Logic/gptplus_machine
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(register): align live sentinel flow with successful HAR

Browse Source
This commit is contained in:
Logic
2026-04-07 13:39:01 +08:00
parent ba02799b18
commit 3c6fce8d57
13 changed files with 1784 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
docs/superpowers/plans/2026-04-07-register-sentinel-live-fix.md Normal file
View File

@@ -0,0 +1,55 @@
# Register Sentinel Live Fix Implementation Plan
> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
**Goal:** Replace static register sentinel tokens with live `/backend-api/sentinel/req` + `turnstile.dx` generation.
**Architecture:** Python keeps the HTTP registration flow. A local Node runner handles the current sentinel proof generation and VM execution. Python assembles the final sentinel header and injects it into register/create-account requests.
**Tech Stack:** Python 3.11+, `curl_cffi`, built-in `unittest`, Node.js CommonJS.
---
### Task 1: Add failing tests for the new sentinel integration
**Files:**
- Create: `tests/test_sentinel_solver.py`
- Create: `tests/test_register_live_sentinel.py`
- [ ] **Step 1: Write failing tests for Python sentinel solving and register flow usage**
- [ ] **Step 2: Run `python -m unittest tests.test_sentinel_solver tests.test_register_live_sentinel -v` and verify failure**
### Task 2: Add the Node VM / proof runner
**Files:**
- Create: `src/sentinel_vm.js`
- Create: `src/sentinel_runner.js`
- [ ] **Step 1: Add the VM executor and runner CLI**
- [ ] **Step 2: Run a targeted local smoke command against the runner**
### Task 3: Add the Python sentinel solver
**Files:**
- Create: `src/sentinel_solver.py`
- Modify: `pyproject.toml`
- [ ] **Step 1: Implement SDK version discovery, Node subprocess calls, req fetch, and final token assembly**
- [ ] **Step 2: Run sentinel solver unit tests and verify pass**
### Task 4: Wire register flow to the live solver
**Files:**
- Modify: `src/chatgpt_register_http_reverse.py`
- [ ] **Step 1: Inject the sentinel solver into register flow and remove static fallback use**
- [ ] **Step 2: Run register flow unit tests and verify pass**
### Task 5: Verify end-to-end targeted checks
**Files:**
- Modify as needed based on failures from prior tasks
- [ ] **Step 1: Run `python -m unittest tests.test_sentinel_solver tests.test_register_live_sentinel -v`**
- [ ] **Step 2: Run one targeted Node runner smoke command**
- [ ] **Step 3: Summarize limitations and next checks**

36
docs/superpowers/specs/2026-04-07-register-sentinel-design.md Normal file
View File

@@ -0,0 +1,36 @@
# Register Sentinel Live Generation Design
## Goal
Replace the expired static `nodatadog.js` sentinel fallback in the register flow with live sentinel generation based on the current `/backend-api/sentinel/req -> turnstile.dx -> VM` flow.
## Scope
- Only the `register` flow is in scope.
- `checkout` may benefit indirectly because it reuses registration, but payment flow changes are out of scope.
- `codex-login` is explicitly out of scope.
## Design
1. Add a Python `SentinelSolver` that:
- fetches the current sentinel SDK bootstrap to discover the active sentinel version;
- asks a local Node runner to generate the current `p` proof token using the live `getConfig()` / proof-of-work logic;
- calls `https://sentinel.openai.com/backend-api/sentinel/req` with `{p,id,flow}`;
- asks the Node runner to execute `turnstile.dx` and returns the raw encoded VM output;
- builds the final sentinel header as JSON with `p`, `t`, `c`, `id`, and `flow`.
2. Add a Node runtime that contains:
- a readable VM executor for `turnstile.dx`;
- a small browser-like environment shim;
- the current proof generation logic derived from the active SDK.
3. Wire `ChatGPTRegisterHTTPReverse.register()` to generate live sentinel tokens for:
- `username_password_create`
- `oauth_create_account`
4. Remove the old static-capture fallback from the register path.
## Failure Policy
If any live sentinel step fails (SDK version fetch, Node runtime, req response parse, VM execution, or final token assembly), registration stops immediately with a descriptive error.
## Files
- New: `src/sentinel_solver.py`
- New: `src/sentinel_vm.js`
- New: `src/sentinel_runner.js`
- Modify: `src/chatgpt_register_http_reverse.py`
- Modify: `pyproject.toml`
- New tests under `tests/`