE type=? AND id IN (
                 true => chat::SyncAction::Block,
                 false => chat::SyncAction::Unblock,
             };
-            chat::sync(
-                context,
-                chat::SyncId::ContactAddr(contact.addr.clone()),
-                action,
-            )
-            .await
-            .log_err(context)
-            .ok();
+            let sync_id = if let Some(fingerprint) = contact.fingerprint() {
+                chat::SyncId::ContactFingerprint(fingerprint.hex())
+            } else {
+                chat::SyncId::ContactAddr(contact.addr.clone())
+            };
+
+            chat::sync(context, sync_id, action)
+                .await
+                .log_err(context)
+                .ok();
         }
     }
 
@@ -1862,29 +1947,53 @@ pub(crate) async fn update_last_seen(
     Ok(())
 }
 
-fn cat_fingerprint(
-    ret: &mut String,
-    name: &str,
-    addr: &str,
-    fingerprint_verified: &str,
-    fingerprint_unverified: &str,
-) {
-    *ret += &format!(
-        "\n\n{} ({}):\n{}",
-        name,
-        addr,
-        if !fingerprint_verified.is_empty() {
-            fingerprint_verified
-        } else {
-            fingerprint_unverified
-        },
+/// Marks contact `contact_id` as verified by `verifier_id`.
+pub(crate) async fn mark_contact_id_as_verified(
+    context: &Context,
+    contact_id: ContactId,
+    verifier_id: ContactId,
+) -> Result<()> {
+    ensure_and_debug_assert_ne!(
+        contact_id,
+        verifier_id,
+        "Contact cannot be verified by self",
     );
-    if !fingerprint_verified.is_empty()
-        && !fingerprint_unverified.is_empty()
-        && fingerprint_verified != fingerprint_unverified
-    {
-        *ret += &format!("\n\n{name} (alternative):\n{fingerprint_unverified}");
-    }
+    context
+        .sql
+        .transaction(|transaction| {
+            let contact_fingerprint: String = transaction.query_row(
+                "SELECT fingerprint FROM contacts WHERE id=?",
+                (contact_id,),
+                |row| row.get(0),
+            )?;
+            if contact_fingerprint.is_empty() {
+                bail!("Non-key-contact {contact_id} cannot be verified");
+            }
+            if verifier_id != ContactId::SELF {
+                let verifier_fingerprint: String = transaction.query_row(
+                    "SELECT fingerprint FROM contacts WHERE id=?",
+                    (verifier_id,),
+                    |row| row.get(0),
+                )?;
+                if verifier_fingerprint.is_empty() {
+                    bail!(
+                        "Contact {contact_id} cannot be verified by non-key-contact {verifier_id}"
+                    );
+                }
+            }
+            transaction.execute(
+                "UPDATE contacts SET verifier=?1
+                 WHERE id=?2 AND (verifier=0 OR ?1=?3)",
+                (verifier_id, contact_id, ContactId::SELF),
+            )?;
+            Ok(())
+        })
+        .await?;
+    Ok(())
+}
+
+fn cat_fingerprint(ret: &mut String, name: &str, addr: &str, fingerprint: &str) {
+    *ret += &format!("\n\n{name} ({addr}):\n{fingerprint}");
 }
 
 fn split_address_book(book: &str) -> Vec<(&str, &str)> {

src/contact/contact_tests.rs

@@ -1,7 +1,7 @@
-use deltachat_contact_tools::may_be_valid_addr;
+use deltachat_contact_tools::{addr_cmp, may_be_valid_addr};
 
 use super::*;
-use crate::chat::{get_chat_contacts, send_text_msg, Chat};
+use crate::chat::{Chat, get_chat_contacts, send_text_msg};
 use crate::chatlist::Chatlist;
 use crate::receive_imf::receive_imf;
 use crate::test_utils::{self, TestContext, TestContextManager, TimeShiftFalsePositiveNote};
@@ -56,64 +56,83 @@ fn test_split_address_book() {
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_get_contacts() -> Result<()> {
-    let context = TestContext::new().await;
+    let mut tcm = TestContextManager::new();
+    let context = tcm.bob().await;
+    let alice = tcm.alice().await;
+    alice
+        .set_config(Config::Displayname, Some("MyName"))
+        .await?;
 
-    assert!(context.get_all_self_addrs().await?.is_empty());
-
-    // Bob is not in the contacts yet.
-    let contacts = Contact::get_all(&context.ctx, 0, Some("bob")).await?;
+    // Alice is not in the contacts yet.
+    let contacts = Contact::get_all(&context.ctx, 0, Some("Alice")).await?;
+    assert_eq!(contacts.len(), 0);
+    let contacts = Contact::get_all(&context.ctx, 0, Some("MyName")).await?;
     assert_eq!(contacts.len(), 0);
 
-    let (id, _modified) = Contact::add_or_lookup(
-        &context.ctx,
-        "bob",
-        &ContactAddress::new("user@example.org")?,
-        Origin::IncomingReplyTo,
-    )
-    .await?;
+    let claire_id = Contact::create(&context, "someone", "claire@example.org").await?;
+    let dave_id = Contact::create(&context, "", "dave@example.org").await?;
+
+    let id = context.add_or_lookup_contact_id(&alice).await;
     assert_ne!(id, ContactId::UNDEFINED);
 
-    let contact = Contact::get_by_id(&context.ctx, id).await.unwrap();
+    let contact = Contact::get_by_id(&context, id).await.unwrap();
     assert_eq!(contact.get_name(), "");
-    assert_eq!(contact.get_authname(), "bob");
-    assert_eq!(contact.get_display_name(), "bob");
+    assert_eq!(contact.get_authname(), "MyName");
+    assert_eq!(contact.get_display_name(), "MyName");
 
     // Search by name.
-    let contacts = Contact::get_all(&context.ctx, 0, Some("bob")).await?;
+    let contacts = Contact::get_all(&context, 0, Some("myname")).await?;
     assert_eq!(contacts.len(), 1);
     assert_eq!(contacts.first(), Some(&id));
 
     // Search by address.
-    let contacts = Contact::get_all(&context.ctx, 0, Some("user")).await?;
+    let contacts = Contact::get_all(&context, 0, Some("alice@example.org")).await?;
     assert_eq!(contacts.len(), 1);
     assert_eq!(contacts.first(), Some(&id));
 
-    let contacts = Contact::get_all(&context.ctx, 0, Some("alice")).await?;
+    let contacts = Contact::get_all(&context, 0, Some("Foobar")).await?;
     assert_eq!(contacts.len(), 0);
 
-    // Set Bob name to "someone" manually.
-    let (contact_bob_id, modified) = Contact::add_or_lookup(
-        &context.ctx,
-        "someone",
-        &ContactAddress::new("user@example.org")?,
-        Origin::ManuallyCreated,
-    )
-    .await?;
-    assert_eq!(contact_bob_id, id);
-    assert_eq!(modified, Modifier::Modified);
+    // Set Alice name to "someone" manually.
+    id.set_name(&context, "someone").await?;
     let contact = Contact::get_by_id(&context.ctx, id).await.unwrap();
     assert_eq!(contact.get_name(), "someone");
-    assert_eq!(contact.get_authname(), "bob");
+    assert_eq!(contact.get_authname(), "MyName");
     assert_eq!(contact.get_display_name(), "someone");
 
     // Not searchable by authname, because it is not displayed.
-    let contacts = Contact::get_all(&context.ctx, 0, Some("bob")).await?;
+    let contacts = Contact::get_all(&context, 0, Some("MyName")).await?;
     assert_eq!(contacts.len(), 0);
 
-    // Search by display name (same as manually set name).
-    let contacts = Contact::get_all(&context.ctx, 0, Some("someone")).await?;
-    assert_eq!(contacts.len(), 1);
-    assert_eq!(contacts.first(), Some(&id));
+    for add_self in [0, constants::DC_GCL_ADD_SELF] {
+        info!(&context, "add_self={add_self}");
+
+        // Search key-contacts by display name (same as manually set name).
+        let contacts = Contact::get_all(&context.ctx, add_self, Some("someone")).await?;
+        assert_eq!(contacts, vec![id]);
+
+        // Get all key-contacts.
+        let contacts = Contact::get_all(&context, add_self, None).await?;
+        match add_self {
+            0 => assert_eq!(contacts, vec![id]),
+            _ => assert_eq!(contacts, vec![id, ContactId::SELF]),
+        }
+    }
+
+    // Search address-contacts by display name.
+    let contacts = Contact::get_all(&context, constants::DC_GCL_ADDRESS, Some("someone")).await?;
+    assert_eq!(contacts, vec![claire_id]);
+
+    // Get all address-contacts. Newer contacts go first.
+    let contacts = Contact::get_all(&context, constants::DC_GCL_ADDRESS, None).await?;
+    assert_eq!(contacts, vec![dave_id, claire_id]);
+    let contacts = Contact::get_all(
+        &context,
+        constants::DC_GCL_ADDRESS | constants::DC_GCL_ADD_SELF,
+        None,
+    )
+    .await?;
+    assert_eq!(contacts, vec![dave_id, claire_id, ContactId::SELF]);
 
     Ok(())
 }
@@ -133,7 +152,7 @@ async fn test_is_self_addr() -> Result<()> {
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_add_or_lookup() {
     // add some contacts, this also tests add_address_book()
-    let t = TestContext::new().await;
+    let t = TestContext::new_alice().await;
     let book = concat!(
         "  Name one  \n one@eins.org \n",
         "Name two\ntwo@deux.net\n",
@@ -247,7 +266,7 @@ async fn test_add_or_lookup() {
     // check SELF
     let contact = Contact::get_by_id(&t, ContactId::SELF).await.unwrap();
     assert_eq!(contact.get_name(), stock_str::self_msg(&t).await);
-    assert_eq!(contact.get_addr(), ""); // we're not configured
+    assert_eq!(contact.get_addr(), "alice@example.org");
     assert!(!contact.is_blocked());
 }
 
@@ -282,7 +301,7 @@ async fn test_contact_name_changes() -> Result<()> {
     assert_eq!(contact.get_display_name(), "f@example.org");
     assert_eq!(contact.get_name_n_addr(), "f@example.org");
     let contacts = Contact::get_all(&t, 0, Some("f@example.org")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
 
     // second message inits the name
     receive_imf(
@@ -308,9 +327,9 @@ async fn test_contact_name_changes() -> Result<()> {
     assert_eq!(contact.get_display_name(), "Flobbyfoo");
     assert_eq!(contact.get_name_n_addr(), "Flobbyfoo (f@example.org)");
     let contacts = Contact::get_all(&t, 0, Some("f@example.org")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
     let contacts = Contact::get_all(&t, 0, Some("flobbyfoo")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
 
     // third message changes the name
     receive_imf(
@@ -338,11 +357,11 @@ async fn test_contact_name_changes() -> Result<()> {
     assert_eq!(contact.get_display_name(), "Foo Flobby");
     assert_eq!(contact.get_name_n_addr(), "Foo Flobby (f@example.org)");
     let contacts = Contact::get_all(&t, 0, Some("f@example.org")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
     let contacts = Contact::get_all(&t, 0, Some("flobbyfoo")).await?;
     assert_eq!(contacts.len(), 0);
     let contacts = Contact::get_all(&t, 0, Some("Foo Flobby")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
 
     // change name manually
     let test_id = Contact::create(&t, "Falk", "f@example.org").await?;
@@ -356,9 +375,9 @@ async fn test_contact_name_changes() -> Result<()> {
     assert_eq!(contact.get_display_name(), "Falk");
     assert_eq!(contact.get_name_n_addr(), "Falk (f@example.org)");
     let contacts = Contact::get_all(&t, 0, Some("f@example.org")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
     let contacts = Contact::get_all(&t, 0, Some("falk")).await?;
-    assert_eq!(contacts.len(), 1);
+    assert_eq!(contacts.len(), 0);
 
     Ok(())
 }
@@ -366,20 +385,13 @@ async fn test_contact_name_changes() -> Result<()> {
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_delete() -> Result<()> {
     let alice = TestContext::new_alice().await;
+    let bob = TestContext::new_bob().await;
 
     assert!(Contact::delete(&alice, ContactId::SELF).await.is_err());
 
     // Create Bob contact
-    let (contact_id, _) = Contact::add_or_lookup(
-        &alice,
-        "Bob",
-        &ContactAddress::new("bob@example.net")?,
-        Origin::ManuallyCreated,
-    )
-    .await?;
-    let chat = alice
-        .create_chat_with_contact("Bob", "bob@example.net")
-        .await;
+    let contact_id = alice.add_or_lookup_contact_id(&bob).await;
+    let chat = alice.create_chat(&bob).await;
     assert_eq!(
         Contact::get_all(&alice, 0, Some("bob@example.net"))
             .await?
@@ -416,30 +428,57 @@ async fn test_delete() -> Result<()> {
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_delete_and_recreate_contact() -> Result<()> {
-    let t = TestContext::new_alice().await;
+    let mut tcm = TestContextManager::new();
+    let t = tcm.alice().await;
+    let bob = tcm.bob().await;
 
     // test recreation after physical deletion
-    let contact_id1 = Contact::create(&t, "Foo", "foo@bar.de").await?;
-    assert_eq!(Contact::get_all(&t, 0, Some("foo@bar.de")).await?.len(), 1);
+    let contact_id1 = t.add_or_lookup_contact_id(&bob).await;
+    assert_eq!(
+        Contact::get_all(&t, 0, Some("bob@example.net"))
+            .await?
+            .len(),
+        1
+    );
     Contact::delete(&t, contact_id1).await?;
     assert!(Contact::get_by_id(&t, contact_id1).await.is_err());
-    assert_eq!(Contact::get_all(&t, 0, Some("foo@bar.de")).await?.len(), 0);
-    let contact_id2 = Contact::create(&t, "Foo", "foo@bar.de").await?;
+    assert_eq!(
+        Contact::get_all(&t, 0, Some("bob@example.net"))
+            .await?
+            .len(),
+        0
+    );
+    let contact_id2 = t.add_or_lookup_contact_id(&bob).await;
     assert_ne!(contact_id2, contact_id1);
-    assert_eq!(Contact::get_all(&t, 0, Some("foo@bar.de")).await?.len(), 1);
+    assert_eq!(
+        Contact::get_all(&t, 0, Some("bob@example.net"))
+            .await?
+            .len(),
+        1
+    );
 
     // test recreation after hiding
-    t.create_chat_with_contact("Foo", "foo@bar.de").await;
+    t.create_chat(&bob).await;
     Contact::delete(&t, contact_id2).await?;
     let contact = Contact::get_by_id(&t, contact_id2).await?;
     assert_eq!(contact.origin, Origin::Hidden);
-    assert_eq!(Contact::get_all(&t, 0, Some("foo@bar.de")).await?.len(), 0);
+    assert_eq!(
+        Contact::get_all(&t, 0, Some("bob@example.net"))
+            .await?
+            .len(),
+        0
+    );
 
-    let contact_id3 = Contact::create(&t, "Foo", "foo@bar.de").await?;
+    let contact_id3 = t.add_or_lookup_contact_id(&bob).await;
     let contact = Contact::get_by_id(&t, contact_id3).await?;
-    assert_eq!(contact.origin, Origin::ManuallyCreated);
+    assert_eq!(contact.origin, Origin::CreateChat);
     assert_eq!(contact_id3, contact_id2);
-    assert_eq!(Contact::get_all(&t, 0, Some("foo@bar.de")).await?.len(), 1);
+    assert_eq!(
+        Contact::get_all(&t, 0, Some("bob@example.net"))
+            .await?
+            .len(),
+        1
+    );
 
     Ok(())
 }
@@ -666,20 +705,28 @@ async fn test_name_in_address() {
     assert_eq!(contact.get_name(), "name1");
     assert_eq!(contact.get_addr(), "dave@example.org");
 
-    assert!(Contact::create(&t, "", "<dskjfdslk@sadklj.dk")
-        .await
-        .is_err());
-    assert!(Contact::create(&t, "", "<dskjf>dslk@sadklj.dk>")
-        .await
-        .is_err());
+    assert!(
+        Contact::create(&t, "", "<dskjfdslk@sadklj.dk")
+            .await
+            .is_err()
+    );
+    assert!(
+        Contact::create(&t, "", "<dskjf>dslk@sadklj.dk>")
+            .await
+            .is_err()
+    );
     assert!(Contact::create(&t, "", "dskjfdslksadklj.dk").await.is_err());
-    assert!(Contact::create(&t, "", "dskjfdslk@sadklj.dk>")
-        .await
-        .is_err());
+    assert!(
+        Contact::create(&t, "", "dskjfdslk@sadklj.dk>")
+            .await
+            .is_err()
+    );
     assert!(Contact::create(&t, "", "dskjf dslk@d.e").await.is_err());
-    assert!(Contact::create(&t, "", "<dskjf dslk@sadklj.dk")
-        .await
-        .is_err());
+    assert!(
+        Contact::create(&t, "", "<dskjf dslk@sadklj.dk")
+            .await
+            .is_err()
+    );
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -712,7 +759,7 @@ async fn test_contact_get_color() -> Result<()> {
     let t = TestContext::new().await;
     let contact_id = Contact::create(&t, "name", "name@example.net").await?;
     let color1 = Contact::get_by_id(&t, contact_id).await?.get_color();
-    assert_eq!(color1, 0xA739FF);
+    assert_eq!(color1, 0x4947dc);
 
     let t = TestContext::new().await;
     let contact_id = Contact::create(&t, "prename name", "name@example.net").await?;
@@ -728,51 +775,59 @@ async fn test_contact_get_color() -> Result<()> {
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_contact_get_encrinfo() -> Result<()> {
-    let alice = TestContext::new_alice().await;
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
 
     // Return error for special IDs
-    let encrinfo = Contact::get_encrinfo(&alice, ContactId::SELF).await;
+    let encrinfo = Contact::get_encrinfo(alice, ContactId::SELF).await;
     assert!(encrinfo.is_err());
-    let encrinfo = Contact::get_encrinfo(&alice, ContactId::DEVICE).await;
+    let encrinfo = Contact::get_encrinfo(alice, ContactId::DEVICE).await;
     assert!(encrinfo.is_err());
 
-    let (contact_bob_id, _modified) = Contact::add_or_lookup(
-        &alice,
-        "Bob",
-        &ContactAddress::new("bob@example.net")?,
-        Origin::ManuallyCreated,
-    )
-    .await?;
-
-    let encrinfo = Contact::get_encrinfo(&alice, contact_bob_id).await?;
+    let address_contact_bob_id = alice.add_or_lookup_address_contact_id(bob).await;
+    let encrinfo = Contact::get_encrinfo(alice, address_contact_bob_id).await?;
     assert_eq!(encrinfo, "No encryption");
-    let contact = Contact::get_by_id(&alice, contact_bob_id).await?;
-    assert!(!contact.e2ee_avail(&alice).await?);
 
-    let bob = TestContext::new_bob().await;
-    let chat_alice = bob
-        .create_chat_with_contact("Alice", "alice@example.org")
-        .await;
-    send_text_msg(&bob, chat_alice.id, "Hello".to_string()).await?;
-    let msg = bob.pop_sent_msg().await;
-    alice.recv_msg(&msg).await;
+    let contact = Contact::get_by_id(alice, address_contact_bob_id).await?;
+    assert!(!contact.e2ee_avail(alice).await?);
 
-    let encrinfo = Contact::get_encrinfo(&alice, contact_bob_id).await?;
+    let contact_bob_id = alice.add_or_lookup_contact_id(bob).await;
+    let encrinfo = Contact::get_encrinfo(alice, contact_bob_id).await?;
     assert_eq!(
         encrinfo,
-        "End-to-end encryption preferred.
+        "End-to-end encryption available.
 Fingerprints:
 
 Me (alice@example.org):
 2E6F A2CB 23B5 32D7 2863
 4B58 64B0 8F61 A9ED 9443
 
-Bob (bob@example.net):
+bob@example.net (bob@example.net):
 CCCB 5AA9 F6E1 141C 9431
 65F1 DB18 B18C BCF7 0487"
     );
-    let contact = Contact::get_by_id(&alice, contact_bob_id).await?;
-    assert!(contact.e2ee_avail(&alice).await?);
+    let contact = Contact::get_by_id(alice, contact_bob_id).await?;
+    assert!(contact.e2ee_avail(alice).await?);
+
+    alice.sql.execute("DELETE FROM public_keys", ()).await?;
+    let encrinfo = Contact::get_encrinfo(alice, contact_bob_id).await?;
+    assert_eq!(
+        encrinfo,
+        "No encryption.
+Fingerprints:
+
+Me (alice@example.org):
+2E6F A2CB 23B5 32D7 2863
+4B58 64B0 8F61 A9ED 9443
+
+bob@example.net (bob@example.net):
+CCCB 5AA9 F6E1 141C 9431
+65F1 DB18 B18C BCF7 0487"
+    );
+    let contact = Contact::get_by_id(alice, contact_bob_id).await?;
+    assert!(!contact.e2ee_avail(alice).await?);
+
     Ok(())
 }
 
@@ -780,24 +835,24 @@ CCCB 5AA9 F6E1 141C 9431
 /// synchronized when the message is not encrypted.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_synchronize_status() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+
     // Alice has two devices.
-    let alice1 = TestContext::new_alice().await;
-    let alice2 = TestContext::new_alice().await;
+    let alice1 = &tcm.alice().await;
+    let alice2 = &tcm.alice().await;
 
     // Bob has one device.
-    let bob = TestContext::new_bob().await;
+    let bob = &tcm.bob().await;
 
     let default_status = alice1.get_config(Config::Selfstatus).await?;
 
     alice1
         .set_config(Config::Selfstatus, Some("New status"))
         .await?;
-    let chat = alice1
-        .create_chat_with_contact("Bob", "bob@example.net")
-        .await;
+    let chat = alice1.create_email_chat(bob).await;
 
     // Alice sends a message to Bob from the first device.
-    send_text_msg(&alice1, chat.id, "Hello".to_string()).await?;
+    send_text_msg(alice1, chat.id, "Hello".to_string()).await?;
     let sent_msg = alice1.pop_sent_msg().await;
 
     // Message is not encrypted.
@@ -813,18 +868,9 @@ async fn test_synchronize_status() -> Result<()> {
     // Message was not encrypted, so status is not copied.
     assert_eq!(alice2.get_config(Config::Selfstatus).await?, default_status);
 
-    // Bob replies.
-    let chat = bob
-        .create_chat_with_contact("Alice", "alice@example.org")
-        .await;
-
-    send_text_msg(&bob, chat.id, "Reply".to_string()).await?;
-    let sent_msg = bob.pop_sent_msg().await;
-    alice1.recv_msg(&sent_msg).await;
-    alice2.recv_msg(&sent_msg).await;
-
-    // Alice sends second message.
-    send_text_msg(&alice1, chat.id, "Hello".to_string()).await?;
+    // Alice sends encrypted message.
+    let chat = alice1.create_chat(bob).await;
+    send_text_msg(alice1, chat.id, "Hello".to_string()).await?;
     let sent_msg = alice1.pop_sent_msg().await;
 
     // Second message is encrypted.
@@ -845,12 +891,14 @@ async fn test_synchronize_status() -> Result<()> {
 /// Tests that DC_EVENT_SELFAVATAR_CHANGED is emitted on avatar changes.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_selfavatar_changed_event() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+
     // Alice has two devices.
-    let alice1 = TestContext::new_alice().await;
-    let alice2 = TestContext::new_alice().await;
+    let alice1 = &tcm.alice().await;
+    let alice2 = &tcm.alice().await;
 
     // Bob has one device.
-    let bob = TestContext::new_bob().await;
+    let bob = &tcm.bob().await;
 
     assert_eq!(alice1.get_config(Config::Selfavatar).await?, None);
 
@@ -866,20 +914,9 @@ async fn test_selfavatar_changed_event() -> Result<()> {
         .get_matching(|e| matches!(e, EventType::SelfavatarChanged))
         .await;
 
-    // Bob sends a message so that Alice can encrypt to him.
-    let chat = bob
-        .create_chat_with_contact("Alice", "alice@example.org")
-        .await;
-
-    send_text_msg(&bob, chat.id, "Reply".to_string()).await?;
-    let sent_msg = bob.pop_sent_msg().await;
-    alice1.recv_msg(&sent_msg).await;
-    alice2.recv_msg(&sent_msg).await;
-
     // Alice sends a message.
-    let alice1_chat_id = alice1.get_last_msg().await.chat_id;
-    alice1_chat_id.accept(&alice1).await?;
-    send_text_msg(&alice1, alice1_chat_id, "Hello".to_string()).await?;
+    let alice1_chat_id = alice1.create_chat(bob).await.id;
+    send_text_msg(alice1, alice1_chat_id, "Hello".to_string()).await?;
     let sent_msg = alice1.pop_sent_msg().await;
 
     // The message is encrypted.
@@ -998,6 +1035,50 @@ async fn test_was_seen_recently_event() -> Result<()> {
     Ok(())
 }
 
+async fn test_lookup_id_by_addr_recent_ex(accept_unencrypted_chat: bool) -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let bob = &tcm.bob().await;
+
+    let raw = include_bytes!("../../test-data/message/thunderbird_with_autocrypt.eml");
+    assert!(std::str::from_utf8(raw)?.contains("Date: Thu, 24 Nov 2022 20:05:57 +0100"));
+    let received_msg = receive_imf(bob, raw, false).await?.unwrap();
+    received_msg.chat_id.accept(bob).await?;
+
+    let raw = r#"From: Alice <alice@example.org>
+To: bob@example.net
+Message-ID: message$TIME@example.org
+Content-Type: text/plain; charset=utf-8; format=flowed; delsp=no
+Date: Thu, 24 Nov 2022 $TIME +0100
+
+Hi"#
+    .to_string();
+    for (time, is_key_contact) in [("20:05:57", true), ("20:05:58", !accept_unencrypted_chat)] {
+        let raw = raw.replace("$TIME", time);
+        let received_msg = receive_imf(bob, raw.as_bytes(), false).await?.unwrap();
+        if accept_unencrypted_chat {
+            received_msg.chat_id.accept(bob).await?;
+        }
+        let contact_id = Contact::lookup_id_by_addr(bob, "alice@example.org", Origin::Unknown)
+            .await?
+            .unwrap();
+        let contact = Contact::get_by_id(bob, contact_id).await?;
+        assert_eq!(contact.is_key_contact(), is_key_contact);
+    }
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_lookup_id_by_addr_recent() -> Result<()> {
+    let accept_unencrypted_chat = true;
+    test_lookup_id_by_addr_recent_ex(accept_unencrypted_chat).await
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_lookup_id_by_addr_recent_accepted() -> Result<()> {
+    let accept_unencrypted_chat = false;
+    test_lookup_id_by_addr_recent_ex(accept_unencrypted_chat).await
+}
+
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_verified_by_none() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -1008,7 +1089,7 @@ async fn test_verified_by_none() -> Result<()> {
     let contact = Contact::get_by_id(&alice, contact_id).await?;
     assert!(contact.get_verifier_id(&alice).await?.is_none());
 
-    // Receive a message from Bob to create a peerstate.
+    // Receive a message from Bob to save the public key.
     let chat = bob.create_chat(&alice).await;
     let sent_msg = bob.send_text(chat.id, "moin").await;
     alice.recv_msg(&sent_msg).await;
@@ -1035,6 +1116,7 @@ async fn test_sync_create() -> Result<()> {
             .unwrap();
     let a1b_contact = Contact::get_by_id(alice1, a1b_contact_id).await?;
     assert_eq!(a1b_contact.name, "Bob");
+    assert_eq!(a1b_contact.is_key_contact(), false);
 
     Contact::create(alice0, "Bob Renamed", "bob@example.net").await?;
     test_utils::sync(alice0, alice1).await;
@@ -1044,6 +1126,7 @@ async fn test_sync_create() -> Result<()> {
     assert_eq!(id, a1b_contact_id);
     let a1b_contact = Contact::get_by_id(alice1, a1b_contact_id).await?;
     assert_eq!(a1b_contact.name, "Bob Renamed");
+    assert_eq!(a1b_contact.is_key_contact(), false);
 
     Ok(())
 }
@@ -1066,14 +1149,9 @@ async fn test_make_n_import_vcard() -> Result<()> {
     let bob_biography = bob.get_config(Config::Selfstatus).await?.unwrap();
     let chat = bob.create_chat(alice).await;
     let sent_msg = bob.send_text(chat.id, "moin").await;
-    alice.recv_msg(&sent_msg).await;
-    let bob_id = Contact::create(alice, "Some Bob", &bob_addr).await?;
-    let key_base64 = Peerstate::from_addr(alice, &bob_addr)
-        .await?
-        .unwrap()
-        .peek_key(false)
-        .unwrap()
-        .to_base64();
+    let bob_id = alice.recv_msg(&sent_msg).await.from_id;
+    let bob_contact = Contact::get_by_id(alice, bob_id).await?;
+    let key_base64 = bob_contact.public_key(alice).await?.unwrap().to_base64();
     let fiona_id = Contact::create(alice, "Fiona", "fiona@example.net").await?;
 
     assert_eq!(make_vcard(alice, &[]).await?, "".to_string());
@@ -1157,8 +1235,10 @@ async fn test_make_n_import_vcard() -> Result<()> {
     Ok(())
 }
 
+/// Tests importing a vCard with the same email address,
+/// but a new key.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_import_vcard_updates_only_key() -> Result<()> {
+async fn test_import_vcard_key_change() -> Result<()> {
     let alice = &TestContext::new_alice().await;
     let bob = &TestContext::new_bob().await;
     let bob_addr = &bob.get_config(Config::Addr).await?.unwrap();
@@ -1176,28 +1256,34 @@ async fn test_import_vcard_updates_only_key() -> Result<()> {
     let msg = bob.recv_msg(&sent_msg).await;
     assert!(msg.get_showpadlock());
 
-    let bob = &TestContext::new().await;
-    bob.configure_addr(bob_addr).await;
-    bob.set_config(Config::Displayname, Some("Not Bob")).await?;
-    let avatar_path = bob.dir.path().join("avatar.png");
+    let bob1 = &TestContext::new().await;
+    bob1.configure_addr(bob_addr).await;
+    bob1.set_config(Config::Displayname, Some("New Bob"))
+        .await?;
+    let avatar_path = bob1.dir.path().join("avatar.png");
     let avatar_bytes = include_bytes!("../../test-data/image/avatar64x64.png");
     tokio::fs::write(&avatar_path, avatar_bytes).await?;
-    bob.set_config(Config::Selfavatar, Some(avatar_path.to_str().unwrap()))
+    bob1.set_config(Config::Selfavatar, Some(avatar_path.to_str().unwrap()))
         .await?;
     SystemTime::shift(Duration::from_secs(1));
-    let vcard1 = make_vcard(bob, &[ContactId::SELF]).await?;
-    assert_eq!(import_vcard(alice, &vcard1).await?, vec![alice_bob_id]);
+    let vcard1 = make_vcard(bob1, &[ContactId::SELF]).await?;
+    let alice_bob_id1 = import_vcard(alice, &vcard1).await?[0];
+    assert_ne!(alice_bob_id1, alice_bob_id);
     let alice_bob_contact = Contact::get_by_id(alice, alice_bob_id).await?;
     assert_eq!(alice_bob_contact.get_authname(), "Bob");
     assert_eq!(alice_bob_contact.get_profile_image(alice).await?, None);
+    let alice_bob_contact1 = Contact::get_by_id(alice, alice_bob_id1).await?;
+    assert_eq!(alice_bob_contact1.get_authname(), "New Bob");
+    assert!(alice_bob_contact1.get_profile_image(alice).await?.is_some());
+
+    // Last message is still the same,
+    // no new messages are added.
     let msg = alice.get_last_msg_in(chat_id).await;
-    assert!(msg.is_info());
-    assert_eq!(
-        msg.get_text(),
-        stock_str::contact_setup_changed(alice, bob_addr).await
-    );
-    let sent_msg = alice.send_text(chat_id, "moin").await;
-    let msg = bob.recv_msg(&sent_msg).await;
+    assert_eq!(msg.get_text(), "moin");
+
+    let chat_id1 = ChatId::create_for_contact(alice, alice_bob_id1).await?;
+    let sent_msg = alice.send_text(chat_id1, "moin").await;
+    let msg = bob1.recv_msg(&sent_msg).await;
     assert!(msg.get_showpadlock());
 
     // The old vCard is imported, but doesn't change Bob's key for Alice.
@@ -1209,63 +1295,6 @@ async fn test_import_vcard_updates_only_key() -> Result<()> {
     Ok(())
 }
 
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_reset_encryption() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = &tcm.alice().await;
-    let bob = &tcm.bob().await;
-
-    let msg = tcm.send_recv_accept(bob, alice, "Hi!").await;
-    assert_eq!(msg.get_showpadlock(), true);
-
-    let alice_bob_chat_id = msg.chat_id;
-    let alice_bob_contact_id = msg.from_id;
-
-    alice_bob_contact_id.reset_encryption(alice).await?;
-
-    let sent = alice.send_text(alice_bob_chat_id, "Unencrypted").await;
-    let msg = bob.recv_msg(&sent).await;
-    assert_eq!(msg.get_showpadlock(), false);
-
-    Ok(())
-}
-
-#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn test_reset_verified_encryption() -> Result<()> {
-    let mut tcm = TestContextManager::new();
-    let alice = &tcm.alice().await;
-    let bob = &tcm.bob().await;
-
-    tcm.execute_securejoin(bob, alice).await;
-
-    let msg = tcm.send_recv(bob, alice, "Encrypted").await;
-    assert_eq!(msg.get_showpadlock(), true);
-
-    let alice_bob_chat_id = msg.chat_id;
-    let alice_bob_contact_id = msg.from_id;
-
-    alice_bob_contact_id.reset_encryption(alice).await?;
-
-    // Check that the contact is still verified after resetting encryption.
-    let alice_bob_contact = Contact::get_by_id(alice, alice_bob_contact_id).await?;
-    assert_eq!(alice_bob_contact.is_verified(alice).await?, true);
-
-    // 1:1 chat and profile is no longer verified.
-    assert_eq!(alice_bob_contact.is_profile_verified(alice).await?, false);
-
-    let info_msg = alice.get_last_msg_in(alice_bob_chat_id).await;
-    assert_eq!(
-        info_msg.text,
-        "bob@example.net sent a message from another device."
-    );
-
-    let sent = alice.send_text(alice_bob_chat_id, "Unencrypted").await;
-    let msg = bob.recv_msg(&sent).await;
-    assert_eq!(msg.get_showpadlock(), false);
-
-    Ok(())
-}
-
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_self_is_verified() -> Result<()> {
     let mut tcm = TestContextManager::new();
@@ -1275,9 +1304,87 @@ async fn test_self_is_verified() -> Result<()> {
     assert_eq!(contact.is_verified(&alice).await?, true);
     assert!(contact.is_profile_verified(&alice).await?);
     assert!(contact.get_verifier_id(&alice).await?.is_none());
+    assert!(contact.is_key_contact());
 
     let chat_id = ChatId::get_for_contact(&alice, ContactId::SELF).await?;
     assert!(chat_id.is_protected(&alice).await.unwrap() == ProtectionStatus::Protected);
 
     Ok(())
 }
+
+/// Tests that importing a vCard with a key creates a key-contact.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_vcard_creates_key_contact() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    let vcard = make_vcard(bob, &[ContactId::SELF]).await?;
+    let contact_ids = import_vcard(alice, &vcard).await?;
+    assert_eq!(contact_ids.len(), 1);
+    let contact_id = contact_ids.first().unwrap();
+    let contact = Contact::get_by_id(alice, *contact_id).await?;
+    assert!(contact.is_key_contact());
+
+    Ok(())
+}
+
+/// Tests changing display name by sending a message.
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn test_name_changes() -> Result<()> {
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
+
+    alice
+        .set_config(Config::Displayname, Some("Alice Revision 1"))
+        .await?;
+    let alice_bob_chat = alice.create_chat(bob).await;
+    let sent_msg = alice.send_text(alice_bob_chat.id, "Hello").await;
+    let bob_alice_id = bob.recv_msg(&sent_msg).await.from_id;
+    let bob_alice_contact = Contact::get_by_id(bob, bob_alice_id).await?;
+    assert_eq!(bob_alice_contact.get_display_name(), "Alice Revision 1");
+
+    alice
+        .set_config(Config::Displayname, Some("Alice Revision 2"))
+        .await?;
+    let sent_msg = alice.send_text(alice_bob_chat.id, "Hello").await;
+    bob.recv_msg(&sent_msg).await;
+    let bob_alice_contact = Contact::get_by_id(bob, bob_alice_id).await?;
+    assert_eq!(bob_alice_contact.get_display_name(), "Alice Revision 2");
+
+    // Explicitly rename contact to "Renamed".
+    bob.evtracker.clear_events();
+    bob_alice_contact.id.set_name(bob, "Renamed").await?;
+    let event = bob
+        .evtracker
+        .get_matching(|e| matches!(e, EventType::ContactsChanged { .. }))
+        .await;
+    assert_eq!(
+        event,
+        EventType::ContactsChanged(Some(bob_alice_contact.id))
+    );
+    let bob_alice_contact = Contact::get_by_id(bob, bob_alice_id).await?;
+    assert_eq!(bob_alice_contact.get_display_name(), "Renamed");
+
+    // Alice also renames self into "Renamed".
+    alice
+        .set_config(Config::Displayname, Some("Renamed"))
+        .await?;
+    let sent_msg = alice.send_text(alice_bob_chat.id, "Hello").await;
+    bob.recv_msg(&sent_msg).await;
+    let bob_alice_contact = Contact::get_by_id(bob, bob_alice_id).await?;
+    assert_eq!(bob_alice_contact.get_display_name(), "Renamed");
+
+    // Contact name was set to "Renamed" explicitly before,
+    // so it should not be changed.
+    alice
+        .set_config(Config::Displayname, Some("Renamed again"))
+        .await?;
+    let sent_msg = alice.send_text(alice_bob_chat.id, "Hello").await;
+    bob.recv_msg(&sent_msg).await;
+    let bob_alice_contact = Contact::get_by_id(bob, bob_alice_id).await?;
+    assert_eq!(bob_alice_contact.get_display_name(), "Renamed");
+
+    Ok(())
+}

src/context.rs

@@ -5,38 +5,36 @@ use std::ffi::OsString;
 use std::ops::Deref;
 use std::path::{Path, PathBuf};
 use std::sync::atomic::{AtomicBool, Ordering};
-use std::sync::Arc;
+use std::sync::{Arc, OnceLock};
 use std::time::Duration;
 
-use anyhow::{bail, ensure, Context as _, Result};
+use anyhow::{Context as _, Result, bail, ensure};
 use async_channel::{self as channel, Receiver, Sender};
-use pgp::composed::SignedPublicKey;
 use pgp::types::PublicKeyTrait;
 use ratelimit::Ratelimit;
 use tokio::sync::{Mutex, Notify, RwLock};
 
-use crate::aheader::EncryptPreference;
-use crate::chat::{get_chat_cnt, ChatId, ProtectionStatus};
+use crate::chat::{ChatId, ProtectionStatus, get_chat_cnt};
 use crate::chatlist_events;
 use crate::config::Config;
 use crate::constants::{
     self, DC_BACKGROUND_FETCH_QUOTA_CHECK_RATELIMIT, DC_CHAT_ID_TRASH, DC_VERSION_STR,
 };
-use crate::contact::{Contact, ContactId};
+use crate::contact::{Contact, ContactId, import_vcard, mark_contact_id_as_verified};
 use crate::debug_logging::DebugLogging;
 use crate::download::DownloadState;
 use crate::events::{Event, EventEmitter, EventType, Events};
 use crate::imap::{FolderMeaning, Imap, ServerMetadata};
-use crate::key::{load_self_public_key, load_self_secret_key, DcKey as _};
+use crate::key::{load_self_secret_key, self_fingerprint};
 use crate::log::{info, warn};
+use crate::logged_debug_assert;
 use crate::login_param::{ConfiguredLoginParam, EnteredLoginParam};
 use crate::message::{self, Message, MessageState, MsgId};
 use crate::param::{Param, Params};
 use crate::peer_channels::Iroh;
-use crate::peerstate::Peerstate;
 use crate::push::PushSubscriber;
 use crate::quota::QuotaInfo;
-use crate::scheduler::{convert_folder_meaning, SchedulerState};
+use crate::scheduler::{ConnectivityStore, SchedulerState, convert_folder_meaning};
 use crate::sql::Sql;
 use crate::stock_str::StockStrings;
 use crate::timesmearing::SmearedTimestamp;
@@ -279,6 +277,13 @@ pub struct InnerContext {
     /// `last_error` should be used to avoid races with the event thread.
     pub(crate) last_error: parking_lot::RwLock<String>,
 
+    /// It's not possible to emit migration errors as an event,
+    /// because at the time of the migration, there is no event emitter yet.
+    /// So, this holds the error that happened during migration, if any.
+    /// This is necessary for the possibly-failible PGP migration,
+    /// which happened 2025-05, and can be removed a few releases later.
+    pub(crate) migration_error: parking_lot::RwLock<Option<String>>,
+
     /// If debug logging is enabled, this contains all necessary information
     ///
     /// Standard RwLock instead of [`tokio::sync::RwLock`] is used
@@ -294,6 +299,15 @@ pub struct InnerContext {
 
     /// Iroh for realtime peer channels.
     pub(crate) iroh: Arc<RwLock<Option<Iroh>>>,
+
+    /// The own fingerprint, if it was computed already.
+    /// tokio::sync::OnceCell would be possible to use, but overkill for our usecase;
+    /// the standard library's OnceLock is enough, and it's a lot smaller in memory.
+    pub(crate) self_fingerprint: OnceLock<String>,
+
+    /// `Connectivity` values for mailboxes, unordered. Used to compute the aggregate connectivity,
+    /// see [`Context::get_connectivity()`].
+    pub(crate) connectivities: parking_lot::Mutex<Vec<ConnectivityStore>>,
 }
 
 /// The state of ongoing process.
@@ -323,6 +337,15 @@ impl Default for RunningState {
 /// about the context on top of the information here.
 pub fn get_info() -> BTreeMap<&'static str, String> {
     let mut res = BTreeMap::new();
+
+    #[cfg(debug_assertions)]
+    res.insert(
+        "debug_assertions",
+        "On - DO NOT RELEASE THIS BUILD".to_string(),
+    );
+    #[cfg(not(debug_assertions))]
+    res.insert("debug_assertions", "Off".to_string());
+
     res.insert("deltachat_core_version", format!("v{}", &*DC_VERSION_STR));
     res.insert("sqlite_version", rusqlite::version().to_string());
     res.insert("arch", (std::mem::size_of::<usize>() * 8).to_string());
@@ -448,10 +471,13 @@ impl Context {
             creation_time: tools::Time::now(),
             last_full_folder_scan: Mutex::new(None),
             last_error: parking_lot::RwLock::new("".to_string()),
+            migration_error: parking_lot::RwLock::new(None),
             debug_logging: std::sync::RwLock::new(None),
             push_subscriber,
             push_subscribed: AtomicBool::new(false),
             iroh: Arc::new(RwLock::new(None)),
+            self_fingerprint: OnceLock::new(),
+            connectivities: parking_lot::Mutex::new(Vec::new()),
         };
 
         let ctx = Context {
@@ -481,7 +507,7 @@ impl Context {
         // Now, some configs may have changed, so, we need to invalidate the cache.
         self.sql.config_cache.write().await.clear();
 
-        self.scheduler.start(self.clone()).await;
+        self.scheduler.start(self).await;
     }
 
     /// Stops the IO scheduler.
@@ -558,7 +584,7 @@ impl Context {
         } else {
             // Pause the scheduler to ensure another connection does not start
             // while we are fetching on a dedicated connection.
-            let _pause_guard = self.scheduler.pause(self.clone()).await?;
+            let _pause_guard = self.scheduler.pause(self).await?;
 
             // Start a new dedicated connection.
             let mut connection = Imap::new_configured(self, channel::bounded(1).1).await?;
@@ -649,8 +675,16 @@ impl Context {
     /// or [`Self::emit_msgs_changed_without_msg_id`] should be used
     /// instead of this function.
     pub fn emit_msgs_changed(&self, chat_id: ChatId, msg_id: MsgId) {
-        debug_assert!(!chat_id.is_unset());
-        debug_assert!(!msg_id.is_unset());
+        logged_debug_assert!(
+            self,
+            !chat_id.is_unset(),
+            "emit_msgs_changed: chat_id is unset."
+        );
+        logged_debug_assert!(
+            self,
+            !msg_id.is_unset(),
+            "emit_msgs_changed: msg_id is unset."
+        );
 
         self.emit_event(EventType::MsgsChanged { chat_id, msg_id });
         chatlist_events::emit_chatlist_changed(self);
@@ -659,7 +693,11 @@ impl Context {
 
     /// Emits a MsgsChanged event with specified chat and without message id.
     pub fn emit_msgs_changed_without_msg_id(&self, chat_id: ChatId) {
-        debug_assert!(!chat_id.is_unset());
+        logged_debug_assert!(
+            self,
+            !chat_id.is_unset(),
+            "emit_msgs_changed_without_msg_id: chat_id is unset."
+        );
 
         self.emit_event(EventType::MsgsChanged {
             chat_id,
@@ -805,10 +843,10 @@ impl Context {
 
         let pub_key_cnt = self
             .sql
-            .count("SELECT COUNT(*) FROM acpeerstates;", ())
+            .count("SELECT COUNT(*) FROM public_keys;", ())
             .await?;
-        let fingerprint_str = match load_self_public_key(self).await {
-            Ok(key) => key.dc_fingerprint().hex(),
+        let fingerprint_str = match self_fingerprint(self).await {
+            Ok(fp) => fp.to_string(),
             Err(err) => format!("<key failure: {err}>"),
         };
 
@@ -1019,7 +1057,7 @@ impl Context {
             self.get_config_int(Config::GossipPeriod).await?.to_string(),
         );
         res.insert(
-            "verified_one_on_one_chats",
+            "verified_one_on_one_chats", // deprecated 2025-07
             self.get_config_bool(Config::VerifiedOneOnOneChats)
                 .await?
                 .to_string(),
@@ -1030,6 +1068,19 @@ impl Context {
                 .await?
                 .to_string(),
         );
+        res.insert(
+            "donation_request_next_check",
+            self.get_config_i64(Config::DonationRequestNextCheck)
+                .await?
+                .to_string(),
+        );
+        res.insert(
+            "first_key_contacts_msg_id",
+            self.sql
+                .get_raw_config("first_key_contacts_msg_id")
+                .await?
+                .unwrap_or_default(),
+        );
 
         let elapsed = time_elapsed(&self.creation_time);
         res.insert("uptime", duration_to_str(elapsed));
@@ -1041,7 +1092,6 @@ impl Context {
         #[derive(Default)]
         struct ChatNumbers {
             protected: u32,
-            protection_broken: u32,
             opportunistic_dc: u32,
             opportunistic_mua: u32,
             unencrypted_dc: u32,
@@ -1077,7 +1127,6 @@ impl Context {
 
         // how many of the chats active in the last months are:
         // - protected
-        // - protection-broken
         // - opportunistic-encrypted and the contact uses Delta Chat
         // - opportunistic-encrypted and the contact uses a classical MUA
         // - unencrypted and the contact uses Delta Chat
@@ -1120,8 +1169,6 @@ impl Context {
 
                         if protected == ProtectionStatus::Protected {
                             chats.protected += 1;
-                        } else if protected == ProtectionStatus::ProtectionBroken {
-                            chats.protection_broken += 1;
                         } else if encrypted {
                             if is_dc_message {
                                 chats.opportunistic_dc += 1;
@@ -1139,7 +1186,6 @@ impl Context {
             )
             .await?;
         res += &format!("chats_protected {}\n", chats.protected);
-        res += &format!("chats_protection_broken {}\n", chats.protection_broken);
         res += &format!("chats_opportunistic_dc {}\n", chats.opportunistic_dc);
         res += &format!("chats_opportunistic_mua {}\n", chats.opportunistic_mua);
         res += &format!("chats_unencrypted_dc {}\n", chats.unencrypted_dc);
@@ -1164,32 +1210,14 @@ impl Context {
     /// On the other end, a bot will receive the message and make it available
     /// to Delta Chat's developers.
     pub async fn draft_self_report(&self) -> Result<ChatId> {
-        const SELF_REPORTING_BOT: &str = "self_reporting@testrun.org";
+        const SELF_REPORTING_BOT_VCARD: &str = include_str!("../assets/self-reporting-bot.vcf");
+        let contact_id: ContactId = *import_vcard(self, SELF_REPORTING_BOT_VCARD)
+            .await?
+            .first()
+            .context("Self reporting bot vCard does not contain a contact")?;
+        mark_contact_id_as_verified(self, contact_id, ContactId::SELF).await?;
 
-        let contact_id = Contact::create(self, "Statistics bot", SELF_REPORTING_BOT).await?;
         let chat_id = ChatId::create_for_contact(self, contact_id).await?;
-
-        // We're including the bot's public key in Delta Chat
-        // so that the first message to the bot can directly be encrypted:
-        let public_key = SignedPublicKey::from_base64(
-            "xjMEZbfBlBYJKwYBBAHaRw8BAQdABpLWS2PUIGGo4pslVt4R8sylP5wZihmhf1DTDr3oCM\
-	        PNHDxzZWxmX3JlcG9ydGluZ0B0ZXN0cnVuLm9yZz7CiwQQFggAMwIZAQUCZbfBlAIbAwQLCQgHBhUI\
-	        CQoLAgMWAgEWIQTS2i16sHeYTckGn284K3M5Z4oohAAKCRA4K3M5Z4oohD8dAQCQV7CoH6UP4PD+Nq\
-	        I4kW5tbbqdh2AnDROg60qotmLExAEAxDfd3QHAK9f8b9qQUbLmHIztCLxhEuVbWPBEYeVW0gvOOARl\
-	        t8GUEgorBgEEAZdVAQUBAQdAMBUhYoAAcI625vGZqnM5maPX4sGJ7qvJxPAFILPy6AcDAQgHwngEGB\
-	        YIACAFAmW3wZQCGwwWIQTS2i16sHeYTckGn284K3M5Z4oohAAKCRA4K3M5Z4oohPwCAQCvzk1ObIkj\
-	        2GqsuIfaULlgdnfdZY8LNary425CEfHZDQD5AblXVrlMO1frdlc/Vo9z3pEeCrfYdD7ITD3/OeVoiQ\
-	        4=",
-        )?;
-        let mut peerstate = Peerstate::from_public_key(
-            SELF_REPORTING_BOT,
-            0,
-            EncryptPreference::Mutual,
-            &public_key,
-        );
-        let fingerprint = public_key.dc_fingerprint();
-        peerstate.set_verified(public_key, fingerprint, "".to_string())?;
-        peerstate.save_to_db(&self.sql).await?;
         chat_id
             .set_protection(self, ProtectionStatus::Protected, time(), Some(contact_id))
             .await?;

src/context/context_tests.rs

@@ -3,13 +3,13 @@ use strum::IntoEnumIterator;
 use tempfile::tempdir;
 
 use super::*;
-use crate::chat::{get_chat_contacts, get_chat_msgs, send_msg, set_muted, Chat, MuteDuration};
+use crate::chat::{Chat, MuteDuration, get_chat_contacts, get_chat_msgs, send_msg, set_muted};
 use crate::chatlist::Chatlist;
 use crate::constants::Chattype;
 use crate::mimeparser::SystemMessage;
 use crate::receive_imf::receive_imf;
-use crate::test_utils::{get_chat_msg, TestContext};
-use crate::tools::{create_outgoing_rfc724_mid, SystemTime};
+use crate::test_utils::{E2EE_INFO_MSGS, TestContext, get_chat_msg};
+use crate::tools::{SystemTime, create_outgoing_rfc724_mid};
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_wrong_db() -> Result<()> {
@@ -571,7 +571,7 @@ async fn test_get_next_msgs() -> Result<()> {
 
     let alice_chat = alice.create_chat(&bob).await;
 
-    assert!(alice.get_next_msgs().await?.is_empty());
+    assert_eq!(alice.get_next_msgs().await?.len(), E2EE_INFO_MSGS);
     assert!(bob.get_next_msgs().await?.is_empty());
 
     let sent_msg = alice.send_text(alice_chat.id, "Hi Bob").await;

src/decrypt.rs

@@ -3,14 +3,9 @@
 use std::collections::HashSet;
 
 use anyhow::Result;
-use deltachat_contact_tools::addr_cmp;
 use mailparse::ParsedMail;
 
-use crate::aheader::Aheader;
-use crate::context::Context;
-use crate::key::{DcKey, Fingerprint, SignedPublicKey, SignedSecretKey};
-use crate::log::info;
-use crate::peerstate::Peerstate;
+use crate::key::{Fingerprint, SignedPublicKey, SignedSecretKey};
 use crate::pgp;
 
 /// Tries to decrypt a message, but only if it is structured as an Autocrypt message.
@@ -144,83 +139,6 @@ pub(crate) fn validate_detached_signature<'a, 'b>(
     }
 }
 
-/// Returns public keyring for `peerstate`.
-pub(crate) fn keyring_from_peerstate(peerstate: Option<&Peerstate>) -> Vec<SignedPublicKey> {
-    let mut public_keyring_for_validate = Vec::new();
-    if let Some(peerstate) = peerstate {
-        if let Some(key) = &peerstate.public_key {
-            public_keyring_for_validate.push(key.clone());
-        } else if let Some(key) = &peerstate.gossip_key {
-            public_keyring_for_validate.push(key.clone());
-        }
-    }
-    public_keyring_for_validate
-}
-
-/// Applies Autocrypt header to Autocrypt peer state and saves it into the database.
-///
-/// If we already know this fingerprint from another contact's peerstate, return that
-/// peerstate in order to make AEAP work, but don't save it into the db yet.
-///
-/// Returns updated peerstate.
-pub(crate) async fn get_autocrypt_peerstate(
-    context: &Context,
-    from: &str,
-    autocrypt_header: Option<&Aheader>,
-    message_time: i64,
-    allow_aeap: bool,
-) -> Result<Option<Peerstate>> {
-    let allow_change = !context.is_self_addr(from).await?;
-    let mut peerstate;
-
-    // Apply Autocrypt header
-    if let Some(header) = autocrypt_header {
-        if allow_aeap {
-            // If we know this fingerprint from another addr,
-            // we may want to do a transition from this other addr
-            // (and keep its peerstate)
-            // For security reasons, for now, we only do a transition
-            // if the fingerprint is verified.
-            peerstate = Peerstate::from_verified_fingerprint_or_addr(
-                context,
-                &header.public_key.dc_fingerprint(),
-                from,
-            )
-            .await?;
-        } else {
-            peerstate = Peerstate::from_addr(context, from).await?;
-        }
-
-        if let Some(ref mut peerstate) = peerstate {
-            if addr_cmp(&peerstate.addr, from) {
-                if allow_change {
-                    peerstate.apply_header(context, header, message_time);
-                    peerstate.save_to_db(&context.sql).await?;
-                } else {
-                    info!(
-                        context,
-                        "Refusing to update existing peerstate of {}", &peerstate.addr
-                    );
-                }
-            }
-            // If `peerstate.addr` and `from` differ, this means that
-            // someone is using the same key but a different addr, probably
-            // because they made an AEAP transition.
-            // But we don't know if that's legit until we checked the
-            // signatures, so wait until then with writing anything
-            // to the database.
-        } else {
-            let p = Peerstate::from_header(header, message_time);
-            p.save_to_db(&context.sql).await?;
-            peerstate = Some(p);
-        }
-    } else {
-        peerstate = Peerstate::from_addr(context, from).await?;
-    }
-
-    Ok(peerstate)
-}
-
 #[cfg(test)]
 mod tests {
     use super::*;
@@ -260,7 +178,8 @@ mod tests {
         let bob = TestContext::new_bob().await;
         receive_imf(&bob, attachment_mime, false).await?;
         let msg = bob.get_last_msg().await;
-        assert_eq!(msg.text, "Hello from Thunderbird!");
+        // Subject should be prepended because the attachment doesn't have "Chat-Version".
+        assert_eq!(msg.text, "Hello, Bob! – Hello from Thunderbird!");
 
         Ok(())
     }

src/dehtml.rs

@@ -6,11 +6,11 @@ use std::io::BufRead;
 use std::sync::LazyLock;
 
 use quick_xml::{
-    events::{BytesEnd, BytesStart, BytesText},
     Reader,
+    events::{BytesEnd, BytesStart, BytesText},
 };
 
-use crate::simplify::{simplify_quote, SimplifiedText};
+use crate::simplify::{SimplifiedText, simplify_quote};
 
 struct Dehtml {
     strbuilder: String,
@@ -481,8 +481,7 @@ mod tests {
 
     #[test]
     fn test_dehtml_html_encoded() {
-        let html =
-                "<>"'& äÄöÖüÜß fooÆçÇ ♦‎‏‌&noent;‍";
+        let html = "<>"'& äÄöÖüÜß fooÆçÇ ♦‎‏‌&noent;‍";
 
         let plain = dehtml(html).unwrap().text;
 
@@ -540,6 +539,9 @@ mod tests {
     fn test_spaces() {
         let input = include_str!("../test-data/spaces.html");
         let txt = dehtml(input).unwrap();
-        assert_eq!(txt.text, "Welcome back to Strolling!\n\nHey there,\n\nWelcome back! Use this link to securely sign in to your Strolling account:\n\nSign in to Strolling\n\nFor your security, the link will expire in 24 hours time.\n\nSee you soon!\n\nYou can also copy & paste this URL into your browser:\n\nhttps://strolling.rosano.ca/members/?token=XXX&action=signin&r=https%3A%2F%2Fstrolling.rosano.ca%2F\n\nIf you did not make this request, you can safely ignore this email.\n\nThis message was sent from [strolling.rosano.ca](https://strolling.rosano.ca/) to [alice@example.org](mailto:alice@example.org)");
+        assert_eq!(
+            txt.text,
+            "Welcome back to Strolling!\n\nHey there,\n\nWelcome back! Use this link to securely sign in to your Strolling account:\n\nSign in to Strolling\n\nFor your security, the link will expire in 24 hours time.\n\nSee you soon!\n\nYou can also copy & paste this URL into your browser:\n\nhttps://strolling.rosano.ca/members/?token=XXX&action=signin&r=https%3A%2F%2Fstrolling.rosano.ca%2F\n\nIf you did not make this request, you can safely ignore this email.\n\nThis message was sent from [strolling.rosano.ca](https://strolling.rosano.ca/) to [alice@example.org](mailto:alice@example.org)"
+        );
     }
 }

src/download.rs

@@ -3,7 +3,7 @@
 use std::cmp::max;
 use std::collections::BTreeMap;
 
-use anyhow::{anyhow, bail, ensure, Result};
+use anyhow::{Result, anyhow, bail, ensure};
 use deltachat_derive::{FromSql, ToSql};
 use serde::{Deserialize, Serialize};
 
@@ -14,7 +14,7 @@ use crate::log::info;
 use crate::message::{Message, MsgId, Viewtype};
 use crate::mimeparser::{MimeMessage, Part};
 use crate::tools::time;
-use crate::{chatlist_events, stock_str, EventType};
+use crate::{EventType, chatlist_events, stock_str};
 
 /// Download limits should not be used below `MIN_DOWNLOAD_LIMIT`.
 ///
@@ -83,7 +83,7 @@ impl MsgId {
         let msg = Message::load_from_db(context, self).await?;
         match msg.download_state() {
             DownloadState::Done | DownloadState::Undecipherable => {
-                return Err(anyhow!("Nothing to download."))
+                return Err(anyhow!("Nothing to download."));
             }
             DownloadState::InProgress => return Err(anyhow!("Download already in progress.")),
             DownloadState::Available | DownloadState::Failure => {
@@ -213,17 +213,18 @@ impl Session {
 
         let mut uid_message_ids: BTreeMap<u32, String> = BTreeMap::new();
         uid_message_ids.insert(uid, rfc724_mid);
-        let (last_uid, _received) = self
-            .fetch_many_msgs(
-                context,
-                folder,
-                uidvalidity,
-                vec![uid],
-                &uid_message_ids,
-                false,
-            )
-            .await?;
-        if last_uid.is_none() {
+        let (sender, receiver) = async_channel::unbounded();
+        self.fetch_many_msgs(
+            context,
+            folder,
+            uidvalidity,
+            vec![uid],
+            &uid_message_ids,
+            false,
+            sender,
+        )
+        .await?;
+        if receiver.recv().await.is_err() {
             bail!("Failed to fetch UID {uid}");
         }
         Ok(())
@@ -276,7 +277,7 @@ mod tests {
     use crate::chat::{get_chat_msgs, send_msg};
     use crate::ephemeral::Timer;
     use crate::receive_imf::receive_imf_from_inbox;
-    use crate::test_utils::TestContext;
+    use crate::test_utils::{E2EE_INFO_MSGS, TestContext};
 
     #[test]
     fn test_downloadstate_values() {
@@ -353,8 +354,7 @@ mod tests {
     async fn test_partial_receive_imf() -> Result<()> {
         let t = TestContext::new_alice().await;
 
-        let header =
-            "Received: (Postfix, from userid 1000); Mon, 4 Dec 2006 14:51:39 +0100 (CET)\n\
+        let header = "Received: (Postfix, from userid 1000); Mon, 4 Dec 2006 14:51:39 +0100 (CET)\n\
              From: bob@example.com\n\
              To: alice@example.org\n\
              Subject: foo\n\
@@ -374,9 +374,10 @@ mod tests {
         let msg = t.get_last_msg().await;
         assert_eq!(msg.download_state(), DownloadState::Available);
         assert_eq!(msg.get_subject(), "foo");
-        assert!(msg
-            .get_text()
-            .contains(&stock_str::partial_download_msg_body(&t, 100000).await));
+        assert!(
+            msg.get_text()
+                .contains(&stock_str::partial_download_msg_body(&t, 100000).await)
+        );
 
         receive_imf_from_inbox(
             &t,
@@ -458,7 +459,10 @@ mod tests {
         .await?;
         let msg = bob.get_last_msg().await;
         let chat_id = msg.chat_id;
-        assert_eq!(get_chat_msgs(&bob, chat_id).await?.len(), 1);
+        assert_eq!(
+            get_chat_msgs(&bob, chat_id).await?.len(),
+            E2EE_INFO_MSGS + 1
+        );
         assert_eq!(msg.download_state(), DownloadState::Available);
 
         // downloading the status update afterwards expands to nothing and moves the placeholder to trash-chat
@@ -471,10 +475,12 @@ mod tests {
             None,
         )
         .await?;
-        assert_eq!(get_chat_msgs(&bob, chat_id).await?.len(), 0);
-        assert!(Message::load_from_db_optional(&bob, msg.id)
-            .await?
-            .is_none());
+        assert_eq!(get_chat_msgs(&bob, chat_id).await?.len(), E2EE_INFO_MSGS);
+        assert!(
+            Message::load_from_db_optional(&bob, msg.id)
+                .await?
+                .is_none()
+        );
 
         Ok(())
     }
@@ -522,9 +528,11 @@ mod tests {
         // (usually mdn are too small for not being downloaded directly)
         receive_imf_from_inbox(&bob, "bar@example.org", raw, false, None).await?;
         assert_eq!(get_chat_msgs(&bob, chat_id).await?.len(), 0);
-        assert!(Message::load_from_db_optional(&bob, msg.id)
-            .await?
-            .is_none());
+        assert!(
+            Message::load_from_db_optional(&bob, msg.id)
+                .await?
+                .is_none()
+        );
 
         Ok(())
     }

src/e2ee.rs

@@ -1,18 +1,15 @@
 //! End-to-end encryption support.
 
-use std::collections::BTreeSet;
 use std::io::Cursor;
 
-use anyhow::{bail, Result};
+use anyhow::Result;
 use mail_builder::mime::MimePart;
 use num_traits::FromPrimitive;
 
 use crate::aheader::{Aheader, EncryptPreference};
 use crate::config::Config;
 use crate::context::Context;
-use crate::key::{load_self_public_key, load_self_secret_key, SignedPublicKey};
-use crate::log::warn;
-use crate::peerstate::Peerstate;
+use crate::key::{SignedPublicKey, load_self_public_key, load_self_secret_key};
 use crate::pgp;
 
 #[derive(Debug)]
@@ -43,93 +40,6 @@ impl EncryptHelper {
         Aheader::new(addr, pk, self.prefer_encrypt)
     }
 
-    /// Determines if we can and should encrypt.
-    pub(crate) async fn should_encrypt(
-        &self,
-        context: &Context,
-        peerstates: &[(Option<Peerstate>, String)],
-    ) -> Result<bool> {
-        let is_chatmail = context.is_chatmail().await?;
-        for (peerstate, _addr) in peerstates {
-            if let Some(peerstate) = peerstate {
-                // For chatmail we ignore the encryption preference,
-                // because we can either send encrypted or not at all.
-                if is_chatmail || peerstate.prefer_encrypt != EncryptPreference::Reset {
-                    continue;
-                }
-            }
-            return Ok(false);
-        }
-        Ok(true)
-    }
-
-    /// Constructs a vector of public keys for given peerstates.
-    ///
-    /// In addition returns the set of recipient addresses
-    /// for which there is no key available.
-    ///
-    /// Returns an error if there are recipients
-    /// other than self, but no recipient keys are available.
-    pub(crate) fn encryption_keyring(
-        &self,
-        context: &Context,
-        verified: bool,
-        peerstates: &[(Option<Peerstate>, String)],
-    ) -> Result<(Vec<SignedPublicKey>, BTreeSet<String>)> {
-        // Encrypt to self unconditionally,
-        // even for a single-device setup.
-        let mut keyring = vec![self.public_key.clone()];
-        let mut missing_key_addresses = BTreeSet::new();
-
-        if peerstates.is_empty() {
-            return Ok((keyring, missing_key_addresses));
-        }
-
-        let mut verifier_addresses: Vec<&str> = Vec::new();
-
-        for (peerstate, addr) in peerstates {
-            if let Some(peerstate) = peerstate {
-                if let Some(key) = peerstate.clone().take_key(verified) {
-                    keyring.push(key);
-                    verifier_addresses.push(addr);
-                } else {
-                    warn!(context, "Encryption key for {addr} is missing.");
-                    missing_key_addresses.insert(addr.clone());
-                }
-            } else {
-                warn!(context, "Peerstate for {addr} is missing.");
-                missing_key_addresses.insert(addr.clone());
-            }
-        }
-
-        debug_assert!(
-            !keyring.is_empty(),
-            "At least our own key is in the keyring"
-        );
-        if keyring.len() <= 1 {
-            bail!("No recipient keys are available, cannot encrypt");
-        }
-
-        // Encrypt to secondary verified keys
-        // if we also encrypt to the introducer ("verifier") of the key.
-        if verified {
-            for (peerstate, _addr) in peerstates {
-                if let Some(peerstate) = peerstate {
-                    if let (Some(key), Some(verifier)) = (
-                        peerstate.secondary_verified_key.as_ref(),
-                        peerstate.secondary_verifier.as_deref(),
-                    ) {
-                        if verifier_addresses.contains(&verifier) {
-                            keyring.push(key.clone());
-                        }
-                    }
-                }
-            }
-        }
-
-        Ok((keyring, missing_key_addresses))
-    }
-
     /// Tries to encrypt the passed in `mail`.
     pub async fn encrypt(
         self,
@@ -177,11 +87,9 @@ mod tests {
     use super::*;
     use crate::chat::send_text_msg;
     use crate::config::Config;
-    use crate::key::DcKey;
-    use crate::message::{Message, Viewtype};
-    use crate::param::Param;
+    use crate::message::Message;
     use crate::receive_imf::receive_imf;
-    use crate::test_utils::{bob_keypair, TestContext, TestContextManager};
+    use crate::test_utils::{TestContext, TestContextManager};
 
     mod ensure_secret_key_exists {
         use super::*;
@@ -223,130 +131,6 @@ Sent with my Delta Chat Messenger: https://delta.chat";
         );
     }
 
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_encrypted_no_autocrypt() -> anyhow::Result<()> {
-        let mut tcm = TestContextManager::new();
-        let alice = tcm.alice().await;
-        let bob = tcm.bob().await;
-
-        let chat_alice = alice.create_email_chat(&bob).await.id;
-        let chat_bob = bob.create_email_chat(&alice).await.id;
-
-        // Alice sends unencrypted message to Bob
-        let mut msg = Message::new(Viewtype::Text);
-        let sent = alice.send_msg(chat_alice, &mut msg).await;
-
-        // Bob receives unencrypted message from Alice
-        let msg = bob.recv_msg(&sent).await;
-        assert!(!msg.get_showpadlock());
-
-        let peerstate_alice = Peerstate::from_addr(&bob.ctx, "alice@example.org")
-            .await?
-            .expect("no peerstate found in the database");
-        assert_eq!(peerstate_alice.prefer_encrypt, EncryptPreference::Mutual);
-
-        // Bob sends empty encrypted message to Alice
-        let mut msg = Message::new(Viewtype::Text);
-        let sent = bob.send_msg(chat_bob, &mut msg).await;
-
-        // Alice receives an empty encrypted message from Bob.
-        // This is also a regression test for previously existing bug
-        // that resulted in no padlock on encrypted empty messages.
-        let msg = alice.recv_msg(&sent).await;
-        assert!(msg.get_showpadlock());
-
-        let peerstate_bob = Peerstate::from_addr(&alice.ctx, "bob@example.net")
-            .await?
-            .expect("no peerstate found in the database");
-        assert_eq!(peerstate_bob.prefer_encrypt, EncryptPreference::Mutual);
-
-        // Now Alice and Bob have established keys.
-
-        // Alice sends encrypted message without Autocrypt header.
-        let mut msg = Message::new(Viewtype::Text);
-        msg.param.set_int(Param::SkipAutocrypt, 1);
-        let sent = alice.send_msg(chat_alice, &mut msg).await;
-
-        let msg = bob.recv_msg(&sent).await;
-        assert!(msg.get_showpadlock());
-        let peerstate_alice = Peerstate::from_addr(&bob.ctx, "alice@example.org")
-            .await?
-            .expect("no peerstate found in the database");
-        assert_eq!(peerstate_alice.prefer_encrypt, EncryptPreference::Mutual);
-
-        // Alice sends plaintext message with Autocrypt header.
-        let mut msg = Message::new(Viewtype::Text);
-        msg.force_plaintext();
-        let sent = alice.send_msg(chat_alice, &mut msg).await;
-
-        let msg = bob.recv_msg(&sent).await;
-        assert!(!msg.get_showpadlock());
-        let peerstate_alice = Peerstate::from_addr(&bob.ctx, "alice@example.org")
-            .await?
-            .expect("no peerstate found in the database");
-        assert_eq!(peerstate_alice.prefer_encrypt, EncryptPreference::Mutual);
-
-        // Alice sends plaintext message without Autocrypt header.
-        let mut msg = Message::new(Viewtype::Text);
-        msg.force_plaintext();
-        msg.param.set_int(Param::SkipAutocrypt, 1);
-        let sent = alice.send_msg(chat_alice, &mut msg).await;
-
-        let msg = bob.recv_msg(&sent).await;
-        assert!(!msg.get_showpadlock());
-        let peerstate_alice = Peerstate::from_addr(&bob.ctx, "alice@example.org")
-            .await?
-            .expect("no peerstate found in the database");
-        assert_eq!(peerstate_alice.prefer_encrypt, EncryptPreference::Reset);
-
-        Ok(())
-    }
-
-    fn new_peerstates(prefer_encrypt: EncryptPreference) -> Vec<(Option<Peerstate>, String)> {
-        let addr = "bob@foo.bar";
-        let pub_key = bob_keypair().public;
-        let peerstate = Peerstate {
-            addr: addr.into(),
-            last_seen: 13,
-            last_seen_autocrypt: 14,
-            prefer_encrypt,
-            public_key: Some(pub_key.clone()),
-            public_key_fingerprint: Some(pub_key.dc_fingerprint()),
-            gossip_key: Some(pub_key.clone()),
-            gossip_timestamp: 15,
-            gossip_key_fingerprint: Some(pub_key.dc_fingerprint()),
-            verified_key: Some(pub_key.clone()),
-            verified_key_fingerprint: Some(pub_key.dc_fingerprint()),
-            verifier: None,
-            secondary_verified_key: None,
-            secondary_verified_key_fingerprint: None,
-            secondary_verifier: None,
-            backward_verified_key_id: None,
-            fingerprint_changed: false,
-        };
-        vec![(Some(peerstate), addr.to_string())]
-    }
-
-    #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_should_encrypt() -> Result<()> {
-        let t = TestContext::new_alice().await;
-        let encrypt_helper = EncryptHelper::new(&t).await.unwrap();
-
-        let ps = new_peerstates(EncryptPreference::NoPreference);
-        assert!(encrypt_helper.should_encrypt(&t, &ps).await?);
-
-        let ps = new_peerstates(EncryptPreference::Reset);
-        assert!(!encrypt_helper.should_encrypt(&t, &ps).await?);
-
-        let ps = new_peerstates(EncryptPreference::Mutual);
-        assert!(encrypt_helper.should_encrypt(&t, &ps).await?);
-
-        // test with missing peerstate
-        let ps = vec![(None, "bob@foo.bar".to_string())];
-        assert!(!encrypt_helper.should_encrypt(&t, &ps).await?);
-        Ok(())
-    }
-
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
     async fn test_chatmail_can_send_unencrypted() -> Result<()> {
         let mut tcm = TestContextManager::new();

src/ephemeral.rs

@@ -69,23 +69,23 @@ use std::num::ParseIntError;
 use std::str::FromStr;
 use std::time::{Duration, UNIX_EPOCH};
 
-use anyhow::{ensure, Context as _, Result};
+use anyhow::{Context as _, Result, ensure};
 use async_channel::Receiver;
 use serde::{Deserialize, Serialize};
 use tokio::time::timeout;
 
-use crate::chat::{send_msg, ChatId, ChatIdBlocked};
+use crate::chat::{ChatId, ChatIdBlocked, send_msg};
 use crate::constants::{DC_CHAT_ID_LAST_SPECIAL, DC_CHAT_ID_TRASH};
 use crate::contact::ContactId;
 use crate::context::Context;
 use crate::download::MIN_DELETE_SERVER_AFTER;
 use crate::events::EventType;
 use crate::location;
-use crate::log::{error, info, warn, LogExt};
+use crate::log::{LogExt, error, info, warn};
 use crate::message::{Message, MessageState, MsgId, Viewtype};
 use crate::mimeparser::SystemMessage;
 use crate::stock_str;
-use crate::tools::{duration_to_str, time, SystemTime};
+use crate::tools::{SystemTime, duration_to_str, time};
 
 /// Ephemeral timer value.
 #[derive(Debug, PartialEq, Eq, Copy, Clone, Serialize, Deserialize)]
@@ -277,6 +277,7 @@ pub(crate) async fn stock_ephemeral_timer_changed(
                 .await
             }
             604_800 => stock_str::msg_ephemeral_timer_week(context, from_id).await,
+            31_536_000..=31_708_800 => stock_str::msg_ephemeral_timer_year(context, from_id).await,
             _ => {
                 stock_str::msg_ephemeral_timer_weeks(
                     context,
@@ -466,23 +467,18 @@ pub(crate) async fn delete_expired_messages(context: &Context, now: i64) -> Resu
             .transaction(|transaction| {
                 let mut msgs_changed = Vec::with_capacity(rows.len());
                 let mut webxdc_deleted = Vec::new();
-
-                // If you change which information is removed here, also change MsgId::trash() and
-                // which information receive_imf::add_parts() still adds to the db if the chat_id is TRASH
+                // If you change which information is preserved here, also change `MsgId::trash()`
+                // and other places it references.
+                let mut del_msg_stmt = transaction.prepare(
+                    "INSERT OR REPLACE INTO msgs (id, rfc724_mid, timestamp, chat_id)
+                     SELECT ?1, rfc724_mid, timestamp, ? FROM msgs WHERE id=?1",
+                )?;
+                let mut del_location_stmt =
+                    transaction.prepare("DELETE FROM locations WHERE independent=1 AND id=?")?;
                 for (msg_id, chat_id, viewtype, location_id) in rows {
-                    transaction.execute(
-                        "UPDATE msgs
-                     SET chat_id=?, txt='', txt_normalized=NULL, subject='', txt_raw='',
-                         mime_headers='', from_id=0, to_id=0, param=''
-                     WHERE id=?",
-                        (DC_CHAT_ID_TRASH, msg_id),
-                    )?;
-
+                    del_msg_stmt.execute((msg_id, DC_CHAT_ID_TRASH))?;
                     if location_id > 0 {
-                        transaction.execute(
-                            "DELETE FROM locations WHERE independent=1 AND id=?",
-                            (location_id,),
-                        )?;
+                        del_location_stmt.execute((location_id,))?;
                     }
 
                     msgs_changed.push((chat_id, msg_id));

src/ephemeral/ephemeral_tests.rs

@@ -1,7 +1,7 @@
 use super::*;
 use crate::chat::{
-    add_contact_to_chat, marknoticed_chat, remove_contact_from_chat, set_muted, ChatVisibility,
-    MuteDuration,
+    ChatVisibility, MuteDuration, add_contact_to_chat, marknoticed_chat, remove_contact_from_chat,
+    set_muted,
 };
 use crate::config::Config;
 use crate::constants::DC_CHAT_ID_ARCHIVED_LINK;
@@ -12,7 +12,7 @@ use crate::receive_imf::receive_imf;
 use crate::test_utils::{TestContext, TestContextManager};
 use crate::timesmearing::MAX_SECONDS_TO_LEND_FROM_FUTURE;
 use crate::{
-    chat::{self, create_group_chat, send_text_msg, Chat, ChatItem, ProtectionStatus},
+    chat::{self, Chat, ChatItem, ProtectionStatus, create_group_chat, send_text_msg},
     tools::IsNoneOrEmpty,
 };
 
@@ -128,31 +128,33 @@ async fn test_stock_ephemeral_messages() {
 /// Test enabling and disabling ephemeral timer remotely.
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn test_ephemeral_enable_disable() -> Result<()> {
-    let alice = TestContext::new_alice().await;
-    let bob = TestContext::new_bob().await;
+    let mut tcm = TestContextManager::new();
+    let alice = &tcm.alice().await;
+    let bob = &tcm.bob().await;
 
-    let chat_alice = alice.create_chat(&bob).await.id;
-    let chat_bob = bob.create_chat(&alice).await.id;
+    let chat_alice = alice.create_chat(bob).await.id;
+    let chat_bob = bob.create_chat(alice).await.id;
 
     chat_alice
-        .set_ephemeral_timer(&alice.ctx, Timer::Enabled { duration: 60 })
+        .set_ephemeral_timer(alice, Timer::Enabled { duration: 60 })
         .await?;
     let sent = alice.pop_sent_msg().await;
-    bob.recv_msg(&sent).await;
+    let bob_received_message = bob.recv_msg(&sent).await;
     assert_eq!(
-        chat_bob.get_ephemeral_timer(&bob.ctx).await?,
+        bob_received_message.text,
+        "Message deletion timer is set to 1 minute by alice@example.org."
+    );
+    assert_eq!(
+        chat_bob.get_ephemeral_timer(bob).await?,
         Timer::Enabled { duration: 60 }
     );
 
     chat_alice
-        .set_ephemeral_timer(&alice.ctx, Timer::Disabled)
+        .set_ephemeral_timer(alice, Timer::Disabled)
         .await?;
     let sent = alice.pop_sent_msg().await;
     bob.recv_msg(&sent).await;
-    assert_eq!(
-        chat_bob.get_ephemeral_timer(&bob.ctx).await?,
-        Timer::Disabled
-    );
+    assert_eq!(chat_bob.get_ephemeral_timer(bob).await?, Timer::Disabled);
 
     Ok(())
 }
@@ -649,9 +651,11 @@ async fn test_ephemeral_msg_offline() -> Result<()> {
         .set_ephemeral_timer(&alice, Timer::Enabled { duration })
         .await?;
     let mut msg = Message::new_text("hi".to_string());
-    assert!(chat::send_msg_sync(&alice, chat.id, &mut msg)
-        .await
-        .is_err());
+    assert!(
+        chat::send_msg_sync(&alice, chat.id, &mut msg)
+            .await
+            .is_err()
+    );
     let stmt = "SELECT COUNT(*) FROM smtp WHERE msg_id=?";
     assert!(alice.sql.exists(stmt, (msg.id,)).await?);
     let now = time();
@@ -729,9 +733,11 @@ async fn test_noticed_ephemeral_timer() -> Result<()> {
 
     delete_expired_messages(bob, time()).await?;
 
-    assert!(Message::load_from_db_optional(bob, bob_received_message.id)
-        .await?
-        .is_none());
+    assert!(
+        Message::load_from_db_optional(bob, bob_received_message.id)
+            .await?
+            .is_none()
+    );
     Ok(())
 }
 
@@ -757,9 +763,11 @@ async fn test_archived_ephemeral_timer() -> Result<()> {
 
     delete_expired_messages(bob, time()).await?;
 
-    assert!(Message::load_from_db_optional(bob, bob_received_message.id)
-        .await?
-        .is_none());
+    assert!(
+        Message::load_from_db_optional(bob, bob_received_message.id)
+            .await?
+            .is_none()
+    );
 
     // Bob mutes the chat so it is not unarchived.
     set_muted(bob, bob_received_message.chat_id, MuteDuration::Forever).await?;

src/events.rs

@@ -27,7 +27,7 @@ impl Default for Events {
 impl Events {
     /// Creates a new event channel.
     pub fn new() -> Self {
-        let (mut sender, _receiver) = async_broadcast::broadcast(1_000);
+        let (mut sender, _receiver) = async_broadcast::broadcast(10_000);
 
         // We only keep this receiver around
         // to prevent the channel from closing.

src/events/chatlist_events.rs

@@ -1,4 +1,4 @@
-use crate::{chat::ChatId, contact::ContactId, context::Context, EventType};
+use crate::{EventType, chat::ChatId, contact::ContactId, context::Context};
 
 /// order or content of chatlist changes (chat ids, not the actual chatlist item)
 pub(crate) fn emit_chatlist_changed(context: &Context) {
@@ -64,9 +64,10 @@ mod test_chatlist_events {
     };
 
     use crate::{
+        EventType,
         chat::{
-            self, create_broadcast_list, create_group_chat, set_muted, ChatId, ChatVisibility,
-            MuteDuration, ProtectionStatus,
+            self, ChatId, ChatVisibility, MuteDuration, ProtectionStatus, create_broadcast,
+            create_group_chat, set_muted,
         },
         config::Config,
         constants::*,
@@ -76,7 +77,6 @@ mod test_chatlist_events {
         receive_imf::receive_imf,
         securejoin::{get_securejoin_qr, join_securejoin},
         test_utils::{TestContext, TestContextManager},
-        EventType,
     };
 
     use crate::tools::SystemTime;
@@ -247,8 +247,7 @@ mod test_chatlist_events {
 
         bob.evtracker.clear_events();
         // set name
-        let addr = alice_on_bob.get_addr();
-        Contact::create(&bob, "Alice2", addr).await?;
+        alice_on_bob.id.set_name(&bob, "Alice2").await?;
         assert!(bob.add_or_lookup_contact(&alice).await.get_display_name() == "Alice2");
 
         wait_for_chatlist_all_items(&bob).await;
@@ -309,13 +308,13 @@ mod test_chatlist_events {
         Ok(())
     }
 
-    /// Create broadcastlist
+    /// Create broadcast channel
     #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-    async fn test_create_broadcastlist() -> Result<()> {
+    async fn test_create_broadcast() -> Result<()> {
         let mut tcm = TestContextManager::new();
         let alice = tcm.alice().await;
         alice.evtracker.clear_events();
-        create_broadcast_list(&alice).await?;
+        create_broadcast(&alice, "Channel".to_string()).await?;
         wait_for_chatlist(&alice).await;
         Ok(())
     }

src/events/payload.rs

@@ -376,6 +376,36 @@ pub enum EventType {
     /// This event is emitted from the account whose property changed.
     AccountsItemChanged,
 
+    /// Incoming call.
+    IncomingCall {
+        /// ID of the message referring to the call.
+        msg_id: MsgId,
+        /// User-defined info as passed to place_outgoing_call()
+        place_call_info: String,
+    },
+
+    /// Incoming call accepted.
+    IncomingCallAccepted {
+        /// ID of the message referring to the call.
+        msg_id: MsgId,
+        /// User-defined info as passed to accept_incoming_call()
+        accept_call_info: String,
+    },
+
+    /// Outgoing call accepted.
+    OutgoingCallAccepted {
+        /// ID of the message referring to the call.
+        msg_id: MsgId,
+        /// User-defined info as passed to accept_incoming_call()
+        accept_call_info: String,
+    },
+
+    /// Call ended.
+    CallEnded {
+        /// ID of the message referring to the call.
+        msg_id: MsgId,
+    },
+
     /// Event for using in tests, e.g. as a fence between normally generated events.
     #[cfg(test)]
     Test,

src/headerdef.rs

@@ -75,11 +75,18 @@ pub enum HeaderDef {
     /// for members listed in the `Chat-Group-Past-Members` field.
     ChatGroupMemberTimestamps,
 
+    /// Space-separated PGP key fingerprints
+    /// of group members listed in the `To` field
+    /// followed by fingerprints
+    /// of past members listed in the `Chat-Group-Past-Members` field.
+    ChatGroupMemberFpr,
+
     /// Duration of the attached media file.
     ChatDuration,
 
     ChatDispositionNotificationTo,
     ChatWebrtcRoom,
+    ChatWebrtcAccepted,
 
     /// This message deletes the messages listed in the value by rfc724_mid.
     ChatDelete,

src/imap.rs

@@ -13,11 +13,11 @@ use std::{
     time::{Duration, UNIX_EPOCH},
 };
 
-use anyhow::{bail, ensure, format_err, Context as _, Result};
-use async_channel::Receiver;
+use anyhow::{Context as _, Result, bail, ensure, format_err};
+use async_channel::{self, Receiver, Sender};
 use async_imap::types::{Fetch, Flag, Name, NameAttribute, UnsolicitedResponse};
 use deltachat_contact_tools::ContactAddress;
-use futures::{FutureExt as _, StreamExt, TryStreamExt};
+use futures::{FutureExt as _, TryStreamExt};
 use futures_lite::FutureExt;
 use num_traits::FromPrimitive;
 use rand::Rng;
@@ -32,9 +32,9 @@ use crate::contact::{Contact, ContactId, Modifier, Origin};
 use crate::context::Context;
 use crate::events::EventType;
 use crate::headerdef::{HeaderDef, HeaderDefMap};
-use crate::log::{error, info, warn, LogExt};
+use crate::log::{LogExt, error, info, warn};
 use crate::login_param::{
-    prioritize_server_login_params, ConfiguredLoginParam, ConfiguredServerLoginParam,
+    ConfiguredLoginParam, ConfiguredServerLoginParam, prioritize_server_login_params,
 };
 use crate::message::{self, Message, MessageState, MessengerMessage, MsgId};
 use crate::mimeparser;
@@ -43,7 +43,7 @@ use crate::net::session::SessionStream;
 use crate::oauth2::get_oauth2_access_token;
 use crate::push::encrypt_device_token;
 use crate::receive_imf::{
-    from_field_to_contact_id, get_prefetch_parent_message, receive_imf_inner, ReceivedMsg,
+    ReceivedMsg, from_field_to_contact_id, get_prefetch_parent_message, receive_imf_inner,
 };
 use crate::scheduler::connectivity::ConnectivityStore;
 use crate::stock_str;
@@ -56,7 +56,7 @@ pub mod scan_folders;
 pub mod select_folder;
 pub(crate) mod session;
 
-use client::{determine_capabilities, Client};
+use client::{Client, determine_capabilities};
 use mailparse::SingleInfo;
 use session::Session;
 
@@ -325,7 +325,7 @@ impl Imap {
         }
 
         info!(context, "Connecting to IMAP server.");
-        self.connectivity.set_connecting(context).await;
+        self.connectivity.set_connecting(context);
 
         self.conn_last_try = tools::Time::now();
         const BACKOFF_MIN_MS: u64 = 2000;
@@ -408,7 +408,7 @@ impl Imap {
                         "IMAP-LOGIN as {}",
                         lp.user
                     )));
-                    self.connectivity.set_preparing(context).await;
+                    self.connectivity.set_preparing(context);
                     info!(context, "Successfully logged into IMAP server.");
                     return Ok(session);
                 }
@@ -466,7 +466,7 @@ impl Imap {
         let mut session = match self.connect(context, configuring).await {
             Ok(session) => session,
             Err(err) => {
-                self.connectivity.set_err(context, &err).await;
+                self.connectivity.set_err(context, &err);
                 return Err(err);
             }
         };
@@ -562,7 +562,7 @@ impl Imap {
         let read_cnt = msgs.len();
 
         let download_limit = context.download_limit().await?;
-        let mut uids_fetch = Vec::<(_, bool /* partially? */)>::with_capacity(msgs.len() + 1);
+        let mut uids_fetch = Vec::<(u32, bool /* partially? */)>::with_capacity(msgs.len() + 1);
         let mut uid_message_ids = BTreeMap::new();
         let mut largest_uid_skipped = None;
         let delete_target = context.get_delete_msgs_target().await?;
@@ -692,54 +692,75 @@ impl Imap {
         }
 
         if !uids_fetch.is_empty() {
-            self.connectivity.set_working(context).await;
+            self.connectivity.set_working(context);
         }
 
-        // Actually download messages.
-        let mut largest_uid_fetched: u32 = 0;
+        let (sender, receiver) = async_channel::unbounded();
+
         let mut received_msgs = Vec::with_capacity(uids_fetch.len());
-        let mut uids_fetch_in_batch = Vec::with_capacity(max(uids_fetch.len(), 1));
-        let mut fetch_partially = false;
-        uids_fetch.push((0, !uids_fetch.last().unwrap_or(&(0, false)).1));
-        for (uid, fp) in uids_fetch {
-            if fp != fetch_partially {
-                let (largest_uid_fetched_in_batch, received_msgs_in_batch) = session
-                    .fetch_many_msgs(
-                        context,
-                        folder,
-                        uid_validity,
-                        uids_fetch_in_batch.split_off(0),
-                        &uid_message_ids,
-                        fetch_partially,
-                    )
-                    .await
-                    .context("fetch_many_msgs")?;
-                received_msgs.extend(received_msgs_in_batch);
-                largest_uid_fetched = max(
-                    largest_uid_fetched,
-                    largest_uid_fetched_in_batch.unwrap_or(0),
-                );
-                fetch_partially = fp;
-            }
-            uids_fetch_in_batch.push(uid);
-        }
-
-        // Advance uid_next to the maximum of the largest known UID plus 1
-        // and mailbox UIDNEXT.
-        // Largest known UID is normally less than UIDNEXT,
-        // but a message may have arrived between determining UIDNEXT
-        // and executing the FETCH command.
         let mailbox_uid_next = session
             .selected_mailbox
             .as_ref()
             .with_context(|| format!("Expected {folder:?} to be selected"))?
             .uid_next
             .unwrap_or_default();
-        let new_uid_next = max(
-            max(largest_uid_fetched, largest_uid_skipped.unwrap_or(0)) + 1,
-            mailbox_uid_next,
-        );
 
+        let update_uids_future = async {
+            let mut largest_uid_fetched: u32 = 0;
+
+            while let Ok((uid, received_msg_opt)) = receiver.recv().await {
+                largest_uid_fetched = max(largest_uid_fetched, uid);
+                if let Some(received_msg) = received_msg_opt {
+                    received_msgs.push(received_msg)
+                }
+            }
+
+            largest_uid_fetched
+        };
+
+        let actually_download_messages_future = async move {
+            let mut uids_fetch_in_batch = Vec::with_capacity(max(uids_fetch.len(), 1));
+            let mut fetch_partially = false;
+            uids_fetch.push((0, !uids_fetch.last().unwrap_or(&(0, false)).1));
+            for (uid, fp) in uids_fetch {
+                if fp != fetch_partially {
+                    session
+                        .fetch_many_msgs(
+                            context,
+                            folder,
+                            uid_validity,
+                            uids_fetch_in_batch.split_off(0),
+                            &uid_message_ids,
+                            fetch_partially,
+                            sender.clone(),
+                        )
+                        .await
+                        .context("fetch_many_msgs")?;
+                    fetch_partially = fp;
+                }
+                uids_fetch_in_batch.push(uid);
+            }
+
+            anyhow::Ok(())
+        };
+
+        let (largest_uid_fetched, fetch_res) =
+            tokio::join!(update_uids_future, actually_download_messages_future);
+
+        // Advance uid_next to the largest fetched UID plus 1.
+        //
+        // This may be larger than `mailbox_uid_next`
+        // if the message has arrived after selecting mailbox
+        // and determining its UIDNEXT and before prefetch.
+        let mut new_uid_next = largest_uid_fetched + 1;
+        if fetch_res.is_ok() {
+            // If we have successfully fetched all messages we planned during prefetch,
+            // then we have covered at least the range between old UIDNEXT
+            // and UIDNEXT of the mailbox at the time of selecting it.
+            new_uid_next = max(new_uid_next, mailbox_uid_next);
+
+            new_uid_next = max(new_uid_next, largest_uid_skipped.unwrap_or(0) + 1);
+        }
         if new_uid_next > old_uid_next {
             set_uid_next(context, folder, new_uid_next).await?;
         }
@@ -752,6 +773,10 @@ impl Imap {
 
         chat::mark_old_messages_as_noticed(context, received_msgs).await?;
 
+        // Now fail if fetching failed, so we will
+        // establish a new session if this one is broken.
+        fetch_res?;
+
         Ok(read_cnt > 0)
     }
 
@@ -1123,7 +1148,8 @@ impl Session {
                 Err(err) => {
                     warn!(
                         context,
-                        "store_seen_flags_on_imap: Failed to select {folder}, will retry later: {err:#}.");
+                        "store_seen_flags_on_imap: Failed to select {folder}, will retry later: {err:#}."
+                    );
                     continue;
                 }
                 Ok(folder_exists) => folder_exists,
@@ -1133,7 +1159,8 @@ impl Session {
             } else if let Err(err) = self.add_flag_finalized_with_set(&uid_set, "\\Seen").await {
                 warn!(
                     context,
-                    "Cannot mark messages {uid_set} in {folder} as seen, will retry later: {err:#}.");
+                    "Cannot mark messages {uid_set} in {folder} as seen, will retry later: {err:#}."
+                );
                 continue;
             } else {
                 info!(
@@ -1254,6 +1281,9 @@ impl Session {
             context.on_archived_chats_maybe_noticed();
         }
         for updated_chat_id in updated_chat_ids {
+            // NB: There are no other events that remove notifications at least for messages seen on
+            // other devices, so while we may also remove useful notifications for newer messages,
+            // we have no other choice.
             context.emit_event(EventType::MsgsNoticed(updated_chat_id));
             chatlist_events::emit_chatlist_item_changed(context, updated_chat_id);
         }
@@ -1298,9 +1328,19 @@ impl Session {
 
     /// Fetches a list of messages by server UID.
     ///
-    /// Returns the last UID fetched successfully and the info about each downloaded message.
+    /// Sends pairs of UID and info about each downloaded message to the provided channel.
+    /// Received message info is optional because UID may be ignored
+    /// if the message has a `\Deleted` flag.
+    ///
+    /// The channel is used to return the results because the function may fail
+    /// due to network errors before it finishes fetching all the messages.
+    /// In this case caller still may want to process all the results
+    /// received over the channel and persist last seen UID in the database
+    /// before bubbling up the failure.
+    ///
     /// If the message is incorrect or there is a failure to write a message to the database,
     /// it is skipped and the error is logged.
+    #[expect(clippy::too_many_arguments)]
     pub(crate) async fn fetch_many_msgs(
         &mut self,
         context: &Context,
@@ -1309,12 +1349,10 @@ impl Session {
         request_uids: Vec<u32>,
         uid_message_ids: &BTreeMap<u32, String>,
         fetch_partially: bool,
-    ) -> Result<(Option<u32>, Vec<ReceivedMsg>)> {
-        let mut last_uid = None;
-        let mut received_msgs = Vec::new();
-
+        received_msgs_channel: Sender<(u32, Option<ReceivedMsg>)>,
+    ) -> Result<()> {
         if request_uids.is_empty() {
-            return Ok((last_uid, received_msgs));
+            return Ok(());
         }
 
         for (request_uids, set) in build_sequence_sets(&request_uids)? {
@@ -1349,16 +1387,14 @@ impl Session {
 
                 // Try to find a requested UID in returned FETCH responses.
                 while fetch_response.is_none() {
-                    let next_fetch_response =
-                        if let Some(next_fetch_response) = fetch_responses.next().await {
-                            next_fetch_response
-                        } else {
-                            // No more FETCH responses received from the server.
-                            break;
-                        };
-
-                    let next_fetch_response =
-                        next_fetch_response.context("Failed to process IMAP FETCH result")?;
+                    let Some(next_fetch_response) = fetch_responses
+                        .try_next()
+                        .await
+                        .context("Failed to process IMAP FETCH result")?
+                    else {
+                        // No more FETCH responses received from the server.
+                        break;
+                    };
 
                     if let Some(next_uid) = next_fetch_response.uid {
                         if next_uid == request_uid {
@@ -1403,7 +1439,7 @@ impl Session {
 
                 if is_deleted {
                     info!(context, "Not processing deleted msg {}.", request_uid);
-                    last_uid = Some(request_uid);
+                    received_msgs_channel.send((request_uid, None)).await?;
                     continue;
                 }
 
@@ -1414,7 +1450,7 @@ impl Session {
                         context,
                         "Not processing message {} without a BODY.", request_uid
                     );
-                    last_uid = Some(request_uid);
+                    received_msgs_channel.send((request_uid, None)).await?;
                     continue;
                 };
 
@@ -1446,20 +1482,29 @@ impl Session {
                 .await
                 {
                     Ok(received_msg) => {
-                        if let Some(m) = received_msg {
-                            received_msgs.push(m);
-                        }
+                        received_msgs_channel
+                            .send((request_uid, received_msg))
+                            .await?;
                     }
                     Err(err) => {
                         warn!(context, "receive_imf error: {:#}.", err);
+                        received_msgs_channel.send((request_uid, None)).await?;
                     }
                 };
-                last_uid = Some(request_uid)
             }
 
             // If we don't process the whole response, IMAP client is left in a broken state where
             // it will try to process the rest of response as the next response.
-            while fetch_responses.next().await.is_some() {}
+            //
+            // Make sure to not ignore the errors, because
+            // if connection times out, it will return
+            // infinite stream of `Some(Err(_))` results.
+            while fetch_responses
+                .try_next()
+                .await
+                .context("Failed to drain FETCH responses")?
+                .is_some()
+            {}
 
             if count != request_uids.len() {
                 warn!(
@@ -1478,7 +1523,7 @@ impl Session {
             }
         }
 
-        Ok((last_uid, received_msgs))
+        Ok(())
     }
 
     /// Retrieves server metadata if it is supported.
@@ -1656,7 +1701,7 @@ impl Session {
             .uid_store(uid_set, &query)
             .await
             .with_context(|| format!("IMAP failed to store: ({uid_set}, {query})"))?;
-        while let Some(_response) = responses.next().await {
+        while let Some(_response) = responses.try_next().await? {
             // Read all the responses
         }
         Ok(())
@@ -1806,9 +1851,9 @@ impl Session {
     /// In this case we may want to skip next IDLE and do a round
     /// of fetching new messages and synchronizing seen flags.
     fn drain_unsolicited_responses(&self, context: &Context) -> Result<bool> {
+        use UnsolicitedResponse::*;
         use async_imap::imap_proto::Response;
         use async_imap::imap_proto::ResponseCode;
-        use UnsolicitedResponse::*;
 
         let folder = self.selected_folder.as_deref().unwrap_or_default();
         let mut should_refetch = false;
@@ -1884,7 +1929,7 @@ async fn should_move_out_of_spam(
         };
         // No chat found.
         let (from_id, blocked_contact, _origin) =
-            match from_field_to_contact_id(context, &from, true)
+            match from_field_to_contact_id(context, &from, None, true, true)
                 .await
                 .context("from_field_to_contact_id")?
             {
@@ -2142,7 +2187,7 @@ fn get_folder_meaning_by_attrs(folder_attrs: &[NameAttribute]) -> FolderMeaning
             NameAttribute::Junk => return FolderMeaning::Spam,
             NameAttribute::Drafts => return FolderMeaning::Drafts,
             NameAttribute::All | NameAttribute::Flagged => return FolderMeaning::Virtual,
-            NameAttribute::Extension(ref label) => {
+            NameAttribute::Extension(label) => {
                 match label.as_ref() {
                     "\\Spam" => return FolderMeaning::Spam,
                     "\\Important" => return FolderMeaning::Virtual,
@@ -2242,7 +2287,7 @@ pub(crate) async fn prefetch_should_download(
         None => return Ok(false),
     };
     let (_from_id, blocked_contact, origin) =
-        match from_field_to_contact_id(context, &from, true).await? {
+        match from_field_to_contact_id(context, &from, None, true, true).await? {
             Some(res) => res,
             None => return Ok(false),
         };

src/imap/client.rs

@@ -8,15 +8,13 @@ use tokio::io::BufWriter;
 
 use super::capabilities::Capabilities;
 use crate::context::Context;
-use crate::log::{info, warn};
+use crate::log::{LoggingStream, info, warn};
 use crate::login_param::{ConnectionCandidate, ConnectionSecurity};
 use crate::net::dns::{lookup_host_with_cache, update_connect_timestamp};
 use crate::net::proxy::ProxyConfig;
 use crate::net::session::SessionStream;
 use crate::net::tls::wrap_tls;
-use crate::net::{
-    connect_tcp_inner, connect_tls_inner, run_connection_attempts, update_connection_history,
-};
+use crate::net::{connect_tcp_inner, run_connection_attempts, update_connection_history};
 use crate::tools::time;
 
 #[derive(Debug)]
@@ -126,12 +124,12 @@ impl Client {
         );
         let res = match security {
             ConnectionSecurity::Tls => {
-                Client::connect_secure(resolved_addr, host, strict_tls).await
+                Client::connect_secure(context, resolved_addr, host, strict_tls).await
             }
             ConnectionSecurity::Starttls => {
-                Client::connect_starttls(resolved_addr, host, strict_tls).await
+                Client::connect_starttls(context, resolved_addr, host, strict_tls).await
             }
-            ConnectionSecurity::Plain => Client::connect_insecure(resolved_addr).await,
+            ConnectionSecurity::Plain => Client::connect_insecure(context, resolved_addr).await,
         };
         match res {
             Ok(client) => {
@@ -202,40 +200,61 @@ impl Client {
         }
     }
 
-    async fn connect_secure(addr: SocketAddr, hostname: &str, strict_tls: bool) -> Result<Self> {
-        let tls_stream = connect_tls_inner(addr, hostname, strict_tls, alpn(addr.port())).await?;
+    async fn connect_secure(
+        context: &Context,
+        addr: SocketAddr,
+        hostname: &str,
+        strict_tls: bool,
+    ) -> Result<Self> {
+        let tcp_stream = connect_tcp_inner(addr).await?;
+        let account_id = context.get_id();
+        let events = context.events.clone();
+        let logging_stream = LoggingStream::new(tcp_stream, account_id, events)?;
+        let tls_stream = wrap_tls(strict_tls, hostname, alpn(addr.port()), logging_stream).await?;
         let buffered_stream = BufWriter::new(tls_stream);
         let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
         let mut client = Client::new(session_stream);
         let _greeting = client
             .read_response()
-            .await
-            .context("failed to read greeting")??;
+            .await?
+            .context("Failed to read greeting")?;
         Ok(client)
     }
 
-    async fn connect_insecure(addr: SocketAddr) -> Result<Self> {
+    async fn connect_insecure(context: &Context, addr: SocketAddr) -> Result<Self> {
         let tcp_stream = connect_tcp_inner(addr).await?;
-        let buffered_stream = BufWriter::new(tcp_stream);
+        let account_id = context.get_id();
+        let events = context.events.clone();
+        let logging_stream = LoggingStream::new(tcp_stream, account_id, events)?;
+        let buffered_stream = BufWriter::new(logging_stream);
         let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
         let mut client = Client::new(session_stream);
         let _greeting = client
             .read_response()
-            .await
-            .context("failed to read greeting")??;
+            .await?
+            .context("Failed to read greeting")?;
         Ok(client)
     }
 
-    async fn connect_starttls(addr: SocketAddr, host: &str, strict_tls: bool) -> Result<Self> {
+    async fn connect_starttls(
+        context: &Context,
+        addr: SocketAddr,
+        host: &str,
+        strict_tls: bool,
+    ) -> Result<Self> {
         let tcp_stream = connect_tcp_inner(addr).await?;
 
+        let account_id = context.get_id();
+        let events = context.events.clone();
+        let tcp_stream = LoggingStream::new(tcp_stream, account_id, events)?;
+
         // Run STARTTLS command and convert the client back into a stream.
         let buffered_tcp_stream = BufWriter::new(tcp_stream);
         let mut client = async_imap::Client::new(buffered_tcp_stream);
         let _greeting = client
             .read_response()
-            .await
-            .context("failed to read greeting")??;
+            .await?
+            .context("Failed to read greeting")?;
         client
             .run_command_and_check_ok("STARTTLS", None)
             .await
@@ -246,7 +265,6 @@ impl Client {
         let tls_stream = wrap_tls(strict_tls, host, &[], tcp_stream)
             .await
             .context("STARTTLS upgrade failed")?;
-
         let buffered_stream = BufWriter::new(tls_stream);
         let session_stream: Box<dyn SessionStream> = Box::new(buffered_stream);
         let client = Client::new(session_stream);
@@ -269,8 +287,8 @@ impl Client {
         let mut client = Client::new(session_stream);
         let _greeting = client
             .read_response()
-            .await
-            .context("failed to read greeting")??;
+            .await?
+            .context("Failed to read greeting")?;
         Ok(client)
     }
 
@@ -286,8 +304,8 @@ impl Client {
         let mut client = Client::new(session_stream);
         let _greeting = client
             .read_response()
-            .await
-            .context("failed to read greeting")??;
+            .await?
+            .context("Failed to read greeting")?;
         Ok(client)
     }
 
@@ -307,8 +325,8 @@ impl Client {
         let mut client = ImapClient::new(buffered_proxy_stream);
         let _greeting = client
             .read_response()
-            .await
-            .context("failed to read greeting")??;
+            .await?
+            .context("Failed to read greeting")?;
         client
             .run_command_and_check_ok("STARTTLS", None)
             .await