[aftbit]

Uh nope, that's a huge move of the goal posts. The point of E2E is to ensure that nobody besides the two endpoints can read the messages, including all hops along the way, notably including the service provider themselves.

The problem is that this requires users to do things like use one device to authenticate another or restart key exchange with all of their peers. If a user loses their phone, then they will need to redo their security exchange process, which nobody wants to do or even understands. Thus companies often store key material in an insecure way to allow new devices to be silently added to the account.

Plus, even if E2E is well implemented, there are still problems when the endpoint software can be remotely updated to a version that exfiltrates keys or messages.