Logo

Overview

Working Principle of Proof of Work (PoW) CAPTCHA

CAPTCHA Proof of Work (PoW) is a method designed to slow down robots while maintaining a smooth experience for human users. By imposing simple yet time-consuming calculations on each form submission attempt, this technique deters robots without inconveniencing genuine users.

This document explains the detailed workings of this method and how it balances security and user-friendliness.

Factory

Proof of Work (PoW): How It Works

When a robot tries to use a form, it attempts to perform numerous tests in a very short time. Proof of Work intervenes by imposing a calculation on each attempt, taking between 1 to 3 seconds. This brief delay is almost imperceptible to a human user but constitutes a significant hurdle for a robot, leading it to abandon its attempts.

Invisibility for Users

The process remains invisible to the user, thanks to the following steps conducted in the background during form submission

1

Form submission

This action triggers a request for a new challenge.

2

Request for a new challenge

he server generates a Proof of Work calculation that the browser must solve.

3

Solving challenge

he browser resolves the challenge by performing the Proof of Work calculation, which takes between 1 to 3 seconds.

4

Verify solution

Optional: The solution found by the browser may be verified by the server to ensure its authenticity.

5

Prepare the form

The form is prepared, including the verified solution.

6

Server check

The server verifies the solution upon receiving the form.

7

Processing the form

If the solution is valid, the form is processed normally.

8

Solution blacklisting

The server blacklists the solution to prevent its reuse.

Key Takeaways

Essential points

1

Effective slowdown

By slowing down each form submission attempt with simple calculations, robots eventually give up.

2

Invisible process

Verification and resolution steps occur seamlessly in the background, ensuring a smooth user experience.

3

Enhanced security

Each CAPTCHA solution is verified and blacklisted after use, preventing fraudulent reuse.