Yes, that's a correct enumeration of risks. In sum, there's no privacy risk, IF the only compromised key is the Posting one.
A caveat though: you said "they could send encrypted messages as you" — however, sending messages AS YOU in any meaningful way would require that your adversary knows who you have been communicating with. Keep in mind that it is impossible to infer the addressee of a message sent with Hive-Mail, unless you are the addressee himself and have ALL the required private keys (Memo AND Post-Quantum) to decrypt the message. Not even the sender can decrypt a message, after it's sent. That's intentional, that's a feature, I built it like this on purpose.
Build it for Reticulum. Free speech is about to end on the internet.
Thanks for the suggestion. This is actually very interesting.
https://github.com/markqvist/sideband
Hive-Mail's quantum-resistant messages could be sent via Reticulum, if one didn't want them stored onchain on Hive. Still Hive would be useful, as the Public Memo Key and Public Post-Quantum Key are publicly stored onchain and can easily be fetched as needed (my code does that).
This pipeline would work even on something like Telegram, etc. The encryption protocol is built and working, one could send the messages using any rails he chooses.
That is excellent. Going forward, I see no reason Hive couldn't move to the Reticulum network and become truly decentralized and permissionless, where mesh density allows. Various Hive users are already subject to KYC internet, such as those from the UK, and from SK. Were Hive to adopt quantum resistant encryption, that would enable free speech to continue to be a feature of Hive regardless of the edicts of tyrants or owners of legacy centralized network infrastructure. Sites like Telegram et al. would still be required to comply (even if accessed through Reticulum) because they have owners that can be compelled by their jurisdictions, but the distributed witnesses and nodes of Hive aren't the owners of the platform, and no one has any ability to accept service of process, nor any ability to comply with jurisdictional requirements for the platform, as I understand it.