At a minimum, they've made a number of choices which go against (fairly widely considered) good cryptographic principles.
This in itself wouldn't even be that bad if they weren't then trying pretty hard to convince the general public that it's super secure with massively flawed stunts as explained here: https://moxie.org/blog/telegram-crypto-challenge/
This in itself wouldn't even be that bad if they weren't then trying pretty hard to convince the general public that it's super secure with massively flawed stunts as explained here: https://moxie.org/blog/telegram-crypto-challenge/