I'm interpreting the HMAC is supposed to be proof you are in posession of the shared secret, and anyone else with that shared secret can verify the signature.

In this message/signnature denial case, you are only one of many people who could be in posession of the HMAC signing key in some post-hoc disclosure of this (symmetric) signing key that obfuscates the identity of the original party.

This means, a) the recipient doesn't know whether the signature is from their counterparty because that HMAC signing secret is only loosely/deniably secret, and b) without a counter (another low entropy shared secret or a ratchet), there is no way of knowing whether the signed message you recieve is the "first," one derived from your shared secret.

This is just HN comments and I haven't done a deep dive on the protocol, but I'd wonder if the anonymity (in isolation) isn't as cryptographically strong as the message encryption. I'm pretty sure OTR got a lot of scrutiny, but even in some commercial protocols with a lot of scrutiny, I've seen some agreement to not emphasize certain trade offs in their final specificaitons.

This is assuming that being able to show a traffic analysis and prove non-deniability of the parties and messages would be a break of OTR. I'm sure it's the best we have, it's just when your threat model is the attention of an adversary with bulk interception capabilities, using a protocol that lights up like a tracer round on the network, and then while message secrecy is sufficient, when you are protecting recipient identities from said adversary, you are effectively depending on the anonymity provided by a kind of stateless, high-traffic dead drop.

Not disagreeing about the use of this HMAC, but the cryptographic integrity of the anonymity guarantee of the protocol is super interesting to think about. It suggests OTR may be a solution to what is effectively direct anonymous attestation, which if it is, amazing, but if it isn't, the conversation about its limits would be a fun beers thing.