Re: Not sure i see how this works
My understanding is likely not particularly accurate, but as I understood things:
With TOR
(i) Only the entry node knows who I am, and if I'm operating a passthrough node even they can't be sure that my address is where the traffic originates.
(ii) Only the exit node knows my destination, and it has no idea who I am
(iii) Unless the same entity controls the whole network of nodes that I use, noone (including those nodes) can know both who I am and what my destination is.
In other words, I don't have to even trust the nodes in TOR - they can't compromise me directly even if they wanted to.
It sounds like that first point is not at all the case on Riffle - and if the exit node is one of the possible entry nodes, then whoever controls that single node can see who I am and my destination.
Thus (although I'm probably missing something), I can see Riffle being useful for critical communication, but not anonymity.