Is there a (high-level) description of how it works available?
I've just written https://github.com/dustyneuron/bitprivacy/blob/master/DETAILS.md. It may be a bit too in-depth about the data layout, but it's certainly easier than looking at the code, and I can use it as a reference when I need to change things.Thanks, that's basically what I wanted to look at. I'm no crypto-expert, but to me it looks good.
However, one thing I wondered about: Why do you need blind signatures for this protocol in the first place? Couldn't you just simply submit your output to a chosen peer (like the blinding server) with a new network connection without obtaining a signature from the server before? After all, before each peer signs the transaction, he/she checks that his/her transaction is in there anyway, so there's no chance someone could run away with my coins. What additional trust/verification purpose does the blind signature fulfill?