I've been trying to grasp how Protonmail could work.
From what it gather, it works like this:
When you signup, you create an account password and a mailbox password. A PGP private/public key pair is made using the mailbox password.
When you log in, you enter the account password to verify your identify, then your encrypted mail and the encrypted private key is sent to the client. The user then enters their mailbox password, which decrypts the private key, which is then used to decrypt the mail.
When mail is sent from a Protonmail account to a Protonmail account, it fetches the associated public key for that user and encrypts it with that.
Now what I don't understand is how external email accounts are treated. If, for example, my bank sends me an email, it's going to be sent in plain text, which defeats the purpose of the elaborate PGP'ing. There's no point of encrypting it when it reaches the servers, as it probably already has been intercepted in transit. This wouldn't be a problem if it was encrypted, but it isn't.
Could someone explain this to me?