> it’s questionable if this counts as “issues with e2ee”
Fair point. It's not a problem in the encryption protocol, but it is a design problem on the group membership control.
Now I think it's not completely fair to compare that to the Signal private contact discovery, which relies on SGX enclaves. First, because it's private (if you trust the SGX enclave technology), and second because even if it was not, I believe it is a pretty different level of "design problem": "if the secure enclave does not work, then the server can access a hash of your addressbook" vs "if the whole system works as expected, AND you don't constantly keep an eye on the group members, it could be that a malicious actor reads the content of your messages".
I was talking about the Signal protocol.
> it’s questionable if this counts as “issues with e2ee”
Fair point. It's not a problem in the encryption protocol, but it is a design problem on the group membership control.
Now I think it's not completely fair to compare that to the Signal private contact discovery, which relies on SGX enclaves. First, because it's private (if you trust the SGX enclave technology), and second because even if it was not, I believe it is a pretty different level of "design problem": "if the secure enclave does not work, then the server can access a hash of your addressbook" vs "if the whole system works as expected, AND you don't constantly keep an eye on the group members, it could be that a malicious actor reads the content of your messages".
Or am I misunderstanding something?