@Hanshan, do you have evidence that this isn't true ?

if your threat model is a global passive adversary they clearly know where payments begin and end. his (unexpressed) point is "the second and second-to-last nodes on a route can't be sure they are second and 2nd to last" but it totally depends on the level of collusion between large nodes. a global passive adversary isn't required, if enough large nodes (particularly in a hub-and-spoke design) collude they can have *reasonable certainty* where payments originate and end up. Add mapping via channel probing and consider. not saying it happening now, but I AM saying,if it was happening you wouldn't know. which is why we have L1 systems designed to function in the open. That is the advantage of using a blockchain and not an L2. everything is tradeoffs.