"Using this service, Signal clients will be able to efficiently and scalably determine whether the contacts in their address book are Signal users without revealing the contacts in their address book to the Signal service."
This is why Signal gets so much benefit of the doubt from the cryptography/security/privacy community. Their default approach to these problems is conservative in favor of the user until they can invent the technology needed to support a feature with security/privacy.
> They invented a way to do contact discovery in a secure way:
Their solution is to run contact discovery on a DRM Secure Enclave system. Ironic that their privacy solution is to use a technology that privacy advocates say is the spawn of Satan because it hands over control of your machine to Intel.
The Signal App, which is open source, periodically sends truncated cryptographically hashed phone numbers to the Signal server, which is also open source. The server does not store the truncated hashes that the app sends to the server. So, they only temporarily have partial hashes which they do not store or share with anyone.
