@ariadne@treehouse.systems yeah, I think what I was trying to say it's that it seems quite important to look at past protocols for what not to do; matrix E2EE is still flaky, and sometimes it'll take a while to decrypt since there's a <unqualified> few long roundtrips to get the ciphertext for the viewing device (and ultimately the homeserver can still just fake devices; element's UI makes verification sound like a nice-to-have without explaining exactly what it accomplishes to the user.) </unqualified>