Overview

OrangeCheck is a sybil-resistance primitive for the open internet. You sign one Bitcoin message. Any app can verify, in one HTTP call, that your address holds N sats and has kept them unspent for N days.

No custody. No account. No permission. Honest users pay nothing but time. Attackers pay real Bitcoin opportunity cost — ruinous at scale.

Who this is for

• Platforms — forum operators, Nostr relay operators, airdrop distributors, DAO coordinators, Discord bot authors, anyone who needs a sybil filter without becoming a centralised identity provider.
• Integrators — wallet and Nostr client developers who want users to create or display proofs.
• Users — anyone on an open protocol who wants to stop being mistaken for a bot.

Who this is not for

• You want "reputation" in the social-graph sense (karma, trust-rank). This is a cryptographic stake receipt, not a social score.
• You want identity in the KYC sense. A proof says "the holder of this address claims handle X." That's a claim, not a validated identity.
• You want centralised custody. Funds never move; this is offline-signed.

Where to go next

House rules

• Every endpoint is public. No signup. Free-tier rate limits apply — see API overview.
• The protocol is open. Spec is CC-BY-4.0; reference code is MIT.
• Nothing pretends to be on-chain. Everything is off-chain signed messages; Bitcoin chain state is read, not written.
• Bitcoin is load-bearing. If a feature works identically on Ed25519, it doesn't belong here.

A word on safety

OrangeCheck raises the cost floor of sybil attacks. It doesn't prevent targeted abuse by a motivated individual with capital. Pair it with your own policy — rate limits, reputation history, content moderation — for anything high-value.

For high-stakes flows (payments, airdrops), always verify address control cryptographically with the signed-challenge flow, not just a header or cookie.