been working on true E2EE in ActivityPub, using the MLS protocol — which is a successor to Signal protocol with better support for very large groups.

a consensus protocol could be used

An Authentication Service (AS) that enables group members to authenticate the credentials presented by other group members.

If a member finds that another member's credential has expired, they may issue a Remove that removes that member.

The Delivery Service cannot guarantee that application messages will arrive in order within the same epoch. To address this, applications can configure the out_of_order_tolerance parameter of the SenderRatchetConfiguration. The configuration can be set as the sender_ratchet_configuration parameter of the MlsGroupCreateConfig

The Delivery Service cannot guarantee that application messages from one epoch are sent before the beginning of the next epoch. To address this, applications can configure their groups to keep the necessary key material around for past epochs by setting the max_past_epochs field in the MlsGroupCreateConfig to the desired number of epochs