More like WhatsApp used Signal's protocol. The Signal Protocol was in existence before WhatsApp started using it. It uses that protocol because of the fact that it's the gold standard of end-to-end encryption protocols. Telegram's protocol was criticized because it was vulnerable in various ways that Signal's protocol was not. Encryption experts cross the world pretty much universally agreed on that. The reason why governments don't go after Signal, but they went after Telegram, is because Telegram didn't encrypt all that much. In fact, it only encrypted things if you specifically told it to. There'd be no reason for governments to even try to go after Signal if everything's encrypted and that nothing can actually be taken from it. In fact, governments have tried to get data from Signal, but were unable to take anything because of how everything is encrypted except for basic data like when a person first started using the platform. It's ironic that you're talking about all of this while supporting SimpleX, which is backed by a for-profit corporation and is relatively new to the field, thus meaning that they have not been proven quite like Signal has been. By all means, SimpleX is a very neat tool that I am very much looking forward to seeing the future of, but if you want security, you really can't get better than Signal. This isn't just my opinion either. This is the opinion of virtually every security expert, cypherpunk, etc. Edward Snowden himself recommended it, and if someone with such a high threat model is confident in using it, then average Joe on Nostr can use it.

Also, as an addendum, Signal does not leak metadata, that is blatantly false. The only metadata that anybody can get is stuff like the frequency of a message being sent, and you really can't cut down on that kind of metadata, even with SimpleX. In fact, Signal has a feature called Sealed Sender that makes it so that, when you receive a message, anybody spying on the network can't see who that message came from. If you and all your contacts are using Sealed Sender, then there's really no way for them to truly figure out who you or your contacts are unless you doxx your contacts through other means, such as using, well, Telegram.

Signal "leaks" metadata because everything goes through their servers. They can't see the contents of messages, of course, but they can see everything else. At least to the extent that they have information about users. Simplex fixes this, that's what it was designed for.

I prefer SimpleX as well, but to be fair the encryption protocol that Whatsapp uses (and SimpleX uses) was created by Signal, not the other way around. They can't stop Whatsapp from using it. It's open source. I too wonder why they've never gone at Signal as hard as they did with Telegram. It is odd tbh. Also, Meredith Whitaker arrogant dismal to the whole insecure encryption key fiasco for Signals desktop app that went down a few months ago left a bad taste in my mouth. Signal should've fixed that problem years ago, there was many complaints, but only relented once there was finally massive public backlash. Nothing 100% damning, but definitely sus

Pretty much agree with everything you're saying. I use both too. Signal with family and friends. You're right its normie friendly and was pretty easy for them to transition over. Hundred times better than normal sms texting so I'll take what I can get. I have no solid reason to think it's compromised, but various decisions they've made and events that have happened over time (like them not updating their code for over a year awhile back) just naturally raise eyebrows. It's not like I think they can decrypt our messages or anything like that (although the desktop app thing was a potential weak point if it was used. Evengy talks about the technical details of this on Gabriel Custodiet and Seths podcasts). More like there is potential valuable metadata for three letter agencies to conveniently harvest from centralized servers. But even if that were true, it is still better than the status quo of closed source social unencrypted (or server side encrypted) media messengers, email, and sms so I don't worry about it much. I'll use something else like SimpleX over Tor for anything requiring stronger anonymity and metadata protection.