majestrate
commented
12 months ago I am not convinced that making attacking harder (PoW) is the right way to defeat DDoS attacks, making defending easier is the most scalable way forward from what i can tell. how to facilitate that with this re framing of the problem is key to actually solving it. the ecosystem keeps making the same mistakes wrt how they approach design on this front, forcing a square peg into round hole by thinking about it as stopping attackers instead of making it easier to defend infra from attacks. stopping attackers is about limiting the users of a hosted server, making it easier to defend is about making the hosted service able to balance traffic and dampen and mitigate unwarranted deluges of traffic. rethinking how we describe the problem imo is crucial as PoW based limiters have reached its endgame years ago. i dont think they will work at the scale they need to. there is always going to be a better way tbh.
perhaps something like pktcash's bandwidth hard PoW could be an alternative source of inspiration on how to solve this issue, wrt rethinking it as making defending easier rather than what monero and tor are doing on their end by making attacking harder.
The author of RandomX develops a variant called Equi-x for DDoS protection on onion routing service like Tor:
https://github.com/tevador/equix/blob/master/devlog.md
We might want to research and see if it's useful for Lokinet as well.