Xmpp was designed for ease of federation and simplicity in implementation. Most messaging apps these days are designed, or at least say they are designed, with privacy first. There probably are plugins for xmpp to allow for e2e encryption and contact list and metadata privacy from server admins but that depends on the server and will probably not be as secure as signal. Just as signal can be federated but it’s complex and not really worth it.
There’s a tradeoff between privacy/security and federation/decentralization and most people value privacy and security more.
Xmpp was designed for ease of federation and simplicity in implementation. Most messaging apps these days are designed, or at least say they are designed, with privacy first. There probably are plugins for xmpp to allow for e2e encryption and contact list and metadata privacy from server admins but that depends on the server and will probably not be as secure as signal. Just as signal can be federated but it’s complex and not really worth it.
There’s a tradeoff between privacy/security and federation/decentralization and most people value privacy and security more.