feat(e2ee): clarify encrypted-message placeholder when OpenPGP off or decryption fails

The placeholder previously opened the unlock dialog regardless of the
OpenPGP master toggle, which led to a dead-end "Plugin OpenPGP indisponible"
error when the toggle was off (registerE2EEPlugins early-returns and never
loads the plugin). Now:

- Toggle off: a click routes to /settings/encryption so re-enabling is an
  explicit user choice rather than a side effect of clicking a stale
  encrypted message.
- Key unlocked but decryption still fails (sibling-device or rotated key —
  XEP-0373 has no multi-device encryption): a tooltip explains the cause
  so the user understands why retrying won't help.

Author: mremond

apps/fluux/src/components/conversation/EncryptedPlaceholder.tsx

@@ -3,6 +3,9 @@ import { useTranslation } from 'react-i18next'
 import { Lock, LockOpen } from 'lucide-react'
 import { useWebKeyLocked } from '@/hooks/useWebKeyLocked'
 import { useWebUnlockDialogStore } from '@/stores/webUnlockDialogStore'
+import { useEncryptionSettingsStore } from '@/stores/encryptionSettingsStore'
+import { useRouteSync } from '@/hooks/useRouteSync'
+import { Tooltip } from '@/components/Tooltip'
 
 export interface EncryptedPlaceholderProps {
   /**
@@ -19,22 +22,48 @@ export interface EncryptedPlaceholderProps {
 /**
  * Rendered inside a message bubble when {@link BaseMessage.encryptedPayload}
  * is set — meaning the SDK received an E2EE-claimed stanza but could not
- * decrypt it. Two visual states:
+ * decrypt it. Three visual states:
  *
+ * - **OpenPGP disabled** (toggle off in Settings): a click routes to
+ *   `/settings/encryption` so the user can re-enable explicitly.
+ *   We intentionally don't offer the unlock dialog here — turning the
+ *   toggle on republishes the key and flips the send policy, which the
+ *   user must opt back into rather than have happen as a side effect of
+ *   clicking a placeholder.
  * - **Locked** (`useWebKeyLocked()` is true): a click prompts for the
  *   session passphrase. Once unlocked, the SDK's
  *   `retryPendingDecrypts()` re-runs and the placeholder is replaced
  *   by the real body on success.
- * - **Unlocked**: the cipher rejected the unlocked key (revoked
- *   identity, wrong recipient, corrupt payload). The placeholder is
- *   static — clicking again won't help.
+ * - **Unlocked, decryption still failed**: the cipher rejected the
+ *   unlocked key — most often because the message was encrypted to a
+ *   sibling-device or rotated key that this browser doesn't hold
+ *   (XEP-0373 has no multi-device encryption). The placeholder is
+ *   static; a tooltip explains why clicking again won't help.
  */
 export const EncryptedPlaceholder = memo(function EncryptedPlaceholder(
   _props: EncryptedPlaceholderProps,
 ) {
   const { t } = useTranslation()
   const locked = useWebKeyLocked()
+  const openpgpEnabled = useEncryptionSettingsStore((s) => s.openpgpEnabled)
   const openWebUnlockDialog = useWebUnlockDialogStore((s) => s.openWebUnlockDialog)
+  const { navigateToSettings } = useRouteSync()
+
+  if (!openpgpEnabled) {
+    return (
+      <button
+        type="button"
+        onClick={() => navigateToSettings('encryption')}
+        className="flex items-center gap-2 text-fluux-muted italic hover:text-fluux-text transition-colors cursor-pointer text-start"
+        aria-label={t('chat.encryption.encryptedDisabled')}
+      >
+        <Lock className="w-3.5 h-3.5 flex-shrink-0 text-fluux-muted" aria-hidden="true" />
+        <span className="underline underline-offset-2 decoration-dotted">
+          {t('chat.encryption.encryptedDisabled')}
+        </span>
+      </button>
+    )
+  }
 
   if (locked) {
     return (
@@ -53,9 +82,13 @@ export const EncryptedPlaceholder = memo(function EncryptedPlaceholder(
   }
 
   return (
-    <div className="flex items-center gap-2 text-fluux-muted italic">
+    <Tooltip
+      content={t('chat.encryption.couldNotDecryptTooltip')}
+      position="top"
+      className="flex items-center gap-2 text-fluux-muted italic"
+    >
       <LockOpen className="w-3.5 h-3.5 flex-shrink-0" aria-hidden="true" />
       <span>{t('chat.encryption.encryptedCouldNotDecrypt')}</span>
-    </div>
+    </Tooltip>
   )
 })

apps/fluux/src/i18n/locales/ar.json

@@ -486,6 +486,8 @@
             "keyLockedTooltip": "التشفير مقفل — انقر للفتح",
             "encryptedClickToUnlock": "رسالة مشفرة — انقر للفتح",
             "encryptedCouldNotDecrypt": "تعذر فك تشفير هذه الرسالة",
+            "encryptedDisabled": "التشفير معطّل — قم بتفعيله من الإعدادات",
+            "couldNotDecryptTooltip": "رسالة مشفّرة بمفتاح غير متوفّر على هذا الجهاز",
             "rejected": "الشهادة مرفوضة",
             "rejectedTooltip": "شهادة OpenPGP الخاصة بالطرف الآخر غير صالحة — انقر للتفاصيل",
             "rejectedTitle": "الشهادة مرفوضة",

apps/fluux/src/i18n/locales/be.json

@@ -486,6 +486,8 @@
             "keyLockedTooltip": "Шыфраванне заблакаванае — націсніце, каб разблакаваць",
             "encryptedClickToUnlock": "Зашыфраванае паведамленне — націсніце для разблакоўкі",
             "encryptedCouldNotDecrypt": "Не атрымалася расшыфраваць гэта паведамленне",
+            "encryptedDisabled": "Шыфраванне адключана — уключыце ў наладах",
+            "couldNotDecryptTooltip": "Паведамленне зашыфравана ключом, недаступным на гэтай прыладзе",
             "rejected": "Сертыфікат адхілены",
             "rejectedTooltip": "Сертыфікат OpenPGP суразмоўцы несапраўдны — націсніце для падрабязнасцей",
             "rejectedTitle": "Сертыфікат адхілены",

apps/fluux/src/i18n/locales/bg.json

@@ -486,6 +486,8 @@
             "keyLockedTooltip": "Криптирането е заключено — щракнете за отключване",
             "encryptedClickToUnlock": "Шифровано съобщение — щракнете за отключване",
             "encryptedCouldNotDecrypt": "Това съобщение не можа да бъде дешифрирано",
+            "encryptedDisabled": "Криптирането е изключено — активирайте го в настройките",
+            "couldNotDecryptTooltip": "Съобщението е криптирано с ключ, който не е достъпен на това устройство",
             "rejected": "Сертификатът е отхвърлен",
             "rejectedTooltip": "OpenPGP сертификатът на отсрещната страна е невалиден — щракнете за подробности",
             "rejectedTitle": "Сертификатът е отхвърлен",

apps/fluux/src/i18n/locales/ca.json

@@ -488,6 +488,8 @@
             "keyLockedTooltip": "Xifratge bloquejat — feu clic per desbloquejar",
             "encryptedClickToUnlock": "Missatge xifrat — feu clic per desbloquejar",
             "encryptedCouldNotDecrypt": "No s'ha pogut desxifrar aquest missatge",
+            "encryptedDisabled": "Xifratge desactivat — activeu-lo a la configuració",
+            "couldNotDecryptTooltip": "Missatge xifrat per a una clau no disponible en aquest dispositiu",
             "rejected": "Certificat rebutjat",
             "rejectedTooltip": "El certificat OpenPGP del contacte no és vàlid — feu clic per veure'n els detalls",
             "rejectedTitle": "Certificat rebutjat",

apps/fluux/src/i18n/locales/cs.json

@@ -488,6 +488,8 @@
             "keyLockedTooltip": "Šifrování uzamčeno — odemkněte kliknutím",
             "encryptedClickToUnlock": "Šifrovaná zpráva — odemkněte kliknutím",
             "encryptedCouldNotDecrypt": "Tuto zprávu se nepodařilo dešifrovat",
+            "encryptedDisabled": "Šifrování je vypnuto — zapněte jej v nastavení",
+            "couldNotDecryptTooltip": "Zpráva zašifrovaná pro klíč, který není na tomto zařízení k dispozici",
             "rejected": "Certifikát odmítnut",
             "rejectedTooltip": "OpenPGP certifikát protistrany je neplatný — klikněte pro podrobnosti",
             "rejectedTitle": "Certifikát odmítnut",

apps/fluux/src/i18n/locales/da.json

@@ -486,6 +486,8 @@
             "keyLockedTooltip": "Kryptering låst — klik for at låse op",
             "encryptedClickToUnlock": "Krypteret besked — klik for at låse op",
             "encryptedCouldNotDecrypt": "Kunne ikke dekryptere denne besked",
+            "encryptedDisabled": "Kryptering deaktiveret — aktivér den i indstillingerne",
+            "couldNotDecryptTooltip": "Beskeden er krypteret til en nøgle, der ikke er tilgængelig på denne enhed",
             "rejected": "Certifikat afvist",
             "rejectedTooltip": "Modpartens OpenPGP-certifikat er ugyldigt — klik for detaljer",
             "rejectedTitle": "Certifikat afvist",

apps/fluux/src/i18n/locales/de.json

@@ -488,6 +488,8 @@
             "keyLockedTooltip": "Verschlüsselung gesperrt — zum Entsperren klicken",
             "encryptedClickToUnlock": "Verschlüsselte Nachricht — zum Entsperren klicken",
             "encryptedCouldNotDecrypt": "Diese Nachricht konnte nicht entschlüsselt werden",
+            "encryptedDisabled": "Verschlüsselung deaktiviert — in den Einstellungen aktivieren",
+            "couldNotDecryptTooltip": "Nachricht für einen auf diesem Gerät nicht verfügbaren Schlüssel verschlüsselt",
             "rejected": "Zertifikat abgelehnt",
             "rejectedTooltip": "Das OpenPGP-Zertifikat des Gesprächspartners ist ungültig — klicke für Details",
             "rejectedTitle": "Zertifikat abgelehnt",

apps/fluux/src/i18n/locales/el.json

@@ -487,6 +487,8 @@
             "keyLockedTooltip": "Η κρυπτογράφηση είναι κλειδωμένη — κάντε κλικ για ξεκλείδωμα",
             "encryptedClickToUnlock": "Κρυπτογραφημένο μήνυμα — κάντε κλικ για ξεκλείδωμα",
             "encryptedCouldNotDecrypt": "Δεν ήταν δυνατή η αποκρυπτογράφηση αυτού του μηνύματος",
+            "encryptedDisabled": "Η κρυπτογράφηση είναι απενεργοποιημένη — ενεργοποιήστε την στις ρυθμίσεις",
+            "couldNotDecryptTooltip": "Μήνυμα κρυπτογραφημένο για κλειδί που δεν είναι διαθέσιμο σε αυτή τη συσκευή",
             "rejected": "Πιστοποιητικό απορρίφθηκε",
             "rejectedTooltip": "Το πιστοποιητικό OpenPGP του συνομιλητή δεν είναι έγκυρο — κάντε κλικ για λεπτομέρειες",
             "rejectedTitle": "Πιστοποιητικό απορρίφθηκε",

apps/fluux/src/i18n/locales/en.json

@@ -485,6 +485,8 @@
             "keyLockedTooltip": "Encryption locked — click to unlock",
             "encryptedClickToUnlock": "Encrypted message — click to unlock",
             "encryptedCouldNotDecrypt": "Couldn't decrypt this message",
+            "encryptedDisabled": "Encryption disabled — enable it in the settings",
+            "couldNotDecryptTooltip": "Message encrypted to a key not available on this device",
             "rejected": "Certificate rejected",
             "rejectedTooltip": "Peer's OpenPGP certificate is invalid — click for details",
             "rejectedTitle": "Certificate rejected",