From d2f677ae0c533232e2d4527969c2a0619d0d5f5e Mon Sep 17 00:00:00 2001
From: Dave <futurechimp@users.noreply.github.com>
Date: Tue, 17 Mar 2026 14:56:59 +0000
Subject: [PATCH] story-kit: create
 263_story_matrix_bot_self_signs_device_keys_at_startup_for_verified_encryption

---
 ...keys_at_startup_for_verified_encryption.md | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 .story_kit/work/1_upcoming/263_story_matrix_bot_self_signs_device_keys_at_startup_for_verified_encryption.md

diff --git a/.story_kit/work/1_upcoming/263_story_matrix_bot_self_signs_device_keys_at_startup_for_verified_encryption.md b/.story_kit/work/1_upcoming/263_story_matrix_bot_self_signs_device_keys_at_startup_for_verified_encryption.md
new file mode 100644
index 0000000..0f8d6f4
--- /dev/null
+++ b/.story_kit/work/1_upcoming/263_story_matrix_bot_self_signs_device_keys_at_startup_for_verified_encryption.md
@@ -0,0 +1,20 @@
+---
+name: "Matrix bot self-signs device keys at startup for verified encryption"
+---
+
+# Story 263: Matrix bot self-signs device keys at startup for verified encryption
+
+## User Story
+
+As a Matrix room participant, I want the bot's messages to not show "encrypted by a device not verified by its owner" warnings, so that I have confidence the bot's encryption is fully verified.
+
+## Acceptance Criteria
+
+- [ ] At startup the bot checks whether its own device keys have been self-signed (cross-signed by its own user identity)
+- [ ] If the device keys are not self-signed, the bot signs them automatically
+- [ ] After signing, the bot uploads the new signatures to the homeserver
+- [ ] After a clean start (fresh matrix_store / device_id) the bot's messages no longer show the 'encrypted by a device not verified by its owner' warning
+
+## Out of Scope
+
+- TBD