And are you really sure that Signal or your preferred messengers don't also have Zero-Click exploits? After all, they aren't sandboxed to the degree iMessage is with BlastDoor.
Signal does not escrow endpoint keys in an iCloud Backup, so your first statement is incorrect.
Also, Signal putting your escrow keys in iCloud? I don't think you know what you are talking about. You can set iMessage to not put your keys in iCloud like I said above by turning off iCloud Backup which makes it fully End-to-End with your own key on your device, just like Signal.
If you are worried about the other party having their conversations being backed up, tell them to disable iCloud Backup. If you are this worried about the privacy of your communications, hopefully the other party would be as well.
And Signal and any other E2E messenger is absolutely storing copies of your key on the recipient's phone, just like iMessage would. If it didn't, there'd be no way to verify that a message was sent from the same sender.
You might be thinking, "But what about the next message from Jim?" but that message is encrypted with a new key so the previous key isn't useful, your Signal works out what that key will be and remembers it until it receives a message from Jim.
It's a ratchet, you can go forwards but you can't go backwards, if I didn't keep the message Jim sent me last week then even though you've got the encrypted message, and I've still got a working key to receive new messages, we can't work back to decrypt the old message.
You might also be thinking, "There must be a long term identity key so that I can tell Jim and Steve apart?". Indeed there is. But Signal doesn't use this to sign messages since that's a huge security mistake, instead this long term identity key is used to sign a part of the initial keys other parties will use to communicate with you.
This design deliberately means you can't prove to anybody else, who sent you anything or what they sent. Sure, you can tell people. You can dish the dirt to your spouse, your friends, the Secret Police, but you can't prove any of it cryptographically.
"Fully" smells like a weasel word here. Either it is E2EE or it isn't. iMesssage isn't by default from what you are saying and if it requires the other end to also turn off icloud backup before it is E2EE then I'd go as far as stating that it is a completely useless attempt to be E2EE. In fact I'd argue Apple is full of sh*t if they actually ever stared that it is E2EE (but I have no idea if they did).
Comparing Signal to such a mess is... well at a minimum it is disingenuous.
