I've integrated nip17 messaging to Plume, a while back, but I've been considering how to ha e the most secure and private messages. NIP17 is probably enough for most #nostr use cases, but if I want real privacy, there needs to be another few things in place. Primarily, no one should no a messenger service even exists, except for the people using it to communicate. It should be obscured, in case its seen. It should ideally be ephemeral, signing in only when two things are brought together and signing out as soon as its closed. Messages should use a specific relay and the messages should erase within an hour of being read. It's too much flaff for normal general conversations but if you need to keep it private, then extra steps will always be required.