>>4009
Yes.
And because you can discriminate between circuits, you can effectively put strict ratelimits on how often each circuit can do certain things without affecting all Tor users. Each time a spammer wants to do /login which is CPU expensive to the server, they have to solve a CPU expensive proof-of-work themselves, creating a balance. All dos/ddos is about making an imbalance in favour of the attacker, and this turns the tables. CPU is the most expensive resource in ddos, especially since volumetric attacks don't really happen over Tor. So making new circuits does not help attackers. Also, the script can communicate with the tor daemon control port to send commands and tear down offending circuits, forcing attackers to make new ones.
Real users circuit will not change frequently, so they will usually only solve it once, and it doesn't disturb them for the rest of their browsing session.
I think its a pretty good method. Some DNM's on tor and Dread have even implemented this same thing in nginx (not sure how they do it in nginx). I use haproxy instead because tor natively supports exporting circuit identifiers through haproxy protocol.