There’s some new info regarding relay nodes and Client Managers in this topic. I’ll quote David below:
You connect to different nodes each time with encrypted streams (to known nodes when you can) after you get on the network. So your ip address is scrubbed, you connect via a random port to a random node(s). I don’t see it as a design flaw but as the best that can be done.
Ideally if a group can create their own private key (group key) then we may be able to do more (look at SQRL type key derivation to see how this may do). Then you connect to a relay nodes(s) and encrypt traffic through them to client managers). So it can improve but already seems significantly better that any other system I can find in securely getting on a p2p network.
And here’s some more info:
client → relay node(s) → Client Managers (For Put)
client → relay node(s) → NameManagers (for Post/Get)
So the relay is almost dumb and does not need to be able to understand what is happening, just pass on “stuff” to an address. In terms of what is readable then routing info minus IP and data (which on the network is encrypted) as well as signed requests to alter (Post) or plain Get requests.
The part that’s new is the use of relay node(s) which are used to connect you to your close group of 32 nodes. This means that even the other 31 nodes won’t be able to see your ip:port etc.