Ah yes, I was reading this yesterday. Vanguards previously came to my attention on OnionShare but hadn’t read that much into it yet. This article’s been the best overview of the feature I’ve read yet.
Not quite no downside. Someone who wrote the first couple of comments does a pretty good job of identifying what the trade-off being made is - the element of risk is shifted somewhat but not eradicated (still a risk of ending up with a malicious node, but arguably less chance of it (?) and also the burden of effort for that malicious node to perform attacks is, I think, higher…)
I need to read up more on it, and I also need to understand if this is conflicts with Should we use HiddenServiceSingleHopMode for whonix.org server? - as per that thread, we care less about ‘deanonymizing the onion service’ since the whonix.org IP is already known - but we care about not deanonymizing the client, so maybe indeed we need to consider Vanguards for this, and therefore forget HiddenServiceSingleHopMode.
Anyway yes - definitely on my radar to understand and then decide whether to implement. Thanks!