I'm curious what the breakdown of donations is. I only have 1 contact with a $10/month and 1 with a $5/month badge. Of course there could be others not displaying the badge. Signal really needs 500,000 people giving $20/month and plus the rich guys giving some millions on top of that to be in a safe financial position.
Maybe something that could be done to encourage donations is have the client estimate how much raw infra costs your usage created and display in the donation screen.
you literally don't. It's a fully encrypted service. The literal purpose of encryption is to move data securely through insecure or even adversarial channels. Which you can verify, it's audited and open source.
They refuse to build the app in a decentralized way because decentralization is an ideological obsession that is useless in this context, and because centralized organizations can actually ship polished software that works for normal people and move quickly.
They can use their pick of SGX exploits to undermine the weak metadata protections and they (or apple/google) could, if pressured, ship tweaked versions of their centrally compiled apps to select targets that use "42" as the random number generator. No one would be the wiser.
Signal is a money pit with a pile of single points of failure for no reason.
Matrix is already proving federated end to end encryption can scale, particularly when users are free to pay for hosting their own servers as they like, which can also generate income.
Signal builds on Android have been reproducible for over seven years now. That's not to mention the myriad of other ways that people could detect this particular attack even without build reproducibility.