The user guide (https://pond.imperialviolet.org/user.html) currently says:
"Shared secret keying involves contacting a central server (using Tor) and performing a key exchange based on the shared secret. This means that, so long as a MITM attack isn't performed against the shared secret in real time then it's secure for the future."
It would be beneficial to explicitly explain to the reader that once the initial key exchange using a shared secret has occurred, the original shared secret no longer needs to be protected/stored (e.g. the used deck of cards).
The user guide (https://pond.imperialviolet.org/user.html) currently says: "Shared secret keying involves contacting a central server (using Tor) and performing a key exchange based on the shared secret. This means that, so long as a MITM attack isn't performed against the shared secret in real time then it's secure for the future."
It would be beneficial to explicitly explain to the reader that once the initial key exchange using a shared secret has occurred, the original shared secret no longer needs to be protected/stored (e.g. the used deck of cards).