LARGE number of Tor circuits. Am Compromised?

I am seeing very large number of tor circuits in sys-whonix. Sometimes 40 circuits even when doing nothing. I not sure of number of circuits before, but usually was 5 or 6 circuits, not 20 or 40. Sometimes list goes very long and a lot of times list is replicating first and second node. Tor log says might be under attack due to high failure rate, not always show this message.

This is what 40 circuits often look like:

A B C

A B D

A B E

A B F

A C D

A C E

A C G

A H I

A H D

A

A H D S

Z Y X

Z Y T

Z Y U

Z R U

Z B U

Z C U

Z

Z B D

Z B E

Lots of duplication of same nodes, duplications of parts of routes with small changes.

It also look like I get bridge or 4th connection at exit node and not using bridge.

Is this effort to deanonimise? Many circuits have replicating mathmatical properties at some point (ping between P-Q and A / ping between P-Q and B) Were there sometimes 40 or 80 circuits before? I don’t think saw this many circuits before, this is new? Can’t find information on usual number of circuit in sys-whonix.

I have read documentation and don’t understand what is reading. Don’t think this should happen like this. Sometimes circuit only show one node and not sure if this is considered complete circuit.

Also, seeing circuits access tor onions that not using. Will boot and not be in Tor, not be going to onion sites, and see onion site. One onion site is recognized and is been used before but long ago, not used onion site in many month.

If this is Tor issue, then how do I ask the Tor?

See:

Specifically:

Log Analysis

Maybe this issue isn’t exactly a network obstacle but same general message would apply here:

Also useful:

Also good to know:
(Non-)Compromise Indicators

sdwdate?

See sdwdate onions list here:

sdwdate/etc/sdwdate.d/30_default.conf at master · Kicksecure/sdwdate · GitHub

Many options. I don’t know which one is best. Maybe mailing list or forums. See:
Tor