Why is Simplex considered the best messenger app?

Sealed sender means the server just strips the sender information when they write it to cache. If the server is not compromised in that malware or malicious developer puts the feature back it makes the cached ciphertexts much less useful to attacker as they can at most infer who is popular. So it’s not nothing in practice; we can see in court documents Signal does indeed not have that data to hand out. But as per the criteria of “is it metadata protection by client”, nope. As for the proxy, I’m unsure what you refer to, the TLS proxies? If it’s those, then in principle the server would get the proxy’s IP-address, but Signal knows its users’ phone numbers in principle. They do anonymize it again if someone comes asking with a warrant but it’s again not something the client can mask for the user, unless the user takes separate steps of non-KYC SIM and Tor. The threat model with Signal’s sever-side hardening gets murky if you want to build it around what they promise and try to deploy there. It’s not entirely clear to me which parts of the server’s functionality can the remote attestation check. So IMO it’s just easier to assume Signal is metadata private by policy, i.e., they could collect metadata if they wanted, but as per court docs, they don’t, and content private by design (client has excellent E2EE).