[ihuman]

You can't just use some kind of Diffie–Hellman key exchange to agree on a key, instead of the user copying the key?

[jpgoldberg]

Are you suggesting simple DH without any long term secret?

Hmm. I'm fairly sure we thought through that option, but at moment I can't see see/recall why we rejected it.

[garrettr_]

Well, unauthenticated DH ("simple DH without any long term secret") is trivially MITM-able, so it could only be useful if you adversary could read but not write to the channel, which I doubt is the case in this context.

[jpgoldberg]

Right. This would be unauthenticated with all of the problems that that entails.

[roustem]

How would that work when both processes are running on the same Mac, under the same user account?