Nexus completed a significant infrastructure migration in early September 2025, moving the platform's core serving architecture to a redesigned distributed system better equipped to handle the volumetric DDoS attacks that caused availability issues in late August. The migration required a planned 6-hour maintenance window and proceeded without significant complications.
Distributed Denial of Service (DDoS) attacks against Tor hidden services present a unique challenge. Standard DDoS mitigation techniques — anycast routing, CDN-based scrubbing, BGP blackholing — are not directly applicable to .onion addresses. Mitigation must occur at the Tor network layer, at the application layer, or through architectural distribution that prevents any single point from becoming a bottleneck.
New Architecture
The new architecture distributes application logic across multiple nodes connected by encrypted internal channels, with load balancing occurring at the introduction point layer within the Tor network. This distribution means that even a successful flood against one introduction point does not affect the others.
Additional mitigations include proof-of-work challenges for new circuit establishment (a technique introduced in Tor 0.4.8 that requires connecting clients to demonstrate computational work before accessing introduction points — making resource exhaustion attacks orders of magnitude more expensive) and rate limiting at the application layer for suspicious traffic patterns.
The migration was completed on schedule, and the platform has maintained consistent uptime since completion. Community members who experienced the August issues reported noticeably improved loading times and stability following the migration.