the public leak is because relays are not implementing auth and until recently almost no clients did either

this is a really small change that prevents this leaking, the main threat

users can control their use of relays and if it is discovered a relay is run by spooks, then people can avoid it

it's not rocket science... don't allow access to DMs without auth. end of.

making complicated obfuscation schemes are not going to help, because "giftwrap" just means the receiver is mentioned not the sender

how does a client migrate this data across to other clients the user is using if they then have to literally search for other people's DMs that *might* have been sent by them

you really need to think a lot more about what the actual problems are instead of wrapping it in more and more complicated encryption schemes