Basically in simple words the web servers can serve you anything they want and you couldn’t verify if you are seeing what you want. This means they can serve a malicious js under a court order to steal your credentials hence breaking their e2ee promise.
4 Likes