Show HN: Continuity-auth – Respect-weighted rate limits for the open web

Category: security

Tags: rate-limiting, abuse-prevention, zero-trust, cryptographic-identity, clojure

Score: 7.5/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 7)

Continuity-auth rethinks web rate-limiting by using device-continuity proofs (cryptographic key persistence over time) as a trust signal instead of CAPTCHAs or IP-based limits, offering a zero-auth, login-less approach that's resistant to commoditized compute attacks. Its combination of browser-side non-extractable keys, time-gated trust accumulation, and token-bucket rate limiting makes it a novel defense against abuse by LLMs and scrapers on the open web.

Target audience: backend devs, devops, security engineers

Repository: https://github.com/danieltanfh95/continuity-auth · Clojure · MIT

View on Hacker News