From b333e4f03172c2b3c06f4ae47b9dcee4fee53d9c Mon Sep 17 00:00:00 2001
From: Sarah Jamie Lewis <sarah@openprivacy.ca>
Date: Tue, 18 May 2021 00:14:51 -0700
Subject: [PATCH] A few more notes

---
 README.md           | 16 +++++++++++++++-
 niwl/src/encrypt.rs |  1 +
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index aa6eaa6..8da5fe4 100644
--- a/README.md
+++ b/README.md
@@ -113,7 +113,21 @@ other clients to the malicious Niwl Server.
 The rate at which a niwl sends out a heartbeat message is also a vector for passive profiling. Heartbeats must not
 be distinguishable from other niwl traffic through their rate.
 
-Finally, the fact that a REM 
+Finally, the fact that a REM operates 24/7 will make it stand out from a party that only uses the system for part
+of the day (or week...etc.) - the only practical defense to this is to have more services and bots make use of the
+niwl system other than mixers - as traffic diversity increases, the less utility tells like frequency of message
+sends ultimately have.
+
+### Notes on IP and other networking Metadata.
+
+niwl is designed to provide metadata security when operated over an unprotected network. Ideally, a niwl server should
+learn nothing about the habits of a particular IP address other than they are using niwl. In practice, as discussed above
+a server can likely distinguish between automated services and manual clients.
+
+Clients may wish to hide their use of niwl from a network adversary (at a risk of revealing that they are using another anonymizing network).
+This will also further reduce the ability of niwl to correlate senders with specific behaviour and can be seen as
+complimentary, but optional.
+
 
 # Code Overview
 
diff --git a/niwl/src/encrypt.rs b/niwl/src/encrypt.rs
index 7dad9b1..a0ca619 100644
--- a/niwl/src/encrypt.rs
+++ b/niwl/src/encrypt.rs
@@ -50,6 +50,7 @@ impl PublicKey {
         let key = hash.finalize().to_vec();
         let secret_box = SecretBox::new(key, Salsa20).unwrap();
 
+        // TODO: Fixed Size Packets
         let ciphertext = secret_box.seal(message.as_bytes(), nonce);
         TaggedCiphertext {
             tag: tag.clone(),