Comment by Canada

That's hardly necessary. I think the attack goes like this:

You have captured the device of some group member, and you want to investigate his associates, but you don't know who they are. So you ask Google and Apple: Make a list of all of the devices that have received a push notification sent by <list of messaging apps> where those devices have received at least 200 notifications within 50ms of a notification received by this device. (You will have to make Google or Apple share the list with the target timings with the other)

That will give you a list of everyone who is in a group chat with your target, regardless of whether or not the messages were deleted or encrypted. Now you tell Apple/Google to give all the data on those accounts. You will probably find enough in their Gmail/location history/browsing history to identify nearly all associated people without ever bothering to look at IP addresses.

This also works if you get into a chat with your target. You send some messages and then have Google/Apple identify their device via timing, then identify all their associates.