The fundamental difference boiling down to trust isn't primarily in the cryptography; it's entirely down to the infrastructure and the root of control.
Signal is widely regarded as the gold standard for centralised E2EE, but its architecture forces you into two massive, non-negotiable trust compromises:
1) You must trust the Signal corporation with all your metadata. Every routing and handshake detail passes through one single choke point that they control. That is an unacceptable risk for security-minded users.
2) You rely completely on Signal to truthfully publish a pre-compiled binary that actually reflects the open-source code. For the vast majority, this is unverifiable in practice. It's a critical client-side act of faith.
Matrix’s design fundamentally eliminates these single points of failure, shifting the root of trust squarely to the user (or a group you trust):
1) Self-hosting; This is the game-changing feature. Host your own Synapse/Dendrite instance. Your metadata never leaves your control. You move the trust boundary from a corporation to yourself. You genuinely achieve "no communication outside your control."
2) Matrix uses an open specification. You can use FluffyChat, Nheko, or Element. This breaks the coupling between the server and the client. Even if you rely on a third-party server, you can use a client built by a completely different team, making the client-side code independently auditable and verifiable across projects. This is the ultimate defence against subtle backdoors in a single vendor's binary.
TL;DR: Signal offers "trusted third-party" crypto running on a single, unauditable binary. Matrix is decentralised, verifiable zero-trust communication. The comparison isn't about the strength of the AES key or which data it has been applied to; it's about the architectural freedom to not have to trust another entity with either your data or your code. That freedom represents an essential leap in trustworthiness.
Super nice summary. Makes me want to use Matrix again, but the clients have all been very poor in my experience. Element on desktop was okay and I used it for work without issue, but it's not nearly as slick as "scan this QR code and import your contacts" (oh that's another difference, your ability to use the network is governed by Signal allowing you to register an account, typically requiring a phone number for bot prevention, which seems like an extreme step for an app that aims to keep you anonymous.)
You might be making good points, I'm not familiar enough with the context to tell, but whining about downvotes is in bad taste, so a large part of your downvotes probably come from there, mine included.
Apologies, it's frustrating watching my comment go from +5 to -2 in a handful of seconds.
Not that I'm into karma farming (or that it even means anything), but it irritates me to think that people are gaming the discourse here.
There's an implicit groupthink when it comes to seeing greyed out comments; to the point that people may (and do) think that the comment is non-factual or at the very least unpopular. This is especially true in subjects that are critical of Signal.
Quoting the guidelines [0], if you think that's really what's happening, you can try reaching out to the mods.
> Please don't post insinuations about astroturfing, shilling, brigading, foreign agents, and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email [email protected] and we'll look at the data.
With Signal, you can't really validate the code running on the client. Signal insists on distributing only via Google Play Store or Apple App Store, so usually updates are automatic and uncontrolled by you. And Signal has a history of not releasing timely updates of their client code, so even if you would do your own builds or compare their released code to their public updates, you would have at least a few weeks latency. And I doubt anyone would notice, since the Signal people tried hard to piss off everyone who did reproducible builds of their code.
In theory you can do the same with Signal, as they source dump their server code every now and then.
If you reject that on the basis of "we can't know if it's what they're running" or "it's a partial dump", then I don't see how Matrix is any different. Not only we can't know if Matrix servers have modified software, but we also have to trust/verify several servers instead of a single one.
