One of the benefits to Tor is you don’t need to open any ports, the Tor acts as a reverse proxy for onion services. A lot of Tor services run over port 443 because it gets passed through with little to no issue. With Wireguard you have to deal with all the networks, particularly airports and businesses, that don’t allow UDP. I’ve had a good bit of luck using the dns and ntp ports for wireguard but if your on a network that has something filtering/monitoring dns or only wants you to use their time server, those can stop you also. Once http/3 is official that should make things better for everyone using wireguard.
Plus tor hidden services -or whatever the current nomenclature is- offer a fairly robust and painless story for authentication in this "sorta VPN" scenario. Generate a couple extra keys and invite a friend and his bots.
I do the client auth feature. The chances of someone stumbling across my hidden service is pretty low I think, but it’s not zero. With auth set up I don’t think a Tor client can even get the Id of the rendezvous server without having the correct key.
