Message was sent before the current device was created; there was a key backup on the server, but we don't seem to have access to the backup. (Probably we don't have the right key.)
Message was sent before the current device was created; there is no key backup on the server, so this decryption failure is expected.
Message was sent when the user was not a member of the room.
Message was sent before the current device was created; there was a (usable) key backup on the server, but we still can't decrypt. (Either the session isn't in the backup, or we just haven't gotten around to checking yet.)
A special case of MEGOLM_UNKNOWN_INBOUND_SESSION_ID: the sender has told us it is withholding the key.
A special case of MEGOLM_KEY_WITHHELD: the sender has told us it is withholding the key, because the current device is unverified.
Message was encrypted with a Megolm session whose keys have not been shared with us.
Message was encrypted with a Megolm session which has been shared with us, but in a later ratchet state.
The sender's identity is not verified, but was previously verified.
Unknown or unclassified error.
We weren't able to link the message back to any known device. This will
only be used if the device isolation mode is set to OnlySignedDevicesIsolationMode.
The sender device is not cross-signed. This will only be used if the
device isolation mode is set to OnlySignedDevicesIsolationMode.
A reason code for a failure to decrypt an event.