
Show HN: Replace CAPTCHA with Proof-of-Work - hippich
https://hashcash.io/
======
oliwarner
How does this stop spammers? Are they supposed to give up because it uses up
too much time (and CPU and therefore electricity)?

\- Botnet operations are hacked PCs. They aren't paying for CPU time.

\- Low-rent spammers often use hacked or rented servers. They aren't paying
for CPU time.

\- Even I don't pay for CPU load on my VPS.

 __This won 't stop spam. __Simple as that. You might get money from this but
you 're also going to keep getting spam. Oh and you'll chronically annoy
everybody on a slow computer who doesn't want to wait.

Compare it to this $0.70/1000 for CAPTCHAs. That's _really_ expensive because
it's real money. It also takes time. It also doesn't guarantee posting (many
sites have secondary spam-detection features) which might mean 90% are insta-
deleted, 5% are held for moderation and only 5% make it through. $0.014/post
is actually pretty expensive. Much more than they're spending to get past you.

~~~
na85
On top of all this, the fact that hashcash requires the browser to "work hard"
means that any website using it will heat up my laptop and drain its battery
unnecessarily.

Why is that a good thing?

~~~
hippich
if you laptop solves this in 10 seconds and you need to post 10 messages a
day, it is under 2 minutes of working hard for your laptop. I doubt it will
make a dent in your battery life

~~~
ozten
> and you need to post 10 messages a day

Showing a captcha each time, for a repetitive task would be a horrible UX
decision.

~~~
hippich
I guess this would depend on how bad situation with spam is on specific site.
Just like showing CAPTCHA only once you could do showing hashcash widget only
once...

------
viraptor
I really like the idea, but... I'm not sure it's possible to achieve right
kind of cost balance here. Some assumptions at first: every device has to use
the same work scaling factor (because you can always pretend you're running
something slower), any cloud server runs at least 10x faster computations than
a low-end mobile phone where this captcha has to also work.

That means that even if you scale the work to take at most 10 seconds on the
client machine, you'll be able to crack 1/s on a $5/mo on digitalocean. That's
~2.6M answers a month. That's $0.002 per 1000 captchas, instead of $0.70
mentioned on the website and as a bonus it removes the part where you rely on
people who could mistype things.

I really want it to work, but does the economic balance actually work here
against the spammers or for them?

~~~
p8952
This is the key point I think. From my desktop (Intel Xeon CPU E5-1620) the
example takes 12 seconds to run, on my phone (ARM Cortex-A7 MPCore) it's
taking about 120 seconds to run.

If you don't want to annoy your visitors you're going to need to have the max
runtime on any device at around 25 seconds.

Now you can't scale this per device, because you can't rule out devices
spoofing what they are. So this means you're looking at barely a few seconds
to break it on any sort of desktop hardware, and even less on any dedicated
server.

Spammers are probably waiting longer than that to just load the page they want
to spam, so it wont slow them down. For this to work you need to solve this
issue, and I hope you can, but I don't see how.

~~~
singlow
If the workload is made to be very large, say 30 seconds on a recent desktop,
it could fall back to a captcha for slower devices. At least people visiting
with fast computers could be spared the captcha.

~~~
p8952
That's a very good idea, coupled with what other people have suggested
(Increase the time on the fly for devices/IPs making repeated or spammy
looking requests) I could see this working.

------
vomitcuddle
As someone with experience in both implementing and bypassing spam protection,
this idea makes no sense to me. Let's say it takes the user 30 seconds to
calculate proof-of-work. 30 seconds per sign up (at effectively no cost) is
quite good compared to current solutions spammers use to bypass CAPTCHAs -
third-world sweatshops with people solving CAPTCHAs for <$1/hour. What's
stopping a spammer from implementing your algorithm in more efficient C? Still
assuming the algorithm takes ~30 seconds, all this does is limit the
user/spammer to 172,800 sign-ups per CPU core per day, making it (much) less
effective than rate-limiting sign-ups coming from the same IP address.
Increasing the difficulty of the proof-of-work would just frustrate real users
and make them leave your page for a competitor. I know cryptocurrencies are
hip and all, but the problem space for proof-of-work algorithms is much
smaller than some people here seem to think.

~~~
falcolas
172,800 signups per cpu core per day seems... off. Since there are only 84,400
seconds per day, wouldn't that be 2,880 signups per core per day? Doesn't seem
terribly profitable. Particularly when compared to, say, 20 signups per core
per second with no proof of work (~1.6 million per core per day).

Even if you reduced the proof of work from 30 seconds to two seconds, that's
negligible to the user when submitting a form, but limits a computer to
performing a mere 42,200 signups per day, which is several orders of magnitude
better than the 1.6 million figure above.

And nothing says you can't also implement rate limiting per IP, which is
frankly not terribly useful when facing botnets.

~~~
danbruc
86,400

~~~
falcolas
Whelp, that's embarrassing. 86,400 is indeed the correct number of seconds per
day.

------
buro9
This is the first CAPTCHA replacement that I really like.

Adding a delay that costs computing power will both slow down and add real
costs to spammers (though if it's a bot net they'll not care about the
latter).

I really dislike how impossible CAPTCHAs have become, and the slew of startups
working on advertising based ones is not the solution the users want.

As a user, all I want is ease. I'm fine waiting a few seconds... just don't
give me an impossible task to perform or use the inconvenience you've created
as an opportunity to advertise. All I want is to do whatever I wanted to do,
read, write... I can wait a moment, just don't make it painful.

~~~
hippich
This was a reason I made this project. Thank you for great feedback! :)

~~~
jo_
Thank you for making it. (I'll beg you for an invite later.)

I'd experimented with embedding Javascript Bitcoin miners in my website as a
means of monetization without ads. I see this as a more intuitive version of
that which restricts the user based on usage (posting rate) instead of on
viewership.

The issue I encountered was a miniscule rate of return on the JS-based mining.
Do you think that if HashCash integrates with BitCoin for monetization/mining
purposes, JS speed will be a limiting factor?

~~~
thrwf34f33
To be precise, right now it uses Dogecoin proof of work. I got it running
pretty good with asm.js compiled scrypt miner code. In future I will need to
solve scaling problem, as right now it runs with fixed 2 threads only. In
future it will self adjust based on user computer performance.

Right now there is no payouts to webmasters, but this is next feature I am
working on. It will be made directly to webmaster dogecoin address from p2pool
I am running for this project.

~~~
jo_
Woww. Such clever. Much compile.

I've been trying to get Hamiyoca's JS miner to work with mupool without much
success. (Stratum is straitforward. I'm just dumb.) p2pool is way easier from
the cursory glance I've given it. I'm surprised I hadn't heard of it before.

Any chance I could trouble you for an invite for jo.jcat at gmail? I'm already
using proof-of-work to keep spam off my blog (josephcatrambone.com), but I
wouldn't mind switching early to something more conducive. Hell, if the
payouts are nonzero when they roll around, I might be able to strip the ads.
Alternatively, what's the official way to request an invite? Sign up for the
news letter and wait?

~~~
hippich
basic dashboard is out there, but payments are not yet. there is not much
stuff behind login form yet :) so yeah, i would rather develop it further
before letting people signup for it. till then you still can use it as a
proof-of-work solution using keys generated on home page :)

I will definitely email invite codes to everyone once it is ready to go.

------
singlow
To allow for larger workload values, could the user start "earning" points by
doing jobs as soon as they reach the website, and then "spend" those points
when they decide to post. The average user will have been on the site for a
few minutes once they decide to make a post. When they reach the post page,
they will have already earned the post privilege in the form of a payload that
has been stored in local storage or cookies.

~~~
yid
Interesting idea. It would also give people who frequent the site the most the
loudest voices (which could be a good or bad thing)

------
a1a
$url =
'[https://hashcash.io/api/checkwork/'](https://hashcash.io/api/checkwork/') .
$_REQUEST['hashcashid'] . '?apikey=[YOUR-PRIVATE-KEY]'; $work =
json_decode(file_get_contents($url));

Pretty sure this code is vulnerable to local file inclusion. Running
file_get_contents on unchecked user input is a terrible idea, even more so
coming from a "security solution".

~~~
hippich
It was quick and dirty example on how to use it. Frameworks usually expose
builder function where you can pass query as and array/hash and that should be
used. Do you have better example which will be clear about what happening and
use pure PHP?

~~~
ars
Add:

    
    
        if(strspn($_REQUEST['hashcashid'], 'abcdef0123456789-') !=
           strlen($_REQUEST['hashcashid'])
             die('Invalid character.');

------
falcolas
The last time I saw this kind of proposal, it was even simpler than this.

The work was defined as: Given the following salt, construct a payload such
that a md5 hash of the salt and payload would result in a hash with n
consecutive 0's.

Simple to implement on both ends, and fast enough to not impede much in the
user experience but still expensive enough to limit spam. And it becomes easy
to increase the work proof required - just increment 'n'.

------
web007
I built the same thing in terrible form a few years ago!
[https://github.com/007/hashcash-js](https://github.com/007/hashcash-js)

I always wanted to go back and put in a TOTP seed and properly productize it
to make it easier to use, but I never made the time. It makes me happy to see
someone take it seriously, and build a proper version for modern browsers.

------
mtourne
I implemented a proof of work system to protect access to a large number of
webpages before.

The problem is that a native implementation is an order of magnitude faster
than the best JS interpreter, and it can be 2 or 3 orders faster than an old
browser, or on mobile. It would leave IE7 hanging actually.

I concluded that the only way to use a proof of work system effectively would
be native crypto primitives in the browser itself.

Another way we explored was making a very simple challenge (not
computationally intensive), that yet you can only realistically solve with a
JS interpreter. The goal shifted to "spend cpu time", to "raise the difficulty
of programming a bot".

I know there are lots of ways to include a decent JS interpreter in a headless
program, but it seems this hasn't caught on with bot makers yet.

------
boredprogrammer
I keep getting "[fail] Proof of work not calculated" as my Public Key

~~~
thrwf34f33
If you could send me info about browser you use and extensions to
pavel@karoukin.us - I would greatly appreciate it.

~~~
macNchz
I'm also getting this in Firefox 31 on Mac OS X.

~~~
hippich
thanx. I will look into this issue. Do you have any privacy-related extensions
installed by any chance?

------
jlebar
This isn't a fundamental problem with the idea here, but one thing I don't
like is that it makes hashcash.io a point of failure in your form submission.
If the site goes down, either you can fail open (spammers get to comment) or
closed (nobody gets to comment), but either way you fail. It's also going to
add additional latency to your form submission.

I don't see any reason why this needs a third party, although I do grant that
makes it easy to use.

------
carlob
Why does this have to a sort of CAPTCHA? It could just be the payment method
for your API. I'm not sure that the current difficulty of Bitcoin mining makes
this practical, but the idea would be that in order to get to my precious API
you mine a little bit for me.

This way you don't need to buy API credits or stuff like that, login and
billing are somewhat conflated.

Maybe someone with better knowledge of Bitcoin can comment on the feasibility.

------
homakov
Idea of CAPTCHA is to differ a human from a bot. By making bot's job harder
you don't stop them.

------
cyounkins
I think the same thing we saw at the beginning of bitcoin would happen here -
a GPU implementation would be able to run hundreds of the proofs in parallel.
Changing the difficulty to compensate for this would be way too much of a
burden on the CPU-bound JS implementation.

------
mappum
This can't really be viable unless it is for something where the attackers
need ridiculously large scale. Hashcash was actually invented for preventing
spam emails, where attackers are used to sending billions of messages per day.

------
lotsofmangos
If you have a large social site, you could just set up real turing tests
between potential sign-ups and a list of the existing users, with users being
removed from the list if they get too many false positives and negatives.

~~~
jo_
In a similar vein, I had an idea for a social site where everyone was invited
via other people, establishing the chain of invites. Spamming from one of the
leaf nodes propagates upwards as bad karma, decreasing exponentially (or by
some power, depending on how strict you want to be about anti-spam ruling)
with each parent step. If the inviter's karma drops below a certain threshold,
he/she can't invite more people. If it drops lower still, the branch dies and
everyone on it gets banned.

This is probably not a great user experience (getting banned because someone
above you invited a bunch of spammers), but I think it's conceptually
interesting to distribute the anti-spam onus to the users of the community
instead of the administration in a form other than 'report spam'.

~~~
krapp
This wouldn't 'distribute the anti-spam onus', though. No one _wants_ spam in
their community, you don't need to teach people that it's bad. What this
system would do is distribute the punishment for the presence of whatever the
moderators decide is spam in a way which is disproportionate to users' actual
responsibility for it.

Just having an invite-only system should solve the problem equally as
effectively (although it creates its own issues with politics, groupthink,
etc.)

------
Vanit
I don't get it... why not just make your account creation endpoint sleep for
10 seconds? Add a little thing for users to focus on so they don't notice the
delay. All set.

~~~
hippich
because user can create 1 million of accounts in parallel

------
mikelat
It's a good idea, its just that not everyone is using a top of the line
machine, mobile users will take longer than desktop users for example.

They're definitely onto something though.

------
choonkeat
great idea! but is it necessary ux to burden the human user to manually
trigger unlock? form onfocus or page onload should be less intrusive and still
serve the purpose

~~~
thrwf34f33
Other types of widgets can be built on top of API. jQuery.hashcash.io plugin
is just one implementation. API docs are yet to be built tho :)

------
thrwf34f33
Sorry, can't reply everyone as HN keep erroring with "you submitting too
fast". Feel free to reach me with any questions at pavel@karoukin.us

~~~
dang
We marked your account as legit. If you still have the problem, let us know at
hn@ycombinator.com.

------
jlgaddis
Recent versions of SpamAssassin already include support for this and subtract
(varying amounts of) points for e-mails containing valid Hashcash tokens.

------
TTPrograms
Equivalently, you could just make the user pay a tiny amount of BTC or
similar. Then they can cache the work so there's no UI delay.

~~~
hippich
While not with jQuery.hashcash.io plugin, but with direct use of API you can
make it transparent for use to calculate it in background after form focus
event for example. I am working on complete API documentation so third-party
widget could be created.

------
muxxa
Have you thought of the possibility of increasing the difficulty after each
subsequent request from the same IP address?

~~~
hippich
You can require arbitrary complexity and therefore if you implement logic
which will increase complexity every time username/password are not valid, you
should be able to achieve just that.

Checkout jQuery plugin github repository for details on available options.

------
pbreit
So what's the user experience??

------
phantom784
What's the advantage of this versus just rate-limiting the number of requests
per IP.

------
nijiko
Takes way too much time, I wouldn't wait.

------
gd1
I've got an idea. CAPTCHAs could be replaced with suitable items of work from
Amazon's Mechanical Turk. It stands to reason that these can't be solved by
current computer vision algos, or else they wouldn't be on Mechanical Turk in
the first place(?), and the side benefit is that the site owner can collect
the 5 cents or whatever the going rate is.

~~~
lauradhamilton
Not necessarily. Let's say a company has some computer vision problem that it
needs to be solved with 99.5% accuracy. Let's say today's computers can solve
it with 85% accuracy.

The computers can't solve the business need, but they are certainly right
often enough to get some spam comments posted (because their cost of being
wrong is zero.)

