Class PowCaptchaGenerator

java.lang.Object

cloud.opencode.base.captcha.generator.AbstractCaptchaGenerator

cloud.opencode.base.captcha.generator.PowCaptchaGenerator

All Implemented Interfaces:

CaptchaGenerator

public final class PowCaptchaGenerator
extends AbstractCaptchaGenerator
implements CaptchaGenerator

Proof-of-Work Captcha Generator — Generates computational challenge for invisible verification 工作量证明验证码生成器 — 生成计算挑战用于无感验证

This generator creates a cryptographic challenge that requires the client to find a nonce such that SHA-256(challenge + nonce) has a specified number of leading zero bits.

此生成器创建一个加密挑战，要求客户端找到一个 nonce， 使得 SHA-256(challenge + nonce) 具有指定数量的前导零位。

PoW verification is invisible to users — the client-side JavaScript performs the computation automatically. A difficulty of 20 requires approximately 2^20 (~1M) hash operations, taking ~100ms-500ms on modern hardware.

PoW 验证对用户不可见 — 客户端 JavaScript 自动执行计算。 难度为 20 大约需要 2^20（~100万）次哈希操作，在现代硬件上大约需要 100ms-500ms。

Features | 主要功能:

• Invisible verification (no user interaction required) - 无感验证（无需用户交互）
• Configurable difficulty via leading zero bits - 通过前导零位配置难度
• Cryptographically secure challenge generation - 加密安全的挑战生成
• No image data (zero-byte imageData) - 无图像数据（零字节 imageData）
• SHA-256 based proof-of-work - 基于 SHA-256 的工作量证明

Usage Examples | 使用示例:

CaptchaGenerator generator = new PowCaptchaGenerator();
CaptchaConfig config = CaptchaConfig.builder()
    .powDifficulty(20)
    .expireTime(Duration.ofMinutes(5))
    .build();
Captcha captcha = generator.generate(config);

// Client receives challenge and difficulty from metadata
String challenge = (String) captcha.getMetadata("challenge");
int difficulty = (int) captcha.getMetadata("difficulty");
// Client finds nonce such that SHA-256(challenge + nonce) has 'difficulty' leading zeros

Security | 安全性:

• Thread-safe: Yes (stateless, no shared mutable state) - 线程安全: 是（无状态，无共享可变状态）
• Null-safe: No (config must be non-null) - 空值安全: 否（config 不能为空）
• Challenge uniqueness guaranteed by CaptchaSecurity.generateSecureId() - 挑战唯一性由 CaptchaSecurity.generateSecureId() 保证

Performance | 性能:

• Server-side generation is O(1) - 服务端生成为 O(1)
• Client-side solving is O(2^difficulty) on average - 客户端求解平均为 O(2^difficulty)
• Server-side validation is O(1) (single hash computation) - 服务端验证为 O(1)（单次哈希计算）

Since:

JDK 25, opencode-base-captcha V1.0.3

Author:

Leon Soo www.LeonSoo.com

See Also:

• OpenCode.cloud

Constructor Summary

Constructors

Constructor	Description
PowCaptchaGenerator()

Method Summary

Modifier and Type	Method	Description
Captcha	generate(CaptchaConfig config)	Generates a PoW CAPTCHA challenge.
CaptchaType	getType()	Gets the supported CAPTCHA type.

Methods inherited from class AbstractCaptchaGenerator

buildCaptcha, createGraphics, createImage, createMetadata, drawNoise, generateId, toBytes

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface CaptchaGenerator

generate

Constructor Details

PowCaptchaGenerator

public PowCaptchaGenerator()

Method Details

getType

public CaptchaType getType()

Gets the supported CAPTCHA type. 获取支持的验证码类型。

Specified by:

getType in interface CaptchaGenerator

Returns:

the CAPTCHA type | 验证码类型

generate

public Captcha generate(CaptchaConfig config)

Generates a PoW CAPTCHA challenge. 生成 PoW 验证码挑战。

The generated Captcha contains:

生成的 Captcha 包含：

• imageData: empty byte array (no image for PoW) - 空字节数组（PoW 无图像）
• answer: "{challenge}:{difficulty}" format for validation - "{challenge}:{difficulty}" 格式用于验证
• metadata: contains "challenge", "difficulty", and "algorithm" fields - 包含 "challenge"、"difficulty" 和 "algorithm" 字段

Specified by:

generate in interface CaptchaGenerator

Parameters:

config - the configuration (uses powDifficulty and expireTime) | 配置（使用 powDifficulty 和 expireTime）

Returns:

the generated PoW CAPTCHA | 生成的 PoW 验证码