We should prevent the attack where a group participant can send different messages to different people.
Instead of introducing first-class groups and throwing away what sufec is, I think we should explore solving this by including hashes of previous messages along with each message. When you receive a message, check if those hashes match the messages you received earlier, and if not, show an alert.
This probably requires #8.
An obstacle is that messages don't necessarily arrive in the same order for everyone, especially when new people are being invited. So there are situations where never receiving an acknowledgement for a given message isn't a sign of an attack, and situations where it is.