Which still requires a backdoor or control agency which is insecure and can be exploited by anyone by grace of existing and given some time/effort.

The same can be said for the organization distributing E2EE messaging app binaries (or source + compiler) even without any official backdoor.

There isn't though unfortunately. If you allow it audit trail or not it can and will be abused. FISA court being an example of that exact type of warrant abuse. Even without a warrant someone would have to hold the master key or keys that any nation state would go to great lengths if they weren't in possession of them and if that did hold it; they will abuse it.

They seem to unlock most of this info though by attacking the endpoint itself anyway.