[f_devd]

Encrypted at rest does not actually do anything against interoperability of protocols (as I put in my comment), a secure element/coprocessor is nice but still does nothing against compatibility. Even if the entire protocol is somehow in the coprocessor (ala BPF/SGX) there is nothing preventing the counterparty from running it on a regular CPU.

[hedora]

Interoperability can break security properties though. If I send you an iMessage, I can be confident that someone that steals your phone (while it is locked) cannot read that message (ignoring things like state-sponsored attacks).

[f_devd]

Prolonged unsupervised physical access is usually already seen as a compromise. Regardless although there is a lot more publicity on Apple's "online attack" difficulty, it's mostly the same story on any semi-recent version of android[0] (barring any unknown zero-days/backdoors from specific manufacturers).

[0]: https://theconversation.com/what-if-the-fbi-tried-to-crack-a...