@IzzyOnDroid@mastodon.technology @fdroidorg@mastodon.technology After looking into it a bit further with some friends, it looks like they're basically trying to implement Sealed Sender. And while they've at least documented their design (unlike Signal), it's broken in all the same ways, and doesn't really provide any more protection than a user-identifier-based system would.