You connect to different nodes each time with encrypted streams (to known nodes when you can) after you get on the network. So your ip address is scrubbed, you connect via a random port to a random node(s). I don’t see it as a design flaw but as the best that can be done.
Ideally if a group can create their own private key (group key) then we may be able to do more (look at SQRL type key derivation to see how this may do). Then you connect to a relay nodes(s) and encrypt traffic through them to client managers). So it can improve but already seems significantly better that any other system I can find in securely getting on a p2p network.