Is there a proof that there is no backdoor in WhatsApp? Client code is not released. By default it does unencrypted backup to cloud. You don't know if encryption keys are leaving device.
I don’t know if there’s proof, but I have a friend that works on the team that I trust. I’ve also seen the tools for analyzing the metadata for police warrants and they only deal with metadata (because content is encrypted).
For signal - phone numbers as IDs allow them to retain no other info on their servers. They don’t have your phone book (though if someone gets your device and forced you to unlock it that’s different, but then they’d have your contacts anyway). There’s a reasonable tradeoff here imo to retain as little as possible server side. Signal is also working on a non phone ID option iirc.