Yeah you'd be wrong. Apple is very open about how the security model works - which is similar to Signal and fully encrypted. The only way to decrypt a message is with physical access to one of the sender/recipient's devices.
Their claims about how it operates have been confirmed by open source developers reverse engineering the protocol (e.g. Beeper).
There is one workaround — device backups can be accessed and depending how you backup, your message history is likely in there (you can do encrypted backups, but that means data loss if you forget your password or an attacker changes it on you which would happen, lots of money in a ransomware attack like that). However even then – all your other devices show a popup message if you restore from a backup - warning that a "new device" has access to your messages.