I realised something quite interesting while thinking about this.
I had been focusing on Tor-like proxy relay systems as a primary means of defeating traffic analysis attacks. But to some extent, networks like Bitmessage do this. They only don't protect the origin IP of a brand new transaction.
But here is the killer: What if the nodes themselves participated in an onion-like transaction 3-hop onion encrypted request packet? The outgoing step is then automatically location obfuscated, and then it propagates and everyone is sharing it around, as normal.
This is a simple thing to implement, and dramatically lightens the individual cost for protecting users from this kind of surveillance, which requires massive numbers of compromised nodes. It is a small addition, adds little bandwidth cost and zero data storage cost. It gives the advantage of Tor-like networks but eliminates the cost of half of the trip for the message - onto the blockchain or Bitmessage style time-limited message cache. You only obfuscate the source of a request. The results are stored everywhere, a little time passes and everyone can access it. If they run a full node, their node grabs the data as a matter of course, like everyone else.
This can be added as a feature for Steem Witness RPC endpoints, and Bitmessage nodes equally simply. It just allows you to send a request, containing a package of data, and who it is to be forwarded to. In fact, it could be deliberately altered so sometimes it is 1 hop, sometimes 2, sometimes 5. This reduces mathematical analysis of intermediary packets being correlated back to source nodes.
This would make sense to be added to all blockchain systems. Transaction writing through onion transaction posts, through an indeterminate circuit to a random final receiver node.
Running a full witness node could have benefits. If you also sell blocks of traffic to other nodes, you can leverage bandwidth discount in your region to earn a little reward extra for this.
It tends to grow bigger the more I look at it, really. This is something that Steem could implement. The bitmessage/bit-chat type message propagation system integrates all into one unit. And this proxy node that still runs full capacity email/IM relaying, and you can interface to it from the same machine through the same access pathway, with always where your messages are posted, appearing from random other nodes. And nodes paying each other (peering) to do traffic, the proxy only goes one way, or, in other words, the source of the funds for the full nodes to pay their costs.
It doesn't matter who you pay. You pay hundreds of other nodes some amount. The certificates they issue to permit you transit do not contain identifying data. They don't know where they came from because you did 3 or 4 or 6 hops in between. If a thread-ordering system also is present, you can switch your path between even each packet you send. It could be fanned out to multiple intermediaries in hops by using secret shares to break up the message into parts that have to all be assembled in some minimum number to retrieve the original data.
The routing is entirely client-side, and depends on a cloud of nodes that all participate in the protocol only. Since running such a node can be profitable, as you get accessed by client only (proxy) light nodes, who are a net income point. There will be many of these. Those who aren't, will be running full nodes, and peering. The money will bounce around a lot but it keeps score of who did what for who, which is not any kind of identifying information.
It ends the question of how to anonymise the new internet. Build this kind of routing into the post propagation system, and the distribution of the data eliminates the other problem of who received it.