[feature] update proof-of-work to allow setting required rounds (#4186)

# Description

This updates our proof-of-work middleware, NoLLaMas, to work on a more easily configurable algorithm (thank you f0x for bringing this to my attention!). Instead of requiring that a solution with pre-determined number of '0' chars be found, it now pre-computes a result with a pre-determined nonce value that it expects the client to iterate up-to. (though with some level of jitter applied, to prevent it being too-easily gamed). This allows the user to configure roughly how many hash-encode rounds they want their clients to have to complete.

## Checklist

- [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md).
- [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
- [x] I/we have not leveraged AI to create the proposed changes.
- [x] I/we have performed a self-review of added code.
- [x] I/we have written code that is legible and maintainable by others.
- [x] I/we have commented the added code, particularly in hard-to-understand areas.
- [x] I/we have made any necessary changes to documentation.
- [ ] I/we have added tests that cover new code.
- [x] I/we have run tests and they pass locally with the changes.
- [x] I/we have run `go fmt ./...` and `golangci-lint run`.

Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4186
Co-authored-by: kim <grufwub@gmail.com>
Co-committed-by: kim <grufwub@gmail.com>

internal/middleware/nollamas_test.go

@@ -95,41 +95,39 @@ func testNoLLaMasMiddleware(t *testing.T, e *gin.Engine, userAgent string) {
 		panic(err)
 	}
 
+	var seed string
 	var challenge string
-	var difficulty uint64
 
 	// Parse output body and find the challenge / difficulty.
 	for _, line := range strings.Split(string(b), "\n") {
 		line = strings.TrimSpace(line)
 		switch {
+		case strings.HasPrefix(line, "data-nollamas-seed=\""):
+			line = line[20:]
+			line = line[:len(line)-1]
+			seed = line
 		case strings.HasPrefix(line, "data-nollamas-challenge=\""):
 			line = line[25:]
 			line = line[:len(line)-1]
 			challenge = line
-		case strings.HasPrefix(line, "data-nollamas-difficulty=\""):
-			line = line[26:]
-			line = line[:len(line)-1]
-			var err error
-			difficulty, err = strconv.ParseUint(line, 10, 8)
-			assert.NoError(t, err)
 		}
 	}
 
 	// Ensure valid posed challenge.
-	assert.NotZero(t, difficulty)
 	assert.NotEmpty(t, challenge)
+	assert.NotEmpty(t, seed)
 
 	// Prepare a test request for gin engine.
 	r = httptest.NewRequest("GET", "/", nil)
 	r.Header.Set("User-Agent", userAgent)
 	rw = httptest.NewRecorder()
 
-	// Now compute and set solution query paramater.
-	solution := computeSolution(challenge, difficulty)
-	r.URL.RawQuery = "nollamas_solution=" + solution
-
+	t.Logf("seed=%s", seed)
 	t.Logf("challenge=%s", challenge)
-	t.Logf("difficulty=%d", difficulty)
+
+	// Now compute and set solution query paramater.
+	solution := computeSolution(seed, challenge)
+	r.URL.RawQuery = "nollamas_solution=" + solution
 	t.Logf("solution=%s", solution)
 
 	// Pass req through
@@ -152,17 +150,14 @@ func testNoLLaMasMiddleware(t *testing.T, e *gin.Engine, userAgent string) {
 }
 
 // computeSolution does the functional equivalent of our nollamas workerTask.js.
-func computeSolution(challenge string, diff uint64) string {
-outer:
+func computeSolution(seed, challenge string) string {
 	for i := 0; ; i++ {
 		solution := strconv.Itoa(i)
-		combined := challenge + solution
+		combined := seed + solution
 		hash := sha256.Sum256(byteutil.S2B(combined))
 		encoded := hex.EncodeToString(hash[:])
-		for i := range diff {
-			if encoded[i] != '0' {
-				continue outer
-			}
+		if encoded != challenge {
+			continue
 		}
 		return solution
 	}