for clarity, i think that the worst thing anyone’s been able to decisively prove about telegrams encryption is that it’s vulnerable to replay attacks… which in the context of privacy rather than full security isn’t suuuuper problematic
that’s not to say that there aren’t other flaws; that’s kinda the point behind “rule number 1: DONT INVENT YOUR OWN CRYPTO”: you just don’t know what flaws there are… AES (etc) has had a LOT of eyes on it
but for the most part, the negativity with the crypto boils down to what-ifs
Andy