We are excited to announce a significant advancement in the security of the Signal Protocol: the introduction of the Sparse Post Quantum Ratchet (SPQR). This new ratchet enhances the Signal Protocol’s resilience against future quantum computing threats while maintaining our existing security guar...
Contact info gets hashed in a clever way which doesn’t send your info (although i guess phone number hashes could be brute forced?) Meta data is also not available. They have no way to know who you are talking to. The only info they have is that you logged ij with a ip at a time. I believe they can’t even reliable track how many messages you send. Even with a compromised server most of the magic happens in the open source client side app so that they can’t gather very much. I understand your concerns about popular centralized services but i really believe that they are unfound with signal.