That is also valid for 1:1 chats, not specific to groups. It says "if you don't check the key if the remote party via a secondary channel you are vulnerable to MITM attack of the server is owned"
Which is obvious, every single E2EE encryption tool which is centralised is susceptible to it, but I would wager that decentralised too, although maybe harder to realise.
Which is obvious, every single E2EE encryption tool which is centralised is susceptible to it, but I would wager that decentralised too, although maybe harder to realise.