I disagree with a lot of things in this message, a server will always know who communicates with whom and when, because it needs to deliver these messages.
We know that Pegasus can infect any device without anyone really noticing and fully taking over. No message service could ever get around that meaning that as long as you use a phone you could always be the target of surveilance.
That means there is an inheritated problem with privacy on phones because no matter what a app will never be safe.
End to end encryption just ensures that there wont be a party constantly monitoring all data and enable mass surveilance.
In theory they infected everyone with Pegasus send the traffic somewhere whwre they could analyze that traffic.
I use keepass with my database on onedrive.
Then i connect every device to said onedrive account, copy the private key manually on each device that i need to use.
I secure my databse with said private key + a passphrase.
Might not be the best setup, but i feel like with passphrase+key i am secure enough to have the db file in the cloud.