It’s E2E, E2E isn’t really something you can be sneaky about unless you roll your own encryption and then make claims about it totally being safe bro
With a closed source app? Of course you can. How is anyone supposed to know what keys you use for encryption? Doesn't even need to be a remote one - just the key generation be reproducible by the developer.