DDoS Protection Layer Added — Availability During Attack Events

In response to a sustained distributed denial-of-service campaign targeting the platform's onion infrastructure in mid-October 2025, the development team implemented a new DDoS protection layer that significantly improved availability during subsequent attack events.

DDoS attacks against Tor hidden services work differently from attacks on clearnet services. The October attack used a technique known as rendezvous point flooding — overwhelming the Tor relays responsible for establishing connections to the hidden service's introduction points. This caused near-total unavailability for approximately 6 hours before the team responded.

The countermeasure implemented involves a multi-introduction-point architecture combined with proof-of-work challenge requirements during high-traffic periods. When the system detects connection request volumes above baseline thresholds, it activates a lightweight computational challenge that legitimate Tor clients solve quickly but that significantly raises the cost of automated flooding attacks.

Community monitoring showed that platform availability during a subsequent smaller attack in November 2025 was maintained at approximately 94%, a dramatic improvement over the near-total unavailability experienced in October. The development team published technical details of the mitigation approach in a PGP-signed announcement for community review.