I think it’s exceedingly unlikely signal is compromised given the way they are open source with various ways of verifying builds.
Discussion
Rabble- doesn't it impossible to really answer if we don't know what code runs server-side?
Also, FYI There is the Molly fork of signal which is FOSS including push notifications, and which still connects to the signal servers.
If you find yourself forced to use a network that is under the control of, designed by and/or operated by a potential adversary, then you're going to need end to end encryption.
- Phil Zimmermann
Yeah. I think the encryption is unlikely to be compromised. But given the centralized identity servers the metadata could easily be compromised.