Hello to prevent ddos my idea is to use client auth but what about returning users?
What about them? Clarify?
- An x25519 keypair used to compute decryption keys that allow the client to decrypt the hidden service descriptor. See [HS-DESC-ENC]. - An ed25519 keypair which allows the client to compute signatures which prove to the hidden service that the client is authorized. These signatures are inserted into the INTRODUCE1 cell, and without them the introduction to the hidden service cannot be completed. See [INTRO-AUTH].
I want to only make available 1 auth credential per client given from the service. Is it possible to block credential sharing?