About the private stuff: I do think doing some kind of MLS or Signal on top of NIP-29 is a good idea. I didn't try to do it because it would be too much for me and because I think "soft-private" is fine for most cases. But if you're interested in doing "really-private" I think it would probably work pretty well on NIP-29 because it would be efficient. Probably something like leaking the metadata to the relay but encrypting the contents with a shared key for much more simplicity.