Is this open to key commitment exploitation? Password derived key? E2EE and MLS thoughts?

[f0rest8]

Hi,

This is such an incredible repo/example, thank you to all at Dwyl for making this.

I was curious if this is susceptible to key commitment vulnerabilities?

Paper: https://eprint.iacr.org/2020/1456
Cryptography.fm podcast episode: https://www.cryptography.fm/10

Password derived keys
If so, then would it make sense to implement a password derived key mechanism part1 and part 2 from Badu's Medium posts?

I was thinking that the key/get_key process from AES.encrypt/1 is then pulling the password_derived_key from each person, perhaps making the system administration agnostic to the symmetric keys?

Asymmetric with sharing
Or perhaps with asymmetric encryption, similar perhaps to part 3 and part 4 from Badu's Medium posts?

E2EE with MLS
I guess at that point we're approaching "end-to-end" encryption in the browser (a dream)? Which, as I understand, we should be waiting for the IETF's Messaging Layer Security architecture/protocol standard to be ready for implementation?

Github MLS repos: Messaging Layer Security draft documents
Datatracker: https://datatracker.ietf.org/wg/mls/about/

Would love to hear what you think, thank you.

❤❤❤