@benbz's server has ended up in a spectacular mess where its device_lists for me & Amandine are several years old - log details in https://github.com/matrix-org/riot-ios-rageshakes/issues/3483.

I have a hunch that what's happened is that:

• Ben sets up server
• Temporarily joins some (encrypted?) room, years ago, thus getting a copy of Amandine & my keys
• Subsequently is in a private room with us which gets upgraded to E2E
• ...but the upgrade to E2E doesn't trigger a check of our device lists by calling matrix://matrix.org/_matrix/federation/v1/user/keys/query, so the server blindly uses the ancient E2E keys.
• Amandine & I rarely log in on our main accounts, so we never send new m.device_list_update EDUs from matrix.org, so the device list is never corrected.

This is kinda similar to #4827 or #5433.

Possible solutions:

• If you receive a reference to an unrecognised device from a server, you should refresh your cache of that user's devicelist (useful defensive measure anyway)
• Ensure that device list caches are flushed when you lose contact with a user, or re-populated when you regain contact