GitLab

Manual text, key word Client Authorization mentions public-key vs privkey for service:

To configure client authorization on the service side, the "<HiddenServiceDir>/authorized_clients/" directory needs to exist. Each file in that directory should be suffixed with ".auth" (i.e. "alice.auth"; the file name is irrelevant) and its content format MUST be:
<auth-type>:<key-type>:<base32-encoded-public-key>
The supported <auth-type> are: "descriptor". The supported <key-type> are: "x25519". The <base32-encoded-privkey> is the base32 representation of the raw key bytes only (32 bytes for x25519).

rend-spec-v3.txt (4329f00194bdb7adff2c9daa1cf47b09ce4c2a9e) confirms public-key instead of privkey. So privkey is wrong for service.

Trac:
Username: Felixix