It seems that Proton Mail supports access to its customers public keys using two methods:

  • WKD (Web Key Distribution)
  • Exposes hkps server (host name: api.protonmail.ch)

Using WKD

Just retieve public key using the following command:

$ gpg --locate-keys prokop.bart@pm.me
gpg: key 6C74835C42CEF599: public key "prokop.bart@pm.me <prokop.bart@pm.me>" imported
gpg: Total number processed: 1
gpg:               imported: 1
pub   rsa2048 2018-05-26 [SC]
      49148230F11C0458BD19F45C6C74835C42CEF599
uid           [ unknown] prokop.bart@pm.me <prokop.bart@pm.me>
sub   rsa2048 2018-05-26 [E]

Of course it would be good to sign the key and distribute signed one to some public key server.

Using keyserver / HKPS protocol

Just specify api.protonmail.ch as keyserver:

$ gpg --keyserver hkps://api.protonmail.ch --search-key prokop.bart@proton.me
gpg: data source: https://api.protonmail.ch:443
(1)     prokop.bart@proton.me <prokop.bart@proton.me>
          EDDSA key 99411FBED9D31546, created: 2022-04-14
Keys 1-1 of 1 for "prokop.bart@proton.me".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 99411FBED9D31546: public key "prokop.bart@proton.me <prokop.bart@proton.me>" imported
gpg: Total number processed: 1
gpg:               imported: 1

The above commands runs “interactive” search against keyserver and prompts for option that allows importing desired key.