As described in the "White Paper" on "Appendix E - Verifying public keys" there is a theoretical possibility for a man in the middle attack for shared items. As I understand this attack is always possible if the public key is exchanged (sharing, adding to groups, etc.).
That means the "private" vault in the team account is always protected? If an hacker could steal the private key (as described in Appendix E) he would only be able to encrypt the shared items or can he encrypt the private vault too?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided