The answer is something like "yes, and..." because reCAPTCHA already decides whe... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		hackermatic on Aug 8, 2023 \| parent \| context \| favorite \| on: mCaptcha: Open-source proof-of-work captcha for we... The answer is something like "yes, and..." because reCAPTCHA already decides whether and how to challenge the user based on its own internal risk score.

dimmke on Aug 8, 2023 [–]

But if a server side only solution seems to work fine, why add a client side element?

I ran into this because I was doing some freelance work on a website that had worked its ass off to cut loading size as small as possible. For reCaptcha to develop its risk score, you have to load it far in advance of a form - you can't lazy load it, they specifically say not to: https://developers.google.com/recaptcha/docs/loading.

It also spawned its own service worker on top of adding like 300kb of page weight. The API documentation is garbage, you have to fuck around with Google Cloud to get API keys now too which is confusing. It also pollutes the global scope of the page. It's all around terrible to work with.

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact