If you're operating under the assumption that users aren't going to check their peers' key fingerprints, then you could just give compromised keys from the beginning -- no rekeying necessary. There's no way to protect against that scenario. That's not a fault of WhatsApp.
If you're operating under the assumption that users aren't going to check their peers' key fingerprints, then you could just give compromised keys from the beginning -- no rekeying necessary. There's no way to protect against that scenario. That's not a fault of WhatsApp.