Indeed - statements are meant to apply in the context of each described attack, as they’re the two types of attacks I could find in the literature. Just meant to indicate that in [6] timing matters, in [7] it doesn’t.
My understanding of [6] is that just being able to construct these partial paths is insufficient to deanonymize senders and receivers (if we add some privacy-awareness to pathfinding).
Two questions here:
- Is there an off-path attack which does not require the attacker to run a ton of pathfinding to complete the path?
- Are you talking about the case where the attacker sees network messages for the full path (they’re all in the same malicious AS group)?
Could you explain this further? Based on the PTLC reference, I assume we’re talking about the on-path attack? It’s unclear to me why a receiver-side delay doesn’t help with a multi-node on-path attacker.