Overview
CAPTCHA Proof of Work (PoW) is a method designed to slow down robots while maintaining a smooth experience for human users. By imposing simple yet time-consuming calculations on each form submission attempt, this technique deters robots without inconveniencing genuine users.
This document explains the detailed workings of this method and how it balances security and user-friendliness.
When a robot tries to use a form, it attempts to perform numerous tests in a very short time. Proof of Work intervenes by imposing a calculation on each attempt, taking between 1 to 3 seconds. This brief delay is almost imperceptible to a human user but constitutes a significant hurdle for a robot, leading it to abandon its attempts.
The process remains invisible to the user, thanks to the following steps conducted in the background during form submission
This action triggers a request for a new challenge.
he server generates a Proof of Work calculation that the browser must solve.
he browser resolves the challenge by performing the Proof of Work calculation, which takes between 1 to 3 seconds.
Optional: The solution found by the browser may be verified by the server to ensure its authenticity.
The form is prepared, including the verified solution.
The server verifies the solution upon receiving the form.
If the solution is valid, the form is processed normally.
The server blacklists the solution to prevent its reuse.
Essential points
By slowing down each form submission attempt with simple calculations, robots eventually give up.
Verification and resolution steps occur seamlessly in the background, ensuring a smooth user experience.
Each CAPTCHA solution is verified and blacklisted after use, preventing fraudulent reuse.