Signal requires phone numbers because of taking care of users' privacy. Signal's choice to require a phone number is due to storing a contact list on a local machine to protect users' metadata. And PGP is never as secure as Signal or Other Encrypted Messenger (WhatsApp). Many Cryptographers blamed about weak security of PGP (https://latacora.micro.blog/2019/07/16/the-pgp-problem.html, https://latacora.micro.blog/2020/02/19/stop-using-encrypted...., https://blog.cryptographyengineering.com/2014/08/13/whats-ma..., https://blog.filippo.io/giving-up-on-long-term-pgp/) and even Edward Snowden doesn't use it now (https://twitter.com/Snowden/status/1175437588129308672).

Why wouldn't signal be able to store local data without a phone number? Your argument seems like a red herring.

They could also just ask for an email, like wire does.

Edit: or generate a UUID type random string for each new device.

This is because unlike Signal, the wire store user contact is on the server. (https://www.vice.com/en/article/gvzw5x/secure-messaging-app-...)

>or Signal have no means of verifying keys

To be fair, you've always been able to verify safety numbers (i.e. fingerprints i.e. public key hashes).

https://signal.org/blog/safety-number-updates/

Verifying a public key over a secure channel works trivially for any public key cryptography system.

I was referring to ways to establish such secure secondary channels. Either verify a key yourself, eg, in person, or use distributed trust to average out the noise.

For example, keybase has an approach: linking various identity information to keys.

Signal is secure in a strange narrow interpretation of the security. There are problems if you look more broadly.