# Gavin Andresen
# 2011-01-20 21:03:15
# https://bitcointalk.org/index.php?topic=2893.msg39912#msg39912

I think you should begin by defining the threat model. @p{par}

Can the attacker see all unencrypted IP traffic to/from the sender's node, or is the traffic tunneled through an anonymizing network like i2p or tor? @p{par}

Does the attacker know any of the sender's receiving bitcoin addresses?  Is the attacker willing and/or able to send 'marked bitcoins' to the sender?  Lots of them? @p{brk}