It is missing an important route of privacy leaks: automated media loading.
As it is right now clients connect to arbitrary web hosts to load embedded media in posts or DMs. The owner of that server can again see your IP address but unlike with relays you do not control which servers you connect to when loading media.
There has recently been a campaign nostr:npub1wq6n8skpdtrhw8hmr00kp2za7a8y97zqngq8jq85q2aydp8ejxzq8p7d9k to link pubkeys to IP addresses by sending a DM with a customized tracking link which clients automatically open because it disguises as an embedded picture.