> this is pretty much what Matrix does, if I understand correctly.
I think it has senders encrypt messages with each room member's public key, rather than a single shared key. (At least, that's what the behavior I've seen suggests to me.)
Here's the spec, in case you want to comb through it:
https://spec.matrix.org/v1.11/client-server-api/#end-to-end-...
> When creating a Megolm session in a room, clients must share the corresponding session key using Olm with the intended recipients, so that they can decrypt future messages encrypted using this session. An m.room_key event is used to do this. Clients must also handle m.room_key events sent by other devices in order to decrypt their messages.
https://spec.matrix.org/v1.11/client-server-api/#mmegolmv1ae...
OLM is the public key encryption scheme, similar to the Signal Protocol. It is used to exchange room_key messages, but not the room messages itself.
MEGOLM as linked in the specification: https://gitlab.matrix.org/matrix-org/olm/blob/master/docs/me...
Additionally the key is regularly updated to provide some degree of perfect forward secrecy and avoid encrypting for people who left the group chat