Only public keys get exchanged via Meta’s servers, those keys don’t help you with trying to decrypt any messages (you need the corresponding private key to decrypt - and that private key stays on the device).
Sure, they could just do a man in the middle, but that can be detected by verifying the keys (once, via another channel).
yowsup is an Open Source implementation of the WhatsApp protocol. So there is proper end-to-end encryption on the protocol level - that would only leave the possibility of having a backdoor in the “official” WhatsApp client, but none has been found so far. BTW, people do actually (try to) decompile the WhatsApp client (or the WhatsApp Web client which implements the same protocol and functionality) and look what it is doing.
For anyone really curious, it’s not too difficult to hook into the WhatsApp Web client with your web browsers Javascript debugger and see what messages are sent.
It’s no secret that WhatsApp adopted Signal’s encryption protocol just before Meta acquired them, but since it’s all closed source we don’t know if they’ve changed anything since the announcement in 2016 that all forms of communications on WhatsApp are now encrypted and rolled out.
There is an Open Source implementation of the WhatsApp protocol: yowsup
They are seriously suffering from NIH (not invented here) syndrome. So, you can theoretically build your own Telegram client, but you can’t re-use any standard components to do so. WhatsApp on the other hand doesn’t open their clients, but under the hood they are just using mostly standard components (Noise protocol, modified XMPP protocol, Signal protocol), so it’s not actually that difficult to build your own WhatsApp client by just piecing together these components.
Also the location of known Wifi networks.