If you design based on trusting other nodes (committee and/or trusted peer groups), you have to inherently trust those nodes, and they have to be highly reliable/available, which is kind of ridiculous if you're trying to account for things like oppressive nation states.

If you design based on anonymous communication, it's still subject to analysis of network traffic. Even if the messages you're sending are secret, and you have some peers in the middle storing and handing things off, you can still tell who is sending something and who is receiving something and tell with a high probability if the two events are linked.

If you design based on the premise of hiding amongst a bunch of nodes, or wandering randomly through a maze of lots of nodes, you're dependent on lots of nodes and their expected behavior. The number of nodes may diminish, or their routes may be controlled, or their behavior changed, depending on the influence of the observers/controllers of the networks.

I'm of course only speaking about the delivery mechanism. The encryption of the message on either end is the easy part. It's getting it over there secretly that's really hard.

I see. We can't provide secrecy, but I think we can provide some level of deniability, and also make it a pain for those who are surveilling.

I'm not aware of any application that provides secrecy besides BitMessage. Are there others?