@prosopo/provider 3.12.3 → 3.13.0

package/dist/cjs/tasks/detection/getBotScore.cjs

@@ -2,9 +2,10 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 const decodePayload = require("./decodePayload.cjs");
 const DEFAULT_ENTROPY = 13837;
-const getBotScore = async (payload, privateKeyString) => {
+const getBotScore = async (payload, headHash, privateKeyString) => {
   const result = await decodePayload(
     payload,
+    headHash,
     privateKeyString
   );
   const baseBotScore = result.score;
@@ -12,6 +13,9 @@ const getBotScore = async (payload, privateKeyString) => {
   const providerSelectEntropy = result.providerSelectEntropy;
   const userId = result.userId;
   const userAgent = result.userAgent;
+  const isWebView = result.isWebView ?? false;
+  const isIframe = result.isIframe ?? false;
+  const decryptedHeadHash = result.decryptedHeadHash;
   if (baseBotScore === void 0) {
     return {
       baseBotScore: 1,
@@ -19,6 +23,15 @@ const getBotScore = async (payload, privateKeyString) => {
       providerSelectEntropy: DEFAULT_ENTROPY
     };
   }
-  return { baseBotScore, timestamp, providerSelectEntropy, userId, userAgent };
+  return {
+    baseBotScore,
+    timestamp,
+    providerSelectEntropy,
+    userId,
+    userAgent,
+    isWebView,
+    isIframe,
+    decryptedHeadHash
+  };
 };
 exports.getBotScore = getBotScore;

package/dist/cjs/tasks/frictionless/frictionlessTasks.cjs

@@ -17,22 +17,60 @@ const getDefaultEntropy = () => {
 };
 const DEFAULT_MAX_TIMESTAMP_AGE = 60 * 10 * 1e3;
 const DEFAULT_ENTROPY = getDefaultEntropy();
+var FrictionlessReason = /* @__PURE__ */ ((FrictionlessReason2) => {
+  FrictionlessReason2["CONTEXT_AWARE_VALIDATION_FAILED"] = "CONTEXT_AWARE_VALIDATION_FAILED";
+  FrictionlessReason2["USER_ACCESS_POLICY"] = "USER_ACCESS_POLICY";
+  FrictionlessReason2["USER_AGENT_MISMATCH"] = "USER_AGENT_MISMATCH";
+  FrictionlessReason2["OLD_TIMESTAMP"] = "OLD_TIMESTAMP";
+  FrictionlessReason2["BOT_SCORE_ABOVE_THRESHOLD"] = "BOT_SCORE_ABOVE_THRESHOLD";
+  FrictionlessReason2["WEBVIEW_DETECTED"] = "WEBVIEW_DETECTED";
+  return FrictionlessReason2;
+})(FrictionlessReason || {});
 class FrictionlessManager extends captchaManager.CaptchaManager {
   constructor(db, pair, config, logger) {
-    super(db, pair, logger);
+    super(db, pair, config, logger);
     this.config = config;
   }
+  setSessionParams(params) {
+    this.sessionParams = {
+      token: params.token,
+      score: params.score,
+      threshold: params.threshold,
+      scoreComponents: params.scoreComponents,
+      providerSelectEntropy: params.providerSelectEntropy,
+      ipAddress: params.ipAddress,
+      webView: params.webView ?? false,
+      iFrame: params.iFrame ?? false,
+      decryptedHeadHash: params.decryptedHeadHash
+    };
+  }
+  updateScore(score, scoreComponents) {
+    if (this.sessionParams) {
+      this.sessionParams.score = score;
+      this.sessionParams.scoreComponents = scoreComponents;
+    }
+  }
   checkLangRules(acceptLanguage) {
     return lang.checkLangRules(this.config, acceptLanguage);
   }
-  async createSession(tokenId, captchaType, solvedImagesCount, powDifficulty) {
+  async createSession(token, score, threshold, scoreComponents, providerSelectEntropy, ipAddress, captchaType, solvedImagesCount, powDifficulty, userSitekeyIpHash, webView = false, iFrame = false, decryptedHeadHash = "", reason) {
     const sessionRecord = {
       sessionId: uuid.v4(),
       createdAt: /* @__PURE__ */ new Date(),
-      tokenId,
+      token,
+      score,
+      threshold,
+      scoreComponents,
+      providerSelectEntropy,
+      ipAddress,
       captchaType,
       solvedImagesCount,
-      powDifficulty
+      powDifficulty,
+      userSitekeyIpHash,
+      webView,
+      iFrame,
+      decryptedHeadHash,
+      reason
     };
     await this.db.storeSessionRecord(sessionRecord);
     return sessionRecord;
@@ -55,11 +93,28 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
     }
     return { verified: true, domain };
   }
-  async sendImageCaptcha(tokenId, solvedImagesCount) {
+  async sendImageCaptcha(params) {
+    const effectiveParams = { ...this.sessionParams, ...params };
+    if (!effectiveParams.token || effectiveParams.score === void 0 || effectiveParams.threshold === void 0 || !effectiveParams.scoreComponents || effectiveParams.providerSelectEntropy === void 0 || !effectiveParams.ipAddress) {
+      throw new Error(
+        "Session parameters must be set before calling sendImageCaptcha"
+      );
+    }
     const sessionRecord = await this.createSession(
-      tokenId,
+      effectiveParams.token,
+      effectiveParams.score,
+      effectiveParams.threshold,
+      effectiveParams.scoreComponents,
+      effectiveParams.providerSelectEntropy,
+      effectiveParams.ipAddress,
       types.CaptchaType.image,
-      solvedImagesCount
+      effectiveParams.solvedImagesCount,
+      void 0,
+      effectiveParams.userSitekeyIpHash,
+      effectiveParams.webView ?? false,
+      effectiveParams.iFrame ?? false,
+      effectiveParams.decryptedHeadHash,
+      effectiveParams.reason
     );
     return {
       [types.ApiParams.captchaType]: types.CaptchaType.image,
@@ -67,11 +122,28 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
       [types.ApiParams.status]: "ok"
     };
   }
-  async sendPowCaptcha(tokenId, powDifficulty) {
+  async sendPowCaptcha(params) {
+    const effectiveParams = { ...this.sessionParams, ...params };
+    if (!effectiveParams.token || effectiveParams.score === void 0 || effectiveParams.threshold === void 0 || !effectiveParams.scoreComponents || effectiveParams.providerSelectEntropy === void 0 || !effectiveParams.ipAddress) {
+      throw new Error(
+        "Session parameters must be set before calling sendPowCaptcha"
+      );
+    }
     const sessionRecord = await this.createSession(
-      tokenId,
+      effectiveParams.token,
+      effectiveParams.score,
+      effectiveParams.threshold,
+      effectiveParams.scoreComponents,
+      effectiveParams.providerSelectEntropy,
+      effectiveParams.ipAddress,
       types.CaptchaType.pow,
-      powDifficulty
+      void 0,
+      effectiveParams.powDifficulty,
+      effectiveParams.userSitekeyIpHash,
+      effectiveParams.webView ?? false,
+      effectiveParams.iFrame ?? false,
+      effectiveParams.decryptedHeadHash,
+      effectiveParams.reason
     );
     return {
       [types.ApiParams.captchaType]: types.CaptchaType.pow,
@@ -79,47 +151,57 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
       [types.ApiParams.status]: "ok"
     };
   }
-  async scoreIncreaseAccessPolicy(accessPolicy, baseBotScore, botScore, tokenId) {
+  scoreIncreaseAccessPolicy(accessPolicy, baseBotScore, botScore, scoreComponents) {
     const accessPolicyPenalty = accessPolicy?.frictionlessScore || this.config.penalties.PENALTY_ACCESS_RULE;
     botScore += accessPolicyPenalty;
-    await this.db.updateFrictionlessTokenRecord(tokenId, {
+    return {
       score: botScore,
       scoreComponents: {
-        baseScore: baseBotScore,
+        ...scoreComponents,
         accessPolicy: accessPolicyPenalty
       }
-    });
-    return botScore;
+    };
   }
-  async scoreIncreaseUnverifiedHost(host, baseBotScore, botScore, tokenId) {
+  scoreIncreaseUnverifiedHost(host, baseBotScore, botScore, scoreComponents) {
     this.logger.info(() => ({
       msg: "Host not verified",
       data: { requested: this.config.host, selected: host }
     }));
     botScore += this.config.penalties.PENALTY_UNVERIFIED_HOST;
-    await this.db.updateFrictionlessTokenRecord(tokenId, {
+    return {
       score: botScore,
       scoreComponents: {
-        baseScore: baseBotScore,
+        ...scoreComponents,
         unverifiedHost: this.config.penalties.PENALTY_UNVERIFIED_HOST
       }
-    });
-    return botScore;
+    };
+  }
+  scoreIncreaseWebView(baseBotScore, botScore, scoreComponents) {
+    this.logger.debug(() => ({
+      msg: "WebView detected"
+    }));
+    botScore += this.config.penalties.PENALTY_WEBVIEW;
+    return {
+      score: botScore,
+      scoreComponents: {
+        ...scoreComponents,
+        webView: this.config.penalties.PENALTY_WEBVIEW
+      }
+    };
   }
-  async scoreIncreaseTimestamp(timestamp, baseBotScore, botScore, tokenId) {
+  scoreIncreaseTimestamp(timestamp, baseBotScore, botScore, scoreComponents) {
     this.logger.info(() => ({
       msg: "Timestamp is older than 10 minutes",
       data: { timestamp: new Date(timestamp) }
     }));
     botScore += this.config.penalties.PENALTY_OLD_TIMESTAMP;
-    await this.db.updateFrictionlessTokenRecord(tokenId, {
+    return {
       score: botScore,
       scoreComponents: {
-        baseScore: baseBotScore,
+        ...scoreComponents,
         timeout: this.config.penalties.PENALTY_OLD_TIMESTAMP
       }
-    });
-    return botScore;
+    };
   }
   static timestampTooOld(timestamp) {
     const now = Date.now();
@@ -141,7 +223,7 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
     const end = key.slice(-5);
     return `${start}...${middle}...${end}`;
   }
-  async decryptPayload(token) {
+  async decryptPayload(token, headHash) {
     const decryptKeys = [
       // Process DB keys first, then env var key last as env key will likely be invalid
       ...await this.getDetectorKeys(),
@@ -164,6 +246,9 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
     let providerSelectEntropy;
     let userId;
     let userAgent;
+    let webView;
+    let iFrame;
+    let decryptedHeadHash = "";
     for (const [keyIndex, key] of decryptKeys.entries()) {
       try {
         this.logger.info(() => ({
@@ -172,12 +257,15 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
             key: this.redactKeyForLogging(key)
           }
         }));
-        const decrypted = await getBotScore.getBotScore(token, key);
+        const decrypted = await getBotScore.getBotScore(token, headHash, key);
+        decryptedHeadHash = decrypted.decryptedHeadHash || "";
         const s = decrypted.baseBotScore;
         const t = decrypted.timestamp;
         const p = decrypted.providerSelectEntropy;
         const a = decrypted.userId;
         const u = decrypted.userAgent;
+        const w = decrypted.isWebView;
+        const i = decrypted.isIframe;
         this.logger.debug(() => ({
           msg: "Successfully decrypted score",
           data: {
@@ -186,7 +274,9 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
             timestamp: t,
             entropy: p,
             userId: a,
-            userAgent: u
+            userAgent: u,
+            webView: w,
+            iFrame: i
           }
         }));
         baseBotScore = s;
@@ -194,6 +284,8 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
         providerSelectEntropy = p;
         userId = a;
         userAgent = u;
+        webView = w;
+        iFrame = i;
         break;
       } catch (err) {
         if (keyIndex === decryptKeys.length - 1) {
@@ -203,6 +295,7 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
           baseBotScore = 1;
           timestamp = 0;
           providerSelectEntropy = DEFAULT_ENTROPY + 1;
+          decryptedHeadHash = "";
         }
       }
     }
@@ -217,13 +310,19 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
       baseBotScore = 1;
       timestamp = 0;
       providerSelectEntropy = DEFAULT_ENTROPY - undefinedCount;
+      decryptedHeadHash = "";
     }
     this.logger.info(() => ({
       msg: "decryptPayload result",
       data: {
         baseBotScore,
         timestamp,
-        entropy: providerSelectEntropy
+        entropy: providerSelectEntropy,
+        userId,
+        userAgent,
+        webView,
+        iFrame,
+        decryptedHeadHash
       }
     }));
     return {
@@ -231,9 +330,16 @@ class FrictionlessManager extends captchaManager.CaptchaManager {
       timestamp: Number(timestamp),
       providerSelectEntropy: Number(providerSelectEntropy),
       userId,
-      userAgent
+      userAgent,
+      webView: webView || false,
+      iFrame: iFrame || false,
+      decryptedHeadHash
     };
   }
+  async getClientEntropy(siteKey) {
+    return this.db.getClientEntropy(siteKey);
+  }
 }
 exports.DEFAULT_ENTROPY = DEFAULT_ENTROPY;
 exports.FrictionlessManager = FrictionlessManager;
+exports.FrictionlessReason = FrictionlessReason;

package/dist/cjs/tasks/imgCaptcha/imgCaptchaTasks.cjs

@@ -11,11 +11,12 @@ const pairs = require("../../pairs.cjs");
 const lang = require("../../rules/lang.cjs");
 const util = require("../../util.cjs");
 const captchaManager = require("../captchaManager.cjs");
+const frictionlessTasks = require("../frictionless/frictionlessTasks.cjs");
 const frictionlessTasksUtils = require("../frictionless/frictionlessTasksUtils.cjs");
 const imgCaptchaTasksUtils = require("./imgCaptchaTasksUtils.cjs");
 class ImgCaptchaManager extends captchaManager.CaptchaManager {
   constructor(db, pair, config, logger) {
-    super(db, pair, logger);
+    super(db, pair, config, logger);
     this.config = config;
   }
   async getCaptchaWithProof(datasetId, solved, size) {
@@ -32,7 +33,7 @@ class ImgCaptchaManager extends captchaManager.CaptchaManager {
     }
     return captchaDocs;
   }
-  async getRandomCaptchasAndRequestHash(datasetId, userAccount, ipAddress, captchaConfig, threshold, frictionlessTokenId) {
+  async getRandomCaptchasAndRequestHash(datasetId, userAccount, ipAddress, captchaConfig, threshold, sessionId) {
     const dataset = await this.db.getDatasetDetails(datasetId);
     if (!dataset) {
       throw new common.ProsopoEnvError("DATABASE.DATASET_GET_FAILED", {
@@ -82,7 +83,7 @@ class ImgCaptchaManager extends captchaManager.CaptchaManager {
       currentTime,
       compositeIpAddress.getCompositeIpAddress(ipAddress),
       threshold,
-      frictionlessTokenId
+      sessionId
     );
     return {
       captchas,
@@ -174,10 +175,10 @@ class ImgCaptchaManager extends captchaManager.CaptchaManager {
         userSignature: userTimestampSignature,
         userSubmitted: true,
         serverChecked: false,
-        requestedAtTimestamp: timestamp,
+        requestedAtTimestamp: new Date(timestamp),
         ipAddress: compositeIpAddress.getCompositeIpAddress(ipAddress),
         headers,
-        frictionlessTokenId: pendingRecord.frictionlessTokenId,
+        sessionId: pendingRecord.sessionId,
         ja4
       };
       await this.db.storeUserImageCaptchaSolution(receivedCaptchas, commit);
@@ -334,7 +335,7 @@ class ImgCaptchaManager extends captchaManager.CaptchaManager {
     }
     return void 0;
   }
-  async verifyImageCaptchaSolution(user, dapp, commitmentId, env, maxVerifiedTime, ip) {
+  async verifyImageCaptchaSolution(user, dapp, commitmentId, env, maxVerifiedTime, ip, disallowWebView, contextAwareEnabled = false) {
     const solution = await (commitmentId ? this.getDappUserCommitmentById(commitmentId) : this.getDappUserCommitmentByAccount(user, dapp));
     if (!solution) {
       this.logger.debug(() => ({
@@ -351,7 +352,7 @@ class ImgCaptchaManager extends captchaManager.CaptchaManager {
     }
     maxVerifiedTime = maxVerifiedTime || 60 * 1e3;
     const currentTime = Date.now();
-    const timeSinceCompletion = currentTime - solution.requestedAtTimestamp;
+    const timeSinceCompletion = currentTime - solution.requestedAtTimestamp.getTime();
     if (timeSinceCompletion > maxVerifiedTime) {
       this.logger.debug(() => ({
         msg: "Not verified - timed out"
@@ -391,18 +392,29 @@ class ImgCaptchaManager extends captchaManager.CaptchaManager {
     }
     const isApproved = solution.result.status === types.CaptchaStatus.approved;
     let score;
-    if (solution.frictionlessTokenId) {
-      const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-        solution.frictionlessTokenId
+    if (solution.sessionId) {
+      const sessionRecord = await this.db.getSessionRecordBySessionId(
+        solution.sessionId
       );
-      if (tokenRecord) {
-        score = frictionlessTasksUtils.computeFrictionlessScore(tokenRecord?.scoreComponents);
+      if (sessionRecord) {
+        score = frictionlessTasksUtils.computeFrictionlessScore(sessionRecord?.scoreComponents);
         this.logger.info(() => ({
           data: {
-            tscoreComponents: tokenRecord?.scoreComponents,
+            scoreComponents: sessionRecord?.scoreComponents,
             score
           }
         }));
+        if (disallowWebView === true && (sessionRecord.scoreComponents.webView || 0) > 0) {
+          this.logger.info(() => ({
+            msg: "Disallowing webview access - user not verified"
+          }));
+          return { status: "API.USER_NOT_VERIFIED", verified: false };
+        }
+        if (contextAwareEnabled && sessionRecord.reason === frictionlessTasks.FrictionlessReason.CONTEXT_AWARE_VALIDATION_FAILED) {
+          this.logger.info(() => ({
+            msg: "Context aware validation failed"
+          }));
+        }
       }
     }
     return {

package/dist/cjs/tasks/powCaptcha/powTasks.cjs

@@ -11,8 +11,8 @@ const frictionlessTasksUtils = require("../frictionless/frictionlessTasksUtils.c
 const powTasksUtils = require("./powTasksUtils.cjs");
 const DEFAULT_POW_DIFFICULTY = 4;
 class PowCaptchaManager extends captchaManager.CaptchaManager {
-  constructor(db, pair, logger) {
-    super(db, pair, logger);
+  constructor(db, pair, config, logger) {
+    super(db, pair, config, logger);
     this.POW_SEPARATOR = types.POW_SEPARATOR;
   }
   /**
@@ -179,15 +179,15 @@ class PowCaptchaManager extends captchaManager.CaptchaManager {
       }
     }
     let score;
-    if (challengeRecord.frictionlessTokenId) {
-      const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-        challengeRecord.frictionlessTokenId
+    if (challengeRecord.sessionId) {
+      const sessionRecord = await this.db.getSessionRecordBySessionId(
+        challengeRecord.sessionId
       );
-      if (tokenRecord) {
-        score = frictionlessTasksUtils.computeFrictionlessScore(tokenRecord?.scoreComponents);
+      if (sessionRecord) {
+        score = frictionlessTasksUtils.computeFrictionlessScore(sessionRecord?.scoreComponents);
         this.logger.info(() => ({
           data: {
-            tscoreComponents: { ...tokenRecord?.scoreComponents || {} },
+            scoreComponents: { ...sessionRecord?.scoreComponents || {} },
             score
           }
         }));

package/dist/cjs/tasks/tasks.cjs

@@ -21,6 +21,7 @@ class Tasks {
     this.powCaptchaManager = new powTasks.PowCaptchaManager(
       this.db,
       this.pair,
+      this.config,
       this.logger
     );
     this.datasetManager = new datasetTasks.DatasetManager(

package/dist/cjs/util.cjs

@@ -34,7 +34,7 @@ async function checkIfTaskIsRunning(taskName, db) {
     types.ScheduledTaskStatus.Running
   );
   const twoMinutesAgo = (/* @__PURE__ */ new Date()).getTime() - 1e3 * 60 * 2;
-  if (runningTask && runningTask.datetime > twoMinutesAgo) {
+  if (runningTask && runningTask.datetime.getTime() > twoMinutesAgo) {
     const completedTask = await db.getScheduledTaskStatus(
       runningTask._id,
       types.ScheduledTaskStatus.Completed
@@ -231,6 +231,19 @@ const deepValidateIpAddress = async (ip, challengeIpAddress, logger, apiKey, api
     if (standardValidation.errorMessage?.includes("Invalid IP address")) {
       return standardValidation;
     }
+    if (ipValidationRules?.forceConsistentIp === true) {
+      logger.info(() => ({
+        msg: "IP validation failed - forceConsistentIp is true",
+        data: {
+          challengeIp: challengeIpAddress.address,
+          providedIp: ip
+        }
+      }));
+      return {
+        isValid: false,
+        errorMessage: standardValidation.errorMessage
+      };
+    }
   } else {
     return { isValid: true };
   }

package/dist/cjs/utils/hashUserIp.cjs

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const node_crypto = require("node:crypto");
+function hashUserIp(user, ip, sitekey) {
+  const hash = node_crypto.createHash("sha256");
+  hash.update(`${user}:${ip}:${sitekey}`, "utf8");
+  return hash.digest("hex");
+}
+exports.hashUserIp = hashUserIp;

package/dist/index.js

@@ -8,6 +8,7 @@ import { publicRouter } from "./api/public.js";
 import { domainMiddleware } from "./api/domainMiddleware.js";
 import { storeCaptchasExternally } from "./schedulers/captchaScheduler.js";
 import { getClientList } from "./schedulers/getClientList.js";
+import { setClientEntropy } from "./schedulers/setClientEntropy.js";
 import { headerCheckMiddleware } from "./api/headerCheckMiddleware.js";
 import { createApiAdminRoutesProvider } from "./api/admin/createApiAdminRoutesProvider.js";
 import { ignoreMiddleware } from "./api/ignoreMiddleware.js";
@@ -39,6 +40,7 @@ export {
   prosopoVerifyRouter,
   publicRouter,
   robotsMiddleware,
+  setClientEntropy,
   shuffleArray,
   storeCaptchasExternally,
   validateIpAddress

package/dist/schedulers/setClientEntropy.js

@@ -0,0 +1,36 @@
+import { ProviderEnvironment } from "@prosopo/env";
+import { ScheduledTaskNames } from "@prosopo/types";
+import { CronJob } from "cron";
+import { Tasks } from "../tasks/tasks.js";
+import { checkIfTaskIsRunning } from "../util.js";
+async function setClientEntropy(pair, cronSchedule, config) {
+  const env = new ProviderEnvironment(config, pair);
+  await env.isReady();
+  const tasks = new Tasks(env);
+  const job = new CronJob(cronSchedule, async () => {
+    const taskRunning = await checkIfTaskIsRunning(
+      ScheduledTaskNames.SetClientEntropy,
+      env.getDb()
+    );
+    env.logger.info(() => ({
+      msg: `${ScheduledTaskNames.SetClientEntropy} task running: ${taskRunning}`,
+      data: { taskRunning }
+    }));
+    if (!taskRunning) {
+      env.logger.info(() => ({
+        msg: `${ScheduledTaskNames.SetClientEntropy} task....`,
+        data: {}
+      }));
+      await tasks.clientTaskManager.calculateClientEntropy().catch((err) => {
+        env.logger.error(() => ({
+          err,
+          msg: "Error setting client entropy"
+        }));
+      });
+    }
+  });
+  job.start();
+}
+export {
+  setClientEntropy
+};

package/dist/tasks/captchaManager.js

@@ -2,28 +2,13 @@ import { getLogger } from "@prosopo/common";
 import { CaptchaType, ApiParams, Tier } from "@prosopo/types";
 import { getPrioritisedAccessRule } from "../api/blacklistRequestInspector.js";
 class CaptchaManager {
-  constructor(db, pair, logger) {
+  constructor(db, pair, config, logger) {
     this.pair = pair;
     this.db = db;
+    this.config = config;
     this.logger = logger || getLogger("info", import.meta.url);
   }
-  async getFrictionlessTokenIdFromSession(sessionRecord) {
-    const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-      sessionRecord.tokenId
-    );
-    return tokenRecord ? tokenRecord._id : void 0;
-  }
-  async validateFrictionlessTokenIP(sessionRecord, currentIP, env) {
-    const tokenRecord = await this.db.getFrictionlessTokenRecordByTokenId(
-      sessionRecord.tokenId
-    );
-    if (!tokenRecord) {
-      this.logger.info(() => ({
-        msg: "No frictionless token found for session",
-        data: { sessionId: sessionRecord.sessionId }
-      }));
-      return { valid: false, reason: "CAPTCHA.NO_SESSION_FOUND" };
-    }
+  async validateSessionIP(sessionRecord, currentIP, env) {
     return { valid: true };
   }
   async isValidRequest(clientSettings, requestedCaptchaType, env, sessionId, userAccessPolicy, currentIP) {
@@ -66,7 +51,7 @@ class CaptchaManager {
           };
         }
         if (currentIP) {
-          const ipValidation = await this.validateFrictionlessTokenIP(
+          const ipValidation = await this.validateSessionIP(
             sessionRecord,
             currentIP,
             env
@@ -79,7 +64,6 @@ class CaptchaManager {
             };
           }
         }
-        const frictionlessTokenId = await this.getFrictionlessTokenIdFromSession(sessionRecord);
         if (sessionRecord.captchaType !== requestedCaptchaType) {
           this.logger.warn(() => ({
             msg: "Invalid frictionless request",
@@ -96,7 +80,7 @@ class CaptchaManager {
         }
         return {
           valid: true,
-          frictionlessTokenId,
+          sessionId: sessionRecord.sessionId,
           type: requestedCaptchaType,
           ...sessionRecord.powDifficulty && {
             powDifficulty: sessionRecord.powDifficulty