> I don't have enough of the infrastructure of signal's ephemeral key pre-sharing front of mind. But I really hope there is some way to get this to work in a federated system.
Well, there's one major hurdle: multiple devices. Pre shared keys (and one time keys, and ratchet keys) are generated on the user's computer. If there's several of them, say a Wintel desktop and an Android palmtop, messages sent with the desktop's pre-shared keys can't be decrypted by the palmtop¹.
So we need a need to synchronise those keys between the devices. The easiest way to do it is to store the private half on the recipient's server. But then you need to encrypt them to prevent the server from breaking forward secrecy. The encryption key must then be shared across both desktop and palmtop. (UI wise, it's pretty easy: connect both devices to the server, then manually type on the new device some low-ish entropy secret the old device is displaying on screen.)
Matrix has gotten much better about this. Most scenarios where device lists get out of date are caused by the device list cache for federared homeservers being out of date. But with synapse 1.10 (released a few weeks ago), homeservers will refresh the device list much more aggressively in circumstances where it's clear that the cache is old (such as receiving a new message from a federated user on an unknown device).
Well, there's one major hurdle: multiple devices. Pre shared keys (and one time keys, and ratchet keys) are generated on the user's computer. If there's several of them, say a Wintel desktop and an Android palmtop, messages sent with the desktop's pre-shared keys can't be decrypted by the palmtop¹.
So we need a need to synchronise those keys between the devices. The easiest way to do it is to store the private half on the recipient's server. But then you need to encrypt them to prevent the server from breaking forward secrecy. The encryption key must then be shared across both desktop and palmtop. (UI wise, it's pretty easy: connect both devices to the server, then manually type on the new device some low-ish entropy secret the old device is displaying on screen.)
[1] Commonly misnamed "phone"