But couldn’t you, in theory, run through and hash all 10 billion possible phone numbers in a matter of hours or maybe days? I supposed it depends on what hash they used.
I once read a technical comparison of Telegram and Signal written by an actual cryptographer. It was pretty devastating, describing Telegram as a mostly amateur-level effort. If you want real security, you gotta go with an open* protocol!
*edited to add: perhaps I should have said “nonproprietary” protocol. They do have a protocol document.
