Proof of work rate limiting for NAT signalling and relaying

[tegefaulkes]

Specification

As per #148 we applied some rate limiting mechanisms for preventing amplification attacks. But to truly protect against this we need to implement a simple proof of work for making signalling requests.

Additional context

• Related NAT Signalling (Hole Punching) should be Fire & Forget, Coalesced, and Secured with Signatures #555
• Related Authenticate the sender of a hole-punching signalling message #148
• Related Authenticate the sender of a hole-punching signalling message #148 (comment)
• Related Authenticate the sender of a hole-punching signalling message #148 (comment)

Tasks

1. Implement a simple proof of work algorithm for limiting signalling and punch requests
2. ...
3. ...

[CMCDragonkai]

The rate limiter is still quite basic atm, I had an upgraded design here #148 (comment).

Rate limiting wise, it's not guaranteed to prevent DOS. Only proof of work can do so. But it's a quick way of rate limiting based on certain identifiers. So it can be expanded further. Could combine proof of work along with some bucketing mechanism as a general "resource governor". It sort of reminds me of the resource-counter library that we have.