The whole thing hinges on having a modified third-party app, so I don't really see how it's applicable to Telegram itself. Its apps are open-source and have reproducible builds - that ensures trust. I don't see what the point of this paper even is, because a third-party app could as well just forward all the messages to its servers. Still wouldn't be a fault in actual Telegram apps or encryption.