Your comments section is drowning in AI-written garbage, and the CAPTCHAs you keep bolting on are starting to block real people too. Proof-of-work gates look great on paper. Then a proxyware SDK running on somebody's hijacked TV stick pays near-zero for the CPU cycles, and the whole cost asymmetry flips the wrong way. You paid for the engineering, the attacker paid the power bill of a grandma in Ohio, and your comments section is still full of bots.
Here is the thing I did not expect to type this week. On April 21st, the commander of U.S. Indo-Pacific Command sat down in front of the Senate Armed Services Committee and told them flat out that the military runs a node on the Bitcoin network to study proof-of-work economics. His words, not mine:
"Bitcoin shows incredible potential as a computer science tool that, through the proof-of-work protocols, actually imposes more costs than just the algorithmic securing of networks."
Then he called it "a valuable computer science tool as a power projection." The Bitcoin Policy Institute press release has the transcript.
Read the first quote again. "Imposes more costs than just the algorithmic securing." That is the whole argument for pricing web interaction, said by a four-star from a witness chair.
Blocking bots loses. Pricing requests wins.
Somebody always writes a better bot, or buys cheaper compute, or leases a proxyware pool. Pricing the request wins, because price travels with the request no matter who is holding the keyboard. Good agents pay a couple sats and get through. Scrapers pay at volume and eat the cost asymmetry. Grandma's TV stick is not going to open a Lightning channel to hammer your site, so the hijacked-device attack stops being free.
The two-tier version looks like this. Lightning is the payment rail for callers who have sats. Proof-of-work is the fallback for callers who do not, or who are not set up for it yet. Your site does not have to pick. You get both tiers and you set the price.
Three lines of Express
I have been shipping the boring version of this at the HTTP layer for a few months. @powforge/captcha is on npm, MIT licensed, and the PoW fallback works without you running a Lightning node. Drop it on a new project and the PoW tier carries traffic while you sort out your Lightning setup.
import express from 'express'
import { powGate } from '@powforge/captcha'
const app = express()
app.use('/api', powGate({ difficulty: 18, price_sats: 2 }))
That is the whole integration for the PoW tier. The L402 invoice tier kicks in when the caller has sats, and the prices are yours to set, not mine.
The honest question
So here it is. Which is the worse bet right now, turning away a paying agent because your stack was built to block bots, or letting your content train somebody else's model for free while you argue about CAPTCHA UX?
The admiral answered that question on a Tuesday morning. The Senate just heard it. Your move.
Ship it:
-
npm install @powforge/captcha— package on npm
Refs:
- Senate hearing page: armed-services.senate.gov
- Bitcoin.com News coverage: news.bitcoin.com
- Decrypt civilian framing: decrypt.co
Top comments (0)