I do not think there are likely to be backdoors: Moxie just wouldn't allow it without walking away and saying something loudly. He is not on the NSA's Christmas list. :)
If the application isn't open-source how can he check though?
They can show a version without the backdoor to him and build the binary with the backdoor.
Or there could be vulnerabilities elsewhere (not in Moxie's) code.
I don't think you can claim no backdoors unless you have the full application under your control, and have it audited.
Trusting one person simply because they're cool, with the privacy of 600M users, is pretty foolish. Even if everything you say is true, and Moxie signs off on the implementation, nothing prevents men in black suits turning up the day he leaves and suggesting they introduce a subtle bug.
