This doesn’t really make sense to me, what do you mean? Client-side you do different computation for sealed sender delivery/receipt. What’s your normal standard of trust that a hosted, open source project is running the same code that they’ve made public?

I think if they store any metadata that we don’t know about, the lie runs very very deep, like to conspiracy theory levels that don’t really make sense for a registered nonprofit: https://signal.org/bigbrother/

In regards to Signal, this is largely not true. Sealed sender has been signal’s metadata hiding protection for like 6 years or something. The only information signal has is your phone number, your account creation time, and the last time you contacted their servers.

They also have a server implementation on github, so it seems to be open source to me. (I could be missing something though)

You are right though, that it uses centralized servers and requires a phone number, which are sticking points for a lot of people.