Receive the CAPTCHA token submitted by the user (PoW proof-of-work result or Turnstile verification token), call the corresponding verification provider for server-side validation, and return the verification result (pass/fail, score, and error code)