rich1.0feld (npub1c5…fh8gn)https://yabu.me/npub1c5tlngqj4f9f3lkxnu2swe98pem78ss6xf380ldh3rlrm595zrustfh8gnnjumphttps://yabu.menostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqsatan3ugmhaq9wgs26tp4gdua5gslfaazut27f2qclgp82knxljsmmake6 > Is this not how Matrix allows multiple devices to decrypt the same chat? Ahh, sorry! E2EE should not support multiple devices without friction, I agree. The Matrix design is not something I'm comfortable with. We are definitely in agreement here. There is a mechanism to securely get the key to a device but it's way too complicated for my taste. > Not to mention, a separate issue, if you're hosting a server, it's VERY easy to impersonate a user. But how without the admin having their private key? It should be very obvious when their messages are not encrypted with the same keys, or the messages should be dropped/rejected automatically. You should give DeltaChat a try. It's federated, has features others don't have, and the security is solid, audited. Signal has a couple properties that makes it more resilient against an attacker with infinite resources and the ability to MITM all your traffic but the gap is closing -- perhaps this year, waiting on an RFC to leave draft status. Multi device onboarding requires both devices be on the same network because a direct connection between devices is created to transfer the key material. Give it a try. Instant anonymous sign ups, and idle accounts are automatically deleted after 90 days by default. Send me a message, I'll demo some features for you. Contact me on Delta Chat: https://i.delta.chat/#BFE115F2AD580709F1CA482ACC8E93570310DD43&a=az2g6a4rm%40chat.feld.me&n=Mark&i=YforNGURahV&s=qXFHXwnH7uq