@ghosttie this is the PKI problem, sometimes also called the hardest problem in cryptography. There are many proposed solutions to it, and they all pretty much suck or are at least imperfect. For e2ee chat apps in particular, you either meet in person and scan QR codes, you trust the provider to distribute honestly, or you compare safety numbers out of band. Comparing numbers out of band obviously is getting more and more difficult with things like AI deep fakes making video calls not an easily authenticated channel.