Hi,
> 3. The attacker uses the VPN server static private key to decrypt the
> recorded handshakes, revealing client static pubkeys.

Create a service that sets a new temporary pubkey. Call it *before*
connecting with WG.

Switching during a connection doesn't help much IMHO, because if you
have recorded WG traffic you probably can correlate by IP address.

> Make it possible for clients to request a dynamically assigned IP
> address from the VPN server.

Use the above service to also assign a new dynamic IP address.

Both can and probably should be done at some arbitrary time, thus
decoupling this step from using the WG connection.

I haven't seen a compelling argument for augmenting the WG protocol
(and/or its in-kernel implementation) with support for this. However,
there may be a case for creating a standardized userspace
protocol+library to implement this and possibly a few other higher-level
features, so that people don't need to reinvent their wheels.

-- 
-- Matthias Urlichs