Support isolation for onion services
In C tor, I think there is no circuit isolation when using onion services, and I know there is no cache isolation. We should figure out how we would like that to work in Arti, and keep in in mind when designing our cache and client APIs here.
The "easy" version of this would be to provide circuit-level isolation, such that if two contexts would not share an exit circuit, they can't share a rendezvous circuit either. Our current design provides that at no effort.
A harder version of this would be to implement isolation for descriptor cache information and introduction point status information. Since we are currently imagining those living outside of tor-circmgr
, we'd need to make sure that our boxed isolation-type objects can be exported to higher level crates as part of their API.