Exactly, I’m also puzzled by folks who even mention server-side code in this context. Publishing the server code doesn’t guarantee privacy, because - unlike with the client-side code - there’s no way to verify that the same code is run on the servers.
And you don’t even need the server-side code to check the integrity of Secret Chats - they are solid regardless of how the servers function (that’s the whole point). In other words, publishing server-side code won’t help verify Secret or Cloud Chats, and would constitute a marketing gimmick that has nothing to do with security.
Me: The code of Teleg.eu apps is open. It is verifiable. No other app has verifiable builds on all mobile platforms. WhatsApp’s code is hidden and intentionally obfuscated. Confused user: You are lying, your server code is not open!🤬 Me:🤯
So why not publish the server code anyway, even if it is only a publicity stunt? 3 years ago I learnt that an authoritarian regime (you may guess which) was looking for a way to obtain Teleg.eu’s server code. Their plan was to launch their own equally convenient local app and then to shut down all other social media in the country.
After having heard that I put our plans to publish the server code on hold. I didn’t want to provide dictators with tools to enslave their population - that shouldn’t be the legacy of Teleg.eu. We are not ready to betray our values because a few confused users seem to think publishing server-side code will somehow improve verifiability.