diff --git a/src/Cache.cpp b/src/Cache.cpp
index aba76406..8146e2cc 100644
--- a/src/Cache.cpp
+++ b/src/Cache.cpp
@@ -3588,25 +3588,31 @@ Cache::updateUserKeys(const std::string &sync_token, const mtx::responses::Query
                         updateToWrite.self_signing_keys = update.self_signing_keys;
                         updateToWrite.user_signing_keys = update.user_signing_keys;
 
-                        // If we have keys for the device already, only update the signatures.
+                        auto oldDeviceKeys = std::move(updateToWrite.device_keys);
+                        updateToWrite.device_keys.clear();
+
+                        // Don't insert keys, which we have seen once already
                         for (const auto &[device_id, device_keys] : update.device_keys) {
-                                if (updateToWrite.device_keys.count(device_id) &&
-                                    updateToWrite.device_keys.at(device_id).keys ==
-                                      device_keys.keys) {
-                                        updateToWrite.device_keys.at(device_id).signatures =
-                                          device_keys.signatures;
+                                if (oldDeviceKeys.count(device_id) &&
+                                    oldDeviceKeys.at(device_id).keys == device_keys.keys) {
+                                        // this is safe, since the keys are the same
+                                        updateToWrite.device_keys[device_id] = device_keys;
                                 } else {
                                         bool keyReused = false;
                                         for (const auto &[key_id, key] : device_keys.keys) {
                                                 (void)key_id;
                                                 if (updateToWrite.seen_device_keys.count(key)) {
+                                                        nhlog::crypto()->warn(
+                                                          "Key '{}' reused by ({}: {})",
+                                                          key,
+                                                          user,
+                                                          device_id);
                                                         keyReused = true;
                                                         break;
                                                 }
                                         }
 
-                                        if (!updateToWrite.device_keys.count(device_id) &&
-                                            !keyReused)
+                                        if (!keyReused && !oldDeviceKeys.count(device_id))
                                                 updateToWrite.device_keys[device_id] = device_keys;
                                 }