Comment by system33-
Depends on the content of your traffic.
If “deanonymize” strictly means perform a timing attack using info you have from the beginning and end of the circuit, then by definition you’re correct.
But if you visit an identifying set of websites and/or ignore TLS errors or … they can still deanonymize you.
What role do TLS errors play in de-anonymizing onion traffic?