A Captcha is a test that tries to distinguish real people from bots. I run a faucet, a site that gives out free cryptocurrency, so bots are a huge problem. There are plently of captcha services out there, so why make one?
Well, reCAPTCHA charges money (albeit only for large customers) and is owned by Google (Google=bad), hCaptcha is fine, but can easily be bypassed with the accessibility cookie feature. Not to mention, selecting which squares are traffic lights or boats is actually kind of hard. I've looked at other captcha sites, but couldn't find any good sites.
Luckily, I had recently finished a couple of projects, and was looking for something to do, so why not make a text captcha?
Not just any text captcha, I had a general plan of what to do:
The first problem encountered was the question of how the system should be designed so that it would not require a database. Hashing, maybe? But hashing is, by definition, one way, so it wouldn't be possible to decode the response. Instead, I decided to use the Salsa20 encryption algorithm.
You can find the documentation and details on how to add the captcha (or run your own) on the project Github.
In addition to hosting the actual captcha, the Github has a working implementation of the captcha, in Ruby using Sinatra web framework. Of course, any other language can be used instead.