AFAIK, Signal doesn’t provide any way to prove its application were built from non-modified audited free open source code. Indeed there are evidences it behaves “a bit” differently.

So unless you’ve built application by yourself, you have no guarantee of it’s sequrity.