If a shared QR/link is read by an adversary, they can subvert all the privacy guarantees. Users should be prominently warned in the UI to keep the link/QR safe--in particular, if they click "link" sharing, they should be warned to only share via secure channels (e.g. Signal).
If a shared QR/link is read by an adversary, they can subvert all the privacy guarantees. Users should be prominently warned in the UI to keep the link/QR safe--in particular, if they click "link" sharing, they should be warned to only share via secure channels (e.g. Signal).