Add question "Why are v3 onion addresses so long?"

Since v3 onion services contain full public keys, they are secure against enumeration attacks. Also, the length makes the keys secure against collision attacks. 

The v2 protocol has the following issues that v3 keys solve:
An adversary who runs a relay on the Tor network can slowly learn a list of all the v2 onion services, via the v2 HSDir system.
An adversary who can factor 1024-bit RSA keys can impersonate a v2 onion service.
An adversary who can generate around 2^40 RSA keys can expect to generate two that correspond to the same onion address (a collision attack).
(There are other attacks against the v2 protocol as well that aren’t related to the keys.)

We'd like to keep using shorter addresses, but we can’t build a secure protocol that way.