The Titan protocol only does authorization: you bear a token (the password) of authorization. People can pass it on and invite other people to join. The editing is anonymous (no authentication).

It’s up to the server to check the token. If the server doesn’t check the token, then users don’t have to send it. It’s optional. On the Internet, it is probably a bad idea to let anonymous users upload any file they want. The alternative to using the token is to identify users.

A server that would like to identify its users, maybe give them different capabilities depending on who they are, would use client certificates to establish identity and act accordingly. That is, authentication is already part of Gemini and as such applies just as much to Titan. It doesn't change any part of what has been said above, however.