[eridius]

That's pretty cool. I was under the impression that it was validating that the twitter/github/etc are owned by the same person, but using twitter/github/etc to validate that the keybase key is correct is much cooler.

However, it's not foolproof. If your attacker (e.g. the NSA) can compromise some of the proof sources, they can return only the compromised proof sources to the client so the client doesn't see anything that contradicts their malicious key. And if the user doesn't know offhand what twitter/github belong to the person their contacting, the attacker could even simply substitute their own sources that claim to be the same person without actually requiring any compromise of the proof site at all.

For example, if I don't know already that maria's Twitter is maria_h20, then the attacker who has compromised keybase can instead return maria_g20, a Twitter account under their control that has posted a proof of the malicious key.

I get that tracking a user will mitigate this, but that only helps if I've already interacted with the user before and chosen to track them.