Captcha

This page explains how to display and customize the WebMinePool Captcha widget to your website. From a website user's perspective the our captcha works exactly like a conventional captcha, such as Google's reCaptcha.

The captcha is embeded into an HTML form, runs client side in the user's browser and generates a token. The token is submitted together with the other form data. Token can be simply validated through our HTTP API.


captcha example demo

Unlike tradition captchas WebMinePool captcha is a "proof of work" captcha. It means users need to do something to verify it - in our case it's mine some hashes.

Integration

To embed the WebMinePool captcha, you have to load the captcha.js on the bottom of your page and create a <div> with the captcha id and parameters in your form where you want to show the captcha.

<form action="?" method="post">
    <!-- your form fields and other stuff -->
    <script src="https://webminepool.com/lib/captcha.js"></script>
    <div id="wmp-captcha"
        target_hashes="768"
        site_key="site_key"
    >
    </div>
    <input type="submit" value="Submit"/>
</form>

When the captcha is completed, a hidden input field with the name captcha_token will be created and filled with the token name. This field will be submitted with the rest of your form. So you can get it on the backend side using either $_POST['captcha_token'] or $_GET['captcha_token'] (for example, if you are using PHP).

On the server side, you verify the received token through our HTTP API with /get_token/{token_id}/{?unset}.

curl "https://webminepool.com/api/<your-private-key>/get_token/<token_id>/1"

And get a response:

{
    "success":true,
    "state":1,
    "end_hashes":"768",
    "done_at":
    {"date":"2018-01-11 05:22:34.000000","timezone_type":3,"timezone":"UTC"}
}

Where state 1 or 0. "1" - if token is verified and "0" - if not. If you passed unset value "1" in the request to get token - token will be deleted right after verification. This will protect captcha from multiply passing by the same token. But if you'll get unverified token it won't be unset, so you can recheck it later.
Note: all unverified tokens are cleaning every 4 hours. Captcha unverified tokens - once per day.

Options

site-key Your public Site-Key. See Dashboard > Keys
target_hashes Amount of hashes needed to pass the captcha.
Note: due to mining diff this should be equal to 256. So allowed amounts are: 256, 512, 768, 1024, 1280, etc. In case of setup another value it will be rounded to closer bigger value.
style Optional. Here you can add any styles using CSS (like background, text colors, miner size, etc).
Comodo SSL