The network most certainly must know your IP in order to know where to respond to with the GET fulfillments! However, there is only one point on the network that knows your IP address - the relay node.
So there’s the point of attack - the relay node. That is the part of the network that does have the information. As for the rest of the network, you are correct. It doesn’t have that information. But one element in it does.
So intercepting and decrypting the IP address, convincing the node to transfer the IP (spoofing/replay?), node impersonation, intentionally becoming the node, or otherwise obtaining the IP address of a target client would all be symptoms of a broken implementation of the network resulting in a “hack”. Again, this would be a broken implementation and hopefully a fix would be able to be engineered.
As far as verification goes, the attacker might have to go after a dummy client with a known IP address, and presenting documentation describing the hack and the result.
I am a strong proponent of utilizing a target/Capture The Flag mechanism for a pen test such as this.
EDIT: To further lengthen this already long post, @polpolrene wrote up a quick explanation of this: