feat: draft: mcatpcha net
Some checks failed
ci/woodpecker/push/woodpecker Pipeline was canceled

This commit is contained in:
Aravinth Manivannan 2023-10-20 02:15:33 +05:30
parent 72abb7e168
commit 49681cc591
Signed by: realaravinth
GPG key ID: F8F50389936984FF

View file

@ -0,0 +1,48 @@
---
title: "mCaptcha net"
description: "A network of mCaptcha instances sharing PoW stats to make mCaptcha more efficient and accessible"
lead: "We are mCaptcha. We build kickass CAPTCHA systems that give (DDoS) attackers a run for their money. And we do all of this without tracking your users. Oh and did I mention our UX is great?"
date: 2023-10-19
lastmod: 2023-10-19
draft: true
weight: 50
images: ["icon.png"]
contributors: ["Aravinth Manivannan"]
---
mCaptcha requires the webmaster to provide [difficulty
factor](docs/terminology/difficulty-factor/) configurations to offer
effective protection. Choosing difficulty factors that work for everyone is a hard task
because it isn't possible to accurately predict the kind of visitors
have. But what if had a system that will improve [mCaptcha
installations](/docs/introduction/installing-captcha/)
based on performance of it users? Enter mCaptcha net!
The admins of mCaptcha instances can choose to upload truly anonymous
Proof-of-Work (PoW) statistics to
[mCaptcha/survey](https://git.batsense.net/mCaptcha/survey) instances,
which other mCaptcha instances can then use to automatically optimize
the installations that they hsot.
NOTE: This system is opt-in, webmasters must consent to publishing
for the performance statistics from their mCaptcha installation to be
uploaded.
## Ensuring anonymity
mCaptcha doesn't fingerprint its users. Performance parameters include:
1. Time taken to generate PoW
2. The difficulty factor for which the PoW was computed
3. Type of client library used.
```json
"time":14,
"difficulty_factor":50000,
"worker_type":"wasm"
```
This doesn't include the usual fingerprinting parameters like User-Agent,
cookies, and IP address. Additionally, we use a psuedo ID within
mCaptcha to avoid. We also use psuedo IDs within mCaptcha to prevent the
underlying mCaptcha installation from being exposing.