I am not comfortable that signal depends proprietary google library. However, I find that Molly lags significantly behind signal (around 1 to 2 weeks, so maybe not as significant as I thought), but I am just concerned that if there is a security fix in signal, molly will not be able to react as fast.
I am also quite frustrated with the general lack of communication from the signal team (for example the lack of communication regarding username). I doubt they will have the good will to help molly when there is a critical security fix.
It is frustrating that signal no longer seems like the gold standard for privacy any more; unfortunately, all my friends are on there (ironic, isn’t it…).
What’s your threat model?
Signal as a gold standard for encrypted messaging is based on many factors. Ease of use, UI/UX, protocol, platform support and so on.
Even though I’m a hard core FOSS person I’m also a realist. Sticking to a common platform is worth a lot. Bridging stuff with Matrix is cool but will not take off among most people.
Signal using Google blobs is a problem but let’s face it, the UI will be presented on a Google branded Android phone or a iOS device anyhow. Sure you can use GrapheneOS and Molly or you can switch to another app altogether but heck you’ll have no other to talk to then.