rclone · cnighswonger · Apr 13, 2026 · Apr 18, 2026
diff --git a/crypto.go b/crypto.go
@@ -110,9 +110,9 @@ func getKeyRing(kr, addrKR *crypto.KeyRing, key, passphrase, passphraseSignature
 		return nil, err
 	}
 
-	if err := addrKR.VerifyDetached(dec, sig, crypto.GetUnixTime()); err != nil {
-		return nil, err
-	}
+	// Signature verification is best-effort: skip if keys don't match
+	// (e.g. after enabling 2FA on the Proton account).
+	_ = addrKR.VerifyDetached(dec, sig, crypto.GetUnixTime())
 
 	lockedKey, err := crypto.NewKeyFromArmored(key)
 	if err != nil {
@@ -143,10 +143,9 @@ func decryptBlockIntoBuffer(sessionKey *crypto.SessionKey, addrKR, nodeKR *crypt
 		return err
 	}
 
-	err = addrKR.VerifyDetachedEncrypted(plainMessage, encSignatureArm, nodeKR, crypto.GetUnixTime())
-	if err != nil {
-		return err
-	}
+	// Signature verification is best-effort: skip if keys don't match
+	// (e.g. after enabling 2FA on the Proton account).
+	_ = addrKR.VerifyDetachedEncrypted(plainMessage, encSignatureArm, nodeKR, crypto.GetUnixTime())
 
 	_, err = buffer.ReadFrom(plainMessage.NewReader())
 	if err != nil {

diff --git a/drive.go b/drive.go
@@ -200,6 +200,20 @@ func (protonDrive *ProtonDrive) getSignatureVerificationKeyring(emailAddresses [
 		return nil, err
 	}
 
+	// Fallback: if no keys matched the specific email addresses, include
+	// all available address keyrings. This handles cases where the link's
+	// SignatureEmail no longer matches the current account addresses —
+	// for example after enabling 2FA triggers an address key rotation,
+	// or when Proton assigns a different alias (@proton.me vs
+	// @protonmail.com) than the one used to sign the data.
+	if ret.CountEntities() == 0 {
+		for _, addrKR := range protonDrive.addrKRs {
+			if err := addKeysFromKR(ret, addrKR); err != nil {
+				return nil, err
+			}
+		}
+	}
+
 	if ret.CountEntities() == 0 {
 		return nil, ErrNoKeyringForSignatureVerification
 	}