I'm working on some stats and I was wondering if the relayed by IP on Blockchain.info can be used to get an approximate (country level) origin of the transaction. Would it be reasonable to assume that this transaction has been originated somewhere in Wisconsin?
The reason I ask is that, yes, the network creates a random topology, but due to verification overhead first few relay points are bound to be within a few hops from the origin.
It is possible, but it is also quite easy to hide your activity from such inquiries. For example, lets check Address 15VjRaDX9zpbA8LVnbrCAFzrVzN7ixHNsC:
http://blockchain.info/address-relayed-ips/15VjRaDX9zpbA8LVnbrCAFzrVzN7ixHNsC
We can see that most often it appears in the USA, with a dominant IP being 69.164.218.197 . If we check that IP with another tool, we can see that it was owned by Linode. And indeed, this is the address of the Bitcoin Faucet, that used to be hosted on Linode.
However, if you were to say, start your Bitcoin with -connect flag and specify an IP that you know will be running Bitcoin most of the time and not be malicious (such as a trusted pool, the Faucet, or the like), your transactions will appear to come from that IP. Switch the IPs every now and then, and you have a total control of what other people can see the origins as.
So yes, it is possible to infer some information about what IP owns which Bitcoin Address, but it is also possible to hide such data if there are any trusted nodes on the Bitcoin network.
Since signed blocks come with Relayed by: IP address field There exist IP address resolution topology database, assigning names of mining pools to respective IP adresses.
Blockchain.info recently ceased publishing names of mining pools relaying signed blocks and started calling every party Unknown, however you can still access a database of IP addresses relaying signed blocks and database of IP assigned mining pools from and by third parties to get your stats to work.
