Yes a protocol direction in this way is needed. And the data should be non only encrypted but also detached from the profile. For example we can deterministically derive a new private key from the main one and use it to encrypt the lists.

Poor man temp solution: attach the encrypted blob as a metadata field and retrieve it when needed.

The privacy weakness here is the writing relay, that via data analysis can match the two keys.

So let's create a way where users in a P2P collaborative fashion randomly send each other this events, adding a new encryption layer to avoid comparing them, with the goal to broadcast it to other relays decoupling the sender and the config-key.

I suspect that using somehow DM for all this, to store the full list/config payload too, will also help to obfuscate people private chats, that is another critical point of the actual protocol.

Could works?