2) Secondly, we bump the protocol version, add a service flag and introduce a new P2P protocol command “tor?”. If a client sends a tor? message to a node that has the new service flag set, it will respond with a new “tor” message that contains a regular addr packet, with a single address, the IPv6-ified version of its hidden service name.

Rather than a separate message type that implies binding a clearnet IP to a hidden service ID, why not add the service flag that the peer would like Tor addresses, and the remote peer can then add IPv6-ified hidden service addresses to "addr" messages? May need to modify the network address format to include the ability to differentiate IPv6 clearnet vs. Tor addresses, but then you remove the implication that a node has to give both public and private IPs to a peer. If it's part of a batch of "addr"s, it could be my own hidden service ID, but it could also be one that I learned from someone else and is now propagating, for anyone to bootstrap with Tor hidden service peers if they'd like.

Brooks