@olivetree

Given this, why is the phone number requirement for Signal dismissed as not important?

For two reasons. The bit one is that everything in security is a tradeoff. For a privacy-focused network, one of the most important benefits is a large anonymity set. If a million users are routing their traffic through the same server as you, that's incredibly valuable for preventing passive adversaries from being able to correlate traffic.

Signal's use of a phone number for discovery makes it very easy to get people quickly onboarded. Anyone using SMS or WhatsApp already has their contacts' phone numbers in their address book and so can instantly switch to Signal and find a load of their existing contacts. If you introduce a new identifier and require out-of-band sharing, that's a huge barrier to adoption. This is how WhatsApp grew so rapidly to over a billion active users (and that was when they charged 99¢/year after your first year!).

Every family member you get sharing cat pictures over Signal adds to that anonymity set for people organising unions, whistleblowing to journalists, and so on.

Is there proof that metadata can't be leaked/stolen?

No, quite the reverse. The set of valid phone numbers is sufficiently small that Signal's zero-knowledge discovery protocol is almost certainly possible to exploit to link accounts to phone numbers (and trivial if you know the phone number).

EDIT: It's important to note that you can opt out of this discovery functionality, if your phone number is well known and you want to avoid having it tied to your identity. And then it's only someone who compromises Signal's server who can tie the number to the account.

But then the question is: what can you do with that? You can't tell when that user is sending messages (sealed sender). Only Signal (or anyone who compromises their server) can tell when they're receiving messages and they can also tell the size of messages that they download. And that's it. They can't build a communication graph from phone numbers.

@olivetree

Censorship resistance is another related one, no one knew what would happen to Signal under Chat Control, that's a red flag for something that can plausibly happen.

This is one of my biggest concerns. Signal threatened to pull out of the EU. And that demonstrates a big single point of failure: a single entity withdrawing its services kills the network. And this is made worse by the fact that their clients are AGPL, which means that no one else can put something derived from the iOS one in the Apple App Store (Signal can because they have a CLA and so can relicense the code for inclusion in the App Store).

Also, phone numbers did very little for my contacts to join Signal, people simply don't want to change apps. Sometimes they change, but drop it shortly after.

It depends on where you are in the migration sequence. If you're the first person, it's not helpful. If you're a bit later, then asking people to try Signal and they suddenly see that twenty of their contacts are there already makes it easier.

Any opinions on SimpleX?

No, I keep hoping @soatok will take a look. From what I've read, they are actually trying to solve the right problems, which is better than most of the alternatives. I'm not really qualified to tell if they're succeeding.