[tor-dev] On the security of a commit-and-reveal solution for #8244