But LE or other powerful adversaries can deanonymize your HS. Here's how:
Step 1) Discover your guard
Step 2) Compromise your guard via legal or other means
How to discover your guard? It's actually easy. The "trawling for hidden services" paper's researchers last year said they can do it in under an hour.
The TLDR is that every time you connect to a hidden service, you (the client) pick a rendezvous point for the HS to connect to. If you do this a lot, eventually the HS will build a circuit through a node you (the attacker) control. On each connection you send some modulated pattern of traffic. When you see it, you know you're the middle node on the HS's rendezvous circuit, and BOOM you know its guard.
HSes are quite useful against some adversaries but not bulletproof against a sophisticated one. This is not a conspiracy theory; tor developers will confirm all of this if you ask them. There is work being done to improve them, but ultimately low-latency anonymity is a very difficult problem and operating a service the attacker can contact makes it even harder.
"Copied from torchallenge01"
"I'm Bailey Jay" claims Redditor. Any thoughts?