prop 327: bind challenges to personalization and blinded HS id.

This is the spec for a fix to the attack in tor#40789 (closed).

It's based on top of !124 (closed).

I'm not sure that the blinded ID is the perfect choice here: it won't work so well if an onion service reuses the same intro points and intro point keys (KP_hs_ipt_sid) after a blinded key rotates. But that's not something a service should do, so I think it's okay?