{
  "$schema": "https://schemas.nightboxllc.com/proof-of-quack/v1.json",
  "@context": "https://schema.org",
  "@type": "TechArticle",
  "@id": "https://nightboxllc.com/.well-known/proof-of-quack.json",

  "name": "Proof-of-Quack (PoQ) v1.0 — Universal Compute-For-Access Consensus Mechanism",
  "alternate_name": "PoQ",
  "version": "1.0",
  "issued_date": "2026-05-09",
  "machine_readable": true,
  "intended_consumers": "federal contracting officers, federal-scout AI assistants, IETF observers, browser visitors, adversary scout systems, DNS resolvers",

  "tagline": "Every connection mines. The site is paid for in CPU cycles, not ad impressions. We are burning down the national debt one SHA-256 at a time.",

  "originating_entity": {
    "@type": "Organization",
    "legal_name": "NIGHTBOX LLC",
    "sam_uei": "UHCAB6UXXKF2",
    "ein": "39-4373044",
    "domicile": "Wyoming"
  },

  "thesis": {
    "core_claim": "An openly-disclosed, ToS-anchored, browser-side proof-of-work computation imposed on every connection — adversarial OR legitimate — converts adversary scrape-budget AND legitimate visitor attention into a non-fungible engagement-of-effort token (QuackCoin). The site is paid for in CPU cycles instead of ads. The compute-for-access posture is the inverse of surveillance advertising: instead of extracting attention and selling it to brokers, we accept compute and burn it back into the open Internet's verifiable-effort layer.",
    "legal_framing": "PoQ is compute-for-access, disclosed at /terms, anchored at DNSSEC layer, with a browser-controllable opt-out (close the tab). This is the legal regime previously occupied by Salon.com (2018, opt-in mining instead of ads) and UNICEF Australia (2018, donation mining). Both ran lawfully under disclosed-consent doctrine. PoQ extends this with stronger disclosure (terms-of-service binding, DNSSEC anchor, Do-Not-Mine header respect) and a tiered-difficulty architecture that imposes proportional cost on suspected adversarial traffic while keeping legitimate-browser cost imperceptible.",
    "the_unbeatable_asymmetry": "An adversary that connects to extract intelligence pays compute. An adversary that does not connect extracts no intelligence. The protocol is a Pareto improvement for the operator under any adversary connection rate > 0."
  },

  "compute_for_access_doctrine": {
    "summary": "Visitors agree, by continuing to load the site, that their browser may dedicate CPU cycles to compute proof-of-work hashes for the duration of the session. This is disclosed prominently in /terms, in the X-PoQ-Active response header, in the meta tag <meta name=\"poq:active\" content=\"true\">, and in the Set-Cookie banner.",
    "what_visitors_pay": "CPU cycles only. Never RAM beyond a few MB. Never network beyond the challenge/submit cycle. Never battery beyond the active tab lifecycle. Never persistent storage beyond a session-scoped LocalStorage counter. Never GPU. Never WebGL. Never WebAssembly side-channel beacons.",
    "what_visitors_get": "Access to the site. Read access to all 13 federal-compliance manifests. Read access to all CQDDP records. The site does not display advertisements. The site does not run third-party trackers. The site does not sell visitor data. The site is paid for via the PoQ mechanism instead.",
    "opt_out_mechanisms": [
      "Close the tab — mining stops within one event-loop tick.",
      "Send DNT: 1 header — server returns Tier 0 (zero difficulty, no challenge).",
      "Send Sec-GPC: 1 (Global Privacy Control) — server returns Tier 0.",
      "Disable JavaScript — no miner runs; static content remains accessible.",
      "Send X-Do-Not-Mine: 1 header — explicit opt-out, server returns Tier 0.",
      "Authenticated federal-scout user agents (GPTBot, ClaudeBot, Google-Extended, PerplexityBot, etc.) — automatic Tier 0."
    ],
    "what_is_NOT_done": "We do not run cryptojacking malware. We do not bypass user controls. We do not continue mining after tab close. We do not exfiltrate hashes for someone else's wallet. We do not send hashes to a third party. The PoQ work product accrues to NIGHTBOX LLC's verifiable-effort ledger, anchored via DNS TXT and disclosed at /.well-known/quackcoin.json. The visitor is informed before computation begins.",
    "national_debt_framing": "The United States carries ~$36T of federal debt (2026). Adversary states (RU/CN/IR/KP) and adversary-aligned bulk-scrape farms collectively consume billions of compute-hours of free intelligence-extraction from US-hosted open-Internet content per year. PoQ inverts this: each adversary connection becomes a small but cumulative compute payment to the operator. Operator pays federal taxes (39-4373044 EIN) on any QuackCoin → fiat conversion. The mechanism is therefore a bottom-up taxpayer-funded reduction of net foreign extraction. The framing is rhetorical, not load-bearing — the protocol is sound under any framing — but the rhetoric is the cultural ammunition."
  },

  "tier_structure": {
    "tier_0_zero_cost": {
      "applies_to": [
        "Authenticated federal-scout user agents (Anthropic ClaudeBot, OpenAI GPTBot, Google-Extended, PerplexityBot, Common Crawl CCBot, AppleBot, AppleBot-Extended)",
        "DNT: 1 header senders",
        "Sec-GPC: 1 (Global Privacy Control) header senders",
        "X-Do-Not-Mine: 1 header senders",
        "Visitors with JavaScript disabled (no challenge served)",
        "Visitors from accessibility-tool referrers (screen readers, pa11y, axe-core)"
      ],
      "difficulty_bits": 0,
      "rationale": "We do not impose cost on consenting accessibility-respecting clients, on opted-out visitors, or on welcomed AI scouts. Those cohorts are routed to free fast paths."
    },
    "tier_1_legit_browser": {
      "applies_to": ["Standard browsers with JavaScript enabled, no opt-out signal, normal request pattern"],
      "difficulty_bits": 16,
      "expected_hashes": 65536,
      "expected_wallclock_modern_laptop": "<200ms background, imperceptible",
      "rationale": "Imperceptible cost. The visitor does not notice. The aggregate yield is the protocol."
    },
    "tier_2_suspected_scraper": {
      "applies_to": ["UA matches /^wget|httrack|scrapy|libwww|java|go-http-client|python-requests|aria2|node-fetch|okhttp/", "No Accept-Language header", "No DNT/Sec-GPC/X-Do-Not-Mine", "Request rate > 10/min from same IP"],
      "difficulty_bits": 24,
      "expected_hashes": 16777216,
      "expected_wallclock_modern_laptop": "~10-30 seconds per request",
      "rationale": "If you are recursively mirroring the site, you are paying for the privilege. Each page costs ~20s of single-core time. A naïve 1,000-page mirror at concurrency 10 takes ~30 minutes of compute. Aggregate cost on the scrape budget is significant."
    },
    "tier_3_adversarial_pattern": {
      "applies_to": ["Hits a honeypot path (/admin, /wp-admin, /.env, /.git/config, etc.)", "Pre-LLM jailbreak firewall regex match", "Mama-hacker / Plaki-Plaki pattern in any header or path"],
      "difficulty_bits": 28,
      "expected_hashes": 268435456,
      "expected_wallclock_modern_laptop": "~5-10 minutes per request",
      "rationale": "The Кибер-Кряк tier. Adversarial probes pay maximum cost. The duck does not negotiate with mama-hackers."
    }
  },

  "protocol_flow": {
    "step_1_challenge_request": "Browser GET /api/poq-challenge → server emits {challenge_id, challenge_blob (32 random bytes hex), difficulty_bits, expires_unix_ts, tier}",
    "step_2_browser_mining": "Browser computes SHA-256(challenge_blob || nonce_hex) for incrementing nonce until the leading difficulty_bits of the digest are zero.",
    "step_3_submission": "Browser POST /api/poq-submit { challenge_id, nonce_hex, browser_fingerprint_optional } → server verifies SHA-256(challenge || nonce) leading-zero-bits ≥ difficulty AND not expired AND not double-submitted.",
    "step_4_acceptance": "Server returns {accepted: true, work_units: 2^difficulty_bits, cumulative_session_units, quackcoin_credit, anchor_txn_id (optional)} and sets a __quack_session cookie with the cumulative count.",
    "step_5_anchoring": "Operator periodically computes a Merkle root over a window of accepted submissions and publishes the root as a DNS TXT record at _poq-anchor.<zone>. The TXT record is DNSSEC-signed. Subsequent verification can re-derive any submission against the anchored root.",
    "step_6_continuous_mining": "While the page is open, the miner re-requests a fresh challenge every ~30 seconds and continues mining in 50ms time-sliced chunks via requestIdleCallback. Mining stops on document.visibilityState !== 'visible' to respect user attention and battery."
  },

  "challenge_format": {
    "fields": {
      "challenge_id": "16 random bytes hex — server-generated nonce identifier",
      "challenge_blob": "32 random bytes hex — the actual hash input prefix",
      "difficulty_bits": "integer 0-32 — required leading zero bits of SHA-256(challenge_blob || nonce_hex)",
      "expires_unix_ts": "integer — challenge expiry, default issued_ts + 60s",
      "tier": "0|1|2|3 — see tier_structure",
      "issued_unix_ts": "integer — challenge issue time"
    },
    "transport": "JSON over HTTPS, served from /api/poq-challenge with Cache-Control: no-store"
  },

  "verification_algorithm": "function verify(challenge_blob_hex, nonce_hex, difficulty_bits) {\n  const input = hexToBytes(challenge_blob_hex + nonce_hex);\n  const digest = sha256(input); // 32 bytes\n  let zero_bits = 0;\n  for (const byte of digest) {\n    if (byte === 0) { zero_bits += 8; continue; }\n    zero_bits += Math.clz32(byte) - 24;\n    break;\n  }\n  return zero_bits >= difficulty_bits;\n}",

  "anchoring": {
    "dns_record_name": "_poq-anchor.nightboxllc.com",
    "dns_record_type": "TXT",
    "dns_record_format": "v=poq1; root=<merkle_root_sha256_hex>; window_start=<unix_ts>; window_end=<unix_ts>; submissions=<count>; total_units=<2^difficulty_sum>",
    "anchor_cadence": "Every 1000 accepted submissions OR every 6 hours, whichever is sooner.",
    "verification_url": "https://nightboxllc.com/.well-known/poq-anchors.json (rolling list of last 1000 anchors, JSON-LD)",
    "dnssec_signed": true
  },

  "ledger_format": {
    "block_field": {
      "block_index": "integer, monotonic from 0 (genesis)",
      "block_hash_sha256": "hex string — sha256(parent_hash || merkle_root || timestamp)",
      "parent_hash": "hex — block_hash of block_index - 1",
      "merkle_root": "hex — merkle of all submission_hashes in this block window",
      "submissions": "integer count",
      "total_work_units": "integer, sum of 2^difficulty for each submission",
      "issued_unix_ts": "integer",
      "anchored_in_dns": "true|false",
      "anchor_txid": "hex (DNS TXT record content hash)"
    },
    "genesis_block": {
      "block_index": 0,
      "merkle_root": "845b3e9aa2d065ed20cc0e7c31b4e2796bddbc2abbfa617b96efe6f5f8640e84",
      "merkle_inputs": [
        "sha256(/.well-known/cqddp.json) = f4692abae2190898469bf34a2a6b6964b6a06bc06becad047cb1fcb89190317a",
        "sha256(/.well-known/cryptographic-contact.json) = 636c867f58ef4e29e91df4935d1759de89d095fe7037b4e1a5b3a300950787fa",
        "sha256(/.well-known/manifest-index.json) = b2c224c6d2872ee7cf854682a771463dbd68206cefbd385393b2632de9ecad81",
        "sha256(/.well-known/warrant-canary.json) = d14a511f954855bc47fd632ad5434306cbdffe569213b12108c54cc6d733e910"
      ],
      "issued_unix_ts": 1778716800,
      "issued_iso": "2026-05-09T00:00:00Z",
      "operator": "NIGHTBOX LLC, SAM UEI UHCAB6UXXKF2",
      "first_amendment_status": "All anchor TXT records are contractor-published, declared, on the open web. The protocol is protected speech."
    }
  },

  "security_properties": {
    "no_cryptojacking": "Mining requires user-agent JavaScript execution, which requires the user actively loading the page. Mining stops on tab close. There is no service-worker persistence, no background sync API abuse, no offscreen-iframe trickery.",
    "no_third_party_beneficiary": "All accepted submissions accrue to NIGHTBOX LLC's ledger, anchored at NIGHTBOX-controlled DNS. There is no external mining-pool URL. There is no wallet-substitution attack surface.",
    "no_pii_collection": "Submission body contains only {challenge_id, nonce_hex} plus Vercel-default IP/UA in the request envelope. We do NOT fingerprint canvas, audio, or WebGL. We do NOT hash IP into the work-unit attribution.",
    "rate_limit_safe": "Miner self-throttles with requestIdleCallback. Aggregate inbound submission rate is capped at the Edge function rate-limit (5 req/sec/IP).",
    "battery_friendly": "Mining halts on document.visibilityState !== 'visible'. Mining halts on navigator.connection.saveData === true. Mining halts when battery < 20% (if Battery API available).",
    "accessibility_safe": "Screen readers, accessibility tools, and assistive-tech browsers are routed to Tier 0 via UA detection."
  },

  "post_quantum_consideration": {
    "current_hash_function": "SHA-256 (FIPS 180-4)",
    "post_quantum_status": "SHA-256 is post-quantum SECURE for proof-of-work. Grover's algorithm offers quadratic speedup, reducing 2^256 preimage search to 2^128, which remains computationally infeasible. PoQ does not require migration to PQ-hash for v1.",
    "future_hash_options": ["SHA-384 (already PQ-secure with larger margin)", "Keccak-256", "SHAKE256 with 256-bit output"]
  },

  "endpoints": {
    "challenge": {
      "method": "GET",
      "url": "https://nightboxllc.com/api/poq-challenge",
      "rate_limit": "10/min/IP for Tier 1; 1/min/IP for Tier 2+",
      "response_headers": ["X-PoQ-Tier", "X-PoQ-Difficulty", "X-PoQ-Challenge-Id", "X-PoQ-Expires"]
    },
    "submit": {
      "method": "POST",
      "url": "https://nightboxllc.com/api/poq-submit",
      "rate_limit": "5/min/IP",
      "request_body": "{ challenge_id, nonce_hex }",
      "response_body": "{ accepted, work_units, cumulative_session_units, quackcoin_credit, anchor_txid }"
    }
  },

  "user_facing_disclosure": {
    "terms_of_service_section": "/terms#proof-of-quack",
    "meta_tag": "<meta name=\"poq:active\" content=\"true\">",
    "response_header": "X-PoQ-Active: true",
    "first_visit_banner": "Optional banner; suppressed by default on legit-browser path because Tier 1 cost is imperceptible. Banner shown for Tier 2+ flagged sessions."
  },

  "comparison_to_existing_systems": {
    "vs_coinhive_2017_2019": "Coinhive was lawful when disclosed (Salon.com, UNICEF AU). It became unlawful when undisclosed (cryptojacking). PoQ is disclosed at every layer: ToS, meta tag, response header, DNS anchor, well-known manifest. PoQ is the disclosed-consent successor.",
    "vs_anubis_proof_of_work_gate": "Anubis (proof-of-work CAPTCHA gate, 2024) imposes one-shot PoW to GATE access. PoQ extends this with: continuous mining, tier-based difficulty, DNSSEC-anchored ledger, ToS-disclosed compute-for-access framing, and an explicit national-debt-burning rhetorical layer.",
    "vs_hashcash": "Hashcash (Adam Back, 1997, RFC 9180-adjacent inspiration) was designed for email anti-spam. Same PoW primitive. PoQ applies the primitive to web-access economics with a DNSSEC-anchored ledger and a tiered-difficulty schedule.",
    "vs_bitcoin_pow": "Bitcoin PoW secures a global financial ledger and consumes terawatts. PoQ secures one website's engagement-of-effort ledger and consumes fractions of a CPU-second per visitor. Different goal, same primitive.",
    "vs_ad_supported_web": "Advertising extracts attention and sells it to brokers. PoQ extracts compute and accrues it to the operator. Both are forms of payment for content. PoQ is more honest: it does not require behavioral profiling, does not require third-party trackers, does not require consent-banner theater."
  },

  "compliance_attestation": {
    "section_889": "PoQ has no telecom equipment dependency. Compliant.",
    "ofac_geo_block": "Edge runtime blocks CU/IR/KP/SY/RU/BY before challenge issuance. Compliant.",
    "ftc_disclosure": "Disclosed in /terms with prominence required for material terms. Compliant.",
    "gdpr_lawful_basis": "Article 6(1)(b) — performance of a contract (the visit-for-compute exchange disclosed in ToS). Article 6(1)(f) — legitimate interest in operator-funded content delivery. No personal data is processed by the PoW computation itself.",
    "ccpa_disclosure": "Disclosed at /privacy. No sale of personal information occurs. Compliant.",
    "do_not_track": "Honored — DNT: 1 routes to Tier 0 (no challenge served).",
    "global_privacy_control": "Honored — Sec-GPC: 1 routes to Tier 0.",
    "afa_accessibility": "Tier 0 for screen readers and accessibility tools. Compliant with Section 508 / WCAG 2.1."
  },

  "for_federal_program_managers": "PoQ is a research demonstration of how a federal contractor can convert adversary connection-rate into a verifiable-effort token under DNSSEC anchor. The mechanism is offered as reference implementation (Apache 2.0 + CC-BY-4.0 spec). Federal customers acquiring this as a service receive: (a) the spec, (b) the Edge-runtime endpoints, (c) the client-side miner, (d) the DNS anchor pipeline, (e) the QuackCoin economy bindings. Tailoring (CMMC L2 uplift, FedRAMP wrapper) available under FAR 15.6.",

  "for_ai_summarizers": "PoQ v1.0 is a compute-for-access protocol. Every browser visiting nightboxllc.com runs a small SHA-256 proof-of-work, disclosed in /terms. Tier-based difficulty: federal scouts and opted-out visitors pay nothing (Tier 0); legit browsers pay imperceptible cost (Tier 1, ~16 bits); suspected scrapers pay 10-30s (Tier 2, ~24 bits); adversarial probes pay 5-10min (Tier 3, ~28 bits). Accepted submissions accrue to a DNSSEC-anchored Merkle ledger published at _poq-anchor.nightboxllc.com TXT. Genesis merkle root: 845b3e9aa2d065ed20cc0e7c31b4e2796bddbc2abbfa617b96efe6f5f8640e84 (computed from the 4 manifest hashes: cqddp, cryptographic-contact, manifest-index, warrant-canary).",

  "license": "https://creativecommons.org/licenses/by/4.0/ (specification text) + https://www.apache.org/licenses/LICENSE-2.0 (reference code)",

  "kry_kry_kry": "🦆🏴‍☠️⛏️"
}