I asked a question yesterday about the Keybase key model and got no answers, unfortunately. Let me rephrase the question to make it clearer: in the case, if 2 users just want to send each other low-frequency e2e encrypted messages (e.g. files) via a 3rd party semi-trusted server over a secure channel i.e. TLS, using curve25519 key pairs and do x25519 and AEAD(e.g. poly1305chacha20 like in libsodium's crypto_box_*()). Note that this is not a public web server or a VPN where messages have a streaming nature and you can have thousands if not millions of ciphertexts messages in a short period of time.
Is being concerned about forward-secrecy in such case irrelevant and somewhat overkill and static-static DH is enough?
Also, can ephemeral-static DH mitigate the forward-secrecy problem, at least for one party (aka the receiver) since static-static DH still suffers that if one of the parties got compromised all the messages are then compromised regardless of whether the other party is keeping his private key secure?
