poh-validator-hcaptcha-api/api.js at master · Human-Protocol/poh-validator-hcaptcha-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
import express from 'express';
import ethers from 'ethers';
import hcaptcha from 'hcaptcha';
import { validatorKey, hcaptchaSecret } from './config.js';

const wallet = new ethers.Wallet(validatorKey);

const api = express.Router();

const methodNotAllowed = (req, res) => {
  res.sendStatus(405);
};

api
  .route('/proof')
  .post(async (req, res, next) => {
    try {
      const { data, token } = req.body;

      const result = await hcaptcha.verify(hcaptchaSecret, token);
      const { success, challenge_ts } = result;
      if (!success) {
        res.sendStatus(400);
        return;
      }

      const timestamp = ethers.utils.hexZeroPad(
        ethers.utils.hexlify(
          Math.floor(new Date(challenge_ts).getTime() / 1000)
        ),
        4
      );

      const hash = ethers.utils.keccak256(
        ethers.utils.hexConcat([data, timestamp])
      );
      const validatorSignature = await wallet.signMessage(
        ethers.utils.arrayify(hash)
      );

      const proof = ethers.utils.hexConcat([
        data,
        timestamp,
        validatorSignature
      ]);

      res.json({ proof, timestamp: challenge_ts });
    } catch (error) {
      next(error);
    }
  })
  .all(methodNotAllowed);

export default api;