Limit VPN traffic instead of hard blocking

Author: jahooma

docs/environment-variables.md

@@ -7,7 +7,7 @@
 - Runtime/OS env: pass typed snapshots instead of reading `process.env` throughout the codebase.
 - `IPINFO_TOKEN` is required; free-mode country gating uses it to check IPinfo privacy signals for VPN/proxy/Tor/relay/hosting traffic.
 - `SPUR_TOKEN` is required; VPN/proxy/Tor/residential-proxy privacy signals use Spur Context API corroboration.
-- `SCAMALYTICS_API_KEY` is required; when IPinfo reports privacy or hosting/service signals, free-mode gating also checks Scamalytics for a fraud score and proxy/Tor/VPN evidence. In allowlisted countries, full access requires both Spur and Scamalytics to return clean follow-up results. Provider failures or ambiguous results fall back to limited access, and only Cloudflare Tor or strongly corroborated high-risk abuse is blocked entirely.
+- `SCAMALYTICS_API_KEY` is required; when IPinfo reports privacy or hosting/service signals, free-mode gating also checks Scamalytics for a fraud score and proxy/Tor/VPN evidence. In allowlisted countries, full access requires both Spur and Scamalytics to return clean follow-up results. Provider failures, ambiguous results, VPN/proxy/residential-proxy signals, and hosting/datacenter signals fall back to limited access. Only Cloudflare Tor or Tor corroborated by another provider is blocked entirely by the IP-intelligence gate.
 - `CODEBUFF_FULL_TELEMETRY=true` or `CODEBUFF_FULL_TELEMETRY_IDS=user-id,email@example.com`
   disables client analytics sampling for targeted debugging. Use sparingly because it can send full CLI log payloads.
 

docs/freebuff-waiting-room.md

@@ -181,7 +181,7 @@ All endpoints authenticate via the standard `Authorization: Bearer <api-key>` or
 - Existing active+unexpired row, **different model** → reject with `model_locked` (HTTP 409); `active_instance_id` is **not** rotated so the other CLI stays valid. Client must DELETE the session before switching.
 - Existing active+expired row → reset to queued with fresh `queued_at` and the requested `model` (re-queue at back).
 
-Before any of those state transitions, the handler requires a resolved country and IPinfo privacy classification. Unsupported countries enter limited Freebuff access. In allowlisted countries, IPinfo privacy/hosting/service signals trigger paid follow-up checks with Spur and Scamalytics. Full access is restored only when both follow-up providers return clean context; suspicious or failed follow-up checks fall back to limited access. The server records a 0-100 privacy risk score for observability/cache rows; named/recent IPinfo anonymizer observations raise that score, while generic Scamalytics third-party proxy labels do not override a low top-level Scamalytics score by themselves. Cloudflare Tor country detection and strongly corroborated high-risk VPN/proxy/Tor abuse remain hard blocks.
+Before any of those state transitions, the handler requires a resolved country and IPinfo privacy classification. Unsupported countries enter limited Freebuff access. In allowlisted countries, IPinfo privacy/hosting/service signals trigger paid follow-up checks with Spur and Scamalytics. Full access is restored only when both follow-up providers return clean context; suspicious or failed follow-up checks fall back to limited access. The server records a 0-100 privacy risk score for observability/cache rows; named/recent IPinfo anonymizer observations raise that score, while generic Scamalytics third-party proxy labels do not override a low top-level Scamalytics score by themselves. VPN, proxy, residential proxy, and hosting/datacenter signals limit access by default; only Cloudflare Tor country detection or Tor corroborated by another provider is hard-blocked by the IP-intelligence gate.
 
 Response shapes:
 

web/src/server/__tests__/free-mode-country.test.ts

@@ -320,7 +320,7 @@ describe('free mode country access', () => {
     expect(shouldHardBlockFreeModeAccess(access)).toBe(false)
   })
 
-  test('hard-blocks high-confidence abuse when all providers corroborate hard signals', async () => {
+  test('keeps corroborated high-score VPN/proxy traffic limited', async () => {
     const access = await getFreeModeCountryAccess(
       makeReq({
         'cf-ipcountry': 'US',
@@ -345,7 +345,40 @@ describe('free mode country access', () => {
 
     expect(access.allowed).toBe(false)
     expect(access.blockReason).toBe('anonymous_network')
-    expect(getFreeModeRiskScore(access)).toBe(95)
+    expect(getFreeModeRiskScore(access)).toBe(90)
+    expect(getFreeModePrivacyDecision(access)).toBe(
+      'scamalytics_suspicious_limited',
+    )
+    expect(shouldHardBlockFreeModeAccess(access)).toBe(false)
+  })
+
+  test('hard-blocks Tor when corroborated by another provider', async () => {
+    const access = await getFreeModeCountryAccess(
+      makeReq({
+        'cf-ipcountry': 'US',
+        'x-forwarded-for': '203.0.113.10',
+      }),
+      {
+        ipinfoToken: 'test-token',
+        spurToken: 'test-spur-token',
+        lookupIpPrivacy: async () => ({
+          signals: ['tor'],
+        }),
+        lookupSpurIpPrivacy: async () => ({
+          signals: ['vpn'],
+        }),
+        lookupScamalyticsIpRisk: async () => ({
+          signals: ['tor'],
+          score: 90,
+          risk: 'very high',
+        }),
+      },
+    )
+
+    expect(access.allowed).toBe(false)
+    expect(access.blockReason).toBe('anonymous_network')
+    expect(getFreeModeRiskScore(access)).toBe(100)
+    expect(getFreeModePrivacyDecision(access)).toBe('corroborated_block')
     expect(shouldHardBlockFreeModeAccess(access)).toBe(true)
   })
 

web/src/server/free-mode-country.ts

@@ -150,7 +150,6 @@ const scamalyticsPrivacyCache = new Map<
 >()
 
 const SCAMALYTICS_DEFAULT_USER = 'codebuff'
-export const SCAMALYTICS_HIGH_RISK_SCORE = 75
 export const SCAMALYTICS_LIMITED_RISK_SCORE = 50
 
 const FREE_MODE_LIMITED_PRIVACY_SIGNALS = new Set<FreeModeIpPrivacySignal>([
@@ -173,22 +172,18 @@ function hasTorPrivacySignal(
   return ipPrivacy?.signals.includes('tor') ?? false
 }
 
-function hasStrongCorroboratedAbuse(
+function hasCorroboratedTorSignal(
   countryAccess: Partial<
     Pick<
       FreeModeCountryAccess,
-      | 'ipPrivacy'
-      | 'spurIpPrivacy'
-      | 'scamalyticsIpPrivacy'
-      | 'scamalyticsScore'
+      'ipPrivacy' | 'spurIpPrivacy' | 'scamalyticsIpPrivacy'
     >
   >,
 ): boolean {
   return (
-    hasHardBlockedPrivacySignal(countryAccess.ipPrivacy) &&
-    hasHardBlockedPrivacySignal(countryAccess.spurIpPrivacy) &&
-    (hasHardBlockedPrivacySignal(countryAccess.scamalyticsIpPrivacy) ||
-      (countryAccess.scamalyticsScore ?? 0) >= SCAMALYTICS_HIGH_RISK_SCORE)
+    hasTorPrivacySignal(countryAccess.ipPrivacy) &&
+    (hasTorPrivacySignal(countryAccess.spurIpPrivacy) ||
+      hasTorPrivacySignal(countryAccess.scamalyticsIpPrivacy))
   )
 }
 
@@ -282,7 +277,7 @@ export function getFreeModeRiskScore(
   if (typeof countryAccess.scamalyticsScore === 'number') {
     score = Math.max(score, countryAccess.scamalyticsScore)
   }
-  if (hasStrongCorroboratedAbuse(countryAccess)) {
+  if (hasCorroboratedTorSignal(countryAccess)) {
     score = Math.max(score, 95)
   }
 
@@ -304,14 +299,7 @@ export function shouldHardBlockFreeModeAccess(
 ): boolean {
   if (countryAccess.cfCountry === CLOUDFLARE_TOR_COUNTRY) return true
   if (countryAccess.blockReason !== 'anonymous_network') return false
-  if (
-    hasTorPrivacySignal(countryAccess.ipPrivacy) &&
-    (hasTorPrivacySignal(countryAccess.spurIpPrivacy) ||
-      hasTorPrivacySignal(countryAccess.scamalyticsIpPrivacy))
-  ) {
-    return true
-  }
-  return hasStrongCorroboratedAbuse(countryAccess)
+  return hasCorroboratedTorSignal(countryAccess)
 }
 
 export function getFreeModePrivacyDecision(
@@ -341,7 +329,7 @@ export function getFreeModePrivacyDecision(
     return 'ipinfo_failed_limited'
   }
   if (countryAccess.blockReason === 'anonymous_network') {
-    if (hasStrongCorroboratedAbuse(countryAccess)) {
+    if (shouldHardBlockFreeModeAccess(countryAccess)) {
       return 'corroborated_block'
     }
     if (countryAccess.spurStatus === 'failed') {