@Gargron @grufwub then mastodon should really (have the option to) store those hashed+salted
@Gargron @grufwub also, with authenticated fetch, shouldn't all ratelimited routes be authenticated by either a user or another instance, and thus can be ratelimited based on that info?
@Gargron @grufwub also, with authenticated fetch, shouldn't all ratelimited routes be authenticated by either a user or another instance, and thus can be ratelimited based on that info?