This is a good thing. It is (was?) all too inviting to leave clients unverified because verification is (was?) hard and annoying.

The code examples I'm aware of for clients using the first-party library also leave verification and E2EE out, FWIW.