diff --git a/README.md b/README.md index c9cb666..80f4489 100644 --- a/README.md +++ b/README.md @@ -987,7 +987,18 @@ the format: Create a new user session. This is the entry point for all clients. -**Request:** +If the server requires hashcash proof-of-work (see +[Hashcash Proof-of-Work](#hashcash-proof-of-work)), the client must include a +valid stamp in the `X-Hashcash` request header. The required difficulty is +advertised via `GET /api/v1/server` in the `hashcash_bits` field. + +**Request Headers:** + +| Header | Required | Description | +|--------------|----------|-------------| +| `X-Hashcash` | Conditional | Hashcash stamp (required when server has `hashcash_bits` > 0) | + +**Request Body:** ```json {"nick": "alice"} ``` @@ -1016,12 +1027,15 @@ Create a new user session. This is the entry point for all clients. | Status | Error | When | |--------|-------|------| | 400 | `nick must be 1-32 characters` | Empty or too-long nick | +| 402 | `hashcash proof-of-work required` | Missing `X-Hashcash` header when hashcash is enabled | +| 402 | `invalid hashcash stamp: ...` | Stamp fails validation (wrong bits, expired, reused, etc.) | | 409 | `nick already taken` | Another active session holds this nick | **curl example:** ```bash TOKEN=$(curl -s -X POST http://localhost:8080/api/v1/session \ -H 'Content-Type: application/json' \ + -H 'X-Hashcash: 1:20:260310:neoirc::3a2f1' \ -d '{"nick":"alice"}' | jq -r .token) echo $TOKEN ``` @@ -1376,16 +1390,18 @@ Return server metadata. No authentication required. "name": "My NeoIRC Server", "version": "0.1.0", "motd": "Welcome! Be nice.", - "users": 42 + "users": 42, + "hashcash_bits": 20 } ``` -| Field | Type | Description | -|-----------|---------|-------------| -| `name` | string | Server display name | -| `version` | string | Server version | -| `motd` | string | Message of the day | -| `users` | integer | Number of currently active user sessions | +| Field | Type | Description | +|-----------------|---------|-------------| +| `name` | string | Server display name | +| `version` | string | Server version | +| `motd` | string | Message of the day | +| `users` | integer | Number of currently active user sessions | +| `hashcash_bits` | integer | Required proof-of-work difficulty (leading zero bits). Only present when > 0. See [Hashcash Proof-of-Work](#hashcash-proof-of-work). | ### GET /.well-known/healthcheck.json — Health Check @@ -1823,6 +1839,7 @@ directory is also loaded automatically via | `SENTRY_DSN` | string | `""` | Sentry error tracking DSN (optional) | | `METRICS_USERNAME` | string | `""` | Basic auth username for `/metrics` endpoint. If empty, metrics endpoint is disabled. | | `METRICS_PASSWORD` | string | `""` | Basic auth password for `/metrics` endpoint | +| `NEOIRC_HASHCASH_BITS` | int | `20` | Required hashcash proof-of-work difficulty (leading zero bits in SHA-256) for session creation. Set to `0` to disable. | | `MAINTENANCE_MODE` | bool | `false` | Maintenance mode flag (reserved) | ### Example `.env` file @@ -1834,6 +1851,7 @@ MOTD=Welcome! Be excellent to each other. DEBUG=false DBURL=file:///var/lib/neoirc/state.db?_journal_mode=WAL SESSION_IDLE_TIMEOUT=720h +NEOIRC_HASHCASH_BITS=20 ``` --- @@ -2106,62 +2124,102 @@ Clients should handle these message commands from the queue: ## Rate Limiting & Abuse Prevention -Session creation (`POST /api/v1/session`) will require a +### Hashcash Proof-of-Work + +Session creation (`POST /api/v1/session`) requires a [hashcash](https://en.wikipedia.org/wiki/Hashcash)-style proof-of-work token. This is the primary defense against resource exhaustion — no CAPTCHAs, no account registration, no IP-based rate limits that punish shared networks. ### How It Works -1. Client requests a challenge: `GET /api/v1/challenge` - ```json - → {"nonce": "random-hex-string", "difficulty": 20, "expires": "2026-02-10T20:01:00Z"} - ``` -2. Server returns a nonce and a required difficulty (number of leading zero - bits in the SHA-256 hash) -3. Client finds a counter value such that `SHA-256(nonce || ":" || counter)` - has the required number of leading zero bits: - ``` - SHA-256("a1b2c3:0") = 0xf3a1... (0 leading zeros — no good) - SHA-256("a1b2c3:1") = 0x8c72... (0 leading zeros — no good) - ... - SHA-256("a1b2c3:94217") = 0x00003a... (20 leading zero bits — success!) - ``` -4. Client submits the proof with the session request: - ```json - POST /api/v1/session - {"nick": "alice", "proof": {"nonce": "a1b2c3", "counter": 94217}} - ``` -5. Server verifies: - - Nonce was issued by this server and hasn't expired - - Nonce hasn't been used before (prevent replay) - - `SHA-256(nonce || ":" || counter)` has the required leading zeros - - If valid, create the session normally +1. Client fetches server info: `GET /api/v1/server` returns a `hashcash_bits` + field (e.g., `20`) indicating the required difficulty. +2. Client computes a hashcash stamp: find a counter value such that the + SHA-256 hash of the stamp string has the required number of leading zero + bits. +3. Client includes the stamp in the `X-Hashcash` request header when creating + a session: `POST /api/v1/session`. +4. Server validates the stamp: + - Version is `1` + - Claimed bits ≥ required bits + - Resource matches the server name + - Date is within 48 hours (not expired, not too far in the future) + - SHA-256 hash has the required leading zero bits + - Stamp has not been used before (replay prevention) -### Adaptive Difficulty +### Stamp Format -The required difficulty scales with server load. Under normal conditions, the -cost is negligible (a few milliseconds of CPU). As concurrent sessions or -session creation rate increases, difficulty rises — making bulk session creation -exponentially more expensive for attackers while remaining cheap for legitimate -single-user connections. +Standard hashcash format: -| Server Load | Difficulty (bits) | Approx. Client CPU | -|--------------------|-------------------|--------------------| -| Normal (< 100/min) | 16 | ~1ms | -| Elevated | 20 | ~15ms | -| High | 24 | ~250ms | -| Under attack | 28+ | ~4s+ | +``` +1:bits:date:resource::counter +``` -Each additional bit of difficulty doubles the expected work. An attacker -creating 1000 sessions at difficulty 28 needs ~4000 CPU-seconds; a legitimate -user creating one session needs ~4 seconds once and never again for the -duration of their session. +| Field | Description | +|------------|-------------| +| `1` | Version (always `1`) | +| `bits` | Claimed difficulty (must be ≥ server's `hashcash_bits`) | +| `date` | Date stamp in `YYMMDD` or `YYMMDDHHMMSS` format (UTC) | +| `resource` | The server name (from `GET /api/v1/server`; defaults to `neoirc`) | +| (empty) | Extension field (unused) | +| `counter` | Hex counter value found by the client to satisfy the PoW | + +**Example stamp:** `1:20:260310:neoirc::3a2f1b` + +The SHA-256 hash of this entire string must have at least 20 leading zero bits. + +### Computing a Stamp + +```bash +# Pseudocode +bits = 20 +resource = "neoirc" +date = "260310" # YYMMDD in UTC +counter = 0 + +loop: + stamp = "1:{bits}:{date}:{resource}::{hex(counter)}" + hash = SHA-256(stamp) + if leading_zero_bits(hash) >= bits: + return stamp + counter++ +``` + +At difficulty 20, this requires approximately 2^20 (~1M) hash attempts on +average, taking roughly 0.5–2 seconds on modern hardware. + +### Client Integration + +Both the embedded web SPA and the CLI client automatically handle hashcash: + +1. Fetch `GET /api/v1/server` to read `hashcash_bits` +2. If `hashcash_bits > 0`, compute a valid stamp +3. Include the stamp in the `X-Hashcash` header on `POST /api/v1/session` + +The web SPA uses the Web Crypto API (`crypto.subtle.digest`) for SHA-256 +computation with batched parallelism. The CLI client uses Go's `crypto/sha256`. + +### Configuration + +Set `NEOIRC_HASHCASH_BITS` to control difficulty: + +| Value | Effect | Approx. Client CPU | +|-------|--------|---------------------| +| `0` | Disabled (no proof-of-work required) | — | +| `16` | Light protection | ~1ms | +| `20` | Default — good balance | ~0.5–2s | +| `24` | Strong protection | ~10–30s | +| `28` | Very strong (may frustrate users) | ~2–10min | + +Each additional bit doubles the expected work. An attacker creating 1000 +sessions at difficulty 20 needs ~1000–2000 CPU-seconds; a legitimate user +creating one session pays once and keeps their session. ### Why Hashcash and Not Rate Limits? - **No state to track**: No IP tables, no token buckets, no sliding windows. - The server only needs to verify a hash. + The server only needs to verify a single hash. - **Works through NATs and proxies**: Doesn't punish shared IPs (university campuses, corporate networks, Tor exits). Every client computes their own proof independently. @@ -2169,36 +2227,9 @@ duration of their session. (one SHA-256 hash) regardless of difficulty. Only the client does more work. - **Fits the "no accounts" philosophy**: Proof-of-work is the cost of entry. No registration, no email, no phone number, no CAPTCHA. Just compute. -- **Trivial for legitimate clients**: A single-user client pays ~1ms of CPU - once. A botnet trying to create thousands of sessions pays exponentially more. - **Language-agnostic**: SHA-256 is available in every programming language. The proof computation is trivially implementable in any client. -### Challenge Endpoint (Planned) - -``` -GET /api/v1/challenge -``` - -**Response:** `200 OK` -```json -{ - "nonce": "a1b2c3d4e5f6...", - "difficulty": 20, - "algorithm": "sha256", - "expires": "2026-02-10T20:01:00Z" -} -``` - -| Field | Type | Description | -|--------------|---------|-------------| -| `nonce` | string | Server-generated random hex string (32+ chars) | -| `difficulty` | integer | Required number of leading zero bits in the hash | -| `algorithm` | string | Hash algorithm (always `sha256` for now) | -| `expires` | string | ISO 8601 expiry time for this challenge | - -**Status:** Not yet implemented. Tracked for post-MVP. - --- ## Roadmap @@ -2227,7 +2258,7 @@ GET /api/v1/challenge ### Post-MVP (Planned) -- [ ] **Hashcash proof-of-work** for session creation (abuse prevention) +- [x] **Hashcash proof-of-work** for session creation (abuse prevention) - [x] **Client output queue pruning** — delete old client output queue entries per `QUEUE_MAX_AGE` - [x] **Message rotation** — prune messages older than `MESSAGE_MAX_AGE` - [ ] **Channel modes** — enforce `+i`, `+m`, `+s`, `+t`, `+n` diff --git a/cmd/neoirc-cli/api/client.go b/cmd/neoirc-cli/api/client.go index 8f7fdcf..dc37426 100644 --- a/cmd/neoirc-cli/api/client.go +++ b/cmd/neoirc-cli/api/client.go @@ -43,13 +43,34 @@ func NewClient(baseURL string) *Client { } // CreateSession creates a new session on the server. +// If the server requires hashcash proof-of-work, it +// automatically fetches the difficulty and computes a +// valid stamp. func (client *Client) CreateSession( nick string, ) (*SessionResponse, error) { - data, err := client.do( + // Fetch server info to check for hashcash requirement. + info, err := client.GetServerInfo() + + var headers map[string]string + + if err == nil && info.HashcashBits > 0 { + resource := info.Name + if resource == "" { + resource = "neoirc" + } + + stamp := MintHashcash(info.HashcashBits, resource) + headers = map[string]string{ + "X-Hashcash": stamp, + } + } + + data, err := client.doWithHeaders( http.MethodPost, "/api/v1/session", &SessionRequest{Nick: nick}, + headers, ) if err != nil { return nil, err @@ -261,6 +282,16 @@ func (client *Client) GetServerInfo() ( func (client *Client) do( method, path string, body any, +) ([]byte, error) { + return client.doWithHeaders( + method, path, body, nil, + ) +} + +func (client *Client) doWithHeaders( + method, path string, + body any, + extraHeaders map[string]string, ) ([]byte, error) { var bodyReader io.Reader @@ -293,6 +324,10 @@ func (client *Client) do( ) } + for key, val := range extraHeaders { + request.Header.Set(key, val) + } + resp, err := client.HTTPClient.Do(request) if err != nil { return nil, fmt.Errorf("http: %w", err) diff --git a/cmd/neoirc-cli/api/hashcash.go b/cmd/neoirc-cli/api/hashcash.go new file mode 100644 index 0000000..c064007 --- /dev/null +++ b/cmd/neoirc-cli/api/hashcash.go @@ -0,0 +1,79 @@ +package neoircapi + +import ( + "crypto/rand" + "crypto/sha256" + "encoding/hex" + "fmt" + "math/big" + "time" +) + +const ( + // bitsPerByte is the number of bits in a byte. + bitsPerByte = 8 + // fullByteMask is 0xFF, a mask for all bits in a byte. + fullByteMask = 0xFF + // counterSpace is the range for random counter seeds. + counterSpace = 1 << 48 +) + +// MintHashcash computes a hashcash stamp with the given +// difficulty (leading zero bits) and resource string. +func MintHashcash(bits int, resource string) string { + date := time.Now().UTC().Format("060102") + prefix := fmt.Sprintf( + "1:%d:%s:%s::", bits, date, resource, + ) + + for { + counter := randomCounter() + stamp := prefix + counter + hash := sha256.Sum256([]byte(stamp)) + + if hasLeadingZeroBits(hash[:], bits) { + return stamp + } + } +} + +// hasLeadingZeroBits checks if hash has at least numBits +// leading zero bits. +func hasLeadingZeroBits( + hash []byte, + numBits int, +) bool { + fullBytes := numBits / bitsPerByte + remainBits := numBits % bitsPerByte + + for idx := range fullBytes { + if hash[idx] != 0 { + return false + } + } + + if remainBits > 0 && fullBytes < len(hash) { + mask := byte( + fullByteMask << (bitsPerByte - remainBits), + ) + + if hash[fullBytes]&mask != 0 { + return false + } + } + + return true +} + +// randomCounter generates a random hex counter string. +func randomCounter() string { + counterVal, err := rand.Int( + rand.Reader, big.NewInt(counterSpace), + ) + if err != nil { + // Fallback to timestamp-based counter on error. + return fmt.Sprintf("%x", time.Now().UnixNano()) + } + + return hex.EncodeToString(counterVal.Bytes()) +} diff --git a/cmd/neoirc-cli/api/types.go b/cmd/neoirc-cli/api/types.go index 96a0dc6..707ae82 100644 --- a/cmd/neoirc-cli/api/types.go +++ b/cmd/neoirc-cli/api/types.go @@ -63,9 +63,10 @@ type Channel struct { // ServerInfo is the response from GET /api/v1/server. type ServerInfo struct { - Name string `json:"name"` - MOTD string `json:"motd"` - Version string `json:"version"` + Name string `json:"name"` + MOTD string `json:"motd"` + Version string `json:"version"` + HashcashBits int `json:"hashcash_bits"` //nolint:tagliatelle } // MessagesResponse wraps polling results. diff --git a/internal/config/config.go b/internal/config/config.go index 855b55a..da29f1e 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -45,6 +45,7 @@ type Config struct { ServerName string FederationKey string SessionIdleTimeout string + HashcashBits int params *Params log *slog.Logger } @@ -76,6 +77,7 @@ func New( viper.SetDefault("SERVER_NAME", "") viper.SetDefault("FEDERATION_KEY", "") viper.SetDefault("SESSION_IDLE_TIMEOUT", "720h") + viper.SetDefault("NEOIRC_HASHCASH_BITS", "20") err := viper.ReadInConfig() if err != nil { @@ -101,6 +103,7 @@ func New( ServerName: viper.GetString("SERVER_NAME"), FederationKey: viper.GetString("FEDERATION_KEY"), SessionIdleTimeout: viper.GetString("SESSION_IDLE_TIMEOUT"), + HashcashBits: viper.GetInt("NEOIRC_HASHCASH_BITS"), log: log, params: ¶ms, } diff --git a/internal/handlers/api.go b/internal/handlers/api.go index fce5101..351c9b0 100644 --- a/internal/handlers/api.go +++ b/internal/handlers/api.go @@ -145,6 +145,33 @@ func (hdlr *Handlers) handleCreateSession( writer http.ResponseWriter, request *http.Request, ) { + // Validate hashcash proof-of-work if configured. + if hdlr.params.Config.HashcashBits > 0 { + stamp := request.Header.Get("X-Hashcash") + if stamp == "" { + hdlr.respondError( + writer, request, + "hashcash proof-of-work required", + http.StatusPaymentRequired, + ) + + return + } + + err := hdlr.hashcashVal.Validate( + stamp, hdlr.params.Config.HashcashBits, + ) + if err != nil { + hdlr.respondError( + writer, request, + "invalid hashcash stamp: "+err.Error(), + http.StatusPaymentRequired, + ) + + return + } + } + type createRequest struct { Nick string `json:"nick"` } @@ -2392,11 +2419,19 @@ func (hdlr *Handlers) HandleServerInfo() http.HandlerFunc { return } - hdlr.respondJSON(writer, request, map[string]any{ + resp := map[string]any{ "name": hdlr.params.Config.ServerName, "version": hdlr.params.Globals.Version, "motd": hdlr.params.Config.MOTD, "users": users, - }, http.StatusOK) + } + + if hdlr.params.Config.HashcashBits > 0 { + resp["hashcash_bits"] = hdlr.params.Config.HashcashBits + } + + hdlr.respondJSON( + writer, request, resp, http.StatusOK, + ) } } diff --git a/internal/handlers/api_test.go b/internal/handlers/api_test.go index d8eb7c8..a07cb9f 100644 --- a/internal/handlers/api_test.go +++ b/internal/handlers/api_test.go @@ -85,6 +85,7 @@ func newTestServer( cfg.DBURL = dbURL cfg.Port = 0 + cfg.HashcashBits = 0 return cfg, nil }, diff --git a/internal/handlers/handlers.go b/internal/handlers/handlers.go index 6d9b7cd..6a76ae3 100644 --- a/internal/handlers/handlers.go +++ b/internal/handlers/handlers.go @@ -13,6 +13,7 @@ import ( "git.eeqj.de/sneak/neoirc/internal/config" "git.eeqj.de/sneak/neoirc/internal/db" "git.eeqj.de/sneak/neoirc/internal/globals" + "git.eeqj.de/sneak/neoirc/internal/hashcash" "git.eeqj.de/sneak/neoirc/internal/healthcheck" "git.eeqj.de/sneak/neoirc/internal/logger" "go.uber.org/fx" @@ -39,6 +40,7 @@ type Handlers struct { log *slog.Logger hc *healthcheck.Healthcheck broker *broker.Broker + hashcashVal *hashcash.Validator cancelCleanup context.CancelFunc } @@ -47,11 +49,17 @@ func New( lifecycle fx.Lifecycle, params Params, ) (*Handlers, error) { + resource := params.Config.ServerName + if resource == "" { + resource = "neoirc" + } + hdlr := &Handlers{ //nolint:exhaustruct // cancelCleanup set in startCleanup - params: ¶ms, - log: params.Logger.Get(), - hc: params.Healthcheck, - broker: broker.New(), + params: ¶ms, + log: params.Logger.Get(), + hc: params.Healthcheck, + broker: broker.New(), + hashcashVal: hashcash.NewValidator(resource), } lifecycle.Append(fx.Hook{ diff --git a/internal/hashcash/hashcash.go b/internal/hashcash/hashcash.go new file mode 100644 index 0000000..345c20b --- /dev/null +++ b/internal/hashcash/hashcash.go @@ -0,0 +1,277 @@ +// Package hashcash implements SHA-256-based hashcash +// proof-of-work validation for abuse prevention. +// +// Stamp format: 1:bits:YYMMDD:resource::counter. +// +// The SHA-256 hash of the entire stamp string must have +// at least `bits` leading zero bits. +package hashcash + +import ( + "crypto/sha256" + "errors" + "fmt" + "strconv" + "strings" + "sync" + "time" +) + +const ( + // stampVersion is the only supported hashcash version. + stampVersion = "1" + // stampFields is the number of fields in a stamp. + stampFields = 6 + // maxStampAge is how old a stamp can be before + // rejection. + maxStampAge = 48 * time.Hour + // maxFutureSkew allows stamps slightly in the future. + maxFutureSkew = 1 * time.Hour + // pruneInterval controls how often expired stamps are + // removed from the spent set. + pruneInterval = 10 * time.Minute + // dateFormatShort is the YYMMDD date layout. + dateFormatShort = "060102" + // dateFormatLong is the YYMMDDHHMMSS date layout. + dateFormatLong = "060102150405" + // dateShortLen is the length of YYMMDD. + dateShortLen = 6 + // dateLongLen is the length of YYMMDDHHMMSS. + dateLongLen = 12 + // bitsPerByte is the number of bits in a byte. + bitsPerByte = 8 + // fullByteMask is 0xFF, a mask for all bits in a byte. + fullByteMask = 0xFF +) + +var ( + errInvalidFields = errors.New("invalid stamp field count") + errBadVersion = errors.New("unsupported stamp version") + errInsufficientBits = errors.New("insufficient difficulty") + errWrongResource = errors.New("wrong resource") + errStampExpired = errors.New("stamp expired") + errStampFuture = errors.New("stamp date in future") + errProofFailed = errors.New("proof-of-work failed") + errStampReused = errors.New("stamp already used") + errBadDateFormat = errors.New("unrecognized date format") +) + +// Validator checks hashcash stamps for validity and +// prevents replay attacks via an in-memory spent set. +type Validator struct { + resource string + mu sync.Mutex + spent map[string]time.Time +} + +// NewValidator creates a Validator for the given resource. +func NewValidator(resource string) *Validator { + validator := &Validator{ + resource: resource, + mu: sync.Mutex{}, + spent: make(map[string]time.Time), + } + + go validator.pruneLoop() + + return validator +} + +// Validate checks a hashcash stamp. It returns nil if the +// stamp is valid and has not been seen before. +func (v *Validator) Validate( + stamp string, + requiredBits int, +) error { + if requiredBits <= 0 { + return nil + } + + parts := strings.Split(stamp, ":") + if len(parts) != stampFields { + return fmt.Errorf( + "%w: expected %d, got %d", + errInvalidFields, stampFields, len(parts), + ) + } + + version := parts[0] + bitsStr := parts[1] + dateStr := parts[2] + resource := parts[3] + + if err := v.validateHeader( + version, bitsStr, resource, requiredBits, + ); err != nil { + return err + } + + stampTime, err := parseStampDate(dateStr) + if err != nil { + return err + } + + if err := validateTime(stampTime); err != nil { + return err + } + + if err := validateProof( + stamp, requiredBits, + ); err != nil { + return err + } + + return v.checkAndRecordStamp(stamp, stampTime) +} + +func (v *Validator) validateHeader( + version, bitsStr, resource string, + requiredBits int, +) error { + if version != stampVersion { + return fmt.Errorf( + "%w: %s", errBadVersion, version, + ) + } + + claimedBits, err := strconv.Atoi(bitsStr) + if err != nil || claimedBits < requiredBits { + return fmt.Errorf( + "%w: need %d bits", + errInsufficientBits, requiredBits, + ) + } + + if resource != v.resource { + return fmt.Errorf( + "%w: got %q, want %q", + errWrongResource, resource, v.resource, + ) + } + + return nil +} + +func validateTime(stampTime time.Time) error { + now := time.Now() + + if now.Sub(stampTime) > maxStampAge { + return errStampExpired + } + + if stampTime.Sub(now) > maxFutureSkew { + return errStampFuture + } + + return nil +} + +func validateProof(stamp string, requiredBits int) error { + hash := sha256.Sum256([]byte(stamp)) + if !hasLeadingZeroBits(hash[:], requiredBits) { + return fmt.Errorf( + "%w: need %d leading zero bits", + errProofFailed, requiredBits, + ) + } + + return nil +} + +func (v *Validator) checkAndRecordStamp( + stamp string, + stampTime time.Time, +) error { + v.mu.Lock() + defer v.mu.Unlock() + + if _, ok := v.spent[stamp]; ok { + return errStampReused + } + + v.spent[stamp] = stampTime + + return nil +} + +// hasLeadingZeroBits checks if the hash has at least n +// leading zero bits. +func hasLeadingZeroBits(hash []byte, numBits int) bool { + fullBytes := numBits / bitsPerByte + remainBits := numBits % bitsPerByte + + for idx := range fullBytes { + if hash[idx] != 0 { + return false + } + } + + if remainBits > 0 && fullBytes < len(hash) { + mask := byte( + fullByteMask << (bitsPerByte - remainBits), + ) + + if hash[fullBytes]&mask != 0 { + return false + } + } + + return true +} + +// parseStampDate parses a hashcash date stamp. +// Supports YYMMDD and YYMMDDHHMMSS formats. +func parseStampDate(dateStr string) (time.Time, error) { + switch len(dateStr) { + case dateShortLen: + parsed, err := time.Parse( + dateFormatShort, dateStr, + ) + if err != nil { + return time.Time{}, fmt.Errorf( + "parse date: %w", err, + ) + } + + return parsed, nil + case dateLongLen: + parsed, err := time.Parse( + dateFormatLong, dateStr, + ) + if err != nil { + return time.Time{}, fmt.Errorf( + "parse date: %w", err, + ) + } + + return parsed, nil + default: + return time.Time{}, fmt.Errorf( + "%w: %q", errBadDateFormat, dateStr, + ) + } +} + +// pruneLoop periodically removes expired stamps from the +// spent set. +func (v *Validator) pruneLoop() { + ticker := time.NewTicker(pruneInterval) + defer ticker.Stop() + + for range ticker.C { + v.prune() + } +} + +func (v *Validator) prune() { + cutoff := time.Now().Add(-maxStampAge) + + v.mu.Lock() + defer v.mu.Unlock() + + for stamp, stampTime := range v.spent { + if stampTime.Before(cutoff) { + delete(v.spent, stamp) + } + } +}