> The matrix developers run a push service, which all servers have to talk to to push notifications to their iOS app, even if you run your own instance.
This isn't really true: there are lots of Matrix iOS clients out there, and each run their own separate push server. Only Element iOS's push server is run by the 'matrix developers', and if you are worried about that then (if you are an iOS developer) you can build your own copy of Element iOS pointed at your own push server.
> This means that both the push server operator, as well as Apple, can see the content of all of the push notification messages, thereby bypassing the e2e encryption as well.
This is completely incorrect. By definition, the server can't see the contents of end-to-end encrypted messages, and we don't send push contents (encrypted or otherwise) to the push gateway anyway. Instead, the push notification is a single flag sent to the client to tell it to wake up, which then runs a Push Extension (on iOS) to talk to the Matrix server and do E2EE in order to display the notification body (if desired). It's become particularly painful since iOS 13 thanks to https://appleinsider.com/articles/19/09/05/secure-messaging-....
Oh, okay, so just to confirm this means that push servers *AREN'T* getting any information about the messages being sent to users? The contents of the message, who sent it, etc?
They don't get the contents of the message, and I don't believe (off the top of my head) that they get told who sent the message. It's just a "you received a message" notification, that the phone then has to expand into the actual notification itself by talking direct to the server.
This isn't really true: there are lots of Matrix iOS clients out there, and each run their own separate push server. Only Element iOS's push server is run by the 'matrix developers', and if you are worried about that then (if you are an iOS developer) you can build your own copy of Element iOS pointed at your own push server.
> This means that both the push server operator, as well as Apple, can see the content of all of the push notification messages, thereby bypassing the e2e encryption as well.
This is completely incorrect. By definition, the server can't see the contents of end-to-end encrypted messages, and we don't send push contents (encrypted or otherwise) to the push gateway anyway. Instead, the push notification is a single flag sent to the client to tell it to wake up, which then runs a Push Extension (on iOS) to talk to the Matrix server and do E2EE in order to display the notification body (if desired). It's become particularly painful since iOS 13 thanks to https://appleinsider.com/articles/19/09/05/secure-messaging-....