I don’t know if I’m opening a can of worms here, and I’m still trying to backtrack a lot of history where I was tuning everything out. I keep seeing random swipes at Signal (or the representatives (?)), and I was wondering whether they are founded or just lies.Is it another situation like Lemmy where we just “take the technology and move on”? Thanks!

  • jetAEnglish
    3·
    18 hours ago

    There is not „your encryption key“ because there is not only one.

    It’s close enough, its the master key from which all other keys can be derived.

    https://signal.org/blog/secure-value-recovery/

    If someone loses their phone, the stretched_key, auth_key, and c1 variables can be regenerated at any time on the client as long as the user remembers their chosen passphrase.