I actually think it depends on what your type of threat is. If secure means talking to trusted people, and no one else should know what you say or to whom, Telegram is still great and who cares if my confederate knows my IP. He doesn’t care.

If you’re using it to communicate to a hostile party who would love to unmask you, then very not so much. Personally I’m not in the second category but I’m sure some are.

Signal is peer to peer by default as well unless you go into advanced settings and enable "always relay calls"

You can disable peer-to-peer connections in settings, as well as disable calls from everyone or specific contacts.

Telegram is as secure as it can possibly be without the security requiring compromises and leaking into the UX. I thought that was clear to anyone who has ever used it. If you require 100% bulletproof security and are willing to compromise on convenience, it's not for you.

Since this thread is about XMPP, Telegram's security is effectively the same as XMPP over TLS, maybe a bit better because there isn't a trusted third party (the CA).

> All voice can be E2E thru servers, like Signal does.

I know that. In fact, I built the first VoIP implementation for Telegram, libtgvoip, myself from scratch. Relay servers add delay, can run out of capacity, and cost money in bandwidth. Of course relays are still used if a P2P connection can not be established (libtgvoip always started the call through the relays and only switched to P2P if pings went through and RTT was lower, that took at least several seconds before enough statistics was gathered).