Wrong answer. You know a full communication protocol. From this protocol it is very clear that server only works as a conveyor in the key exchange process. Once a key exchange is completed, and user messages start flowing, server is not in able to descramble it, as only two devices in the Universe have neccessary keys to do so. If someone on the server would like to interfere in the key exchange process, it would have to act using generic MITM techniques, meaning using tremendous processing power to crack the code in the short time.
In other words knowing server source code is not required for assessing security of the communication. Even you had server source code available, you don't have access to their server to verify whether it is really running this specific code. вы понимаете?
However knowing client code is neccessary to verify that this algorithm is really used and have no bugs in implementation that would affect affecting security.
Still waiting for Jan for explanation for "pseudo-openness" of the Telegram, he went silent. As a News Editor he shouldn't be such a biased person.