Onionbalance Security Analysis

Description

Write a quick threat model / security analysis for Onionbalance, stating what it brings (or does not bring) in terms of security.

One good aspect to highlight is that it can offer a practical solution to reduce the attack surface in the long-term .onion identity key, since only the frontend/publish nodes need to have access to it. So Onionbalance is not just about load balancing, but also separation of concerns/isolation. And until offline keys is supported, that's the best and easier approach to reduce the attack surface on these keys.

The Vanguards' security analysis may be a good source of inspiration for such document, in terms of structure and content.

Tasks

• Write the security analysis. This is done at !25 (merged), thanks to Pascal Tippe.
• Review and publish the analysis (!25 (merged)).
• Add a reference in the Security Overview page.
• Check if any reported issue has/needs a ticket, open issues accordingly and reference them in the security analysis document.
• Report back to Pascal Tippe. Done.