Alex Gleason, yeah I decided to go against Announce as it already has semantics attached to it, I use Add instead (as per my FEP). For private posts, I'm thinking about using some kind of temporary token issued and signed by the group actor. These effectively say "here, the relay allows me to get this object". So the flow for fetching a post from a remote instance A, made in a private group in instance B, would be:
1. Make a POST request to the token endpoint of the group actor (I'll put it somewhere in `endpoints`) and get a token. Probably a flat json object with all fields except the signature itself hashed and signed like headers.
2. Make a GET request to the post URL (on instance A), including a signature by the user actor (to prove that this is indeed your token) and the token, probably in Authorization header.
3. Instance A would verify both the request signature and the one in the token.
4. If both signatures are correct, and the token hasn't expired, you get the post. Otherwise, you get a 403.

The token needs to be time-limited to allow group admins to remove users from the group and prevent their access to any future content. And it's a token instead of, for example, instance A making a request to instance B every time someone wants to fetch something, in order to reduce traffic and delays when someone is fetching many objects all at once, like a large comment thread.