The app could still send your keys _as_ an e2e message (to the app author). OS enforcement would need to be pretty intrusive to stop this (e.g. a pop-up for every message sent, displaying the actual destination of the message). I bet users would get pretty blind to such pop-ups, and it would be easy to trick them into accepting the leaking of their private keys.

If you trust the OS, it could hypothetically be built into the OS such that the app only gives what needs to be encrypted to the OS and gets back an encrypted payload to send, then the app wouldn't need to access your keys?

Of course at that point the OS has to either provide good key management itself, or a good API so that the apps can still make things seamless while still not accessing the keys directly.. and probably other problems I haven't thought of.

Makes sense. OS already does key storage (eg, secure enclave [1]) so its not hard to imagine en/decrypt without the key leaving storage.

[1] https://developer.apple.com/documentation/security/certifica...

Yeah good point, for that matter you need to trust the app isn't cc'ing the FBI on every message you send.