I was interested to take a look at the privacy level of this project, so I’ve been reading the various documentation and source code to understand it.
One thing I noticed is that the decoy selection seems to be from a uniform distribution. This is a problem because the timestamp of the actual input is usually more recent than all of the randomly selected decoys. I’ve had a look at recent transactions in the explorer and for most the actual input was quite obvious.
Monero had this issue a few years ago and they updated their decoy selection algorithm to select 50% of decoys from the past 1.8 days. See point 8 here: https://www.getmonero.org/2018/03/29/response-to-an-empirical-analysis-of-traceability.html
I hope someone is able to take a look at this issue.