Private Captcha is an open-source, EU-based CAPTCHA service that replaces traditional puzzle-based CAPTCHAs with background Proof-of-Work challenges to stop bots, AI scrapers, and spam while preserving user privacy. Designed for developers and organizations requiring GDPR compliance, it eliminates tracking, avoids third-party data collection, and supports full self-hosting.
Built with Go for the backend and JavaScript/WASM for the client widget, it uses PostgreSQL for account data and ClickHouse for operational metrics. The system provides a stable API, customizable widget integrations, and supports deployment via Docker or on-premises infrastructure, making it ideal for enterprises, agencies, and nonprofits needing secure, compliant bot protection without vendor lock-in.
What You Get
- Proof-of-Work CAPTCHA - Uses cryptographic Proof-of-Work tasks executed in the background to verify humans without visual puzzles, making it AI-resistant and user-friendly.
- Invisible Widget - Lightweight client-side widget that runs verification silently during form interaction, eliminating disruptive challenges for users.
- Adaptive Difficulty Scaling - Dynamically adjusts computational difficulty based on bot threat levels, ensuring robust protection without overburdening legitimate users.
- GDPR-Compliant by Design - Collects no Personally Identifiable Information (PII); all data processing adheres to EU privacy regulations with optional Data Processing Agreement.
- Self-Hosting Support - Full control over infrastructure; source code and self-hosting deployment guides are publicly available for on-premises deployment.
- Usage Statistics & Audit Logs - Backend dashboard provides real-time analytics on bot attempts, challenge difficulty, and system performance for monitoring and optimization.
- EU-Only Infrastructure - Servers, storage, CDN, and email services are exclusively hosted by EU-based providers to ensure compliance with GDPR and data sovereignty requirements.
- Stable, Backward-Compatible API - Public OpenAPI specification ensures integrations remain functional across updates with guaranteed compatibility.
Common Use Cases
- Securing EU-based web forms - A nonprofit in Germany uses Private Captcha to block automated signups on donation forms while ensuring full GDPR compliance and avoiding US-based tracking services.
- Protecting API endpoints from AI scrapers - An e-commerce company in France deploys Private Captcha on its product pricing API to prevent competitors from scraping data using AI-powered bots.
- Replacing Google reCAPTCHA in regulated industries - A healthcare SaaS provider replaces reCAPTCHA with Private Captcha to eliminate user tracking and meet strict data residency requirements.
- Self-hosting bot protection for compliance audits - A government agency hosts Private Captcha internally to maintain full data control and pass security audits requiring no third-party data processing.
Under The Hood
Architecture
- Modular monolith structure with distinct layers for HTTP API, database abstraction, and core captcha logic, enabling clear separation of concerns and scalable maintenance
- Dependency injection via constructor-based interfaces ensures testability and decouples service components like CaptchaElement and WorkersPool
- WASM-based client-side puzzle rendering is fully isolated from backend logic, enforcing a clean API boundary between frontend widget and Go services
- Event-driven worker pool with bounded concurrency decouples puzzle generation from HTTP request handling, improving system responsiveness and resource efficiency
- Build system leverages Go modules with build tags and vendor isolation, while JS widget compilation is cleanly separated via npm scripts for maintainability
- Comprehensive CI/CD pipeline with Dockerized testing, automated linting, and dependency management demonstrates production-grade operational discipline
Tech Stack
- Go 1.20+ backend with modular binaries and vendorized dependencies, using enterprise build tags for feature gating without code duplication
- ESBuild with inline worker plugin and base64-arraybuffer enables efficient client-side captcha widget bundling alongside lightweight HTML/CSS rendering
- PostgreSQL with sqlc-generated type-safe queries and automated SQL-based migrations ensures robust data layer integrity
- Docker-based development and testing orchestration with multi-stage builds and ClickHouse integration for analytics validation
- Automated code quality enforced through golangci-lint, RenovateBot, and CI-ready Makefile workflows
- Headless browser testing via happy-dom complements native Go unit and integration tests for full-stack validation
Code Quality
- Extensive test suite with realistic DOM mocking and Worker simulation ensures accurate validation of widget behavior in browser environments
- Clear separation of test setup and assertion logic, with consistent async/await patterns and event-driven assertions for asynchronous operations
- Robust error handling through defensive checks and event-based feedback, though custom error classes are not utilized
- Strong type safety in JavaScript via explicit validation of solution formats and event structures, despite absence of TypeScript
- Consistent naming conventions for events and callbacks align with data attributes, enhancing readability and maintainability
- Automated test infrastructure with Dockerized PostgreSQL and SQLC validation ensures database schema and migration integrity alongside frontend tests
What Makes It Unique
- Employs WebAssembly to execute cryptographic hash functions (Blake2b) directly in the browser, eliminating server round-trips and reducing attack surface
- Implements dynamic puzzle-based captchas with visual logic challenges instead of text/image recognition, making it highly resistant to OCR and AI bots
- Features a state machine-driven flow with real-time feedback and adaptive difficulty based on user interaction patterns
- Introduces a zero-dependency client-side error tracking system that preserves user privacy by avoiding external analytics services
- Uses custom WASM-rendered primitives to ensure functionality under extreme resource constraints
- Applies progressive disclosure mechanics that reveal challenges only after detecting human-like interaction patterns, not just basic mouse movements