Sorry for not looking into nip42 in depth, but from what I have seen, doesn't 'AUTH' mean authorizing the entire socket connection? This implies that by authorizing with the real pubkey, all events sent during the socket connection process, including those signed with a random key(gift wrapped events), are also authorized