Requirements

Our security model is an omniscient network observer.
Sender-Receiver Third-party Unlinkability. The senders and receivers should be unlinkable by any unauthorized party.
Sender online unobservability. Whether or not senders are communicating should be hidden from an unauthorized party. This does not refer to nodes being online or not, but specifically whether the communication is real or fake.
Receiver unobservability. Whether or not receivers are part of a communication should be hidden from an unauthorized party
Attack detectability (analyze feasibility). TODO: define attacks more precisely. This allows a stop-gap solution in the case of mixnet nodes being corrupted. Note that we don't refer here to all attacks since that wouldn't be possible, but rather to increasing the chances of detecting certain types of attacks with solutions like loop messages, and through an on-going effort at improving these.

Overview of the system

A small group of nodes will be dedicated to mixing. About 60 with 3 layers to start is a good reference.
The number of nodes can scale according to block usage of the network (to accommodate for more traffic). Rewards will increase with increased traffic, which balances the economics (but needs to be analyzed by the Token Engineering team).
A good number for reference in calculations: 1k packets/s per mixnet node (based on current Nym implementation).
Some designs like Loopix or Katzenpost introduce extra nodes before and after, but their main responsibility is to introduce the possibility of dead drops (passive delivery to further decouple). This doesn't seem to fit our use case because we don't expect nodes to go offline. Loop messages can be implemented with an extra mixnet layer.
Mixnet nodes can be physically decoupled from the validator nodes, even become independent roles. What matters is that: they register themselves in the Nomos chain with collateral and they get paid in Nomos token. These are the main reasons not to use Nym (besides functionality that we don't need), and consequently the part that needs to be fully integrated. In contrast with our previous discussions, the possibility of implementing it as a new role is now open.
Scalability-wise we don’t need more nodes than Nym, and it would actually be detrimental. It must be adjusted based on traffic of the network, not on Nomos network size or other variables.
An initial idea for selecting the mixnet nodes is via staking: just like Cosmos’ approach to selecting validators, we sort by provided stake and cut off at the defined number of nodes. This can be initially openly disclosed but eventually could become an MPC or threshold-FE calculation for stake privacy (can be postponed).
Mixing should be opt-in as it requires higher bandwidth. But is rewarded.
In short, the proposal can be summarized as: Nym architecture, but with integrated staking and payments, with an additional gossiping step from the last node of the mixnet (for routing to the destination).