If you're designing E2EE in 2026
And your expectation for the user experience is that even half your users will
- manually verify key fingerprints, safety numbers, etc.
- know what to do when these mechanisms fail
Then you have not been paying attention to the research at all!
That isn't the normal behavior for how we use software.
When's the last time someone you kmow that doesn't know what "TCP" is inspected a website's certificate before sending it their password?