The server does not really store IPs, since mobile phones are likely behind CGNAT.
In theory, B could publish a new public key as identity per target user.
I see two main problems: First, push notifications do require the server to actually identify the user and second efficiency: The client would like to maintain a single long connection instead of many short lived requests with pseudonyms.
Of course there would still be some timing patterns …
In theory, B could publish a new public key as identity per target user.
I see two main problems: First, push notifications do require the server to actually identify the user and second efficiency: The client would like to maintain a single long connection instead of many short lived requests with pseudonyms.
Of course there would still be some timing patterns …