Non-content metadata is more important than the content. That allows passive eavesdroppers to build relationship graphs for surveillance prioritization. Encrypted messages exchanged in public view with sender and recipient metadata announce to the whole world who your are communicating with.

If we have a cleartext message without names or identifying information yet with no metadata linking the parties the eavesdropper would have nothing but a unsolvable riddle.

But if you post an encrypted message where the eavesdropper can see who is talking to who, the eavesdropper can graph that and build a relationship graph for making decisions on who to surveil, terrorize, arrest, kidnap, blacklist, censor, sue, or assassinate.

The designers of nostr should be held to explain and then remedy this oversight. If they have enough skill to implement encrypted exchange of private messages, then they really have no excuse for exposing the metadata. All it takes is simple mix routing for private messages using the same cryptographic primitives already present in the protocol.

Users should always presume they have zero percent privacy when using this network. No sensitive communication should ever occur over nostr that you wouldn't want publicly read in front of a jury. Just being encrypted does not equal privacy. I repeat, just because your private messages are encrypted does not mean they are private. Everyone who wants to know easily knows **who** you are talking to privately.

If you desire to use nostr for secure private messaging then BOTH parties must be absolutely certain they are connecting through an anonymizing network such as Tor/Onion or I2P. If you connect even a single time through clearnet then all your anonymity is lost.

I am not being alarmist in the slightest. This network is as OP says, not a privacy network, just like bitcoin is **not** a privacy payment system. And I say again, like a broken record, hoping others will remember and repeat when necessary, "encryption does not mean privacy."