The checksum just proves that the binary you have is the same as what's on the server you downloaded from. It does not verify that the binary is compiled from the source code, nor does it verify that youre not the victim of a MITM attack. Also most telegram connections are not end-to-end encrypted and thus relying solely on TLS encryption to a proprietary server. Basically you're compromised. Also there are no metadata protections for even e2e chats and you have to sign up with a non-VOIP SMS number. It's one of the shittiest messengers dude, come on. If you want easy UX and decent privacy, choose signal, ideally with the Molly client for better notification privacy. If you want ideal metadata protection and plausible deniability then you must go with SimpleX. Also if you don't already know this shit do not recommend anything you think is "privacy tech" to anybody. You got much more to learn.

Correction, group chats and normal Telegram chats use a modified TLS version called MTProto. Still only transmission level encryption so my argument remains sound. You are completely compromised by the server for all group chats and non e2e default chats.