Thought of a way to do an attack with out pseudonym data, just with reviews, mail routing information, and general knowledge of where the vendor ships from (let's assume that the vendor probably ships from within a 240 mile radius). This one might actually be infeasible though . If the attacker assumes that the customer leaves a review within a week of when they get an order from a vendor who ships from a known general location (~240 mile radius), they can do this: Who all was sent and received a package sent from within this ~240 mile radius within a week prior to when a review was left? Add all of these addresses to a "potential suspect - low certainty" crowd. Do this for every single review that is left. Take all resulting "potential suspect - low certainty" crowds, and look for addresses that appear multiple times. The more times an address appears in a "potential suspect - low certainty" crowd, the more likely that person is getting drugs from SR. Without having access to the database of mail routing information it is impossible to see how much noise there would actually be. If a vendor is shipping from the middle of fucking no where there probably isn't that much outgoing mail though (meaning that the potential suspect crowd related to that order could be pretty low number). Not sure how many non drug users would appear in a significant number of potential suspect crowds though...probably a lot though (a lot of people probably get mail from New York City in the week prior to you leaving a review on the vendor who just sent you a pack from NYC). I guess it would probably actually be better to assign a "suspect potential" score based on the total crowd size. For example, if you are one out of five thousand people who got a package from the middle of fucking no where in a week prior to leaving your review, you could get 10 potential suspect points for that, where as if you are one of the five million people who got a package from New York City in the one week time span prior to you leaving a review, you only get .05 suspect points. Over time, shipping addresses with higher amount of suspect points would be more likely to be tied to people leaving reviews on SR. Disclaimer: this attack variant is largely mental masturbation on my part, I am not quite sure it is infeasible but it is certainly a lot less likely to be useful than the other mentioned attacks . Of course if the attacker can also get a list of all Tor client IP addresses (by monitoring directory authority servers....easy if you do not have a bridge) and corresponding customer registration addresses (from ISPs)....they could intersect the list of "potential suspect" shipping addresses with the list of Tor user addresses and probably deanonymize everyone who leaves a single review. (Alice is the only Tor user in this crowd of 10 million shipping addresses that potentially got an order from this vendor). Let's hope only intelligence agencies have access to both databases. I wouldn't be surprised if LE have access to both, but I am not sure if they can translate every Tor client IP address into a customer address in a dragnet fashion (of course they can ask an ISP for the customer address of X tor IP address...but if they can ask for all Tor client IP addresses corresponding customer registration address and keep a big database, is another question).