possiblyhuman

Humanity detection for the age of agents. The reverse Turing test.

Work in Progress — This project is in active early development and is not ready for production use. APIs will change. Contributions and ideas welcome.

Instead of "prove you're human" (CAPTCHA), possiblyhuman asks a different question: how likely is this interaction human? — and answers with a continuous confidence score.

How it works

possiblyhuman is an invisible, client-side SDK that observes behavioral signals and produces a 0–1 humanity score. It combines:

• Mouse dynamics — trajectory curvature, micro-corrections, click precision variance
• Keystroke patterns — inter-key timing distributions, correction rates, typing bursts
• Response timing — latency distributions, complexity correlation, fatigue effects
• Honeypot traps — invisible elements that only bots interact with
• Cognitive signals — challenges that exploit human cognitive constraints (coming soon)

Signals are fused using confidence-weighted averaging, producing a probabilistic assessment rather than a binary yes/no.

Quick start

npm install possiblyhuman

import { possiblyhuman } from "possiblyhuman";

const ph = possiblyhuman();
ph.start();

// After the user has interacted with the page...
const result = ph.assess();
if (result) {
  console.log(result.score);      // 0.0 = bot, 1.0 = human
  console.log(result.confidence); // how certain we are
}

CLI

npx possiblyhuman

Status

This is v0.1 scaffolding. The core architecture and detector modules are in place, but this is not yet production-ready. Key areas still in development:

• [ ] Browser integration testing
• [ ] React hooks (possiblyhuman/react)
• [ ] Next.js middleware (possiblyhuman/next)
• [ ] Server-side token verification with signing
• [ ] Cognitive challenge module
• [ ] Scroll and navigation detectors
• [ ] Tuning and benchmarking against real bot traffic

License

MIT