Today, we are officially introducing a proof-of-work (PoW) defense for onion services designed to prioritize verified network traffic as a deterrent against denial of service (DoS) attacks with the release of Tor 0.4.8.
At least it appears to be something that gets triggered. In theory, if a node is not under attack or heavy usage, this isn't a consideration. Doesn't seem to be a perfect solution as it still slows the traffic of legitimate users in the event of an attack. I don't know the full details, but in the worse case it makes it easier to semi-DoS, maybe not by fully making a node unresponsive, but by making the service so painfully slow that users may give up on it.
Either that or charging a micro transaction for loading the page. But yeah the goal is to make it cost a small amount that is insignificant to a regular user but adds up to a huge amount at the scale of a spam farm. And it's also the same rationale behind hashing passwords with multiple rounds. It adds a tiny lag when you log in correctly but adds an insane amount of work if you're checking every phrase in a password cracking dictionary using an offline attack because it adds up. (In the online scenario you just block them after a few attempts)