Thanks, noted! So if there is a difference between a node seeing a transaction from the original source (looking for a ‘first confirmation’) vs. another just passing it along - if that’s how the protocol works - then using connect=X.X.X.X to use a specified, sort of second ‘guard node’ to protect a third party malicious node from sniffing your ownership ‘transaction originator node’ is how to plug that.
What then remains to be known by me, first is whether Zcash protocol has nodes tell other nodes whether they’re the ‘1st’, ‘2nd’, ‘3rd’ etc. node to have confirmed the transaction or not. Perhaps what you say below indicates that’s not the case - it’s just a hash once created by first ‘confirmer’ (for lack of better term), passed around to other ones in a way that doesn’t reveal who’s ‘first’, ‘second’, ‘third’ confirmer etc:
But secondly, even in that case, an attacker with enough malicious nodes recording the network in real-time could probably probabistically determine that your self-controlled second node is you, and thus your TX is still fingerprinted to ‘Tor IP zcashd node’ as a traceability vector.
Probably we have to accept this weakness and just do Tor circuit changing and existing OPSEC (like what I’ve shared such as scrambling and spacing out your timing, and the above idea I’ve notes to turn off all self controlled nodes ASAP once confirmed once) to be enough. We can’t do any better.
Final frontier to address leakage of IP address to well-resourced adversaries, as you say, seems to be mix networks:
Sadly, implementations of mix networks have been around since at least the 90’s, but even Tor hasn’t implemented anything as anonymous as that. (Wonder if Loopix can change that?) Clearly not enough people have been unmasked by adversaries (yet) to demand such a mix network-operated coin exist. (Or a regular web browsing Tor replacement.) Maybe hardly anyone has been unmasked by Tor-level anonymity, so for now, other OPSEC mistakes or exploits are what undermine someone before their need for a mix network emerges.
Thanks for sharing!