For example, an operating system-level bug.

Sure. I was thinking you meant network-level (passive) observation. Any OS-privileged compromise would possibly affect any program, with the exception of "third-party" "assistance" such by using TPM or TEE right? (Unless you meant something like hooking into keyboard-handling hooks that aren't well protected/separated/isolated.) Does Keychat do this differently, or any other reason for the emphasis? Also, slight inaccuracy but nitpicking. One can send multiple messages in a series all in the same ratchet. So it isn't a "single" message. I'm guessing you meant that.