your concerns are definitevely valid. The sender of giftwrapped messages is hidden, but the ip correlation would be trivial if a malicious relay is used.