This is true @willish nobody stores direct but via intermediaries. The IP address is scrubbed in hop 1. This is fine, but there is still an issues to solve. This is the nodes the person does actually connect to. So we have a window of opportunity for an attack and this is what we need to look deeper at. I think we can subvert this one though, but at the moment the window would exist. I think if we wanted to we can close that window though via a scatter/gather approach of uploading all files.
Thanks for looking so far, keep t it and we will close as many windows as possible no matter how small.