[t0mbstone]

The phrase "end-to-end encryption" means very little when Facebook controls the clients on both ends, and when they control the encryption keys.

If the Facebook messenger app can launch and immediately display your messages, then they have the ability to read your messages. You just have to trust them when they say they won't.

The only way a messaging platform can guarantee true end-to-end security of your messages is if the message both enters and exits their control boundaries in an encrypted state. This means that you would have to use a third party tool to talk to their API, and then you would need to provide your key to it (not Facebook) to decrypt and encrypt messages.

Anything less than this is just security theater. As a side note, pretty much every single popular "encrypted messaging" app (such as Whatsapp and Signal) suffers from this same fundamental flaw. There's absolutely nothing stopping them from pushing out a code update that uploads your keys to their servers and gives them access to freely read your messages, and there's nothing stopping them from sending a copy of your un-encrypted messages to themselves. If they control the app, and it's not a fully open source, and if every release isn't audited, it's impossible for them to guarantee they can't read your messages.