That is also valid for 1:1 chats, not specific to groups. It says "if you don't check the key if the remote party via a secondary channel you are vulnerable to MITM attack of the server is owned"
Which is obvious, every single E2EE encryption tool which is centralised is susceptible to it, but I would wager that decentralised too, although maybe harder to realise.
It depends. One good discussion.
https://crypto.stackexchange.com/questions/77319/triple-diff...
That is also valid for 1:1 chats, not specific to groups. It says "if you don't check the key if the remote party via a secondary channel you are vulnerable to MITM attack of the server is owned"
Which is obvious, every single E2EE encryption tool which is centralised is susceptible to it, but I would wager that decentralised too, although maybe harder to realise.