macOS
brew install hashcashlocal Homebrew formula metadata
brew
Proof-of-work algorithm to counter denial-of-service (DoS) attacks. Version 1.22 via Homebrew; verified 2026-06-22.
install
brew install hashcashlocal Homebrew formula metadata
sudo apk add hashcashAlpine Linux edge package indexes · hashcash · source: dl-cdn.alpinelinux.org
sudo apt install hashcashDebian stable package indexes · hashcash · source: deb.debian.org
nix profile install nixpkgs#hashcashnixpkgs package indexes · pkgs/by-name/ha/hashcash/package.nix · source: api.github.com
overview
Proof-of-work algorithm to counter denial-of-service (DoS) attacks
history
Hashcash is Adam Back's proof-of-work scheme for making a sender spend CPU time before a receiver accepts a message or request. The Homebrew package installs the command-line tool that mints and verifies Hashcash stamps, but the package is historically important because the algorithm became one of the canonical proof-of-work designs referenced by later anti-abuse and cryptocurrency systems.
Hashcash was invented by Adam Back in 1997 as a denial-of-service and anti-spam countermeasure. The basic idea was to attach a stamp to a message; the sender expends adjustable computational work to mint the stamp, while the recipient can verify it cheaply. The official site describes both the algorithm and the email tool as `hashcash`, which is why the package combines a security idea with a concrete Unix-style command.
The command-line documentation presents the package as a tool for minting stamps, checking stamps, estimating work, purging spent-stamp databases, counting partial preimage bits, and extracting resource names. The implementation used SHA1 partial preimages for version-1 stamps, with an adjustable bit target and a receiver-side database option for double-spend protection.
Hashcash's first adoption story was email anti-spam: senders could attach X-Hashcash headers and receivers could treat valid stamps as a whitelisting signal. The official docs describe a default email validity window and a database of spent stamps to stop reuse.
The larger adoption story came later through Bitcoin. Hashcash.org explicitly describes Hashcash as the mining function used in Bitcoin, while also explaining the differences: Bitcoin uses SHA-256 rather than SHA1, double hashing, and a more finely adjusted network difficulty. That made Hashcash a bridge between cypherpunk anti-spam tools and package-manager-visible cryptocurrency infrastructure.
The `hashcash` executable can mint stamps with `-m`, check them with `-c`, estimate work with `-s`, purge spent-stamp databases with `-p`, and count proof bits with `-w`. In email use, the resource is typically a recipient address, and the stamp can be placed in an X-Hashcash header.
The package is also useful as a reference implementation. The official site notes that the algorithm is simple enough to implement from scratch with a hash library and that verification can be understood as counting leading zero bits in a hash output.
Hashcash is one of those packages whose code footprint is much smaller than its historical footprint. It is a command-line tool for an old anti-spam mechanism, but it also preserves a concrete implementation of proof-of-work in the Unix package ecosystem.
For package nerds, Hashcash matters because it connects mail-era anti-abuse tooling, command-line cryptographic utilities, source tarballs rather than modern hosted repos, and the intellectual lineage of Bitcoin mining. Its Homebrew formula keeps a small historical security tool installable long after its original email-spam use case stopped being mainstream.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
hashcash | cli | global executable | |
sha1 | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
install metadata
| Package key | brew:hashcash |
|---|---|
| Version | 1.22 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/hashcash |
| Homepage | http://hashcash.org |
| Upstream docs | http://www.hashcash.org/docs/hashcash.html |
| License | LicenseRef-Homebrew-public-domain OR BSD-3-Clause OR LGPL-2.1-only OR GPL-2.0-only |
| Source archive | https://deb.debian.org/debian/pool/main/h/hashcash/hashcash_1.22.orig.tar.gz |
| Last updated | 2026-06-22T14:03:42-07:00 |
| Pulse | updated |
| Dependencies | openssl@4 |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | hashcash |
| Version Scheme | 0 |
| Revision | 2 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
hashcash 1.22-2
postage payment scheme for email based on hash calculations
sudo apt install hashcashhashcash
nix profile install nixpkgs#hashcashhashcash 1.22-1
postage payment scheme for email based on hash calculations
sudo apt install hashcashhashcash 1.22-r0
Proof-of-work algorithm for denial-of-service counter measures
sudo apk add hashcashhashcash-doc 1.22-r0
Proof-of-work algorithm for denial-of-service counter measures (documentation)
sudo apk add hashcash-docsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.