It is clearly said to be private keys and was pushed as such. I did not say NIP-44 did not resolve ANY significant problems, but it glossed over much more critical ones. All of the attacks that are possible on NIP-04 are unrealistic in reality, but the attack that an application can ask to decrypt lists and then siphon off all your DMs is very real. NIP-04 was poorly designed, but saying that I am acting malicious for showing you that: - part of the push for it was based on lies - that the risks were falsely marketed - that the paper's attacks on NIP-04 assume major flaws in implementation (no signature checking) is bullshit.

So, what you are saying is that we should dismiss the work and give credit to lousy, outdated schemes that we know are a risk just because nip44 didn't solve a problem that is not even theirs to solve? I think you are being malicious. You are clearly mixing responsibilities between distinct security layers to muddle the waters, confuse everyone and make a point based on a grudge you had with the developer. It's just sad.