Okay, here's an idea: let's build a layer on top of lightning addresses that lets you define a public key associated with the address.

Something something cryptography, the mint receives the payment and locks it to a key that only the receiver and sender knows and boom!

The idea is the wallet chooses to generate a unique address [id]@mint.com and the mint cannot associate the id with the receiver but because the id is based on a public key, the receiver can.

I'm not cryptography guy, but it seems like a feasible idea based on all the other things I've seen.