@alwayscurious@infosec.exchange
There are applications that legitimately need βhere is a big list of contacts/files/etc up frontβ. Contact discovery is one of them, and there is no practical way to implement it at scale without requiring some central server to have access to all the contacts a user might want to get in touch with. One can try to ensure that server will never reveal the plain text, but that is all.
If you have thousands of contacts, selecting them one by one is slow. It doesnβt surprise me at all that messaging apps ask for the Contacts permission: I know of no other approach that will have good user experience.