Pond assumes the existence of an overlay network that prevents a network attacker from learning which servers a user is connecting to. [...]
Since a global, passive attacker can deanonymise Tor, that attacker is capable of violating this assumption and breaking Pond.
This is unfortunately true but not actually a "break of Pond" according to the threat model, which allows that
A GPA can learn who is using Pond and where their home servers are located.
A GPA can learn when messages are sent to a non-home server and which server that is.
The Technical documentation states that
This is unfortunately true but not actually a "break of Pond" according to the threat model, which allows that