Yes, that's true. The solution can feel quite complicated, particularly when it comes to whitelisting or blacklisting users, which is impossible due to the nature of blind signatures and e-cash. However, perhaps the solution lies in a similar direction: a middleware that utilizes blindly emmited certificates to authenticate interactions with the mint. These certificates would be issued as blind-signed notes by the mint, functioning as bearer tokens to authenticate interactions with the mint. Does this make sense, or is it a bit convoluted?

Perhaps the certificates could have an expiration time, allowing them to be used multiple times. In this scenario, the user would simply need to renew them within a defined period of time.