Hello to prevent ddos my idea is to use client auth but what about returning users?
What about them? Clarify?
1 Like
- An x25519 keypair used to compute decryption keys that allow the client to
decrypt the hidden service descriptor. See [HS-DESC-ENC].
- An ed25519 keypair which allows the client to compute signatures which
prove to the hidden service that the client is authorized. These
signatures are inserted into the INTRODUCE1 cell, and without them the
introduction to the hidden service cannot be completed. See [INTRO-AUTH].
source Clearweb:
I want to only make available 1 auth credential per client given from the service. Is it possible to block credential sharing?