[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-116":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":8,"htmlUrl":8,"language":9,"languages":8,"totalLinesOfCode":8,"stars":10,"forks":11,"watchers":12,"openIssues":12,"contributorsCount":13,"subscribersCount":13,"size":13,"stars1d":13,"stars7d":13,"stars30d":14,"stars90d":13,"forks30d":13,"starsTrendScore":13,"compositeScore":15,"rankGlobal":8,"rankLanguage":8,"license":8,"archived":16,"fork":16,"defaultBranch":17,"hasWiki":16,"hasPages":16,"topics":18,"createdAt":8,"pushedAt":8,"updatedAt":19,"readmeContent":20,"aiSummary":21,"trendingCount":13,"starSnapshotCount":13,"syncStatus":22,"lastSyncTime":23,"discoverSource":24},116,"Free-BAI","BuluBulugege\u002FFree-BAI","BuluBulugege",null,"TypeScript",300,102,1,0,9,6.04,false,"main",[],"2026-06-12 02:00:08","# BankOfAI Pool — Reverse Engineering & Automated API Key Farm\n\nReverse engineering of [chat.bankofai.io](https:\u002F\u002Fchat.bankofai.io) (a LobeChat white-label AI platform branded as \"AINFT\") with automated registration pipeline and API key pool management.\n\n---\n\n## Table of Contents\n\n- [Project Overview](#project-overview)\n- [How It Works — Registration Principle](#how-it-works--registration-principle)\n- [Architecture](#architecture)\n- [Base Chain Economics](#base-chain-economics)\n- [Configuration Guide](#configuration-guide)\n- [Quick Start](#quick-start)\n- [Dashboard Features](#dashboard-features)\n- [API Proxy Usage](#api-proxy-usage)\n- [Reports](#reports)\n- [Disclaimer](#disclaimer)\n\n---\n\n## Project Overview\n\nBankOfAI is a LobeChat-based AI platform that gives new users **500,000 credits** (≈ $0.50) upon wallet registration. This project:\n\n1. **Reverses** their frontend authentication flow (SIWE-like wallet signatures, AES token encryption, tRPC calls)\n2. **Automates** mass wallet registration → claim → API key generation\n3. **Pools** hundreds of API keys behind a unified OpenAI-compatible proxy endpoint\n4. **Routes** requests through LiteLLM to various models (GPT-5.4, Gemini 3.1 Pro, GLM-5, etc.)\n\n---\n\n## How It Works — Registration Principle\n\nEach account is created through a 6-step automated flow:\n\n```\n┌─────────────────────────────────────────────────────────────────────┐\n│ Registration Pipeline │\n├──────────────────────────────────────────────────────────────────────┤\n│ │\n│ 1. Generate Wallet ethers.Wallet.createRandom() │\n│ │ → new EVM address + private key │\n│ ▼ │\n│ 2. Fund on Base L2 Funder wallet sends 0.00000000001 ETH │\n│ │ (10M wei dust) to pass their balance check │\n│ ▼ │\n│ 3. Sign Login Msg Construct SIWE-like message: │\n│ │ \"Welcome to BANK OF AI ! │\n│ │ chat.bankofai.io wants to sign in with... │\n│ │ Chain ID: 0x1 \u002F Expiration \u002F Nonce\" │\n│ │ → wallet.signMessage(msg) │\n│ ▼ │\n│ 4. next-auth Login GET \u002Fapi\u002Fauth\u002Fcsrf → csrfToken │\n│ │ POST \u002Fapi\u002Fauth\u002Fcallback\u002Fmetamask │\n│ │ → session-token cookie returned │\n│ ▼ │\n│ 5. Claim Credits Sign a DIFFERENT claim message: │\n│ │ \"BANK OF AI welcome gift-claim │\n│ │ Account: 0x... \u002F Chain ID: 0x1 \u002F Nonce\" │\n│ │ Forge AES token with hardcoded key │\n│ │ POST \u002Ftrpc\u002Flambda\u002Fuser.claimSignupBonus │\n│ │ → 500,000 credits granted │\n│ ▼ │\n│ 6. Create API Key POST \u002Ftrpc\u002Flambda\u002FapiKey.createApiKey │\n│ → sk-xxxxx returned, ready to use │\n│ │\n└──────────────────────────────────────────────────────────────────────┘\n```\n\n### Key Technical Details\n\n| Component | Detail |\n|-----------|--------|\n| **AES Key** | `1wT1r7z8bZxDHVmZKAs6VFYSXOxmyh0lLByiw5TmF0=` (hardcoded in their frontend JS) |\n| **Token Payload** | `AES.encrypt(\"BANK OF AI welcome gift-claim\\|{timestamp}\", KEY)` |\n| **Login Signature Format** | SIWE-style with hostname, address, chainId, expiration, nonce |\n| **Claim Signature Format** | Different message: \"BANK OF AI welcome gift-claim\\nAccount:\\n...\" |\n| **Auth Header (for chat)** | XOR encode `{accessCode, userId}` with key `\"LobeHub · LobeHub\"` → base64 |\n| **Anti-Bot** | IP-based rate limiting on `\u002Fuser.claimSignupBonus` (1 claim per IP) |\n| **Balance Check** | Server verifies wallet has on-chain activity before allowing claim |\n\n### Why Base Chain Dust?\n\nBankOfAI added an anti-sybil check: the wallet must have at least one on-chain transaction on **Base L2** before `claimSignupBonus` succeeds. Sending a trivial amount (10M wei ≈ $0.0000000001) from a funded wallet satisfies this check.\n\n---\n\n## Architecture\n\n```\nbankofai-pool_new\u002F\n│\n├── web_reverse_chat_bankofai\u002F # Reverse engineering & standalone scripts\n│ ├── Reverse_Report_CN.md # Full RE report (wallet login, dual-chain, DBs)\n│ ├── Premium_Bypass_Report_CN.md # Premium model bypass analysis\n│ ├── auto_sign_claim.js # Single\u002Fbatch auto registration\n│ ├── batch_base.js # Batch with Base L2 dust funding\n│ ├── batch_proxy.js # Batch with rotating proxy\n│ ├── premium_bypass.js # 3 methods to access premium models\n│ ├── check_balance.js # Check credit balances of existing keys\n│ ├── web_replay.js # Request replay toolkit\n│ └── test_*.js # Various test\u002Fdebug scripts\n│\n└── web_dashboard\u002F # Next.js management dashboard\n ├── app\u002F # UI: pool status, accounts, relay control, playground\n │ └── api\u002F # API routes: register, alloc, proxy, relay, autofill\n ├── lib\u002F\n │ ├── constants.ts # All config (reads from env vars)\n │ └── services\u002F\n │ ├── BankOfAIService.ts # Core: 2-phase registration (login → claim)\n │ ├── BaseFunder.ts # Base L2 dust sender (nonce-serialized)\n │ ├── RelayRegistrar.ts # Chain relay: fund N seeds → each does H hops\n │ ├── AutoFillWorker.ts # Daemon: keeps pool at target size\n │ ├── StickyProxyPool.ts # IP pool manager (1 claim per IP)\n │ ├── ProxyPoolService.ts # Proxy extraction from Kookeey\u002FCloudBypass\n │ └── QuotaService.ts # Balance checker\n ├── prisma\u002Fschema.prisma # SQLite: accounts, usage_logs, settings\n ├── scripts\u002F\n │ ├── batch_relay.mjs # CLI chain-relay script\n │ ├── test_relay_chain.mjs # Single-chain relay test\n │ └── run-autofill.mjs # Standalone autofill runner\n └── litellm\u002Fconfig.yaml # LiteLLM proxy config for multi-model routing\n```\n\n---\n\n## Base Chain Economics\n\n### Cost Per Account\n\n| Item | Cost | Notes |\n|------|------|-------|\n| Dust transfer (funder → new wallet) | ~0.000000157 ETH gas | 21000 gas × ~7.5 gwei Base L2 |\n| Dust amount sent | 0.00000000001 ETH | 10M wei (trivial) |\n| **Total per account** | **~$0.0000004** | At ETH=$2500 |\n\n### Relay Mode (Chain Hops)\n\nThe relay mode reuses ETH across accounts:\n\n```\nFunder → Seed wallet (0.00002 ETH)\n ├── Hop 1: claim + create key → relay remaining balance to →\n ├── Hop 2: claim + create key → relay remaining balance to →\n └── Hop 3: claim + create key (balance exhausted)\n```\n\n| Parameter | Default | Description |\n|-----------|---------|-------------|\n| Seed amount | 0.00002 ETH ($0.05) | Enough for 3 hops with gas buffer |\n| Hops per chain | 3 | Keys produced per seed |\n| Chains per batch | 100 | Parallel chains |\n| **Effective cost\u002Fkey** | **~$0.017** | Seed ÷ hops + funder gas |\n\n### Production Rate\n\n| Mode | Throughput | Notes |\n|------|-----------|-------|\n| Direct (auto_sign_claim.js) | ~3-5 keys\u002Fmin | Single thread, no proxy rotation |\n| Batch (batch_base.js) | ~30-50 keys\u002Fmin | 3 concurrent, rotating proxy |\n| Relay (RelayRegistrar) | ~100-300 keys\u002Fbatch | 100 chains × 3 hops, 1 batch ≈ 60s |\n| AutoFill daemon | Continuous | Maintains target pool size |\n\n### Yield Per Account\n\n| Metric | Value |\n|--------|-------|\n| Credits per registration | 500,000 |\n| Credits per dollar | 1,000,000 |\n| Dollar value per account | $0.50 |\n| Claude Sonnet 4.6 tokens ($15\u002FM output) | ~33,333 tokens |\n| GPT-5.4 tokens ($60\u002FM output) | ~8,333 tokens |\n| Gemini 3.1 Pro tokens ($10\u002FM output) | ~50,000 tokens |\n\n---\n\n## Configuration Guide\n\n### 1. Environment File (`.env`)\n\nCopy from template:\n\n```bash\ncp .env.example .env\n```\n\n### 2. Required Variables\n\n```bash\n# ─── Base Chain Funder ───\n# Private key of a wallet with ETH on Base L2\n# This wallet sends tiny dust to each new registration wallet\n# Fund it with ~0.01 ETH for ~500 accounts\nFUNDER_PRIVATE_KEY=\"0xYOUR_64_HEX_CHARS_PRIVATE_KEY\"\nBASE_RPC=\"https:\u002F\u002Fmainnet.base.org\"\nDUST_ETH=\"0.00000000001\"\n\n# ─── Proxy Provider (pick one or both) ───\n\n# Option A: Kookeey (recommended for batch)\n# Rotating SOCKS5 proxies, account\u002Fpassword mode\n# Sign up at kookeey.com, get your extract URL\nKOOKEEY_EXTRACT_URL=\"https:\u002F\u002Fwww.kookeey.com\u002Fpickdynamicips?t=2&auth=pwd&format=4&n=100&p=socks5&gate=global&g=global&r=10&type=txt&sign=YOUR_SIGN&accessid=YOUR_ID&upf=1,5&dl=\"\nKOOKEEY_PROTOCOL=\"socks5\"\n\n# Option B: CloudBypass (sticky sessions)\nCLOUDBYPASS_HOST=\"gw.cloudbypass.com\"\nCLOUDBYPASS_PORT=\"1288\"\nCLOUDBYPASS_USER=\"your_user_id\"\nCLOUDBYPASS_PASS=\"your_password\"\n```\n\n### 3. Optional Variables\n\n```bash\n# Dashboard database (SQLite by default)\nDATABASE_URL=\"file:.\u002Fdev.db\"\n\n# LiteLLM master key (for the \u002Fapi\u002Fproxy endpoint)\nLITELLM_MASTER_KEY=\"sk-any-string-you-choose\"\n\n# Relay mode tuning\nRELAY_RPC=\"https:\u002F\u002Fbase-mainnet.public.blastapi.io\" # Public RPCs work\nRELAY_CONCURRENCY=\"100\" # Chains per batch\nRELAY_HOPS=\"3\" # Hops per chain\n\n# Alternative proxy (siyetian)\nPROXY_API_URL=\"http:\u002F\u002Fproxy.siyetian.com\u002Fapis_get.html?token=YOUR_TOKEN&limit=10&...\"\n```\n\n### 4. Proxy Provider Setup\n\n**Why proxies?** BankOfAI rate-limits `claimSignupBonus` to **1 claim per IP**. Each new account needs a unique IP for the claim step.\n\n| Provider | Type | Use Case | Config |\n|----------|------|----------|--------|\n| **Kookeey** | Rotating SOCKS5 (dynamic residential) | Batch claim (1 IP per claim) | `KOOKEEY_EXTRACT_URL` |\n| **CloudBypass** | Sticky session HTTP | Login phase (can reuse) | `CLOUDBYPASS_*` |\n| **Siyetian** | Rotating HTTP | Legacy fallback | `PROXY_API_URL` |\n\nThe dashboard uses a **2-pool strategy**:\n- **Login pool** (CloudBypass sticky): Same IP can register multiple wallets\n- **Claim pool** (Kookeey rotating): Fresh IP per claim, `maxUsesPerIp=1`\n\n### 5. Funder Wallet Setup\n\n```bash\n# 1. Generate or use an existing EVM wallet\n# 2. Bridge ETH to Base L2 (use bridge.base.org or any L2 bridge)\n# 3. Send 0.01-0.05 ETH to the wallet on Base\n# 4. Put the private key in FUNDER_PRIVATE_KEY\n\n# Check funder balance:\ncast balance YOUR_ADDRESS --rpc-url https:\u002F\u002Fmainnet.base.org\n```\n\nBudget planning:\n- 0.01 ETH on Base ≈ 500-1000 accounts (direct mode)\n- 0.05 ETH on Base ≈ 2500-5000 accounts (relay mode, 3 hops)\n\n### 6. LiteLLM Config (`web_dashboard\u002Flitellm\u002Fconfig.yaml`)\n\nDefines which models the proxy can route to:\n\n```yaml\nmodel_list:\n - model_name: glm-5\n litellm_params:\n model: zhipuai\u002Fglm-5\n api_key: os.environ\u002FZHIPUAI_API_KEY\n\n - model_name: gpt-5.4\n litellm_params:\n model: openai\u002Fgpt-5.4\n api_key: os.environ\u002FOPENAI_API_KEY\n\n - model_name: gemini-3.1-pro\n litellm_params:\n model: gemini\u002Fgemini-3.1-pro\n api_key: os.environ\u002FGEMINI_API_KEY\n```\n\n---\n\n## Quick Start\n\n### Prerequisites\n\n- Node.js 18+\n- An EVM wallet funded with ETH on Base L2\n- A rotating proxy service (Kookeey recommended)\n\n### Installation\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FBuluBulugege\u002Fbankofai-pool_new.git\ncd bankofai-pool_new\n\n# Configure environment\ncp .env.example .env\n# Edit .env with your credentials\n```\n\n### Mode 1: Quick Test (Single Account)\n\n```bash\ncd web_reverse_chat_bankofai\nnpm install\nnode auto_sign_claim.js\n# Output: address, apiKey, credits\n```\n\n### Mode 2: Batch Registration (Standalone)\n\n```bash\ncd web_reverse_chat_bankofai\n# Register 10 accounts, 3 concurrent, 2s delay between\nnode auto_sign_claim.js 10 3 2000\n\n# With Base chain dust (for newer anti-bot):\nnode batch_base.js 10 3\n```\n\n### Mode 3: Dashboard + Relay (Production)\n\n```bash\ncd web_dashboard\nnpm install\nnpx prisma generate\nnpx prisma db push\nnpm run dev\n# Open http:\u002F\u002Flocalhost:3000\n```\n\nFrom the dashboard:\n1. Configure proxy settings in \"Settings\" tab\n2. Click \"Start Relay\" to begin chain-relay registration\n3. Monitor in real-time: keys produced, funder spent, success rate\n4. Use the pooled keys via `\u002Fapi\u002Fv1\u002Fchat\u002Fcompletions`\n\n---\n\n## Dashboard Features\n\n| Tab | Function |\n|-----|----------|\n| **Pool Status** | Active\u002Fdepleted\u002Fdead accounts, total credits |\n| **Account Table** | All registered keys with status and last usage |\n| **Relay Control** | Start\u002Fstop relay registrar, live stats |\n| **AutoFill** | Daemon to maintain minimum pool size |\n| **Settings** | Proxy config, concurrency, thresholds |\n| **API Docs** | Usage examples for the proxy endpoint |\n| **Playground** | Test chat completions directly |\n\n---\n\n## API Proxy Usage\n\nThe dashboard exposes an OpenAI-compatible endpoint that load-balances across pooled keys:\n\n```bash\ncurl http:\u002F\u002Flocalhost:3000\u002Fapi\u002Fv1\u002Fchat\u002Fcompletions \\\n -H \"Authorization: Bearer sk-bankofai-pool-master\" \\\n -H \"Content-Type: application\u002Fjson\" \\\n -d '{\n \"model\": \"gpt-5.4\",\n \"messages\": [{\"role\": \"user\", \"content\": \"Hello\"}]\n }'\n```\n\nSupported models (routed through BankOfAI pool):\n- `gpt-5.4` \u002F `gpt-5.4-pro` (premium)\n- `claude-sonnet-4-6` \u002F `claude-opus-4-6` (premium)\n- `gemini-3.1-pro` \u002F `gemini-3-flash`\n- `glm-5`\n\nThe proxy automatically:\n- Picks the freshest key with highest remaining credits\n- Rotates to next key on 403\u002Fdepleted\n- Marks keys as DEPLETED when credits run out\n\n---\n\n## Reports\n\nDetailed analysis documents (in Chinese):\n\n- [`Reverse_Report_CN.md`](.\u002Fweb_reverse_chat_bankofai\u002FReverse_Report_CN.md) — Full reverse engineering: wallet login flow, dual-chain architecture, AES key extraction, signature formats, database modes\n- [`Premium_Bypass_Report_CN.md`](.\u002Fweb_reverse_chat_bankofai\u002FPremium_Bypass_Report_CN.md) — Premium model access bypass: client-side gate analysis, 3 bypass methods, XOR auth header\n\n---\n\n## Community\n\n\u003Ca href=\"https:\u002F\u002Flinux.do\">\n \u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLinuxDo-Community-blue?style=for-the-badge&logo=discourse&logoColor=white\" alt=\"LinuxDo\" \u002F>\n\u003C\u002Fa>\n\nDiscussion and updates on [LinuxDo](https:\u002F\u002Flinux.do) — the Chinese-speaking tech community for developers, reverse engineers, and open-source enthusiasts.\n\n---\n\n## Disclaimer\n\nThis project is for **security research and educational purposes only**. It demonstrates vulnerabilities in client-side authentication patterns and insufficient anti-sybil mechanisms. The reverse engineering was performed on publicly accessible frontend JavaScript. Use responsibly and in compliance with applicable laws and platform terms.\n\n---\n\n## License\n\nMIT\n","该项目通过逆向工程解析了chat.bankofai.io平台的前端认证流程,并实现了自动化注册、API密钥生成与管理。它使用TypeScript编写,能够自动创建大量钱包账号并完成注册流程,随后生成API密钥并将这些密钥汇集到一个统一的OpenAI兼容代理端点背后进行管理。此外,该系统还支持将请求路由至多种模型(如GPT-5.4, Gemini 3.1 Pro等)。适用于需要大规模获取和利用免费AI服务信用额度的场景,比如开发测试、小规模应用部署或是研究目的。",2,"2026-06-11 02:30:58","CREATED_QUERY"]