Maybe restating the obvious, but why don't they pay out the 300k to some professional pen testers or cryptography auditors and publish the results. At least then they would have a shot at validity in this area.
"Security audit firm finds 9 flaws in Telegram" doesn't seem quite as a compelling as "Telegram is willing to give anyone $300k to 'break its crypto'".
They could do that: Pay $300k for professionals to maybe or maybe not find something, and get limited PR
Or, what they do now: Get good PR and if someone manages to win the competition, it means they found flaws which the pros would, hopefully, also have found. If no one wins, they can then use the $300k to get pros on it. Win-win if you ask me.
