>
> May need to modify the network address format to include the ability to
> differentiate IPv6 clearnet vs. Tor addresses
>

sipa already implemented some clever hack where the 80-bit Tor keys are
mapped to a subregion of reserved IPv6 space, giving magical IPv6 hidden
service addresses. So addr packets can and do already contain onion
addresses.


> but then you remove the implication that a node has to give both public
> and private IPs to a peer. If it's part of a batch of "addr"s, it could be
> my own hidden service ID, but it could also be one that I learned from
> someone else and is now propagating, for anyone to bootstrap with Tor
> hidden service peers if they'd like.
>

Hmm. So you mean that we pick a set of peers we believe to not be sybils of
each other, but they might give us hidden services run by other people? I
need to think about that. If they're getting the hidden services just from
addr announcements themselves, then you just punt the issue up a layer -
what stops me generating 10000 hidden service keys that all map to my same
malicious node, announcing them, and then waiting for the traffic to
arrive? If clearnet nodes inform of their own hidden service IDs, that
issue is avoided.

My goal here is not necessarily to hide P2P nodes - we still need lots of
clearnet P2P nodes for the forseeable future no matter what. Rather we're
just using hidden services as a way to get authentication and encryption.
Actually the 6-hop hidden service circuits are overkill for this
application, a 3-hop circuit would work just as well for most nodes that
aren't Tor-exclusive.