Apps (such as Signal) that care about end-to-end encryption do their own key management. So, Apple / Google servers only ever see ciphertext, and don't have access to the key material that's used for the encryption.

▲

toast0 3 hours ago | parent [-]

Afaik, e2e messengers don't include ciphertext with push notifications. It's an empty push to wake the client. Then the client contacts the origin to fetch the ciphertext.

	▲	saagarjha 2 hours ago \| parent [-]
		This is how it used to work; notifications can be encrypted now and Signal uses an extension to decrypt them.