When one says Signal, he might mean one of three things: the protocol, its implementation or the service.

Complaints about terms of service prohibitimg third-party clients apply to the service, for example, while the praise of cryptographers is usually directed towards the protocol. I’m sure someone had a look and audited the implementation (client side) too, but it’s a routine code audit, Signal’s implementation is not anything special compared to any other security focused app.

Going from design-level security analysis of the protocol to a concrete service is a long way. The protocol does not dictate every detail of the implementation or service, there’s many gaps you need to fill in along the way. It’s not impossible to have a great protocol that gets implemented in a bad service. So there’s no contradiction per se here: cryptographers who praise the protocol and the critics of service may both the right.

I’m critical of Signal on several grounds. Their desktop app sucks. They require a phone number to register.

They also will log you out of desktop app if you uninstall signal from your phone. A secure messenger that uses phone login and requires you to have and keep online an Android/iOS phone shouldn’t be taken seriously, even if we believe they implemented it right.