the propee encryption and metadata privacy is something should be evaluated and standardized... The key reuse and general security conventions can be handled in the implementations, prescribing good default in apps... and then everyone should evaluate autonomously their threat model and act based on theirs skill/knowledge (encrypting important password with a key that goes ciclically in online nostr clients is a totally degeneration)..
Discussion
the thing is, you should not be sending anything on a public network that you aren't willing to risk being compromised
this is the most elementary understanding you need to have before you start talking about security
they can't crack the cipher used on data that they don't have
any other data you need to really think about it, are you ok to have that leak, if not, don't send it
if you have a backup plan, and that's a whole nother level of complexity of cryptography, then ok
the encryption keys used for group chats with matrix, simplex, and other decently secure group chat protocols have the property that if you break the key for one message, you don't get any other message, those are separately encrypted
the base principle is the same, it's the same encryption, essentially XOR using a stream of random bytes derived from your secret and the "nonce" you publish at the front of the message
our DMs on nostr use this same model, and the strength of them is based on the 16 byte nonces, mainly, each message has a different one, this is 128 bits of security, or, a little less if you read the details of the theory about it, maybe 121, maybe 112, it partly depends on the elliptic curve, supposedly secp256k1 is a little weaker than edwards (ed25519) but i severely doubt this is actually true because those other shitcoin curves are also far more complex to derive and the number of roots to them means they could actually be backdoored but the koblitz curve of bitcoin, definitely can't be, it's literally just 7 and 10, if i remember correctly, maybe also 2