import express, { Request, Response } from 'express'; import crypto from 'crypto'; const app = express(); app.use(express.urlencoded({ extended: false })); const DIFFICULTY = 20; const challengeStore = new Map(); function generateChallenge(): string { return crypto.randomBytes(12).toString('hex'); } function hashSha256(input: string): Buffer { return crypto.createHash('sha256').update(input).digest(); } function checkDifficulty(hash: Buffer, bits: number): boolean { let remaining = bits, i = 0; while (remaining > 0 && i < hash.length) { const byte = hash[i]; if (remaining >= 8) { if (byte !== 0) return false; remaining -= 8; } else { const mask = 0xFF << (8 - remaining); if ((byte & mask) !== 0) return false; break; } i++; } return true; } app.get('/', (_req: Request, res: Response) => { const challenge = generateChallenge(); challengeStore.set(challenge, Date.now()); res.send(` POWOW POC

NOJSCAP demo

https://git.libroot.org/libroot/NOJSCAP/


If you don't already have the NOJSCAP client:

$ git clone https://git.libroot.org/libroot/NOJSCAP/ $ cd NOJSCAP/client/


Python:

Go:

Node.js:

Rust:

Show compilation commands$ rustc pow_client.rs -o pow_client_rs Requires Rust and sha2 crate if using the Cargo version.

C:

Show compilation commands$ gcc -O2 -o pow_client pow_client.c -lssl -lcrypto Required: GCC or any C compiler. OpenSSL development libraries (libssl-dev on Debian-based systems)

`); }); app.post('/', (req: Request, res: Response) => { const { challenge, nonce } = req.body as { challenge?: string; nonce?: string }; if (!challenge || !nonce || !challengeStore.has(challenge)) { return res.send('Invalid input.'); } challengeStore.delete(challenge); const hash = hashSha256(challenge + nonce); if (checkDifficulty(hash, DIFFICULTY)) { res.send('

Success! Valid nonce.

Try again'); } else { res.send('

Invalid nonce.

Try again'); } }); app.listen(3000, () => console.log('Server running at http://localhost:3000'));