• user A requests to be a contact with user B
• both users generate new dats that hold metadata specifically for their relationship (what private dats they want to share w eachother)
• both users encrypt the addresses of these dats using each other's pubkeys and temporarily place those encrypted addresses in their own public metadats
• each user decrypts each other's "contact metadat" address and then saves the address privately on their own device.
• whenever user A wants to share a dat privately with user B, they save the dat address inside the "relationship dat" that they have for user B. user B reads that address and it shows up in the UI.

So the only downside is that there's a temporary file (the encrypted address) that could indicate to the public that a contact request is pending (maybe it could be pretty obfuscated though). The upside is no-one will ever be able to read the full list of your contacts, and nobody would ever have a clue about what you're sharing with whom.