Skip to content

Research approaches for improving the availability of services under DoS

We've been improving the health of the network during onion service DoS, but not the onion service availability. This is a task for looking at this angle.

During the related Stockholm session we looked into various approaches that could help us towards that goal. Here are some of them:

  • Introducing application-layer anonymous tokens that allow legit clients to get priority over DoS attacker
  • PoW approaches like argon2
  • CAPTCHA approaches like introducing a token server giving reCAPTCHA tokens
  • Hiding introduction points by rate limiting how quickly clients can find them. Valet nodes?
  • Having intros check that clients don't use the same IP over and over. Proof-of-existence?
  • Pay bitcoin to introduce

Each of the above solutions has problems and this is a ticket to investigate at least the most promising of them, and attempt to move forward with something.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information