We handle message encryption and metadata privacy separately. The message encryption part uses libsignal directly, which means it only uses curve25519. Message metadata privacy is achieved by separating the sending and receiving addresses from the ID and continuously updating them. The sending address is generated completely randomly. The receiving address is derived from the key generated by reusing the DH, and it is in the secp256k1 format.