feat: improve decryption error logging with smart suppression

Implements intelligent error logging to eliminate log pollution from
transient Signal Protocol session errors while maintaining visibility
into critical failures.

**Changes:**

1. **Native libsignal log suppression** (src/Signal/libsignal.ts):
   - Expanded console.log filter to suppress transient decryption errors
   - Suppresses: "Session error", "Bad MAC", "MessageCounterError",
     "Key used already", "Failed to decrypt message"
   - These errors are auto-recovered by retry logic and don't need logging

2. **Context-aware application logging** (src/Utils/decode-wa-message.ts):
   - Detects RetryExhaustedError to distinguish first attempt vs final failure
   - Corrupted session (Bad MAC): warn on first occurrence, error only after
     all retries exhausted
   - Session record missing: debug during retries, error on final failure
   - Adds retry context (retriesExhausted, attempts) to error logs

**Impact:**

Before: 5-7 ERROR logs per corrupted session (normal occurrence)
After: 1 WARN + 1 INFO log (clean, actionable)

Final failures still logged as ERROR with full context for debugging.

https://claude.ai/code/session_01SoNUGBEWbJwWWws3F2fuzh
This commit is contained in:
Claude
2026-02-11 04:42:56 +00:00
parent b6dea4432c
commit 932a67c5ed
2 changed files with 72 additions and 18 deletions
+24 -5
View File
@@ -22,14 +22,33 @@ import { SenderKeyRecord } from './Group/sender-key-record'
import { GroupCipher, GroupSessionBuilder, SenderKeyDistributionMessage } from './Group'
import { LIDMappingStore } from './lid-mapping'
// Suppress verbose "Closing session: SessionEntry {...}" logs from libsignal
// These are raw console.log calls from the native Signal library that dump
// cryptographic session details (keys, ratchets, etc.) on every encrypt/decrypt
// Suppress verbose logs from libsignal native library
// These are raw console.log calls that dump internal state and transient errors
// that are already handled by our retry logic and session recovery system
const _origConsoleLog = console.log
console.log = function(...args: unknown[]) {
if (args.length > 0 && typeof args[0] === 'string' && args[0].startsWith('Closing session')) {
return // suppress libsignal session dump
if (args.length > 0 && typeof args[0] === 'string') {
const msg = args[0]
// Suppress session lifecycle dumps (cryptographic details on every encrypt/decrypt)
if (msg.startsWith('Closing session')) {
return
}
// Suppress transient decryption errors that are auto-recovered by retry logic
// These flood logs during normal operation when sessions are being re-established
// Final failures are still logged via our structured logger (see decode-wa-message.ts)
if (
msg.includes('Session error') ||
msg.includes('Bad MAC') ||
msg.includes('MessageCounterError') ||
msg.includes('Key used already or never filled') ||
msg.includes('Failed to decrypt message with any known session')
) {
return // suppress - our retry system handles these gracefully
}
}
_origConsoleLog.apply(console, args)
}