That’s not what privacy pass is. There’s no proof of work involved. Basically you solve a captcha once, and it gives you 30 tokens to skip future captchas.
> In preliminary tests on consumer hardware, our extension takes ~1.1 seconds to generate blinded tokens to be signed by the server and ~1.9 seconds to parse the signed tokens and verify the DLEQ proof. Creating a pass that can be used to redeem signed tokens takes <40ms.
It's intentionally very slow to get and use those token though
That seems to be a side effect of the zero knowledge proof implementation, rather than an explicit design choice. There doesn’t seem to be a tunable “difficultly” parameter, like with all proof of work implementations.
If we assume a spherical cow and say that there are no rate limits on the captcha service and capture solves are instant, then privacy pass requires you to spend 100ms of CPU time before each request, which is a sort of "work"
If we then say that the captcha you solve can be dynamically adjusted based on how suspicious the request is, then that is a sort of difficulty tuning.
Sure this isn't exactly blockchains or whatever, but it's basically the same idea.
Why would CloudFlare endorse this system if it was just "business as normal but you solve 1/30th of the captchas"?
> Why would CloudFlare endorse this system if it was just "business as normal but you solve 1/30th of the captchas"?
They don't just endorse it, they developed it. Their argument was that it allowed them to solve the "Tor CAPTCHA problem" (as a Tor user, you see CAPTCHA on almost every page visit to a CloudFlare-fronted site) without breaking the anonymity of Tor users (because CloudFlare is in a position to maliciously track a scary amount of Tor exit traffic).
The idea is that this 1/30 multiplier is meant to reduce the amount of pain Tor users have, without making attackers' jobs easier (a factor of 30 isn't really that much of a change for most attackers and CloudFlare has DDoS protection beyond just CAPTCHA, but it does make a huge difference for normal users).
All of that being said, the Tor project does not endorse the usage of PrivacyPass because they are ethically opposed to the entire concept of having to get a hall pass from CloudFlare to browse large swathes of the internet. And being one of a handful of PrivacyPass users on Tor will reduce your anonymity significantly. The Tor Projecy might also disagree with the privacy claims made by PrivacyPass, but given they are against the very idea of the project I believe they haven't done any actual research into their claims.
> Sure this isn't exactly blockchains or whatever, but it's basically the same idea.
This idea is older than blockchains; it's basically hashcash (https://en.wikipedia.org/wiki/Hashcash), which AFAIK was one of the inspirations for Bitcoin.
