As the most "good faith" interpretation, I feel like the only way to do something like this in a remotely not-insane manner with the assumption that there are good reasons where messages must be decrypted would be:
* Each user gets a key to sign a message, there's also one for decryption like E2EE
* The platform owners get a part of a backdoor key for decryption (per message) as well (call it another end in E2EE if you want)
* The feds get a part of a backdoor key for decryption (per message) as well (call it another end in E2EE if you want)
* A watchdog organization also gets a part of a backdoor key for decryption (per message) as well (call it another end in E2EE if you want)
* If the feds want to decrypt something for actual anti-terrorism/anti-CSAM purposes, they convince both the platform owners and the watchdog org that they need keys for specific messages
* The watchdog automatically publishes data like: "Law enforcement agency X accessed message Y decryption key for internal case number Z" (maybe with a bit of delay)
* That way the users who have their messages decrypted can find that out what was accessed eventually
* If the feds are snooping for no good reason or political bullshit reasons, they can get sued
* If the feds are snooping too much (mass surveillance), it'd become obvious too cause you'd see that they're accessing millions of messages and maybe a few percent lead to actual arrests and convictions
* This kinda rests on the assumption that courts would be fair and wouldn't protect corrupt feds
Obviously this would never get implemented, cause the people of any watchdog org could also be corrupted not to publish the data that they should, there's probably numerous issues with backdooring encryption that you can come up with, and in practice it's way easier to implement government overreach by "Oh god, think of the children!" and move towards mass surveillance.