Hi! So wondering how did you solve collaboration issues using CRDTs exclusively. So I suppose that for a db you have an encryption key and then you have users with different rights, some of which can remove the other ones (let's call them admins or whatever). If your db has a certain encryption key then it should be known to all current members. Also if you remove a person he/she should not be able do decrypt new messages in the db.

So suppose you have 4 people, Alice, Bob, Clark and David, where Alice and Clark are "admins". A network partitioning happens and Alice removes Bob, so Alice changes an encryption key to X and sends a message to everybody, concurrently without knowing about the Alice's removal Clark removes David and also changes and encryption key to Y and sends a message to everyone.

So in this case if we allow the generation of new keys to happen simultaneously (without consensus) one of the deletions will not be effective, because what we wanted is both Bob and David to be removed and not know the new encryption key for the db. But now Bob knows Y and David knows X. Thus neither X, nor Y can be the encryption key, because it is known by one of the deleted persons.

Sorry for the long explanation, but I am wondering what is your solution to such a problem.