Any activity that leaks identity to the server, such as phone number validation, asking it for X profile, asking it for whatever key is needed to encrypt messages for X, etc.
Those happen infrequently enough that you can switch addresses in the mean time, and if you use a NAT it becomes harder. AFAIK they didn't claim it's a perfect solution, but it does help, and means that Signal doesn't have the same metadata as WhatsApp does.
You mean if you use CGNAT, which is not that common (thank god). And IPv6 does not precisely make it harder...
And I'm curious about how infrequent that is, considering that to use sealed sender you actually have to login 'frequently' to their server (to update the keys you use), and I couldn't see how much frequent that is (or even whether it is a server-initiated which would defeat the purpose).
It would need to be a month or so to have a reasonable benefit. But I don't see why that's not doable.
"Frequently" IIRC means "every N messages", where N is in the hundreds (if I understand the protocol correctly). So they should last you a while. I also seem to recall that they anonymize IP addresses at the ingress, but that's obviously much easier to roll back or lie about.