Aren't DMs signed forever by the author and are then easily leakable?
DMing nostr:nprofile1qqs9pk20ctv9srrg9vr354p03v0rrgsqkpggh2u45va77zz4mu5p6ccpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtcpz4mhxue69uhkummnw3ezummcw3ezuer9wchsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0907cz8 from my phone directly to his Citrine relay via Tor. 
Discussion
In this way, the DM goes from my phone to his phone without anyone seeing it. But if people get access to his private key AND the DM event, they can decrypt it.
And that is the same design of Signal and others: You have to have both the seed/key and the local database to decrypt.
You are amazing. I wish I could help, but all I can do is sit and watch and admire from the side.