<?php
require __DIR__ . '/config.php';

if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
    http_response_code(405);
    echo json_encode(['error' => 'Method not allowed']);
    exit;
}

$challenge = bin2hex(random_bytes(16));
$timestamp = (int)(microtime(true) * 1000);
$signature = hash_hmac('sha256', "$challenge:$timestamp:" . POW_DIFFICULTY, POW_SECRET);

echo json_encode([
    'challenge' => $challenge,
    'difficulty' => POW_DIFFICULTY,
    'timestamp' => $timestamp,
    'signature' => $signature,
    'expires_in' => POW_TTL_SECONDS,
]);