Ask for room keys when bot doesn't have them

[AndrewFerr]

Though it should never happen in practice, bots may somehow lose a room key, and thus lose the ability to decrypt messages sent in that room from the user whose key was lost.

When this happens, the bot should simply ask the user for their room key via a key request.

Otherwise, the only way this can be fixed is if the user whose key was lost either resends the key, or generates a new key for the room & sends that one instead. I'm not aware of whether the former is possible, but the latter can be done by manually running the /discardsession command in an Element clients.

[justinbot]

Looks like this is not so straightforward and would require implementation in the rust-sdk as it essentially requires cross-signing:

(At least in terms of requesting keys from another user? I'm not sure about from other devices of the same user)

https://spec.matrix.org/v1.5/client-server-api/#key-requests

Key sharing can be a big attack vector, thus it must be done very carefully. Clients should only send keys requested by the verified devices of the same user, and should only request and accept forwarded keys from verified devices of the same user.