Proof of Work (PoW) defense for Onion Services is released

introduction

On Aug 23 2023, a new post appeared on forum.torproject.org by rhatto that after a very long period of development Tor's Proof of Work (PoW) defense was released for Tor 0.4.8.4.

What is the PoW protection for Onion Service?

Proof of Work (PoW) 3 is a cryptographic mechanism where a computing system can prove to another that they have performed some computational effort.

The Proof of Work (PoW) 3 defense for Onion Services 1 is a way to protect against Denial of Service (DoS) attacks by prioritizing, when under stress, clients that have proved to the service that they performed a number of resource-intensive operations.

It’s a way to prioritize verified effort (but not a way to verify users), which means attackers would have trouble launching many requests to an Onion Service, but users will possibly have resources to do their legitimate requests.

In other words, Onion Services may be configured to offer a Client Puzzle 4 if they’re under heavy load, and to prioritize incoming client connections containing solutions to the puzzle.

For an overview of this new protection, check it’s blog post 10.

For a deeper explanation about how it works, check the PoW FAQ 7 and Proposal 327

If you want to use POW head here: https://community.torproject.org/onion-services/advanced/dos/

Final Words

Proof of Work defense comes after a network wide ddos attack https://status.torproject.org/issues/2022-06-09-network-ddos/ although complete, Tor's current stable version is 0.4.7.13 despite proof of work being in 0.4.8.4. Darkipedia could not find 0.4.8.4 in there Debian/Ubuntu repository, mass adoption may take a while, but users can build 0.4.8.4 through https://gitlab.torproject.org/tpo/core/tor. With this current update and mass adoption over the coming months admins will finally have the ability to remain online without threat.