This shadow device would have it's own keys to read messages sent to your iCloud account. To my knowledge, there's nothing in the security model to prevent this.

Matthew Green has some great posts about iMessage security. This one describes the key lookup issue:

https://blog.cryptographyengineering.com/2015/09/09/lets-tal...

Looking at the linked Apple Platform Security, it seems like the Apple Identity Service is still used as a public key directory.