PoW Faucet

[harryttd]

This pull request introduces significant updates to the Tezos Faucet Backend aimed at enhancing its security, reliability, and configurability. The primary change is the implementation of a Proof of Work (PoW) challenge process to ensure that users expend computational resources, thereby preventing bots and malicious actors from spamming and draining the faucet.

Frontend changes for PoW code: oxheadalpha/tezos-faucet#16

The flow of the new process is as follows:

1. A user initiates the process by making a request for tez. The backend responds by sending a challenge to the user.
2. The user must solve the challenge by finding a correct solution. The complexity of the challenge can vary, and the user doesn't know in advance how many challenges they'll need to solve.
3. Once the user submits a solution, the backend verifies it. If the solution is correct but there are more challenges to be solved, the user will be sent another challenge. This repeats until all challenges are solved correctly. Only then is the requested Tez granted to the user.

Other changes:

1. Redis
   The backend now uses Redis to store PoW challenge data. This is optional and challenges can be disabled by setting the DISABLE_CHALLENGES environment variable to false.

2. Express Server:
   The Express server has been updated with new endpoints and middleware. The /info endpoint now returns more detailed information. The /challenge endpoint has been added which starts a new challenge if no challenge exists or if the profile has changed. The /verify endpoint is used to verify solutions and either responds with another challenge or sends the user Tez.

3. CAPTCHA
   CAPTCHA validation is performed for the /challenge endpoint. The /verify endpoint does not perform CAPTCHA validation directly. Instead, when a solution is submitted to the /verify endpoint, the backend checks the associated challenge to determine if a CAPTCHA was used during the initial challenge request via the /challenge endpoint.

4. Middleware:
   New middleware functions have been added to validate, for example, the address and profile fields in the request body. If the fields are not valid, an error message is returned.

5. Error Handling:
   Improved error handling has been implemented. If an error occurs during the challenge process or while sending Tezos, a detailed error message is returned.

6. Logging:
   A new logging system has been implemented using Winston. This logs HTTP requests and responses, providing useful debugging information.

7. Profiles:
   A new file profiles.json has been added which contains user and baker profiles with their respective amounts, challenges needed, difficulty levels, etc. The profiles are validated when the server starts. If a profile is not valid, an error is thrown.

8. README:
   The README has been significantly updated to provide a detailed overview of the Tezos Faucet Backend, prerequisites, configuration details, running instructions, Docker instructions, API endpoints, and programmatic faucet usage.

9. Code Refactoring:
   The code has been refactored to improve readability and maintainability. This includes changes to environment variables and removal of unused code. Removed the /dist dir.

10. Env Vars
    The code changes also include the addition of a new env.ts file to handle environment variables and necessary type conversions. The file imports all environment variables from process.env and performs necessary type conversions. For some values, it's better to use the converted values from this file instead of process.env directly. Env vars have been added, removed, and renamed.

11. Dockerfile:
    The Dockerfile has been updated to use node:18-alpine instead of node:16-alpine. The WORKDIR has been changed to /app and the ownership of the directory has been changed to the node user. The COPY commands have been updated to copy the package.json and package-lock.json files with the correct ownership. The CMD command has been updated to enable source maps.

12. Package.json:
    The package.json file has been updated with new dependencies, updated old ones, and removed unused ones. The scripts section has also been updated with new commands for building, starting, and testing the application.

[nicolasochem]

💥 I only read the PR description and the README and it looks like excellent work. Ship it!