it doesn't need to be open source for us to know what it's doing. its properties are well understood by the security community because it's been RE'd.

> a client in control of somebody else might just leak the encryption keys from one end of the chat.

has nothing to do with closed/open source. preventing this requires remote attestation. i don't know of any messaging app out there that really does this, closed or open source.

also, ironically remote attestation is the antithesis of open source.