Telegram's contest itself is meaningless regarding the security of its protocol (as others explained in details). Finding bugs such as this deserves 200k more than anything else
Offering the contest was shady and stupid enough. Not paying just proves they're chiselers that never intended to pay in the first place. This wins the runner-up award for second most botched PR disaster ever. The consolation prize is a lump of coal.
The contest was stupid and shady, but they did explicitly state the rules. Its not really fair to accuse them of wrongdoing if they don't give this guy $200,000. If I were in charge of telegram, I'd pay the guy the whole amount, but that would just be out of the kindness of my heart. Morally, they aren't obligated to pay just because the rules of their contest are ridiculous.