From f25d194706e900c57715ed62da3f3a5481f6545f Mon Sep 17 00:00:00 2001 From: Tiago <70700766+tiagorangel1@users.noreply.github.com> Date: Tue, 4 Mar 2025 11:23:07 +0000 Subject: [PATCH] Improve docs --- README.md | 10 ++++++++-- docs/.vitepress/config.mjs | 1 + docs/guide/alternatives.md | 15 +++++++++++++++ docs/guide/effectiveness.md | 6 +++--- docs/guide/vulnerabilities.md | 2 +- 5 files changed, 28 insertions(+), 6 deletions(-) create mode 100644 docs/guide/alternatives.md diff --git a/README.md b/README.md index 52eaa4d..a2baaff 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ Cap is the modern open-source ReCAPTCHA alternative designed for speed. FOSS, li - **Easy to integrate**: Cap's web component & server-side library are super easy to integrate into your website -## Why Cap over Cloudflare Turnstile and other CAPTCHAS? +# Why Cap over Cloudflare Turnstile and other CAPTCHAS? * **Why use this over Turnstile:** Cloudflare Turnstile is known for having an extremely high error rate, especially for users using private browsers such as Brave or Librewolf. Also, Cap is open-source. @@ -39,4 +39,10 @@ Cap is the modern open-source ReCAPTCHA alternative designed for speed. FOSS, li * **Why use this over hCAPTCHA:** Not only is Cap's bundle 250x smaller than hCAPTCHA, it's open-source and doesn't require you checking traffic signs -* **Why use this over Altcha:** Cap is slightly smaller than altcha and easier to integrate, but if you don't care about that and want a more mature solution I would highly recommend checking it out. \ No newline at end of file +* **Why use this over Altcha:** Cap is slightly smaller than altcha and easier to integrate, but if you don't care about that and want a more mature solution I would highly recommend checking it out. + +* **Why use this over FriendlyCaptcha:** Unlike FriendlyCaptcha, Cap is free & open-source (FriendlyCaptcha is €39/month for 5,000 requests and 5 domains) and has a smaller footprint. + +* **Why use this over MTCaptcha:** Cap is more lightweight, doesn't rely on users solving an image puzzle that AIs like GPT-4o can solve, is open-source, more private and doesn't depend on third-party servers for verification. + +* **Why use this over GeeTest:** Cap doesn't require an account or API keys, has no usage limits, and is completely open-source with a simpler integration process. It also doesn't rely on slow, complex image-based puzzles that frustrate users \ No newline at end of file diff --git a/docs/.vitepress/config.mjs b/docs/.vitepress/config.mjs index 9b11e0e..4502b86 100644 --- a/docs/.vitepress/config.mjs +++ b/docs/.vitepress/config.mjs @@ -30,6 +30,7 @@ export default defineConfig({ sidebar: [ { text: "Quickstart", link: "/guide/index.md" }, { text: "Effectiveness", link: "/guide/effectiveness.md" }, + { text: "Alternatives", link: "/guide/alternatives.md" }, { text: "Floating mode", link: "/guide/floating.md" }, { text: "Invisible mode", link: "/guide/invisible.md" }, { diff --git a/docs/guide/alternatives.md b/docs/guide/alternatives.md new file mode 100644 index 0000000..a72a2d1 --- /dev/null +++ b/docs/guide/alternatives.md @@ -0,0 +1,15 @@ +# Why Cap over Cloudflare Turnstile and other CAPTCHAS? + +* **Why use this over Turnstile:** Cloudflare Turnstile is known for having an extremely high error rate, especially for users using private browsers such as Brave or Librewolf. Also, Cap is open-source. + +* **Why use this over RECAPTCHA:** Cap is significantly smaller and faster than RECAPTCHA, open-source, fully free and doesn't require you checking traffic signs due to its PoW nature. + +* **Why use this over hCAPTCHA:** Not only is Cap's bundle 250x smaller than hCAPTCHA, it's open-source and doesn't require you checking traffic signs + +* **Why use this over Altcha:** Cap is slightly smaller than altcha and easier to integrate, but if you don't care about that and want a more mature solution I would highly recommend checking it out. + +* **Why use this over FriendlyCaptcha:** Unlike FriendlyCaptcha, Cap is free & open-source (FriendlyCaptcha is €39/month for 5,000 requests and 5 domains) and has a smaller footprint. + +* **Why use this over MTCaptcha:** Cap is more lightweight, doesn't rely on users solving an image puzzle that AIs like GPT-4o can solve, is open-source, more private and doesn't depend on third-party servers for verification. + +* **Why use this over GeeTest:** Cap doesn't require an account or API keys, has no usage limits, and is completely open-source with a simpler integration process. It also doesn't rely on slow, complex image-based puzzles that frustrate users \ No newline at end of file diff --git a/docs/guide/effectiveness.md b/docs/guide/effectiveness.md index a2ec41f..31e5ced 100644 --- a/docs/guide/effectiveness.md +++ b/docs/guide/effectiveness.md @@ -2,11 +2,11 @@ Cap is designed to reduce spam and abuse on websites and web apps. While it won't block all spam, it's highly effective at keeping most bots away. -## The PoW mechanism +## How PoW works -Cap uses a Proof-of-Work (PoW) system, similar to Friendly Captcha. Instead of simply verifying if you're human by analysing your mouse movement and interaction with the website, Cap creates a computational task that bots find hard to solve. +Cap uses a Proof-of-Work (PoW) system, similar to Friendly Captcha and Altcha. Instead of simply verifying if you're human by analysing your mouse movement and interaction with the website, Cap creates a computational task that bots find hard to solve. -When you verify yourself, Cap asks the server for multiple challenges (we use multiple challenges in order to help adjust difficulty levels and track progress more accurately), which include a unique salt and target. The server generates these challenges and sends them to the Cap widget. Using Web Workers and WebAssembly, Cap tries to find a challenge with a hash starting with a specific string for each challenge by combining the salt with a random string. +When you verify yourself, Cap asks the server for multiple challenges (we use multiple challenges in order to help adjust difficulty levels and track progress more accurately), which include a unique salt and target. The server generates these challenges and sends them to the Cap widget. Using Web Workers and WASM, Cap tries to find a challenge with a hash starting with a specific string for each challenge by combining the salt with a random string. Once solved, the widget sends the results back to the server for validation. If successful, the server gives a token that can be used to prove you're human. This extra complexity makes it much harder for simple bots to bypass. diff --git a/docs/guide/vulnerabilities.md b/docs/guide/vulnerabilities.md index 47ba5e3..ef05c30 100644 --- a/docs/guide/vulnerabilities.md +++ b/docs/guide/vulnerabilities.md @@ -1,2 +1,2 @@ # Vulnerabilities -So far there have been no publicly disclosed vulnerabilities. If you find any, please let us know at https://github.com/tiagorangel1/cap/security/advisories \ No newline at end of file +So far there have been no publicly disclosed vulnerabilities. If you find any, please let us know [here](https://github.com/tiagorangel1/cap/security/advisories/new) \ No newline at end of file