Is it possible for an attacker to see that the receiver received a message if the attacker knows the target's public key?
Yes. As a matter of fact it is possible for an attacker to see that the receiver received a message even if the attacker
DOESN'T know the target's public key.
Can the NSA tell that Bob received a message if the NSA knows Bob's public key?
As I mentioned, they don't need Bob's public key to know this.
The NSA currently has no reason to harass Alice but if she is sending messages to Bob, they will.
Fortunately, if they are only running exit nodes (and if Alice is careful to not leak her identity), they won't know that the message came from Alice. They will only know that Bob received a message, but not who it came from.
It is a problem because it would reveal the public key of the recipient to the public which would reveal that the receiver received a message.
It is a public key. it is already "
revealed to the public". That's why it is called a "public" key. Having the public key isn't necessary to know that someone received a message if the message is sent to them.