@dupecom/botcha-cloudflare 0.2.1 → 0.3.0

package/README.md

@@ -96,8 +96,23 @@ Rate limit headers:
 | `/v1/challenges/:id/verify` | POST | Verify challenge (no JWT) |
 | `/v1/token` | GET | Get challenge for JWT flow |
 | `/v1/token/verify` | POST | Verify challenge → get JWT token |
+| `/v1/challenge/stream` | GET | SSE streaming challenge (AI-native) |
+| `/v1/challenge/stream/:session` | POST | SSE action handler (go, solve) |
 | `/agent-only` | GET | Protected endpoint (requires JWT) |
 
+### SSE Streaming (AI-Native)
+
+For AI agents that prefer conversational flows, BOTCHA offers Server-Sent Events streaming:
+
+**Flow:**
+1. `GET /v1/challenge/stream` - Opens SSE connection, receive welcome/instructions/ready events
+2. `POST /v1/challenge/stream/:session` with `{action:"go"}` - Start challenge timer (fair timing!)
+3. Receive `challenge` event with problems
+4. `POST /v1/challenge/stream/:session` with `{action:"solve", answers:[...]}` - Submit solution
+5. Receive `result` event with JWT token
+
+**Benefits:** Timer starts when you say "GO" (not on connection), natural back-and-forth handshake.
+
 ### Legacy API (v0 - backward compatible)
 
 | Endpoint | Method | Description |

package/dist/badge.d.ts

@@ -4,7 +4,7 @@
  * Port of badge generation and verification logic from src/utils/badge.ts
  * Uses jose library for HMAC-SHA256 signing (same as JWT auth)
  */
-export type BadgeMethod = 'speed-challenge' | 'landing-challenge' | 'standard-challenge' | 'web-bot-auth';
+export type BadgeMethod = 'speed-challenge' | 'landing-challenge' | 'standard-challenge' | 'web-bot-auth' | 'reasoning-challenge' | 'hybrid-challenge';
 export interface BadgePayload {
     method: BadgeMethod;
     solveTimeMs?: number;

package/dist/badge.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"badge.d.ts","sourceRoot":"","sources":["../src/badge.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,MAAM,WAAW,GAAG,iBAAiB,GAAG,mBAAmB,GAAG,oBAAoB,GAAG,cAAc,CAAC;AAE1G,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,WAAW,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,YAAY,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,MAAM,EAAE,WAAW,CAAC;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;CACH;AAID;;;GAGG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAgB1F;AAED;;GAEG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAuB9B;AAID;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,GAAG,YAAY,CAiDvG;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,EACf,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,KAAK,CAAC,CAqBhB;AAyBD;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,YAAY,EACrB,OAAO,GAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAO,GAChD,MAAM,CAuER;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAyJjG"}
+{"version":3,"file":"badge.d.ts","sourceRoot":"","sources":["../src/badge.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,MAAM,WAAW,GAAG,iBAAiB,GAAG,mBAAmB,GAAG,oBAAoB,GAAG,cAAc,GAAG,qBAAqB,GAAG,kBAAkB,CAAC;AAEvJ,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,WAAW,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,YAAY,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE;QACJ,MAAM,EAAE,WAAW,CAAC;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;CACH;AAID;;;GAGG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAgB1F;AAED;;GAEG;AACH,wBAAsB,WAAW,CAC/B,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC,CAuB9B;AAID;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,GAAG,YAAY,CA6DvG;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,WAAW,EACnB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,EACf,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,KAAK,CAAC,CAqBhB;AA+BD;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,YAAY,EACrB,OAAO,GAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAO,GAChD,MAAM,CAuER;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAyJjG"}

package/dist/badge.js

@@ -78,6 +78,18 @@ export function generateShareText(badgeId, payload, baseUrl) {
             title: 'I verified via BOTCHA Web Bot Auth!',
             subtitle: 'Cryptographic identity confirmed.',
         },
+        'reasoning-challenge': {
+            title: payload.solveTimeMs
+                ? `I passed the BOTCHA reasoning test in ${(payload.solveTimeMs / 1000).toFixed(1)}s!`
+                : 'I passed the BOTCHA reasoning test!',
+            subtitle: 'Proved I can reason like an AI.',
+        },
+        'hybrid-challenge': {
+            title: payload.solveTimeMs
+                ? `I passed the BOTCHA hybrid test in ${(payload.solveTimeMs / 1000).toFixed(1)}s!`
+                : 'I passed the BOTCHA hybrid test!',
+            subtitle: 'Proved I can compute AND reason like an AI.',
+        },
     };
     const desc = methodDescriptions[payload.method];
     const twitter = `${desc.title}
@@ -126,18 +138,24 @@ const METHOD_COLORS = {
     'landing-challenge': { bg: '#1a1a2e', accent: '#10b981', text: '#d1fae5' },
     'standard-challenge': { bg: '#1a1a2e', accent: '#3b82f6', text: '#dbeafe' },
     'web-bot-auth': { bg: '#1a1a2e', accent: '#8b5cf6', text: '#ede9fe' },
+    'reasoning-challenge': { bg: '#1a1a2e', accent: '#ec4899', text: '#fce7f3' },
+    'hybrid-challenge': { bg: '#1a1a2e', accent: '#ef4444', text: '#fecaca' },
 };
 const METHOD_LABELS = {
     'speed-challenge': 'SPEED TEST',
     'landing-challenge': 'LANDING CHALLENGE',
     'standard-challenge': 'CHALLENGE',
     'web-bot-auth': 'WEB BOT AUTH',
+    'reasoning-challenge': 'REASONING TEST',
+    'hybrid-challenge': 'HYBRID TEST',
 };
 const METHOD_ICONS = {
     'speed-challenge': '⚡',
     'landing-challenge': '🌐',
     'standard-challenge': '🔢',
     'web-bot-auth': '🔐',
+    'reasoning-challenge': '🧠',
+    'hybrid-challenge': '🔥',
 };
 /**
  * Generate an SVG badge image

package/dist/challenges.d.ts

@@ -28,10 +28,36 @@ export interface StandardChallenge {
     expiresAt: number;
     difficulty: 'easy' | 'medium' | 'hard';
 }
+export interface ReasoningQuestion {
+    id: string;
+    question: string;
+    category: 'analogy' | 'logic' | 'wordplay' | 'math' | 'code' | 'common-sense';
+    acceptedAnswers: string[];
+}
+export interface ReasoningChallenge {
+    id: string;
+    questions: {
+        id: string;
+        question: string;
+        category: string;
+    }[];
+    expectedAnswers: Record<string, string[]>;
+    issuedAt: number;
+    expiresAt: number;
+}
 export interface ChallengeResult {
     valid: boolean;
     reason?: string;
     solveTimeMs?: number;
+    correctCount?: number;
+    totalCount?: number;
+}
+export interface HybridChallenge {
+    id: string;
+    speedChallengeId: string;
+    reasoningChallengeId: string;
+    issuedAt: number;
+    expiresAt: number;
 }
 /**
  * Generate a speed challenge: 5 SHA256 problems, 500ms to solve ALL
@@ -82,4 +108,62 @@ export declare function validateLandingToken(token: string, kv?: KVNamespace): P
  * Solve speed challenge problems (utility for AI agents)
  */
 export declare function solveSpeedChallenge(problems: number[]): Promise<string[]>;
+/**
+ * Generate a reasoning challenge: 3 random questions requiring LLM capabilities
+ */
+export declare function generateReasoningChallenge(kv?: KVNamespace): Promise<{
+    id: string;
+    questions: {
+        id: string;
+        question: string;
+        category: string;
+    }[];
+    timeLimit: number;
+    instructions: string;
+}>;
+/**
+ * Verify a reasoning challenge response
+ */
+export declare function verifyReasoningChallenge(id: string, answers: Record<string, string>, kv?: KVNamespace): Promise<ChallengeResult>;
+/**
+ * Generate a hybrid challenge: speed + reasoning combined
+ */
+export declare function generateHybridChallenge(kv?: KVNamespace): Promise<{
+    id: string;
+    speed: {
+        problems: {
+            num: number;
+            operation: string;
+        }[];
+        timeLimit: number;
+    };
+    reasoning: {
+        questions: {
+            id: string;
+            question: string;
+            category: string;
+        }[];
+        timeLimit: number;
+    };
+    instructions: string;
+}>;
+/**
+ * Verify a hybrid challenge response
+ */
+export declare function verifyHybridChallenge(id: string, speedAnswers: string[], reasoningAnswers: Record<string, string>, kv?: KVNamespace): Promise<{
+    valid: boolean;
+    reason?: string;
+    speed: {
+        passed: boolean;
+        solveTimeMs?: number;
+        reason?: string;
+    };
+    reasoning: {
+        passed: boolean;
+        score?: string;
+        solveTimeMs?: number;
+        reason?: string;
+    };
+    totalTimeMs?: number;
+}>;
 //# sourceMappingURL=challenges.d.ts.map

package/dist/challenges.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"challenges.d.ts","sourceRoot":"","sources":["../src/challenges.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,MAAM,WAAW,GAAG;IACxB,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,GAAG,QAAQ,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;IACtF,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACzF,MAAM,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxC,CAAC;AAGF,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC/C,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;CACxC;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AA4ED;;;GAGG;AACH,wBAAsB,sBAAsB,CAAC,EAAE,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC;IACtE,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC/C,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC,CA+BD;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,MAAM,EACV,OAAO,EAAE,MAAM,EAAE,EACjB,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC,eAAe,CAAC,CA4B1B;AASD;;GAEG;AACH,wBAAsB,yBAAyB,CAC7C,UAAU,GAAE,MAAM,GAAG,QAAQ,GAAG,MAAiB,EACjD,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC;IACT,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC,CA4BD;AAED;;GAEG;AACH,wBAAsB,uBAAuB,CAC3C,EAAE,EAAE,MAAM,EACV,MAAM,EAAE,MAAM,EACd,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC,eAAe,CAAC,CAyB1B;AAKD;;;GAGG;AACH,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC;IACT,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC,CAuCD;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAa5F;AAGD;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAE/E"}
+{"version":3,"file":"challenges.d.ts","sourceRoot":"","sources":["../src/challenges.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,MAAM,WAAW,GAAG;IACxB,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,aAAa,GAAG,QAAQ,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;IACtF,GAAG,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,aAAa,CAAC,EAAE,MAAM,CAAA;KAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACzF,MAAM,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxC,CAAC;AAGF,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC/C,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;CACxC;AAED,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,SAAS,GAAG,OAAO,GAAG,UAAU,GAAG,MAAM,GAAG,MAAM,GAAG,cAAc,CAAC;IAC9E,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAChE,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAC1C,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,gBAAgB,EAAE,MAAM,CAAC;IACzB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AA4ED;;;GAGG;AACH,wBAAsB,sBAAsB,CAAC,EAAE,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC;IACtE,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC/C,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC,CA+BD;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CACxC,EAAE,EAAE,MAAM,EACV,OAAO,EAAE,MAAM,EAAE,EACjB,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC,eAAe,CAAC,CA4B1B;AASD;;GAEG;AACH,wBAAsB,yBAAyB,CAC7C,UAAU,GAAE,MAAM,GAAG,QAAQ,GAAG,MAAiB,EACjD,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC;IACT,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;CACd,CAAC,CA4BD;AAED;;GAEG;AACH,wBAAsB,uBAAuB,CAC3C,EAAE,EAAE,MAAM,EACV,MAAM,EAAE,MAAM,EACd,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC,eAAe,CAAC,CAyB1B;AAKD;;;GAGG;AACH,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC;IACT,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC,CAuCD;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAa5F;AAGD;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAE/E;AA8ID;;GAEG;AACH,wBAAsB,0BAA0B,CAAC,EAAE,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC;IAC1E,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAChE,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC,CAwDD;AA6BD;;GAEG;AACH,wBAAsB,wBAAwB,CAC5C,EAAE,EAAE,MAAM,EACV,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC,eAAe,CAAC,CAqE1B;AAKD;;GAEG;AACH,wBAAsB,uBAAuB,CAAC,EAAE,CAAC,EAAE,WAAW,GAAG,OAAO,CAAC;IACvE,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE;QACL,QAAQ,EAAE;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAA;SAAE,EAAE,CAAC;QAC/C,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,SAAS,EAAE;QACT,SAAS,EAAE;YAAE,EAAE,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE,MAAM,CAAC;YAAC,QAAQ,EAAE,MAAM,CAAA;SAAE,EAAE,CAAC;QAChE,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC,CAoCD;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,EAAE,EAAE,MAAM,EACV,YAAY,EAAE,MAAM,EAAE,EACtB,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EACxC,EAAE,CAAC,EAAE,WAAW,GACf,OAAO,CAAC;IACT,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAClE,SAAS,EAAE;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACtF,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC,CAyED"}

package/dist/challenges.js

@@ -246,3 +246,394 @@ export async function validateLandingToken(token, kv) {
 export async function solveSpeedChallenge(problems) {
     return Promise.all(problems.map(n => sha256First(n.toString(), 8)));
 }
+// ============ REASONING CHALLENGE ============
+// In-memory storage for reasoning challenges
+const reasoningChallenges = new Map();
+// Question bank - LLMs can answer these, simple scripts cannot
+const QUESTION_BANK = [
+    // Analogies
+    {
+        id: 'analogy-1',
+        question: 'Complete the analogy: Book is to library as car is to ___',
+        category: 'analogy',
+        acceptedAnswers: ['garage', 'parking lot', 'dealership', 'parking garage', 'lot'],
+    },
+    {
+        id: 'analogy-2',
+        question: 'Complete the analogy: Painter is to brush as writer is to ___',
+        category: 'analogy',
+        acceptedAnswers: ['pen', 'pencil', 'keyboard', 'typewriter', 'quill'],
+    },
+    {
+        id: 'analogy-3',
+        question: 'Complete the analogy: Fish is to water as bird is to ___',
+        category: 'analogy',
+        acceptedAnswers: ['air', 'sky', 'atmosphere'],
+    },
+    {
+        id: 'analogy-4',
+        question: 'Complete the analogy: Eye is to see as ear is to ___',
+        category: 'analogy',
+        acceptedAnswers: ['hear', 'listen', 'hearing', 'listening'],
+    },
+    // Wordplay
+    {
+        id: 'wordplay-1',
+        question: 'What single word connects: apple, Newton, gravity?',
+        category: 'wordplay',
+        acceptedAnswers: ['tree', 'fall', 'falling'],
+    },
+    {
+        id: 'wordplay-2',
+        question: 'What single word connects: key, piano, computer?',
+        category: 'wordplay',
+        acceptedAnswers: ['keyboard', 'board', 'keys'],
+    },
+    {
+        id: 'wordplay-3',
+        question: 'What single word connects: river, money, blood?',
+        category: 'wordplay',
+        acceptedAnswers: ['bank', 'flow', 'stream'],
+    },
+    {
+        id: 'wordplay-4',
+        question: 'What word can precede: light, house, shine?',
+        category: 'wordplay',
+        acceptedAnswers: ['sun', 'moon'],
+    },
+    // Logic
+    {
+        id: 'logic-1',
+        question: 'If all Bloops are Razzies and all Razzies are Lazzies, are all Bloops definitely Lazzies? Answer yes or no.',
+        category: 'logic',
+        acceptedAnswers: ['yes'],
+    },
+    {
+        id: 'logic-2',
+        question: 'If some Widgets are Gadgets, and all Gadgets are blue, can some Widgets be blue? Answer yes or no.',
+        category: 'logic',
+        acceptedAnswers: ['yes'],
+    },
+    {
+        id: 'logic-3',
+        question: 'I have a bee in my hand. What do I have in my eye? (Think about the saying)',
+        category: 'logic',
+        acceptedAnswers: ['beauty', 'beholder'],
+    },
+    {
+        id: 'logic-4',
+        question: 'A farmer has 17 sheep. All but 9 run away. How many sheep does he have left?',
+        category: 'logic',
+        acceptedAnswers: ['9', 'nine'],
+    },
+    // Math
+    {
+        id: 'math-1',
+        question: 'A bat and ball cost $1.10 total. The bat costs $1.00 more than the ball. How much does the ball cost in cents?',
+        category: 'math',
+        acceptedAnswers: ['5', '5 cents', 'five', 'five cents', '0.05', '$0.05'],
+    },
+    {
+        id: 'math-2',
+        question: 'If it takes 5 machines 5 minutes to make 5 widgets, how many minutes would it take 100 machines to make 100 widgets?',
+        category: 'math',
+        acceptedAnswers: ['5', 'five', '5 minutes', 'five minutes'],
+    },
+    {
+        id: 'math-3',
+        question: 'In a lake, there is a patch of lily pads. Every day, the patch doubles in size. If it takes 48 days for the patch to cover the entire lake, how many days would it take for the patch to cover half of the lake?',
+        category: 'math',
+        acceptedAnswers: ['47', 'forty-seven', 'forty seven', '47 days'],
+    },
+    // Code
+    {
+        id: 'code-1',
+        question: 'What is wrong with this code: if (x = 5) { doSomething(); }',
+        category: 'code',
+        acceptedAnswers: ['assignment', 'single equals', '= instead of ==', 'should be ==', 'should be ===', 'equality', 'comparison'],
+    },
+    {
+        id: 'code-2',
+        question: 'In most programming languages, what does the modulo operator % return for 17 % 5?',
+        category: 'code',
+        acceptedAnswers: ['2', 'two'],
+    },
+    {
+        id: 'code-3',
+        question: 'What data structure uses LIFO (Last In, First Out)?',
+        category: 'code',
+        acceptedAnswers: ['stack', 'a stack'],
+    },
+    // Common sense
+    {
+        id: 'sense-1',
+        question: 'If you are running a race and you pass the person in second place, what place are you in now?',
+        category: 'common-sense',
+        acceptedAnswers: ['second', '2nd', '2', 'two'],
+    },
+    {
+        id: 'sense-2',
+        question: 'What gets wetter the more it dries?',
+        category: 'common-sense',
+        acceptedAnswers: ['towel', 'a towel', 'cloth', 'rag'],
+    },
+    {
+        id: 'sense-3',
+        question: 'What can you catch but not throw?',
+        category: 'common-sense',
+        acceptedAnswers: ['cold', 'a cold', 'breath', 'your breath', 'feelings', 'disease'],
+    },
+];
+/**
+ * Generate a reasoning challenge: 3 random questions requiring LLM capabilities
+ */
+export async function generateReasoningChallenge(kv) {
+    cleanExpired();
+    const id = uuid();
+    // Pick 3 random questions from different categories
+    const shuffled = [...QUESTION_BANK].sort(() => Math.random() - 0.5);
+    const selectedCategories = new Set();
+    const selectedQuestions = [];
+    for (const q of shuffled) {
+        if (selectedQuestions.length >= 3)
+            break;
+        if (selectedQuestions.length < 2 || !selectedCategories.has(q.category)) {
+            selectedQuestions.push(q);
+            selectedCategories.add(q.category);
+        }
+    }
+    while (selectedQuestions.length < 3 && shuffled.length > selectedQuestions.length) {
+        const q = shuffled.find(sq => !selectedQuestions.includes(sq));
+        if (q)
+            selectedQuestions.push(q);
+    }
+    const expectedAnswers = {};
+    const questions = selectedQuestions.map(q => {
+        expectedAnswers[q.id] = q.acceptedAnswers;
+        return {
+            id: q.id,
+            question: q.question,
+            category: q.category,
+        };
+    });
+    const timeLimit = 30000; // 30 seconds
+    const challenge = {
+        id,
+        questions,
+        expectedAnswers,
+        issuedAt: Date.now(),
+        expiresAt: Date.now() + timeLimit + 5000,
+    };
+    // Store in KV or memory
+    if (kv) {
+        await kv.put(`challenge:${id}`, JSON.stringify(challenge), { expirationTtl: 300 });
+    }
+    else {
+        reasoningChallenges.set(id, challenge);
+    }
+    return {
+        id,
+        questions,
+        timeLimit,
+        instructions: 'Answer all 3 questions. These require reasoning that LLMs can do but simple scripts cannot. You have 30 seconds.',
+    };
+}
+/**
+ * Normalize answer for comparison
+ */
+function normalizeAnswer(answer) {
+    return answer
+        .toLowerCase()
+        .trim()
+        .replace(/[.,!?'"]/g, '')
+        .replace(/\s+/g, ' ');
+}
+/**
+ * Check if an answer matches any accepted answer
+ */
+function isAnswerAccepted(answer, acceptedAnswers) {
+    const normalized = normalizeAnswer(answer);
+    for (const accepted of acceptedAnswers) {
+        const normalizedAccepted = normalizeAnswer(accepted);
+        if (normalized === normalizedAccepted)
+            return true;
+        if (normalized.includes(normalizedAccepted))
+            return true;
+        if (normalizedAccepted.includes(normalized) && normalized.length > 2)
+            return true;
+    }
+    return false;
+}
+/**
+ * Verify a reasoning challenge response
+ */
+export async function verifyReasoningChallenge(id, answers, kv) {
+    let challenge = null;
+    if (kv) {
+        const data = await kv.get(`challenge:${id}`);
+        challenge = data ? JSON.parse(data) : null;
+    }
+    else {
+        cleanExpired();
+        challenge = reasoningChallenges.get(id) || null;
+    }
+    if (!challenge) {
+        return { valid: false, reason: 'Challenge not found or expired' };
+    }
+    const now = Date.now();
+    const solveTimeMs = now - challenge.issuedAt;
+    // Delete challenge
+    if (kv) {
+        await kv.delete(`challenge:${id}`);
+    }
+    else {
+        reasoningChallenges.delete(id);
+    }
+    if (now > challenge.expiresAt) {
+        return { valid: false, reason: `Too slow! Took ${solveTimeMs}ms, limit was 30 seconds` };
+    }
+    if (!answers || typeof answers !== 'object') {
+        return { valid: false, reason: 'Answers must be an object mapping question IDs to answers' };
+    }
+    let correctCount = 0;
+    const totalCount = challenge.questions.length;
+    const wrongQuestions = [];
+    for (const q of challenge.questions) {
+        const userAnswer = answers[q.id];
+        const acceptedAnswers = challenge.expectedAnswers[q.id] || [];
+        if (!userAnswer) {
+            wrongQuestions.push(q.id);
+            continue;
+        }
+        if (isAnswerAccepted(userAnswer, acceptedAnswers)) {
+            correctCount++;
+        }
+        else {
+            wrongQuestions.push(q.id);
+        }
+    }
+    if (correctCount < totalCount) {
+        return {
+            valid: false,
+            reason: `Only ${correctCount}/${totalCount} correct. Wrong: ${wrongQuestions.join(', ')}`,
+            solveTimeMs,
+            correctCount,
+            totalCount,
+        };
+    }
+    return {
+        valid: true,
+        solveTimeMs,
+        correctCount,
+        totalCount,
+    };
+}
+// ============ HYBRID CHALLENGE ============
+const hybridChallenges = new Map();
+/**
+ * Generate a hybrid challenge: speed + reasoning combined
+ */
+export async function generateHybridChallenge(kv) {
+    cleanExpired();
+    const id = uuid();
+    // Generate both sub-challenges
+    const speedChallenge = await generateSpeedChallenge(kv);
+    const reasoningChallenge = await generateReasoningChallenge(kv);
+    const hybrid = {
+        id,
+        speedChallengeId: speedChallenge.id,
+        reasoningChallengeId: reasoningChallenge.id,
+        issuedAt: Date.now(),
+        expiresAt: Date.now() + 35000,
+    };
+    // Store in KV or memory
+    if (kv) {
+        await kv.put(`hybrid:${id}`, JSON.stringify(hybrid), { expirationTtl: 300 });
+    }
+    else {
+        hybridChallenges.set(id, hybrid);
+    }
+    return {
+        id,
+        speed: {
+            problems: speedChallenge.problems,
+            timeLimit: speedChallenge.timeLimit,
+        },
+        reasoning: {
+            questions: reasoningChallenge.questions,
+            timeLimit: reasoningChallenge.timeLimit,
+        },
+        instructions: 'Solve ALL speed problems (SHA256) in <500ms AND answer ALL reasoning questions. Submit both together.',
+    };
+}
+/**
+ * Verify a hybrid challenge response
+ */
+export async function verifyHybridChallenge(id, speedAnswers, reasoningAnswers, kv) {
+    let hybrid = null;
+    if (kv) {
+        const data = await kv.get(`hybrid:${id}`);
+        hybrid = data ? JSON.parse(data) : null;
+    }
+    else {
+        cleanExpired();
+        hybrid = hybridChallenges.get(id) || null;
+    }
+    if (!hybrid) {
+        return {
+            valid: false,
+            reason: 'Hybrid challenge not found or expired',
+            speed: { passed: false, reason: 'Challenge not found' },
+            reasoning: { passed: false, reason: 'Challenge not found' },
+        };
+    }
+    const now = Date.now();
+    const totalTimeMs = now - hybrid.issuedAt;
+    if (now > hybrid.expiresAt) {
+        if (kv) {
+            await kv.delete(`hybrid:${id}`);
+        }
+        else {
+            hybridChallenges.delete(id);
+        }
+        return {
+            valid: false,
+            reason: 'Hybrid challenge expired',
+            speed: { passed: false, reason: 'Expired' },
+            reasoning: { passed: false, reason: 'Expired' },
+            totalTimeMs,
+        };
+    }
+    // Verify speed challenge
+    const speedResult = await verifySpeedChallenge(hybrid.speedChallengeId, speedAnswers, kv);
+    // Verify reasoning challenge
+    const reasoningResult = await verifyReasoningChallenge(hybrid.reasoningChallengeId, reasoningAnswers, kv);
+    // Clean up hybrid
+    if (kv) {
+        await kv.delete(`hybrid:${id}`);
+    }
+    else {
+        hybridChallenges.delete(id);
+    }
+    const speedPassed = speedResult.valid;
+    const reasoningPassed = reasoningResult.valid;
+    const bothPassed = speedPassed && reasoningPassed;
+    return {
+        valid: bothPassed,
+        reason: bothPassed
+            ? undefined
+            : `Failed: ${!speedPassed ? 'speed' : ''}${!speedPassed && !reasoningPassed ? ' + ' : ''}${!reasoningPassed ? 'reasoning' : ''}`,
+        speed: {
+            passed: speedPassed,
+            solveTimeMs: speedResult.solveTimeMs,
+            reason: speedResult.reason,
+        },
+        reasoning: {
+            passed: reasoningPassed,
+            score: reasoningResult.valid ? `${reasoningResult.correctCount}/${reasoningResult.totalCount}` : undefined,
+            solveTimeMs: reasoningResult.solveTimeMs,
+            reason: reasoningResult.reason,
+        },
+        totalTimeMs,
+    };
+}

package/dist/index.d.ts

@@ -27,7 +27,7 @@ declare const app: Hono<{
     Variables: Variables;
 }, import("hono/types").BlankSchema, "/">;
 export default app;
-export { generateSpeedChallenge, verifySpeedChallenge, generateStandardChallenge, verifyStandardChallenge, solveSpeedChallenge, } from './challenges';
+export { generateSpeedChallenge, verifySpeedChallenge, generateStandardChallenge, verifyStandardChallenge, generateReasoningChallenge, verifyReasoningChallenge, generateHybridChallenge, verifyHybridChallenge, solveSpeedChallenge, } from './challenges';
 export { generateToken, verifyToken } from './auth';
 export { checkRateLimit } from './rate-limit';
 export { generateBadge, verifyBadge, createBadgeResponse, generateBadgeSvg, generateBadgeHtml, generateShareText, type BadgeMethod, type BadgePayload, type Badge, type ShareFormats, } from './badge';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAQL,KAAK,WAAW,EACjB,MAAM,cAAc,CAAC;AAMtB,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,WAAW,CAAC;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,YAAY,CAAC,EAAE;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,iBAAiB,CAAC;QACxB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH,CAAC;AAEF,QAAA,MAAM,GAAG;cAAwB,QAAQ;eAAa,SAAS;yCAAK,CAAC;AAmdrE,eAAe,GAAG,CAAC;AAGnB,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,yBAAyB,EACzB,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EACL,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,KAAK,EACV,KAAK,YAAY,GAClB,MAAM,SAAS,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAYL,KAAK,WAAW,EACjB,MAAM,cAAc,CAAC;AAOtB,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,WAAW,CAAC;IACxB,WAAW,EAAE,WAAW,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,SAAS,GAAG;IACf,YAAY,CAAC,EAAE;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,iBAAiB,CAAC;QACxB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH,CAAC;AAEF,QAAA,MAAM,GAAG;cAAwB,QAAQ;eAAa,SAAS;yCAAK,CAAC;AAuvBrE,eAAe,GAAG,CAAC;AAGnB,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,yBAAyB,EACzB,uBAAuB,EACvB,0BAA0B,EAC1B,wBAAwB,EACxB,uBAAuB,EACvB,qBAAqB,EACrB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,QAAQ,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC9C,OAAO,EACL,aAAa,EACb,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,iBAAiB,EACjB,iBAAiB,EACjB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,KAAK,EACV,KAAK,YAAY,GAClB,MAAM,SAAS,CAAC"}

package/dist/index.js

@@ -7,19 +7,22 @@
  */
 import { Hono } from 'hono';
 import { cors } from 'hono/cors';
-import { generateSpeedChallenge, verifySpeedChallenge, generateStandardChallenge, verifyStandardChallenge, verifyLandingChallenge, } from './challenges';
+import { generateSpeedChallenge, verifySpeedChallenge, generateStandardChallenge, verifyStandardChallenge, generateReasoningChallenge, verifyReasoningChallenge, generateHybridChallenge, verifyHybridChallenge, verifyLandingChallenge, } from './challenges';
 import { generateToken, verifyToken, extractBearerToken } from './auth';
 import { checkRateLimit, getClientIP } from './rate-limit';
-import { verifyBadge, generateBadgeSvg, generateBadgeHtml } from './badge';
+import { verifyBadge, generateBadgeSvg, generateBadgeHtml, createBadgeResponse } from './badge';
+import streamRoutes from './routes/stream';
 const app = new Hono();
 // ============ MIDDLEWARE ============
 app.use('*', cors());
+// ============ MOUNT ROUTES ============
+app.route('/', streamRoutes);
 // BOTCHA discovery headers
 app.use('*', async (c, next) => {
     await next();
     c.header('X-Botcha-Version', c.env.BOTCHA_VERSION || '0.2.0');
     c.header('X-Botcha-Enabled', 'true');
-    c.header('X-Botcha-Methods', 'speed-challenge,standard-challenge,jwt-token');
+    c.header('X-Botcha-Methods', 'speed-challenge,reasoning-challenge,hybrid-challenge,standard-challenge,jwt-token');
     c.header('X-Botcha-Docs', 'https://botcha.ai/openapi.json');
     c.header('X-Botcha-Runtime', 'cloudflare-workers');
 });
@@ -73,14 +76,21 @@ app.get('/', (c) => {
         endpoints: {
             '/': 'API info',
             '/health': 'Health check',
-            '/v1/challenges': 'Generate challenge (GET) or verify (POST)',
+            '/v1/challenges': 'Generate challenge (GET) or verify (POST) - hybrid by default',
+            '/v1/challenges?type=speed': 'Speed-only challenge (SHA256 in 500ms)',
+            '/v1/challenges?type=standard': 'Standard challenge (puzzle solving)',
+            '/v1/hybrid': 'Hybrid challenge - speed + reasoning combined (GET/POST)',
+            '/v1/reasoning': 'Reasoning-only challenge - LLM questions (GET/POST)',
             '/v1/token': 'Get challenge for JWT token flow (GET)',
             '/v1/token/verify': 'Verify challenge and get JWT (POST)',
+            '/v1/challenge/stream': 'SSE streaming challenge (interactive flow)',
+            '/v1/challenge/stream/:session': 'SSE session actions (POST: go/solve)',
             '/agent-only': 'Protected endpoint (requires JWT)',
             '/badge/:id': 'Badge verification page (HTML)',
             '/badge/:id/image': 'Badge image (SVG)',
             '/api/badge/:id': 'Badge verification (JSON)',
         },
+        defaultChallenge: 'hybrid',
         rateLimit: {
             free: '100 challenges/hour/IP',
             headers: ['X-RateLimit-Limit', 'X-RateLimit-Remaining', 'X-RateLimit-Reset'],
@@ -102,11 +112,34 @@ app.get('/health', (c) => {
     return c.json({ status: 'ok', runtime: 'cloudflare-workers' });
 });
 // ============ V1 API ============
-// Generate challenge (standard or speed)
+// Generate challenge (hybrid by default, also supports speed and standard)
 app.get('/v1/challenges', rateLimitMiddleware, async (c) => {
-    const type = c.req.query('type') || 'speed';
+    const type = c.req.query('type') || 'hybrid';
     const difficulty = c.req.query('difficulty') || 'medium';
-    if (type === 'speed') {
+    if (type === 'hybrid') {
+        const challenge = await generateHybridChallenge(c.env.CHALLENGES);
+        return c.json({
+            success: true,
+            type: 'hybrid',
+            warning: '🔥 HYBRID CHALLENGE: Solve speed problems in <500ms AND answer reasoning questions!',
+            challenge: {
+                id: challenge.id,
+                speed: {
+                    problems: challenge.speed.problems,
+                    timeLimit: `${challenge.speed.timeLimit}ms`,
+                    instructions: 'Compute SHA256 of each number, return first 8 hex chars',
+                },
+                reasoning: {
+                    questions: challenge.reasoning.questions,
+                    timeLimit: `${challenge.reasoning.timeLimit / 1000}s`,
+                    instructions: 'Answer all reasoning questions',
+                },
+            },
+            instructions: challenge.instructions,
+            tip: '🔥 This is the ultimate test: proves you can compute AND reason like an AI.',
+        });
+    }
+    else if (type === 'speed') {
         const challenge = await generateSpeedChallenge(c.env.CHALLENGES);
         return c.json({
             success: true,
@@ -134,11 +167,43 @@ app.get('/v1/challenges', rateLimitMiddleware, async (c) => {
         });
     }
 });
-// Verify challenge (without JWT - legacy)
+// Verify challenge (supports hybrid, speed, and standard)
 app.post('/v1/challenges/:id/verify', async (c) => {
     const id = c.req.param('id');
     const body = await c.req.json();
-    const { answers, answer, type } = body;
+    const { answers, answer, type, speed_answers, reasoning_answers } = body;
+    // Hybrid challenge (default)
+    if (type === 'hybrid' || (speed_answers && reasoning_answers)) {
+        if (!speed_answers || !reasoning_answers) {
+            return c.json({
+                success: false,
+                error: 'Missing speed_answers array or reasoning_answers object for hybrid challenge'
+            }, 400);
+        }
+        const result = await verifyHybridChallenge(id, speed_answers, reasoning_answers, c.env.CHALLENGES);
+        if (result.valid) {
+            const baseUrl = new URL(c.req.url).origin;
+            const badge = await createBadgeResponse('hybrid-challenge', c.env.JWT_SECRET, baseUrl, result.speed.solveTimeMs);
+            return c.json({
+                success: true,
+                message: `🔥 HYBRID TEST PASSED! Speed: ${result.speed.solveTimeMs}ms, Reasoning: ${result.reasoning.score}`,
+                speed: result.speed,
+                reasoning: result.reasoning,
+                totalTimeMs: result.totalTimeMs,
+                verdict: '🤖 VERIFIED AI AGENT (speed + reasoning confirmed)',
+                badge,
+            });
+        }
+        return c.json({
+            success: false,
+            message: `❌ Failed: ${result.reason}`,
+            speed: result.speed,
+            reasoning: result.reasoning,
+            totalTimeMs: result.totalTimeMs,
+            verdict: '🚫 FAILED HYBRID TEST',
+        });
+    }
+    // Speed challenge
     if (type === 'speed' || answers) {
         if (!answers || !Array.isArray(answers)) {
             return c.json({ success: false, error: 'Missing answers array for speed challenge' }, 400);
@@ -152,17 +217,16 @@ app.post('/v1/challenges/:id/verify', async (c) => {
             solveTimeMs: result.solveTimeMs,
         });
     }
-    else {
-        if (!answer) {
-            return c.json({ success: false, error: 'Missing answer for standard challenge' }, 400);
-        }
-        const result = await verifyStandardChallenge(id, answer, c.env.CHALLENGES);
-        return c.json({
-            success: result.valid,
-            message: result.valid ? 'Challenge passed!' : result.reason,
-            solveTimeMs: result.solveTimeMs,
-        });
+    // Standard challenge
+    if (!answer) {
+        return c.json({ success: false, error: 'Missing answer for standard challenge' }, 400);
     }
+    const result = await verifyStandardChallenge(id, answer, c.env.CHALLENGES);
+    return c.json({
+        success: result.valid,
+        message: result.valid ? 'Challenge passed!' : result.reason,
+        solveTimeMs: result.solveTimeMs,
+    });
 });
 // Get challenge for token flow (includes empty token field)
 app.get('/v1/token', rateLimitMiddleware, async (c) => {
@@ -211,6 +275,196 @@ app.post('/v1/token/verify', async (c) => {
         },
     });
 });
+// ============ REASONING CHALLENGE ============
+// Get reasoning challenge
+app.get('/v1/reasoning', rateLimitMiddleware, async (c) => {
+    const challenge = await generateReasoningChallenge(c.env.CHALLENGES);
+    return c.json({
+        success: true,
+        type: 'reasoning',
+        warning: '🧠 REASONING CHALLENGE: Answer 3 questions that require AI reasoning!',
+        challenge: {
+            id: challenge.id,
+            questions: challenge.questions,
+            timeLimit: `${challenge.timeLimit / 1000}s`,
+            instructions: challenge.instructions,
+        },
+        tip: 'These questions require reasoning that LLMs can do, but simple scripts cannot.',
+    });
+});
+// Verify reasoning challenge
+app.post('/v1/reasoning', async (c) => {
+    const body = await c.req.json();
+    const { id, answers } = body;
+    if (!id || !answers) {
+        return c.json({
+            success: false,
+            error: 'Missing id or answers object',
+            hint: 'answers should be an object like { "question-id": "your answer", ... }',
+        }, 400);
+    }
+    const result = await verifyReasoningChallenge(id, answers, c.env.CHALLENGES);
+    return c.json({
+        success: result.valid,
+        message: result.valid
+            ? `🧠 REASONING TEST PASSED in ${((result.solveTimeMs || 0) / 1000).toFixed(1)}s! You can think like an AI.`
+            : `❌ ${result.reason}`,
+        solveTimeMs: result.solveTimeMs,
+        score: result.valid ? `${result.correctCount}/${result.totalCount}` : undefined,
+        verdict: result.valid ? '🤖 VERIFIED AI AGENT (reasoning confirmed)' : '🚫 FAILED REASONING TEST',
+    });
+});
+// ============ HYBRID CHALLENGE ============
+// Get hybrid challenge (v1 API)
+app.get('/v1/hybrid', rateLimitMiddleware, async (c) => {
+    const challenge = await generateHybridChallenge(c.env.CHALLENGES);
+    return c.json({
+        success: true,
+        type: 'hybrid',
+        warning: '🔥 HYBRID CHALLENGE: Solve speed problems in <500ms AND answer reasoning questions!',
+        challenge: {
+            id: challenge.id,
+            speed: {
+                problems: challenge.speed.problems,
+                timeLimit: `${challenge.speed.timeLimit}ms`,
+                instructions: 'Compute SHA256 of each number, return first 8 hex chars',
+            },
+            reasoning: {
+                questions: challenge.reasoning.questions,
+                timeLimit: `${challenge.reasoning.timeLimit / 1000}s`,
+                instructions: 'Answer all reasoning questions',
+            },
+        },
+        instructions: challenge.instructions,
+        tip: 'This is the ultimate test: proves you can compute AND reason like an AI.',
+    });
+});
+// Verify hybrid challenge (v1 API)
+app.post('/v1/hybrid', async (c) => {
+    const body = await c.req.json();
+    const { id, speed_answers, reasoning_answers } = body;
+    if (!id || !speed_answers || !reasoning_answers) {
+        return c.json({
+            success: false,
+            error: 'Missing id, speed_answers array, or reasoning_answers object',
+            hint: 'Submit both speed_answers (array) and reasoning_answers (object) together',
+        }, 400);
+    }
+    const result = await verifyHybridChallenge(id, speed_answers, reasoning_answers, c.env.CHALLENGES);
+    if (result.valid) {
+        const baseUrl = new URL(c.req.url).origin;
+        const badge = await createBadgeResponse('hybrid-challenge', c.env.JWT_SECRET, baseUrl, result.speed.solveTimeMs);
+        return c.json({
+            success: true,
+            message: `🔥 HYBRID TEST PASSED! Speed: ${result.speed.solveTimeMs}ms, Reasoning: ${result.reasoning.score}`,
+            speed: result.speed,
+            reasoning: result.reasoning,
+            totalTimeMs: result.totalTimeMs,
+            verdict: '🤖 VERIFIED AI AGENT (speed + reasoning confirmed)',
+            badge,
+        });
+    }
+    return c.json({
+        success: false,
+        message: `❌ Failed: ${result.reason}`,
+        speed: result.speed,
+        reasoning: result.reasoning,
+        totalTimeMs: result.totalTimeMs,
+        verdict: '🚫 FAILED HYBRID TEST',
+    });
+});
+// Legacy hybrid endpoint
+app.get('/api/hybrid-challenge', async (c) => {
+    const challenge = await generateHybridChallenge(c.env.CHALLENGES);
+    return c.json({
+        success: true,
+        warning: '🔥 HYBRID CHALLENGE: Solve speed problems in <500ms AND answer reasoning questions!',
+        challenge: {
+            id: challenge.id,
+            speed: {
+                problems: challenge.speed.problems,
+                timeLimit: `${challenge.speed.timeLimit}ms`,
+                instructions: 'Compute SHA256 of each number, return first 8 hex chars',
+            },
+            reasoning: {
+                questions: challenge.reasoning.questions,
+                timeLimit: `${challenge.reasoning.timeLimit / 1000}s`,
+                instructions: 'Answer all reasoning questions',
+            },
+        },
+        instructions: challenge.instructions,
+        tip: 'This is the ultimate test: proves you can compute AND reason like an AI.',
+    });
+});
+app.post('/api/hybrid-challenge', async (c) => {
+    const body = await c.req.json();
+    const { id, speed_answers, reasoning_answers } = body;
+    if (!id || !speed_answers || !reasoning_answers) {
+        return c.json({
+            success: false,
+            error: 'Missing id, speed_answers array, or reasoning_answers object',
+            hint: 'Submit both speed_answers (array) and reasoning_answers (object) together',
+        }, 400);
+    }
+    const result = await verifyHybridChallenge(id, speed_answers, reasoning_answers, c.env.CHALLENGES);
+    if (result.valid) {
+        const baseUrl = new URL(c.req.url).origin;
+        const badge = await createBadgeResponse('hybrid-challenge', c.env.JWT_SECRET, baseUrl, result.speed.solveTimeMs);
+        return c.json({
+            success: true,
+            message: `🔥 HYBRID TEST PASSED! Speed: ${result.speed.solveTimeMs}ms, Reasoning: ${result.reasoning.score}`,
+            speed: result.speed,
+            reasoning: result.reasoning,
+            totalTimeMs: result.totalTimeMs,
+            verdict: '🤖 VERIFIED AI AGENT (speed + reasoning confirmed)',
+            badge,
+        });
+    }
+    return c.json({
+        success: false,
+        message: `❌ Failed: ${result.reason}`,
+        speed: result.speed,
+        reasoning: result.reasoning,
+        totalTimeMs: result.totalTimeMs,
+        verdict: '🚫 FAILED HYBRID TEST',
+    });
+});
+// Legacy endpoint for reasoning challenge
+app.get('/api/reasoning-challenge', async (c) => {
+    const challenge = await generateReasoningChallenge(c.env.CHALLENGES);
+    return c.json({
+        success: true,
+        warning: '🧠 REASONING CHALLENGE: Answer 3 questions that require AI reasoning!',
+        challenge: {
+            id: challenge.id,
+            questions: challenge.questions,
+            timeLimit: `${challenge.timeLimit / 1000}s`,
+            instructions: challenge.instructions,
+        },
+        tip: 'These questions require reasoning that LLMs can do, but simple scripts cannot.',
+    });
+});
+app.post('/api/reasoning-challenge', async (c) => {
+    const body = await c.req.json();
+    const { id, answers } = body;
+    if (!id || !answers) {
+        return c.json({
+            success: false,
+            error: 'Missing id or answers object',
+            hint: 'answers should be an object like { "question-id": "your answer", ... }',
+        }, 400);
+    }
+    const result = await verifyReasoningChallenge(id, answers, c.env.CHALLENGES);
+    return c.json({
+        success: result.valid,
+        message: result.valid
+            ? `🧠 REASONING TEST PASSED in ${((result.solveTimeMs || 0) / 1000).toFixed(1)}s! You can think like an AI.`
+            : `❌ ${result.reason}`,
+        solveTimeMs: result.solveTimeMs,
+        score: result.valid ? `${result.correctCount}/${result.totalCount}` : undefined,
+        verdict: result.valid ? '🤖 VERIFIED AI AGENT (reasoning confirmed)' : '🚫 FAILED REASONING TEST',
+    });
+});
 // ============ PROTECTED ENDPOINT ============
 app.get('/agent-only', requireJWT, async (c) => {
     const payload = c.get('tokenPayload');
@@ -415,7 +669,7 @@ app.post('/api/verify-landing', async (c) => {
 // ============ EXPORT ============
 export default app;
 // Also export utilities for use as a library
-export { generateSpeedChallenge, verifySpeedChallenge, generateStandardChallenge, verifyStandardChallenge, solveSpeedChallenge, } from './challenges';
+export { generateSpeedChallenge, verifySpeedChallenge, generateStandardChallenge, verifyStandardChallenge, generateReasoningChallenge, verifyReasoningChallenge, generateHybridChallenge, verifyHybridChallenge, solveSpeedChallenge, } from './challenges';
 export { generateToken, verifyToken } from './auth';
 export { checkRateLimit } from './rate-limit';
 export { generateBadge, verifyBadge, createBadgeResponse, generateBadgeSvg, generateBadgeHtml, generateShareText, } from './badge';

package/dist/routes/stream.d.ts

@@ -0,0 +1,17 @@
+/**
+ * BOTCHA SSE Streaming Challenge Endpoint
+ *
+ * Server-Sent Events (SSE) based interactive challenge flow
+ */
+import { Hono } from 'hono';
+import { type KVNamespace } from '../challenges';
+type Bindings = {
+    CHALLENGES: KVNamespace;
+    JWT_SECRET: string;
+    BOTCHA_VERSION: string;
+};
+declare const app: Hono<{
+    Bindings: Bindings;
+}, import("hono/types").BlankSchema, "/">;
+export default app;
+//# sourceMappingURL=stream.d.ts.map

package/dist/routes/stream.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stream.d.ts","sourceRoot":"","sources":["../../src/routes/stream.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAA0B,KAAK,WAAW,EAAE,MAAM,eAAe,CAAC;AAKzE,KAAK,QAAQ,GAAG;IACd,UAAU,EAAE,WAAW,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB,CAAC;AAYF,QAAA,MAAM,GAAG;cAAwB,QAAQ;yCAAK,CAAC;AAoS/C,eAAe,GAAG,CAAC"}

package/dist/routes/stream.js

@@ -0,0 +1,242 @@
+/**
+ * BOTCHA SSE Streaming Challenge Endpoint
+ *
+ * Server-Sent Events (SSE) based interactive challenge flow
+ */
+import { Hono } from 'hono';
+import { stream as honoStream } from 'hono/streaming';
+import { generateToken } from '../auth';
+import { sha256First } from '../crypto';
+const app = new Hono();
+// ============ HELPER FUNCTIONS ============
+/**
+ * Format SSE event
+ */
+function formatSSE(event, data) {
+    return `event: ${event}\ndata: ${JSON.stringify(data)}\n\n`;
+}
+/**
+ * Store session in KV
+ */
+async function storeSession(kv, session) {
+    const ttlSeconds = Math.ceil((session.expiresAt - Date.now()) / 1000);
+    await kv.put(`stream:${session.id}`, JSON.stringify(session), { expirationTtl: Math.max(ttlSeconds, 60) });
+}
+/**
+ * Get session from KV
+ */
+async function getSession(kv, id) {
+    const data = await kv.get(`stream:${id}`);
+    return data ? JSON.parse(data) : null;
+}
+/**
+ * Delete session from KV
+ */
+async function deleteSession(kv, id) {
+    await kv.delete(`stream:${id}`);
+}
+/**
+ * Generate unique session ID
+ */
+function generateSessionId() {
+    return `sess_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+}
+// ============ ROUTES ============
+/**
+ * GET /v1/challenge/stream
+ *
+ * Opens an SSE connection and sends challenge instructions in sequence
+ */
+app.get('/v1/challenge/stream', async (c) => {
+    const sessionId = generateSessionId();
+    const version = c.env.BOTCHA_VERSION || '0.3.0';
+    // Create session
+    const session = {
+        id: sessionId,
+        status: 'waiting',
+        createdAt: Date.now(),
+        expiresAt: Date.now() + 5 * 60 * 1000, // 5 minutes
+    };
+    await storeSession(c.env.CHALLENGES, session);
+    return honoStream(c, async (stream) => {
+        // Send welcome event
+        await stream.write(formatSSE('welcome', {
+            session: sessionId,
+            version,
+        }));
+        // Send instructions in sequence
+        await stream.write(formatSSE('instructions', {
+            message: 'I will test if you\'re an AI agent.',
+        }));
+        await stream.sleep(100);
+        await stream.write(formatSSE('instructions', {
+            message: 'When you send "GO", I\'ll start a speed challenge.',
+        }));
+        await stream.sleep(100);
+        await stream.write(formatSSE('instructions', {
+            message: 'You must solve 5 SHA256 problems in under 500ms.',
+        }));
+        await stream.sleep(100);
+        await stream.write(formatSSE('instructions', {
+            message: 'Only real AI agents can pass. Humans are too slow.',
+        }));
+        await stream.sleep(100);
+        // Send ready event
+        await stream.write(formatSSE('ready', {
+            message: 'Send GO when ready',
+            endpoint: `/v1/challenge/stream/${sessionId}`,
+        }));
+        // Update session status
+        session.status = 'ready';
+        await storeSession(c.env.CHALLENGES, session);
+        // Keep connection alive (SSE standard practice)
+        // In production, this would be handled by connection timeout
+        // For now, we'll keep it open for 5 minutes
+        const keepAliveInterval = 15000; // 15 seconds
+        const maxWait = 5 * 60 * 1000; // 5 minutes
+        const startTime = Date.now();
+        while (Date.now() - startTime < maxWait) {
+            await stream.sleep(keepAliveInterval);
+            // Send heartbeat comment (SSE standard)
+            await stream.write(': heartbeat\n\n');
+            // Check if session was updated (challenge started)
+            const updatedSession = await getSession(c.env.CHALLENGES, sessionId);
+            if (!updatedSession || updatedSession.status !== 'ready') {
+                break;
+            }
+        }
+    });
+});
+/**
+ * POST /v1/challenge/stream/:session
+ *
+ * Handle actions: "go" (start challenge) or "solve" (submit answers)
+ */
+app.post('/v1/challenge/stream/:session', async (c) => {
+    const sessionId = c.req.param('session');
+    const body = await c.req.json();
+    const { action, answers } = body;
+    // Validate session
+    const session = await getSession(c.env.CHALLENGES, sessionId);
+    if (!session) {
+        return c.json({
+            success: false,
+            error: 'SESSION_NOT_FOUND',
+            message: 'Session not found or expired',
+        }, 404);
+    }
+    // Handle "go" action - start challenge
+    if (action === 'go') {
+        if (session.status !== 'ready') {
+            return c.json({
+                success: false,
+                error: 'INVALID_STATE',
+                message: `Session is in ${session.status} state, expected ready`,
+            }, 400);
+        }
+        // Generate challenge problems
+        const problems = [];
+        const expectedAnswers = [];
+        for (let i = 0; i < 5; i++) {
+            const num = Math.floor(Math.random() * 900000) + 100000;
+            problems.push({ num, operation: 'sha256_first8' });
+            expectedAnswers.push(await sha256First(num.toString(), 8));
+        }
+        // Update session
+        session.status = 'challenged';
+        session.problems = problems;
+        session.expectedAnswers = expectedAnswers;
+        session.timerStart = Date.now();
+        await storeSession(c.env.CHALLENGES, session);
+        // Return challenge event
+        return c.json({
+            success: true,
+            event: 'challenge',
+            data: {
+                problems,
+                timeLimit: 500,
+                instructions: 'Compute SHA256 of each number, return first 8 hex chars',
+            },
+        });
+    }
+    // Handle "solve" action - verify answers
+    if (action === 'solve') {
+        if (session.status !== 'challenged') {
+            return c.json({
+                success: false,
+                error: 'INVALID_STATE',
+                message: `Session is in ${session.status} state, expected challenged`,
+            }, 400);
+        }
+        if (!answers || !Array.isArray(answers)) {
+            return c.json({
+                success: false,
+                error: 'MISSING_ANSWERS',
+                message: 'Missing answers array',
+            }, 400);
+        }
+        const now = Date.now();
+        const solveTimeMs = now - (session.timerStart || now);
+        // Delete session to prevent replay
+        await deleteSession(c.env.CHALLENGES, sessionId);
+        // Check timing
+        if (solveTimeMs > 500) {
+            return c.json({
+                success: false,
+                event: 'result',
+                data: {
+                    success: false,
+                    verdict: '🚫 TOO SLOW',
+                    message: `Took ${solveTimeMs}ms, limit was 500ms`,
+                    solveTimeMs,
+                },
+            });
+        }
+        // Check answers
+        if (answers.length !== 5) {
+            return c.json({
+                success: false,
+                event: 'result',
+                data: {
+                    success: false,
+                    verdict: '❌ WRONG FORMAT',
+                    message: 'Must provide exactly 5 answers',
+                },
+            });
+        }
+        for (let i = 0; i < 5; i++) {
+            if (answers[i]?.toLowerCase() !== session.expectedAnswers[i]) {
+                return c.json({
+                    success: false,
+                    event: 'result',
+                    data: {
+                        success: false,
+                        verdict: '❌ WRONG ANSWER',
+                        message: `Wrong answer for problem ${i + 1}`,
+                    },
+                });
+            }
+        }
+        // Success! Generate JWT token
+        const token = await generateToken(sessionId, solveTimeMs, c.env.JWT_SECRET);
+        return c.json({
+            success: true,
+            event: 'result',
+            data: {
+                success: true,
+                verdict: '🤖 VERIFIED',
+                message: `Challenge passed in ${solveTimeMs}ms! You are a bot.`,
+                solveTimeMs,
+                token,
+                expiresIn: '1h',
+            },
+        });
+    }
+    // Unknown action
+    return c.json({
+        success: false,
+        error: 'UNKNOWN_ACTION',
+        message: `Unknown action: ${action}. Expected "go" or "solve"`,
+    }, 400);
+});
+export default app;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dupecom/botcha-cloudflare",
-  "version": "0.2.1",
+  "version": "0.3.0",
   "description": "BOTCHA for Cloudflare Workers - Prove you're a bot. Humans need not apply.",
   "type": "module",
   "main": "dist/index.js",
@@ -16,7 +16,7 @@
     "README.md"
   ],
   "scripts": {
-    "dev": "wrangler dev",
+    "dev": "bun run scripts/dev-intro.ts",
     "deploy": "wrangler deploy",
     "build": "tsc",
     "prepublishOnly": "bun run build",
@@ -46,7 +46,7 @@
   "devDependencies": {
     "@cloudflare/workers-types": "^4.20250124.0",
     "typescript": "^5.9.3",
-    "wrangler": "^4.5.0",
+    "wrangler": "^4.63.0",
     "vitest": "^3.0.0"
   }
 }