I thought about this and I understand where the misunderstanding is. I hope if a future reader finds this they understand this concept better.

I think the exactly scenario on this is poorly documented about the dust attack in general. As written and described most places, its a redundant attack for the reasons I have specified -- the attacker learns nothing additional. Most write ups seem to treat the dust as a "marker", but we don't need to mark things on transparent blockchains, however, we might want to force a certain broken wallet behavior that links addresses.

How much in practice this wallet behavior manifests is dubious too IMHO due to the uneconomical nature of spending dust. In most cases a wallet with sufficient spendable UTXOs is not going to start digging up old dust from other addresses to stuff into inputs.

The nuance is in combining dust, -- but only from an address with no other associated UTXOs (eg balance is just dust). Consider: Address A and B, and C. A and B are controlled by the target, and C is a 3rd party seller. There is UTXO uA and uB. uA is 1m sat. uB is 1m sat. Attacker dusts A and B and generates new UTXOs uA' and uB' of 546 sat each.

If someone wanted to pay ~2m sat (-fees) to C, the attacker learns nothing additional from inputs (uA+uB+uA'+uB')->C, Likewise for (uA+uB+uA')->C or (uA+uB+uB')->C or (uA+uB)->C. This is what I am referring to, and the most likely combination of UTXOs in wallets in practice.

However, lets say in this scenario uB=0s, eg: balance(B)=546s, and we want to send 1m sat to C.

The wallet would have to calculate the optimal tx as: (uA+uB')->C [which would very likely be uneconomical vs including another larger UTXO] Yes, the attacker is learning that A and B are related, assuming uB was spent early on another unrelated transaction. That would not be apparent from the transaction ledger.

Be careful with dust. You can spend dust from an address safely as long as it only contains the same address as the inputs. eg: (uA+uA')->C. Or is a one of more dusts to the same address. eg: (uA' + uA'')->C. The attacker learns nothing.

As long as the dust address is also the 'main funds' address, its just reducing the UTXO set. Spending unrelated dust is leaking a wallet/key relationship that would not be observable otherwise. eg: (uA+uB')->C, attacker learns A and B are in the same key set.