Rate Limiting Clients with Client Auth but what about returning users?

Hello to prevent ddos my idea is to use client auth but what about returning users?

What about them? Clarify?

1 Like
  - An x25519 keypair used to compute decryption keys that allow the client to
     decrypt the hidden service descriptor. See [HS-DESC-ENC].

   - An ed25519 keypair which allows the client to compute signatures which
     prove to the hidden service that the client is authorized. These
     signatures are inserted into the INTRODUCE1 cell, and without them the
     introduction to the hidden service cannot be completed. See [INTRO-AUTH].

source Clearweb:

I want to only make available 1 auth credential per client given from the service. Is it possible to block credential sharing?