fix: a malicious user can replay a previous response to work around the challenge

PhotonQuantum · PhotonQuantum · commit bab8854aeb83 · 2025-04-26T04:50:33.000-04:00
diff --git a/core/const.go b/core/const.go
@@ -1,7 +1,10 @@
 package core
 
+import "time"
+
 const (
-	AppName = "cerberus"
-	VarName = "cerberus-block"
-	Version = "v0.2.1"
+	AppName  = "cerberus"
+	VarName  = "cerberus-block"
+	Version  = "v0.2.1"
+	NonceTTL = 2 * time.Minute
 )
diff --git a/core/state.go b/core/state.go
@@ -6,10 +6,12 @@ import (
 	"unsafe"
 
 	"crypto/sha256"
+	"encoding/binary"
 	"encoding/hex"
 
 	"github.com/elastic/go-freelru"
 	"github.com/google/uuid"
+	"github.com/sjtug/cerberus/internal/expiremap"
 	"github.com/sjtug/cerberus/internal/ipblock"
 	"github.com/zeebo/xxh3"
 	"golang.org/x/crypto/ed25519"
@@ -26,14 +28,7 @@ func hashIPBlock(ip ipblock.IPBlock) uint32 {
 	data := ip.ToUint64()
 
 	var buf [8]byte
-	buf[0] = byte(data >> 56)
-	buf[1] = byte(data >> 48)
-	buf[2] = byte(data >> 40)
-	buf[3] = byte(data >> 32)
-	buf[4] = byte(data >> 24)
-	buf[5] = byte(data >> 16)
-	buf[6] = byte(data >> 8)
-	buf[7] = byte(data)
+	binary.BigEndian.PutUint64(buf[:], data)
 
 	hash := xxh3.Hash(buf[:])
 	return uint32(hash) // #nosec G115 -- expected truncation
@@ -51,6 +46,7 @@ type InstanceState struct {
 	pending   freelru.Cache[ipblock.IPBlock, *atomic.Int32]
 	blocklist freelru.Cache[ipblock.IPBlock, struct{}]
 	approval  freelru.Cache[uuid.UUID, *atomic.Int32]
+	usedNonce *expiremap.ExpireMap[uint32, struct{}]
 	stop      chan struct{}
 }
 
@@ -82,6 +78,24 @@ func initLRU[K comparable, V any](
 	return cache, nil
 }
 
+// initUsedNonce creates and initializes an ExpireMap for tracking used nonces
+func initUsedNonce(stop chan struct{}, purgeInterval time.Duration) *expiremap.ExpireMap[uint32, struct{}] {
+	usedNonce := expiremap.NewExpireMap[uint32, struct{}](func(x uint32) uint32 {
+		return x
+	})
+	go func() {
+		for {
+			select {
+			case <-stop:
+				return
+			case <-time.After(purgeInterval):
+				usedNonce.PurgeExpired()
+			}
+		}
+	}()
+	return usedNonce
+}
+
 func NewInstanceState(pendingMaxMemUsage int64, blocklistMaxMemUsage int64, approvedMaxMemUsage int64, pendingTTL time.Duration, blocklistTTL time.Duration, approvalTTL time.Duration) (*InstanceState, int64, int64, int64, error) {
 	uuid.EnableRandPool()
 
@@ -123,6 +137,8 @@ func NewInstanceState(pendingMaxMemUsage int64, blocklistMaxMemUsage int64, appr
 		return nil, 0, 0, 0, err
 	}
 
+	usedNonce := initUsedNonce(stop, 41*time.Second)
+
 	pub, priv, err := ed25519.GenerateKey(nil)
 	if err != nil {
 		return nil, 0, 0, 0, err
@@ -137,6 +153,7 @@ func NewInstanceState(pendingMaxMemUsage int64, blocklistMaxMemUsage int64, appr
 		pending:   pending,
 		blocklist: blocklist,
 		approval:  approval,
+		usedNonce: usedNonce,
 		stop:      stop,
 	}, int64(pendingElems), int64(blocklistElems), int64(approvalElems), nil
 }
@@ -217,6 +234,12 @@ func (s *InstanceState) DecApproval(id uuid.UUID) bool {
 	return false
 }
 
+// InsertUsedNonce inserts a nonce into the usedNonce map.
+// Returns true if the nonce was inserted, false if it was already present.
+func (s *InstanceState) InsertUsedNonce(nonce uint32) bool {
+	return s.usedNonce.SetIfAbsent(nonce, struct{}{}, NonceTTL)
+}
+
 func (s *InstanceState) Close() {
 	close(s.stop)
 }
diff --git a/directives/common.go b/directives/common.go
@@ -2,6 +2,7 @@ package directives
 
 import (
 	"context"
+	"crypto/ed25519"
 	"crypto/sha256"
 	"encoding/hex"
 	"errors"
@@ -16,7 +17,10 @@ import (
 	"github.com/zeebo/blake3"
 )
 
-const IV = "/L4y6KgWa8vHEujU3O6JyI8osQxwh1nE0Eoay4nD3vw/y36eSFT0s/GTGfrngN6+"
+const (
+	IV1 = "/L4y6KgWa8vHEujU3O6JyI8osQxwh1nE0Eoay4nD3vw/y36eSFT0s/GTGfrngN6+"
+	IV2 = "KHo5hHR3ZfisR7xeG1gJwO3LSc1cYyDUQ5+StoAjV8jLhp01NBNi4joHYTWXDqF0"
+)
 
 func clearCookie(w http.ResponseWriter, cookieName string) {
 	http.SetCookie(w, &http.Cookie{
@@ -90,12 +94,19 @@ func challengeFor(r *http.Request, c *core.Instance) (string, error) {
 		r.Header.Get("User-Agent"),
 		fp,
 		c.Difficulty,
-		IV,
+		IV1,
 	)
 
 	return blake3sum(payload)
 }
 
+func calcSignature(challenge string, nonce uint32, ts int64, c *core.Instance) string {
+	payload := fmt.Sprintf("Challenge=%s,Nonce=%d,TS=%d,IV=%s", challenge, nonce, ts, IV2)
+
+	signature := ed25519.Sign(c.GetPrivateKey(), []byte(payload))
+	return hex.EncodeToString(signature)
+}
+
 func respondFailure(w http.ResponseWriter, r *http.Request, c *core.Config, msg string, blocked bool, status int, baseURL string) {
 	if blocked {
 		if c.Drop {
diff --git a/directives/endpoint.go b/directives/endpoint.go
@@ -33,11 +33,55 @@ func (e *Endpoint) answerHandle(w http.ResponseWriter, r *http.Request) error {
 		respondFailure(w, r, &c.Config, "nonce is empty", false, http.StatusBadRequest, ".")
 		return nil
 	}
+	nonce64, err := strconv.ParseUint(nonceStr, 10, 32)
+	if err != nil {
+		e.logger.Debug("nonce is not an integer", zap.Error(err))
+		respondFailure(w, r, &c.Config, "nonce is not an integer", false, http.StatusBadRequest, ".")
+		return nil
+	}
+	nonce := uint32(nonce64)
+	if !c.InsertUsedNonce(nonce) {
+		e.logger.Info("nonce already used")
+		respondFailure(w, r, &c.Config, "nonce already used", false, http.StatusBadRequest, ".")
+		return nil
+	}
 
-	nonce, err := strconv.Atoi(nonceStr)
+	tsStr := r.FormValue("ts")
+	if tsStr == "" {
+		e.logger.Info("ts is empty")
+		respondFailure(w, r, &c.Config, "ts is empty", false, http.StatusBadRequest, ".")
+		return nil
+	}
+	ts, err := strconv.ParseInt(tsStr, 10, 64)
 	if err != nil {
-		e.logger.Debug("nonce is not a integer", zap.Error(err))
-		respondFailure(w, r, &c.Config, "nonce is not a integer", false, http.StatusBadRequest, ".")
+		e.logger.Debug("ts is not a integer", zap.Error(err))
+		respondFailure(w, r, &c.Config, "ts is not a integer", false, http.StatusBadRequest, ".")
+		return nil
+	}
+	now := time.Now().Unix()
+	if ts < now-int64(core.NonceTTL) || ts > now {
+		e.logger.Info("invalid ts", zap.Int64("ts", ts), zap.Int64("now", now))
+		respondFailure(w, r, &c.Config, "invalid ts", false, http.StatusBadRequest, ".")
+		return nil
+	}
+
+	signature := r.FormValue("signature")
+	if signature == "" {
+		e.logger.Info("signature is empty")
+		respondFailure(w, r, &c.Config, "signature is empty", false, http.StatusBadRequest, ".")
+		return nil
+	}
+
+	solutionStr := r.FormValue("solution")
+	if solutionStr == "" {
+		e.logger.Info("solution is empty")
+		respondFailure(w, r, &c.Config, "solution is empty", false, http.StatusBadRequest, ".")
+		return nil
+	}
+	solution, err := strconv.Atoi(solutionStr)
+	if err != nil {
+		e.logger.Debug("solution is not a integer", zap.Error(err))
+		respondFailure(w, r, &c.Config, "solution is not a integer", false, http.StatusBadRequest, ".")
 		return nil
 	}
 
@@ -50,7 +94,14 @@ func (e *Endpoint) answerHandle(w http.ResponseWriter, r *http.Request) error {
 		return err
 	}
 
-	answer, err := sha256sum(fmt.Sprintf("%s%d", challenge, nonce))
+	expectedSignature := calcSignature(challenge, nonce, ts, c)
+	if signature != expectedSignature {
+		e.logger.Debug("signature mismatch", zap.String("expected", expectedSignature), zap.String("actual", signature))
+		respondFailure(w, r, &c.Config, "signature mismatch", false, http.StatusForbidden, ".")
+		return nil
+	}
+
+	answer, err := sha256sum(fmt.Sprintf("%s|%d|%d|%s%d", challenge, nonce, ts, signature, solution))
 	if err != nil {
 		e.logger.Error("failed to calculate answer", zap.Error(err))
 		return err
diff --git a/directives/middleware.go b/directives/middleware.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net"
 	"net/http"
+	"time"
 
 	"github.com/a-h/templ"
 	"github.com/caddyserver/caddy/v2"
@@ -14,6 +15,7 @@ import (
 	"github.com/google/uuid"
 	"github.com/sjtug/cerberus/core"
 	"github.com/sjtug/cerberus/internal/ipblock"
+	"github.com/sjtug/cerberus/internal/randpool"
 	"github.com/sjtug/cerberus/web"
 	"go.uber.org/zap"
 )
@@ -66,9 +68,13 @@ func (m *Middleware) invokeAuth(w http.ResponseWriter, r *http.Request) error {
 		return err
 	}
 
+	nonce := randpool.ReadUint32()
+	ts := time.Now().Unix()
+	signature := calcSignature(challenge, nonce, ts, c)
+
 	ctx := templ.WithChildren(
 		context.WithValue(context.WithValue(r.Context(), web.BaseURLCtxKey, m.BaseURL), web.VersionCtxKey, core.Version),
-		web.Challenge(challenge, c.Difficulty),
+		web.Challenge(challenge, c.Difficulty, nonce, ts, signature),
 	)
 	templ.Handler(
 		web.Base(c.Title),
diff --git a/internal/expiremap/expiremap.go b/internal/expiremap/expiremap.go
@@ -0,0 +1,92 @@
+package expiremap
+
+import (
+	"runtime"
+	"sync"
+	"time"
+)
+
+var (
+	numShards = runtime.GOMAXPROCS(0) * 16
+)
+
+type entry[V any] struct {
+	value  V
+	expire time.Time
+}
+
+type shard[K comparable, V any] struct {
+	mu    sync.Mutex
+	store map[K]entry[V]
+}
+
+type ExpireMap[K comparable, V any] struct {
+	shards []*shard[K, V]
+	hash   func(K) uint32
+}
+
+// fastModulo calculates x % n without using the modulo operator (~4x faster).
+// Reference: https://lemire.me/blog/2016/06/27/a-fast-alternative-to-the-modulo-reduction/
+func fastModulo(x, n uint32) uint32 {
+	return uint32((uint64(x) * uint64(n)) >> 32) //nolint:gosec
+}
+
+func NewExpireMap[K comparable, V any](hash func(K) uint32) *ExpireMap[K, V] {
+	shards := make([]*shard[K, V], numShards)
+	for i := range shards {
+		shards[i] = &shard[K, V]{store: make(map[K]entry[V])}
+	}
+	return &ExpireMap[K, V]{shards: shards, hash: hash}
+}
+
+func (m *ExpireMap[K, V]) Get(key K) (*V, bool) {
+	shard := m.shards[fastModulo(m.hash(key), uint32(len(m.shards)))] // #nosec G115 we don't have so many cores
+
+	shard.mu.Lock()
+	defer shard.mu.Unlock()
+
+	value, ok := shard.store[key]
+	if !ok {
+		// Key not found
+		return nil, false
+	}
+
+	if value.expire.Before(time.Now()) {
+		// Key expired, remove it
+		delete(shard.store, key)
+		return nil, false
+	}
+
+	return &value.value, true
+}
+
+// SetIfAbsent sets the value for the key if it is not already present.
+// Returns true if the value was set, false if it was already present.
+func (m *ExpireMap[K, V]) SetIfAbsent(key K, value V, ttl time.Duration) bool {
+	shard := m.shards[fastModulo(m.hash(key), uint32(len(m.shards)))] // #nosec G115 we don't have so many cores
+
+	shard.mu.Lock()
+	defer shard.mu.Unlock()
+
+	if _, ok := shard.store[key]; ok {
+		return false
+	}
+
+	shard.store[key] = entry[V]{value: value, expire: time.Now().Add(ttl)}
+	return true
+}
+
+func (m *ExpireMap[K, V]) PurgeExpired() {
+	now := time.Now()
+
+	for _, shard := range m.shards {
+		shard.mu.Lock()
+		defer shard.mu.Unlock()
+
+		for key, entry := range shard.store {
+			if entry.expire.Before(now) {
+				delete(shard.store, key)
+			}
+		}
+	}
+}
diff --git a/internal/randpool/randpool.go b/internal/randpool/randpool.go
@@ -0,0 +1,35 @@
+package randpool
+
+import (
+	"crypto/rand"
+	"encoding/binary"
+	"io"
+	"sync"
+)
+
+const (
+	poolSize = 16 * 16
+)
+
+var (
+	poolMu  sync.Mutex
+	pool    [poolSize]byte
+	poolPos = poolSize
+)
+
+func ReadUint32() uint32 {
+	poolMu.Lock()
+	defer poolMu.Unlock()
+
+	if poolPos == poolSize {
+		_, err := io.ReadFull(rand.Reader, pool[:])
+		if err != nil {
+			panic(err)
+		}
+		poolPos = 0
+	}
+
+	poolPos += 4
+
+	return binary.BigEndian.Uint32(pool[poolPos-4 : poolPos])
+}
diff --git a/web/dist/main.mjs b/web/dist/main.mjs
@@ -1 +1 @@
-(()=>{function f(l,e=5,t=null,s=null,a=navigator.hardwareConcurrency||1){return console.debug("fast algo"),new Promise((o,n)=>{let d=URL.createObjectURL(new Blob(["(",w(),")()"],{type:"application/javascript"})),m=[],u=()=>{m.forEach(i=>i.terminate()),t!=null&&(t.removeEventListener("abort",u),t.aborted&&(console.log("PoW aborted"),n(!1)))};t?.addEventListener("abort",u,{once:!0});for(let i=0;i<a;i++){let r=new Worker(d);r.onmessage=c=>{typeof c.data=="number"?s?.(c.data):(u(),o(c.data))},r.onerror=c=>{u(),n(c)},r.postMessage({data:l,difficulty:e,nonce:i,threads:a}),m.push(r)}URL.revokeObjectURL(d)})}function w(){return function(){let l=t=>{let s=new TextEncoder().encode(t);return crypto.subtle.digest("SHA-256",s.buffer)};function e(t){return Array.from(t).map(s=>s.toString(16).padStart(2,"0")).join("")}addEventListener("message",async t=>{let s=t.data.data,a=t.data.difficulty,o,n=t.data.nonce,d=t.data.threads,m=n;for(;;){let u=await l(s+n),i=new Uint8Array(u),r=!0;for(let p=0;p<a;p++){let y=Math.floor(p/2),h=p%2;if((i[y]>>(h===0?4:0)&15)!==0){r=!1;break}}if(r){o=e(i),console.log(o);break}let c=n;n+=d,n>c|1023&&(n>>10)%d===m&&postMessage(n)}postMessage({hash:o,data:s,difficulty:a,nonce:n})})}.toString()}var g=class{static state={baseURL:"",version:"1.0.0"};static elements={title:null,mascot:null,status:null,metrics:null,message:null,progressContainer:null,progressBar:null};static initialize(e){this.state={...this.state,...e},this.elements={title:document.getElementById("title"),mascot:document.getElementById("mascot"),status:document.getElementById("status"),metrics:document.getElementById("metrics"),message:document.getElementById("message"),progressContainer:document.getElementById("progress-container"),progressBar:document.getElementById("progress-bar")}}static setState(e,t={}){switch(e){case"checking":this.setChecking(t);break;case"success":this.setSuccess(t);break}}static setChecking(e){this.elements.title.textContent=e.title||"Making sure you're not a bot!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-puzzle.png?v=${this.state.version}`,this.elements.status.textContent=e.status||"Calculating...",this.elements.progressContainer.classList.remove("hidden"),this.setCheckingProgress(e.progress,e.metrics,e.message)}static setCheckingProgress(e,t,s){e!==void 0&&(this.elements.progressBar.style.width=`${e}%`),t!==void 0&&(t===""?this.elements.metrics.classList.add("hidden"):(this.elements.metrics.classList.remove("hidden"),this.elements.metrics.textContent=t)),s!==void 0&&(this.elements.message.textContent=s)}static setSuccess(e){this.elements.title.textContent="Success!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-pass.png?v=${this.state.version}`,this.elements.status.textContent=e.status||"Done!",this.elements.metrics.textContent=e.metrics||"Took ?, ? iterations",this.elements.message.textContent=e.message||"",this.elements.progressContainer.classList.add("hidden")}};function C(l,e,t){console.log("post url",`${t}/answer`);let s=document.createElement("form");s.method="POST",s.action=`${t}/answer`;let a=document.createElement("input");a.type="hidden",a.name="response",a.value=l;let o=document.createElement("input");o.type="hidden",o.name="nonce",o.value=e;let n=document.createElement("input");return n.type="hidden",n.name="redir",n.value=window.location.href,console.log("redir value",n.value),s.appendChild(a),s.appendChild(o),s.appendChild(n),document.body.appendChild(s),s}(async()=>{let l=JSON.parse(document.getElementById("challenge").textContent),e=JSON.parse(document.getElementById("difficulty").textContent),t=JSON.parse(document.getElementById("baseURL").textContent),s=JSON.parse(document.getElementById("version").textContent);g.initialize({baseURL:t,version:s}),g.setState("checking",{metrics:`Difficulty: ${e}, Speed: calculating...`,message:""});let a=Date.now(),o=0,n=Math.pow(16,-e),{hash:d,nonce:m}=await f(l,e,null,r=>{let c=Math.pow(1-n,r),p=(1-Math.pow(c,2))*100,h=Date.now()-a;if(console.log("delta",h,"lastUpdate",o,"delta - lastUpdate",h-o),h-o>100){let b=r/h;g.setCheckingProgress(p,`Difficulty: ${e}, Speed: ${b.toFixed(3)}kH/s`,c<.01?"This is taking longer than expected. Please do not refresh the page.":void 0),o=h}}),u=Date.now();console.log({hash:d,nonce:m}),g.setState("success",{status:"Verification Complete!",metrics:`Took ${u-a}ms, ${m} iterations`});let i=C(d,m,t);setTimeout(()=>{i.submit()},250)})();})();
+(()=>{function b(u,e=5,t=null,o=null,d=navigator.hardwareConcurrency||1){return console.debug("fast algo"),new Promise((m,n)=>{let r=URL.createObjectURL(new Blob(["(",k(),")()"],{type:"application/javascript"})),c=[],l=()=>{c.forEach(a=>a.terminate()),t!=null&&(t.removeEventListener("abort",l),t.aborted&&(console.log("PoW aborted"),n(!1)))};t?.addEventListener("abort",l,{once:!0});for(let a=0;a<d;a++){let i=new Worker(r);i.onmessage=s=>{typeof s.data=="number"?o?.(s.data):(l(),m(s.data))},i.onerror=s=>{l(),n(s)},i.postMessage({data:u,difficulty:e,nonce:a,threads:d}),c.push(i)}URL.revokeObjectURL(r)})}function k(){return function(){let u=t=>{let o=new TextEncoder().encode(t);return crypto.subtle.digest("SHA-256",o.buffer)};function e(t){return Array.from(t).map(o=>o.toString(16).padStart(2,"0")).join("")}addEventListener("message",async t=>{let o=t.data.data,d=t.data.difficulty,m,n=t.data.nonce,r=t.data.threads,c=n;for(;;){let l=await u(o+n),a=new Uint8Array(l),i=!0;for(let p=0;p<d;p++){let y=Math.floor(p/2),f=p%2;if((a[y]>>(f===0?4:0)&15)!==0){i=!1;break}}if(i){m=e(a),console.log(m);break}let s=n;n+=r,n>s|1023&&(n>>10)%r===c&&postMessage(n)}postMessage({hash:m,data:o,difficulty:d,nonce:n})})}.toString()}var h=class{static state={baseURL:"",version:"unknown"};static elements={title:null,mascot:null,status:null,metrics:null,message:null,progressContainer:null,progressBar:null};static initialize(e){this.state={...this.state,...e},this.elements={title:document.getElementById("title"),mascot:document.getElementById("mascot"),status:document.getElementById("status"),metrics:document.getElementById("metrics"),message:document.getElementById("message"),progressContainer:document.getElementById("progress-container"),progressBar:document.getElementById("progress-bar")}}static setState(e,t={}){switch(e){case"checking":this.setChecking(t);break;case"success":this.setSuccess(t);break}}static setChecking(e){this.elements.title.textContent=e.title||"Making sure you're not a bot!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-puzzle.png?v=${this.state.version}`,this.elements.status.textContent=e.status||"Calculating...",this.elements.progressContainer.classList.remove("hidden"),this.setCheckingProgress(e.progress,e.metrics,e.message)}static setCheckingProgress(e,t,o){e!==void 0&&(this.elements.progressBar.style.width=`${e}%`),t!==void 0&&(t===""?this.elements.metrics.classList.add("hidden"):(this.elements.metrics.classList.remove("hidden"),this.elements.metrics.textContent=t)),o!==void 0&&(this.elements.message.textContent=o)}static setSuccess(e){this.elements.title.textContent="Success!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-pass.png?v=${this.state.version}`,this.elements.status.textContent=e.status||"Done!",this.elements.metrics.textContent=e.metrics||"Took ?, ? iterations",this.elements.message.textContent=e.message||"",this.elements.progressContainer.classList.add("hidden")}};function x(u,e,t,o,d,m){let n=document.createElement("form");n.method="POST",n.action=`${t}/answer`;let r=document.createElement("input");r.type="hidden",r.name="response",r.value=u;let c=document.createElement("input");c.type="hidden",c.name="solution",c.value=e;let l=document.createElement("input");l.type="hidden",l.name="nonce",l.value=o;let a=document.createElement("input");a.type="hidden",a.name="ts",a.value=d;let i=document.createElement("input");i.type="hidden",i.name="signature",i.value=m;let s=document.createElement("input");return s.type="hidden",s.name="redir",s.value=window.location.href,n.appendChild(r),n.appendChild(c),n.appendChild(l),n.appendChild(a),n.appendChild(i),n.appendChild(s),document.body.appendChild(n),n}(async()=>{let u=JSON.parse(document.getElementById("challenge").textContent),e=JSON.parse(document.getElementById("difficulty").textContent),t=JSON.parse(document.getElementById("baseURL").textContent),o=JSON.parse(document.getElementById("version").textContent),d=JSON.parse(document.getElementById("nonce").textContent),m=JSON.parse(document.getElementById("ts").textContent),n=JSON.parse(document.getElementById("signature").textContent);h.initialize({baseURL:t,version:o}),h.setState("checking",{metrics:`Difficulty: ${e}, Speed: calculating...`,message:""});let r=Date.now(),c=0,l=Math.pow(16,-e),a=`${u}|${d}|${m}|${n}`,{hash:i,nonce:s}=await b(a,e,null,f=>{let C=Math.pow(1-l,f),w=(1-Math.pow(C,2))*100,g=Date.now()-r;if(console.log("delta",g,"lastUpdate",c,"delta - lastUpdate",g-c),g-c>100){let E=f/g;h.setCheckingProgress(w,`Difficulty: ${e}, Speed: ${E.toFixed(3)}kH/s`,C<.01?"This is taking longer than expected. Please do not refresh the page.":void 0),c=g}}),p=Date.now();console.log({hash:i,solution:s}),h.setState("success",{status:"Verification Complete!",metrics:`Took ${p-r}ms, ${s} iterations`});let y=x(i,s,t,d,m,n);setTimeout(()=>{y.submit()},250)})();})();
diff --git a/web/index.templ b/web/index.templ
diff --git a/web/index_templ.go b/web/index_templ.go
diff --git a/web/js/main.mjs b/web/js/main.mjs

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		-(()=>{function f(l,e=5,t=null,s=null,a=navigator.hardwareConcurrency\|\|1){return console.debug("fast algo"),new Promise((o,n)=>{let d=URL.createObjectURL(new Blob(["(",w(),")()"],{type:"application/javascript"})),m=[],u=()=>{m.forEach(i=>i.terminate()),t!=null&&(t.removeEventListener("abort",u),t.aborted&&(console.log("PoW aborted"),n(!1)))};t?.addEventListener("abort",u,{once:!0});for(let i=0;i<a;i++){let r=new Worker(d);r.onmessage=c=>{typeof c.data=="number"?s?.(c.data):(u(),o(c.data))},r.onerror=c=>{u(),n(c)},r.postMessage({data:l,difficulty:e,nonce:i,threads:a}),m.push(r)}URL.revokeObjectURL(d)})}function w(){return function(){let l=t=>{let s=new TextEncoder().encode(t);return crypto.subtle.digest("SHA-256",s.buffer)};function e(t){return Array.from(t).map(s=>s.toString(16).padStart(2,"0")).join("")}addEventListener("message",async t=>{let s=t.data.data,a=t.data.difficulty,o,n=t.data.nonce,d=t.data.threads,m=n;for(;;){let u=await l(s+n),i=new Uint8Array(u),r=!0;for(let p=0;p<a;p++){let y=Math.floor(p/2),h=p%2;if((i[y]>>(h===0?4:0)&15)!==0){r=!1;break}}if(r){o=e(i),console.log(o);break}let c=n;n+=d,n>c\|1023&&(n>>10)%d===m&&postMessage(n)}postMessage({hash:o,data:s,difficulty:a,nonce:n})})}.toString()}var g=class{static state={baseURL:"",version:"1.0.0"};static elements={title:null,mascot:null,status:null,metrics:null,message:null,progressContainer:null,progressBar:null};static initialize(e){this.state={...this.state,...e},this.elements={title:document.getElementById("title"),mascot:document.getElementById("mascot"),status:document.getElementById("status"),metrics:document.getElementById("metrics"),message:document.getElementById("message"),progressContainer:document.getElementById("progress-container"),progressBar:document.getElementById("progress-bar")}}static setState(e,t={}){switch(e){case"checking":this.setChecking(t);break;case"success":this.setSuccess(t);break}}static setChecking(e){this.elements.title.textContent=e.title\|\|"Making sure you're not a bot!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-puzzle.png?v=${this.state.version}`,this.elements.status.textContent=e.status\|\|"Calculating...",this.elements.progressContainer.classList.remove("hidden"),this.setCheckingProgress(e.progress,e.metrics,e.message)}static setCheckingProgress(e,t,s){e!==void 0&&(this.elements.progressBar.style.width=`${e}%`),t!==void 0&&(t===""?this.elements.metrics.classList.add("hidden"):(this.elements.metrics.classList.remove("hidden"),this.elements.metrics.textContent=t)),s!==void 0&&(this.elements.message.textContent=s)}static setSuccess(e){this.elements.title.textContent="Success!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-pass.png?v=${this.state.version}`,this.elements.status.textContent=e.status\|\|"Done!",this.elements.metrics.textContent=e.metrics\|\|"Took ?, ? iterations",this.elements.message.textContent=e.message\|\|"",this.elements.progressContainer.classList.add("hidden")}};function C(l,e,t){console.log("post url",`${t}/answer`);let s=document.createElement("form");s.method="POST",s.action=`${t}/answer`;let a=document.createElement("input");a.type="hidden",a.name="response",a.value=l;let o=document.createElement("input");o.type="hidden",o.name="nonce",o.value=e;let n=document.createElement("input");return n.type="hidden",n.name="redir",n.value=window.location.href,console.log("redir value",n.value),s.appendChild(a),s.appendChild(o),s.appendChild(n),document.body.appendChild(s),s}(async()=>{let l=JSON.parse(document.getElementById("challenge").textContent),e=JSON.parse(document.getElementById("difficulty").textContent),t=JSON.parse(document.getElementById("baseURL").textContent),s=JSON.parse(document.getElementById("version").textContent);g.initialize({baseURL:t,version:s}),g.setState("checking",{metrics:`Difficulty: ${e}, Speed: calculating...`,message:""});let a=Date.now(),o=0,n=Math.pow(16,-e),{hash:d,nonce:m}=await f(l,e,null,r=>{let c=Math.pow(1-n,r),p=(1-Math.pow(c,2))*100,h=Date.now()-a;if(console.log("delta",h,"lastUpdate",o,"delta - lastUpdate",h-o),h-o>100){let b=r/h;g.setCheckingProgress(p,`Difficulty: ${e}, Speed: ${b.toFixed(3)}kH/s`,c<.01?"This is taking longer than expected. Please do not refresh the page.":void 0),o=h}}),u=Date.now();console.log({hash:d,nonce:m}),g.setState("success",{status:"Verification Complete!",metrics:`Took ${u-a}ms, ${m} iterations`});let i=C(d,m,t);setTimeout(()=>{i.submit()},250)})();})();
	`1`	+(()=>{function b(u,e=5,t=null,o=null,d=navigator.hardwareConcurrency\|\|1){return console.debug("fast algo"),new Promise((m,n)=>{let r=URL.createObjectURL(new Blob(["(",k(),")()"],{type:"application/javascript"})),c=[],l=()=>{c.forEach(a=>a.terminate()),t!=null&&(t.removeEventListener("abort",l),t.aborted&&(console.log("PoW aborted"),n(!1)))};t?.addEventListener("abort",l,{once:!0});for(let a=0;a<d;a++){let i=new Worker(r);i.onmessage=s=>{typeof s.data=="number"?o?.(s.data):(l(),m(s.data))},i.onerror=s=>{l(),n(s)},i.postMessage({data:u,difficulty:e,nonce:a,threads:d}),c.push(i)}URL.revokeObjectURL(r)})}function k(){return function(){let u=t=>{let o=new TextEncoder().encode(t);return crypto.subtle.digest("SHA-256",o.buffer)};function e(t){return Array.from(t).map(o=>o.toString(16).padStart(2,"0")).join("")}addEventListener("message",async t=>{let o=t.data.data,d=t.data.difficulty,m,n=t.data.nonce,r=t.data.threads,c=n;for(;;){let l=await u(o+n),a=new Uint8Array(l),i=!0;for(let p=0;p<d;p++){let y=Math.floor(p/2),f=p%2;if((a[y]>>(f===0?4:0)&15)!==0){i=!1;break}}if(i){m=e(a),console.log(m);break}let s=n;n+=r,n>s\|1023&&(n>>10)%r===c&&postMessage(n)}postMessage({hash:m,data:o,difficulty:d,nonce:n})})}.toString()}var h=class{static state={baseURL:"",version:"unknown"};static elements={title:null,mascot:null,status:null,metrics:null,message:null,progressContainer:null,progressBar:null};static initialize(e){this.state={...this.state,...e},this.elements={title:document.getElementById("title"),mascot:document.getElementById("mascot"),status:document.getElementById("status"),metrics:document.getElementById("metrics"),message:document.getElementById("message"),progressContainer:document.getElementById("progress-container"),progressBar:document.getElementById("progress-bar")}}static setState(e,t={}){switch(e){case"checking":this.setChecking(t);break;case"success":this.setSuccess(t);break}}static setChecking(e){this.elements.title.textContent=e.title\|\|"Making sure you're not a bot!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-puzzle.png?v=${this.state.version}`,this.elements.status.textContent=e.status\|\|"Calculating...",this.elements.progressContainer.classList.remove("hidden"),this.setCheckingProgress(e.progress,e.metrics,e.message)}static setCheckingProgress(e,t,o){e!==void 0&&(this.elements.progressBar.style.width=`${e}%`),t!==void 0&&(t===""?this.elements.metrics.classList.add("hidden"):(this.elements.metrics.classList.remove("hidden"),this.elements.metrics.textContent=t)),o!==void 0&&(this.elements.message.textContent=o)}static setSuccess(e){this.elements.title.textContent="Success!",this.elements.mascot.src=`${this.state.baseURL}/static/img/mascot-pass.png?v=${this.state.version}`,this.elements.status.textContent=e.status\|\|"Done!",this.elements.metrics.textContent=e.metrics\|\|"Took ?, ? iterations",this.elements.message.textContent=e.message\|\|"",this.elements.progressContainer.classList.add("hidden")}};function x(u,e,t,o,d,m){let n=document.createElement("form");n.method="POST",n.action=`${t}/answer`;let r=document.createElement("input");r.type="hidden",r.name="response",r.value=u;let c=document.createElement("input");c.type="hidden",c.name="solution",c.value=e;let l=document.createElement("input");l.type="hidden",l.name="nonce",l.value=o;let a=document.createElement("input");a.type="hidden",a.name="ts",a.value=d;let i=document.createElement("input");i.type="hidden",i.name="signature",i.value=m;let s=document.createElement("input");return s.type="hidden",s.name="redir",s.value=window.location.href,n.appendChild(r),n.appendChild(c),n.appendChild(l),n.appendChild(a),n.appendChild(i),n.appendChild(s),document.body.appendChild(n),n}(async()=>{let u=JSON.parse(document.getElementById("challenge").textContent),e=JSON.parse(document.getElementById("difficulty").textContent),t=JSON.parse(document.getElementById("baseURL").textContent),o=JSON.parse(document.getElementById("version").textContent),d=JSON.parse(document.getElementById("nonce").textContent),m=JSON.parse(document.getElementById("ts").textContent),n=JSON.parse(document.getElementById("signature").textContent);h.initialize({baseURL:t,version:o}),h.setState("checking",{metrics:`Difficulty: ${e}, Speed: calculating...`,message:""});let r=Date.now(),c=0,l=Math.pow(16,-e),a=`${u}\|${d}\|${m}\|${n}`,{hash:i,nonce:s}=await b(a,e,null,f=>{let C=Math.pow(1-l,f),w=(1-Math.pow(C,2))*100,g=Date.now()-r;if(console.log("delta",g,"lastUpdate",c,"delta - lastUpdate",g-c),g-c>100){let E=f/g;h.setCheckingProgress(w,`Difficulty: ${e}, Speed: ${E.toFixed(3)}kH/s`,C<.01?"This is taking longer than expected. Please do not refresh the page.":void 0),c=g}}),p=Date.now();console.log({hash:i,solution:s}),h.setState("success",{status:"Verification Complete!",metrics:`Took ${p-r}ms, ${s} iterations`});let y=x(i,s,t,d,m,n);setTimeout(()=>{y.submit()},250)})();})();