It prevents the deanonymization of the network by sending transactions over a randomly selected path before diffusion. In the 'stem phase', transactions travel along this path and are then diffused during the 'fluff phase'. The routing protocol provides near-optimal anonymity guarantees among schemes that do not introduce additional encryption mechanisms. A working prototype has been built, and the team has completed additional theoretical analysis and simulations and written detailed documentation for the new implementation. One of the questions addressed in their analysis was how to route messages during the stem phase. They recommend 'per-inbound-edge' routing, where each inbound peer is assigned a particular Dandelion destination, and each transaction arriving via this peer is forwarded to the same destination. This helps to block an adversary's ability to construct useful fingerprints and avoids the fingerprint attack allowing network-level botnet adversaries to achieve total deanonymization of the P2P network after observing less than ten transactions per node.One question raised by a commenter relates to the periodic route shuffling interval being around 10 minutes. A shorter interval would help with intersection attacks, whereas a longer one would help with graph learning. The team recommends favoring graph learning attacks as they have limited recall and precision, whereas intersection attacks can be really devastating with recall tending to 1. If graph learning is allowed to prevent intersection attacks, they suggest using as long a time interval as possible. Another issue raised by a commenter is whether an adversary could perform a black-hole attack and if so, whether reconstruction of parts of the anonymity graph might be possible. The team acknowledges that this approach could certainly help with graph learning and using a small shuffle time interval would help prevent this. The team has shown that their guarantees are probabilistic and any solution based only on routing cannot be absolute due to fundamental lower bounds on precision and recall. They acknowledge that individuals who are worried about targeted deanonymization should still use Tor. However, they see Dandelion as a "public health" fix or an "anonymity vaccination" where higher adoption leads to greater benefits, even for those who are not using Tor.