It's not a forking attack, it's a selective-lying attack -- a malicious Keybase server could serve up old versions of someone's files, or pretend that e.g. no shared files exist between you and another user even though they do.
Putting everything into Merkle trees with published updating hashes allows clients to catch a malicious server -- if the server wants to lie to someone (without being caught), it has to lie to everyone at once.
Putting everything into Merkle trees with published updating hashes allows clients to catch a malicious server -- if the server wants to lie to someone (without being caught), it has to lie to everyone at once.