37 lines
1.7 KiB
Markdown
37 lines
1.7 KiB
Markdown
# Register Sentinel Live Generation Design
|
|
|
|
## Goal
|
|
Replace the expired static `nodatadog.js` sentinel fallback in the register flow with live sentinel generation based on the current `/backend-api/sentinel/req -> turnstile.dx -> VM` flow.
|
|
|
|
## Scope
|
|
- Only the `register` flow is in scope.
|
|
- `checkout` may benefit indirectly because it reuses registration, but payment flow changes are out of scope.
|
|
- `codex-login` is explicitly out of scope.
|
|
|
|
## Design
|
|
1. Add a Python `SentinelSolver` that:
|
|
- fetches the current sentinel SDK bootstrap to discover the active sentinel version;
|
|
- asks a local Node runner to generate the current `p` proof token using the live `getConfig()` / proof-of-work logic;
|
|
- calls `https://sentinel.openai.com/backend-api/sentinel/req` with `{p,id,flow}`;
|
|
- asks the Node runner to execute `turnstile.dx` and returns the raw encoded VM output;
|
|
- builds the final sentinel header as JSON with `p`, `t`, `c`, `id`, and `flow`.
|
|
2. Add a Node runtime that contains:
|
|
- a readable VM executor for `turnstile.dx`;
|
|
- a small browser-like environment shim;
|
|
- the current proof generation logic derived from the active SDK.
|
|
3. Wire `ChatGPTRegisterHTTPReverse.register()` to generate live sentinel tokens for:
|
|
- `username_password_create`
|
|
- `oauth_create_account`
|
|
4. Remove the old static-capture fallback from the register path.
|
|
|
|
## Failure Policy
|
|
If any live sentinel step fails (SDK version fetch, Node runtime, req response parse, VM execution, or final token assembly), registration stops immediately with a descriptive error.
|
|
|
|
## Files
|
|
- New: `src/sentinel_solver.py`
|
|
- New: `src/sentinel_vm.js`
|
|
- New: `src/sentinel_runner.js`
|
|
- Modify: `src/chatgpt_register_http_reverse.py`
|
|
- Modify: `pyproject.toml`
|
|
- New tests under `tests/`
|