The trustchain is not opaque, therefore I can trace who gave bandwidth to whom. Although I cannot specify what file was being transferred, I can guesstimate based on the file size a list of possible files. I could also operate a malicious exit node that would perform SSL downgrade attacks on clients, a paper called “Riffle
An Efficient Communication System With Strong Anonymity” tells of a hybrid variable shuffle that would be used to ensure that a handshake between a server and a client was not tampered with, and how authentication encryption would verify that the message is legitimate after the connection has been established. (https://people.csail.mit.edu/devadas/pubs/riffle.pdf) In the future, it might be possible to crack a riffle public key on a quantum computer. It already is for ecliptic curve cryptography and 2048 bit RSA.
The ease of tampering with traffic would be used to tag each message and track its proliferation through cooperating nodes. It is also possible to derive the protocol used in the secret session by looking at the packet size because different protocols have different packet sizes. It is important that these holes are fixed so that no one can attack py-ipv8, it is also important to fix these holes so that people can trust py-ipv8.