Dehydrated devices: when resetting SSSS, if some prior step fails, we won't reset device dehydration

[uhoreg]

ref matrix-org/matrix-react-sdk#12316 (comment)

Device dehydration is set up after cross-signing and key backup. If there is an error setting up one of those during SSSS reset, then dehydration will not be reset. In particular, there may be a dehydrated device encrypted with an old dehydration key, and so will not be able to be decrypted unless the user has access to the old SSSS key (which, if they reset SSSS, they probably don't).

To fix (making it more robust, but not atomic, which would require a larger change + spec changes):

• Ensure we retry requests to the server if we fail
• If a step fails, display a meaningful error to the user and ask them to try again later
• Cover both initial setup and reset of SSSS