As much as I liked Keybase initially I basically stopped using it.
For key lookup I use gpg --locate-key $EMAIL. That will fetch the key by e-mail using HTTPS via Web Key Directory protocol (e.g. kernel.org keys are available like that).
gpg --locate-key $EMAIL
Social proof system seemed nice at the beginning but later became just stamp collection. If someone is really using PGP they would list the key fingerprint at their page/profile. (For the record there is social proof system implemented purely in OpenPGP - Linked identities implemented e.g. in OpenKeychain).
Additionally, as far as I can see, Keybase doesn’t allow storing keys on hardware tokens (e.g. Yubikey).
The Keybase model is one key per device. So if a Yubikey is used they issue a new sub-certificate to be used on the machine. This makes it impossible to use the key as a 2FA: https://github.com/keybase/keybase-issues/issues/1946
Yep, I’ve seen lvrick’s comment previously on HN about this but I didn’t want to comment that strongly here on Lobste.rs, although lvrick clearly has a point.