I suspect it's the latter. The FBI would very interested in someone who gave the Tor Project $100,000 to fund improvement of the hidden service protocol. They have anonymous sponsors, but only in the sense that they are not publicly known. The IRS certainly knows who they are, and the FBI could if they wanted to find out. You can build your own defenses, of course. At the network layer, you could use persistent entry guards by way of private bridges. Even better would be layered entry guards, or layers of proxies before you get to your entry guards. You could even calculate the descriptor IDs in advance and run relays on anonymous VPSes with identity keys whose hashes closely match the descriptor IDs, so you would always be publishing your hidden service descriptor to service directories that are under your control. At the application layer, you can harden your software and isolate it in VMs. I'm learning a lot about Xen at the moment, and I plan on experimenting with VM isolated LEMP stacks.