If I was overly paranoid about it, I'd probably set the connect parameter in my node to a different random node for every transaction and make sure my node had it's incoming port blocked so that no one could attach to me. It would be a lot of trouble though and I'm fundamentally lazy.
Discussion
Thanks for the technical explanation - much of this is new to me but the theory makes sense.
I thought of this along the lines of, since it’s important to keep your KYC stack in separate storage from your non-KYC stack, could using the same node create possible contamination of metadata, even though not mixing funds.
Just because you're paranoid doesn't mean they are not out to get you. Julian Assange clearly wasn't paranoid enough...
The only way to sorta be secure is to have your transactions broadcast over Tor or other anonymising network.
I may have been unclear. If there is 25000 bitcoin full nodes, and average user doesn't change the connection ratio, which I think is 25 connections, NSA only needs to have between 1000-2000 full nodes on the network and they are almost guaranteed to hear every transaction from its origin.
This is almost the very first use case we had in mind when we started building Indra https://git.indra-labs.org/sdev/ind - and to combat the laziness problem, you get paid to run indra nodes. We want Indra to become a standard stack element with Bitcoin and Lightning attached to it and all users with Indra clients plugged into their wallets (all of them!) to make tx broadcast default to anonymised. ALWAYS.
NSA already owns much of Tor too. I have been saying since 2007 that without a money incentive to run Tor nodes, the network would eventually have so many run by NSA and the like that even the anonymity overlay networks are weakly securing you, because they have so many Tor nodes that they can also capture a large amount of the p2p connections between many types of such services, bitcoin being one of many.