The PTC system is a self-sustaining ecosystem where Advertisers pay users to view their websites.
- Create Campaign:
- Cost Model:
(Base Cost + Duration * CostPerSec) + (RedirectFee)per view. - Balance Deduction: Full amount is deducted upfront from the advertiser's token balance.
- Refunds: If a campaign is canceled or rejected, unspent funds are automatically refunded to the user.
- Cost Model:
- View Ad:
- User clicks an ad -> Logic starts a server-side timer session.
- A new window opens with the advertiser's URL (iframe protected).
- Client-side timer counts down.
- Verification:
- Client requests verification.
- Server checks:
(Now - SessionStartTime) >= AdDuration. - Server checks: No claim for this Ad + IP in the last 24h.
-
Timing Attack Prevention:
- Timers are trusted only on the server.
- The
ptc_sessionstable stores thestartTimecreated by the server. Client-side manipulation cannot bypass the wait time.
-
Anti-Abuse:
- IP Cooldown: Enforces 1 view per Ad per IP per 24 hours.
- Iframe Protection: Checks for "frame-busting" scripts in submitted URLs (basic blacklist).
-
Approval Workflow:
- New ads are set to
pending. - Admins must manually
approve(active) orreject(refund) them to prevent malicious content.
- New ads are set to
- Service:
lib/services/ptc.ts-- Handles Campaign Creation, Views, and Verification. - Models:
ptc_ads,ptc_views,ptc_sessions. - Pages:
app/(protected)/earn/ptc(Earn),app/(protected)/advertise(Create).