I understand the proposal is about IP protection and masking the originating IP address. However, I'd like to understand if the original HTTP Referer will be unchanged and accessible after traffic passes-through the proxy(s).

HTTP Referer is sometimes used instead of IP address for allowlist / denylist behavior. I realize that using Referer for access-control behavior comes with some risks (Referer can be manipulated in some environments and scenarios), but it is considered "good enough" in some cases (your mileage may vary). This can be particularly important and useful for iframe scenarios.

I've read through the Github explainer and https://developer.chrome.com/en/docs/privacy-sandbox/ip-protection/, but didn't find any specific mention of Referer. Will all proxy(s) involved (whether 1-hop, 2-hop, or more) pass-along HTTP Referer unmodified, such that end-servers will still be able to know the original Referer?

If the original value is preserved, will it still be available on the traditional Referer header, or another header (e.g. *-Forwarded-*)?