I think this is less of an issue than you might think - if they're going to decrypt for law enforcement then it will become painfully obvious there's a backdoor literally the first time evidence is brought to a court that shouldn't have been available without a decryption.
But that could be a very long time if they just apply some form of parallel construction to most cases. They aren't going to burn such information on the first low level criminal/CP target they find. Instead they will wait 5 years and then sweep up a bunch of people involved in some criminal "ring".
And the problem with all these services that provide some kind of E2EE encryption and still have a way to push application updates (or run something in your browser), is that they just slip a version on your machine that sends the password to the feds/whoever when you type it in.
Thing is, if law enforcement is patient they can get the data off the actual devices themselves, if they're still alive. Yes, a fully patched iPhone tends to be a fortress of might to anyone other than a nation state willing to burn a few very expensive 0 days, but with almost any phone if you wait a year or two something will inevitably come out that will allow the ol' Cellebrite crowbar a cranny to slip into.
