This is what I wrote some time ago after studying how this part works. I think it’s still valid:
So, my close nodes have my IP:port:public key etc. So now they’re gonna watch the chunks come in and out and try to understand what I’m doing you think? Maybe they have lists of files and their chunks and try to catch me downloading an blockbuster movie from Hollywood? Well, time to add another layer of encryption. Yes, you are in group of close nodes and some of them will know your IP because they need to get data from and to your computer. So in a group of 32 close nodes (based on XOR) maybe 4 or 5 will know you IP. But now the magic starts, remember; you don’t ask for data on the network, your close nodes will. So while this group of close nodes is randomly chosen, you will connect to another group of nodes which are your (data)managers. The connection to that group will be the third layer of encryption, and maybe already a forth one! Because for something like “browsing” the Safenet you will use an identity to request data. But let’s go back a little. So, your close group connects you to the manager-group who are “somewhere” in XOR-space. This connection will be encrypted so your close nodes cannot understand the data between you and the managers. Your managers on the other hand, will understand your requests but they have no clue about who you are. To them your just another XOR-adddress that’s close to them in XOR-space. This way the close nodes will work like a proxy to protect your identity.