Of course the trust system will be scrutinized.. but the technology is based on several concepts, one of which is "Web of Trust" -
http://en.wikipedia.org/wiki/Web_of_trust, the bottom line is that the wallet won't send money to untrusted nodes
Could you look into this method of ensuring it's not possible for xnodes to steal coins:
That poster on /r/bitcoin admitted that the latest DarkSend is indeed decentralized but pointed out that the specs don't mention anything about signing. As mentioned in gmaxwell's original post (
https://bitcointalk.org/index.php?topic=279249.0), blind signatures are needed to truly prevent anyone from learning the sender-receiver mapping. Does DarkSend implement blind signatures? If not, are there plans to introduce it?
Yes, the implementation uses blind signing. All it cares about is that your input and outputs are there with the correct amounts, if that's the case you sign your input away to all of the outputs. When everyone signs like this, it's trustless and completely secure.