I have some ideas about how we could make ssb quite ssb quite metadata private. private messages and secret-handshake have already been designed wtih metadata privacy in mind.

• implement group private messages, and then shift most messages (especially follow, like, etc) into that format

when replicating, avoid advertising your follows:

Instead of requesting pubkeys, request hmac(pubkey, session_secret},
then if you won't know that I know pubkey unless you already know it.

We'd have to overhaul the way common messages work to make this happen.
it might also be a good idea to use hash(pubkey) as the id, instead of pubkey. Then you can mention someone without actually revealing their pubkey - thus, we could use pubkey as a capability, to access that feed.

The balancing act is that sometimes you want some things to be public.