While the protocol breaks the links between source and destination addresses when appeared on-chain, there is countless areas where individuals can disclose information about their identity when accessing the protocol through middleware like RPC endpoints, hosted web instances and top level domains.
Local serving user interfaces or using the CLI tool are the best way to use the protocol to maintain a low profile and prevent phishing, if you are not technical you can still easily use IPFS companion browser extension to locally deploy with ease.
### Browser
Google Chrome runs background analytics services on it's production release which breaches individual privacy. This is also the case for many browser extensions, as permission is usually required to caches and cookies. Use open source extensions and browsers like Firefox or TOR and reduce browser tracking.
Proxy servers that help mask your internet traffic and location, although purely are operated on a trust basis with the provider. Avoid using free VPNs, they tend to keep or even sell your data. VPNs are not a solution to anonymising your data and are always recommended to use in combination with other tooling. Wireguard is the latest standard when it comes VPN networking protocols.
Using onion routing, you can singificantly mask your internet traffic at the cost of connection speeds the more "hops" the harder is to identify the identity and contents of the traffic. This can be done by either:
Your note provides a record of your original transaction. Anyone who has it can withdraw the funds deposited, but also know the details regarding the depositing address therefore allowing the ability to deanonymise the transaction.
Browser history and caches can provide a massive amount of data regarding specific behaviourial patterns and timestamps. It is common for browser extensions have read access permissiones to your cache. **If transactions of two independent addresses are made with the same cookies, the extension will be able to link the wallets**.
Metamask one of the most popular wallets - now by default, **logs IP addresses when a wallet is generated or makes a transaction** please excercise caution if you are using this choice as a wallet and do not take methods to migitate the logging. It would effectively void any anonymity acheived on-chain, if your actual IP address is exposed.
Additionally when you configure an Metamask wallet an Infura RPC access key is assigned to your instance, **if you make two transactions from two seperate addresses from that instance they will be directly related**. It is recommended to delete and reintall the extension when transacting from the source and destination address to ensure a fresh access key and not void your destination address's anonymity.
It is recommended to use open source wallets to evade the surveilance present in the adopoted software like the following recommendations:
Your anonymity also depends on the number of transactions after your deposit (statistics tab). If you withdraw your funds immediately after depositing them, it is possible to link your deposit to your withdrawal using correlation probabilities. **The greater the amount of deposits after your deposit, the greater your anonymity set will be.**
If you make 7 x 10 ETH deposit from one address and withdraw all 10 ETH notes to a single destination address - **it indicates a clear association** - remember to use multiple withdrawal addresses to fragment the original depositing amounts.
Behavioural patterns in consisent gas values can be used to fingerprint transactions by correlation, configure arbitary gas values when withdrawing and depositing to maximise anonymity.
### Select the strongest anonymity sets
As privacy through the protocol is achieved probabilistically, the more activity and volumes a specific anonymity set has - the better the potential for anonymity. Select the popular anonymity sets to hide in with the crowd.
The lower denomination anonymity sets have always been the most active, if you have a balance desired to shield refrain from depositing independently into the largest anonymity set. **It is more effective to break up your deposit into smaller denominations which will greatly increase your anonymity but comes at the cost of more fees.**
Only processing withdrawals through a singular relayer, oses a risk to behavioural pattern profiling. Ensure you are using different relayers for every withdrawal if you want to diassociate two withdrawal addresses from one another.
