Signal runs a service. Even if its source code is open source there’s no guarantee that that’s the code running on the server.
I don’t know the protocol, but I am concerned of man in the middle and how safe it is from man in the middle. In this case signal servers must be considered to be man in the middle.
The only system to trust is peer to peer with proven track record of sending encrypted data over public channels.
That’s PGP and Delta Chat utilizing PGP.
There are no shades of grey in encrypted communications.
Your messages are either plain text or not to 3rd party.
Sometimes it appears to be encrypted, but there loopholes that make it possible to significantly reduce decryption costs. It is plain text to those who put the loopholes, like specially crafted constants in the algorithm.