> I had thought the push notifications were end-to-end encrypted

Much of the metadata is plaintext, in both Apple and Google's Push Notification architecture.

My understanding is that in Signal's implementation of push notifications the message text is end-to-end encrypted by Signal and decrypted on device by the Signal app. The decryption is not handled by the OS's push notification system.

	▲	tadfisher 2 hours ago \| parent [-]
		If I am reading this right, your understanding is incorrect. Signal's "new messages" push message payload is empty. Upon receiving a message of this type, the Signal app wakes up, fetches the actual messages, and (optionally) displays local notifications for them. At no point does the push message payload contain message text or metadata, encrypted or not.