Comment by kevincox
If you run a node that forwards traffic to any node other than the one requested by the client then that node won't be able to decrypt the traffic.
The client encrypts traffic to each node on its selected path in turn. If the traffic doesn't reach every desired node in order the traffic can't be decrypted.