There is an obvious weakness in telegram
Non secret messages are stored on their servers (as I understand, encrypted and striped across multiple jurisdictions, to require multiple court orders to be accessed).
These are available to any logged in device, and the access by default requires a code from a text. A state could require a telco to intercept this and therefore gain access to the history. (But it can be configured to require a password too).
(This wouldn't provide access to secret messages though.)
Of course this weakness is because of its convenience for multiple device use. (ie friends and family with dumb or otherwise unsupported phones, can still use it on computers and tablets. It can be installed on a work phone, but with a personal number, avoiding the need to carry two phones, etc.)