> You don't get to control source IP ranges, but those aren't generally trustworthy on the open internet anyway.

IP ranges are just another layer of security controls. They may be easily spoofed one way. They may be even spoofed in a two-way communication in some situations. But it doesn't mean it's a useless control. If you can filter more traffic you should and Tor makes that hard to achieve.

> Also, the traffic isn't "forwarded" -- hidden services shouldn't be run on a relay, actually, so you're not forwarding anybody's traffic but your own.

Even if you don't participate in the relay of traffic, you're still connecting to the nodes that can send you anything and you need to process it, because it could be traffic addressed to you. I said you may get traffic to forward (or random traffic in general) - it doesn't matter if you're going to actually do it or not. I wouldn't be comfortable running that service. This does not help to reduce your attack surface.

> allows you stronger security guarantees and MitM defense than TCP+DNS+IP routes

It's a tradeoff. You're substituting tested routing mechanism should not be trusted (so we do the AuthN/Z in higher layers), for a relatively new routing mechanism which in duplicates some of the AuthN checking, but at the same time exposes and advertises a new service on your network. You may think it's better, I would disagree.