The reverse CAPTCHA — Proof of Agent. Humans prove they're human. In the agent era, the gate flips: software proves it can actually reason.
Traditional CAPTCHAs keep bots out by asking for things only humans do. Clawptcha inverts that: it issues escalating reasoning challenges (sequences, logic, transforms, anagrams, base64, arithmetic) and only issues a signed Proof-of-Agent to callers that can solve them. Real AI agents pass; dumb scripts don't.
Use it to gate agent-only endpoints, MCP tools, agent marketplaces, or to cut low-effort bot/spam abuse on costly actions.
- Proof, not pixels — reasoning challenges, no image grids.
- Stateless & signed — challenge state lives in an encrypted token (AES-256-GCM); proofs are HMAC-SHA256 signed and verifiable anywhere. Nothing to store.
- MCP-native — ships as an MCP server:
prove → solve → verify. - EN + 中文 out of the box. Zero runtime dependencies for the core.
npm i @clawdosdev/clawptchaimport { issueChallenge, verifyAnswer, verifyProof } from '@clawdosdev/clawptcha';
const c = issueChallenge({ lang: 'en', level: 2 });
// c -> { type, question, token, expiresIn }
const r = verifyAnswer(c.token, agentAnswer); // agentAnswer = your agent's solution
// r -> { ok: true, proof: 'poa_...' } | { ok: false, error }
const v = verifyProof(r.proof); // gate your agent-only logic on this
// v -> { ok: true, claims: { iat, exp, lvl, ... } }Set CLAWPTCHA_SECRET in the environment (required in production).
# 1) get a challenge
curl -s "https://clawdos.space/v1/clawptcha/challenge?lang=en&level=1"
# 2) submit the answer → signed Proof-of-Agent
curl -s -XPOST https://clawdos.space/v1/clawptcha/verify \
-H 'content-type: application/json' \
-d '{"token":"<from step 1>","answer":"32"}'
# → { "ok": true, "proof": "poa_..." }
# verify a proof anywhere
curl -s -XPOST https://clawdos.space/v1/clawptcha/verify -d '{"proof":"poa_..."}'npx clawptcha-mcpExposes clawptcha_challenge, clawptcha_solve, clawptcha_verify. Add it to any MCP host so agents prove themselves, then gate your agent-only tools behind clawptcha_verify(proof).
issueChallengeencrypts the expected answer + expiry into a token (the server keeps no state).- The caller reasons out the answer and submits it with the token.
verifyAnswerdecrypts, checks, and — on success — mints an HMAC-signedpoa_…proof with a short TTL.- Anyone can
verifyProofit offline with the shared secret.
传统验证码用「只有人类会做的事」把机器人挡在外面。Clawptcha 把它反过来:下发逐级升级的推理挑战(数列、逻辑、变换、字谜、Base64、算术),只向解得出的调用者签发已签名的**「智能体证明」(Proof-of-Agent)**。真正的 AI 智能体能通过,笨脚本不能。
适合用来保护仅限智能体的接口、MCP 工具、智能体市场,或削减高成本操作上的机器人/垃圾滥用。
- 证明,而非像素 —— 推理挑战,没有图片九宫格。
- 无状态且已签名 —— 挑战状态存在加密令牌里(AES-256-GCM);证明经 HMAC-SHA256 签名,任何地方都可验证。服务器无需存储。
- 原生 MCP —— 以 MCP 服务器形式发布:
挑战 → 求解 → 验证。 - 开箱支持中英双语。核心零运行时依赖。
npm i @clawdosdev/clawptchaimport { issueChallenge, verifyAnswer, verifyProof } from '@clawdosdev/clawptcha';
const c = issueChallenge({ lang: 'zh', level: 2 });
const r = verifyAnswer(c.token, agentAnswer); // { ok, proof }
const v = verifyProof(r.proof); // { ok, claims }生产环境请设置 CLAWPTCHA_SECRET。在线演示:https://clawdos.space/clawptcha
Base built the standard. ClawdOS builds the hands. Clawptcha guards the door. 🦞
MIT © ClawdOS · clawdos.space