One attack to prevent is when
Lis excessive. Taking resources of the network by forcing mixing of one message by a great number of nodes.
Good point! The Sphinx packet provides some protection here. The packet size is determined by the maximum path length r , which limits the number of hops (L) to a maximum of r. For most real-time use cases, r = 5 should be sufficient, preventing a loop from exceeding 5 hops. We could even set L = r = 3 to strike a balance between efficiency and good anonymity protection.
It may interesting to consider using RLN to limit the number of
unwraps, instead ofmessagesperepoch.
This is an interesting idea. Mix nodes can’t distinguish between packets, so they wouldn’t be able to tell if a packet is being unwrapped for the second time. We’d need to look closely at RLN to see if it could help limit the number of unwraps per epoch.
This would also force the user to use different node for each message sent within the epoch.
If a mix node could figure out whether the same user is behind two messages (in an epoch), it could lead to unwanted correlation attacks. Additionally, restricting node usage across paths could limit the available paths, reducing overall usability of the system.