I would like to propose to extend the proof of work mechanism requiring clients to complete a challenge to perform the session renewal.
The idea is to require the client to perform a dynamic proof of work mechanism varying from complexity LOW to HIGH based on a threshold.
Extending the thresholds defined in https://github.com/globaleaks/GlobaLeaks/issues/4118 and adding thresholds_proof_of_work_operations_per_session = 50 we could for example require a client to renew the session every 60 seconds by continue to solve a proof of work. The proof of work complexity could be dynamically changed from a level LOW to HIGH based on the number of requests that the client is performing.
Proposal
I would like to propose to extend the proof of work mechanism requiring clients to complete a challenge to perform the session renewal.
The idea is to require the client to perform a dynamic proof of work mechanism varying from complexity LOW to HIGH based on a threshold.
Extending the thresholds defined in https://github.com/globaleaks/GlobaLeaks/issues/4118 and adding
thresholds_proof_of_work_operations_per_session = 50
we could for example require a client to renew the session every 60 seconds by continue to solve a proof of work. The proof of work complexity could be dynamically changed from a level LOW to HIGH based on the number of requests that the client is performing.Motivation and context
Ticket strictly related to https://github.com/globaleaks/GlobaLeaks/issues/4118 with same motivations.