https://github.com/magento/security-package/issues/320
https://github.com/magento/security-package/commit/ef0799a36a63b85a20b40cfc26870b56d8fd2872 - this does not work as it stands now, immediately removes the listener before has a chance to execute (race-condition)
They seem to be trying to account for v2 Checkbox and Invisible, if you are using checkbox and check it,
then server returns error and you fix issue and resubmit, it in theory can use the same token from initial
check maybe.

--- a/vendor/magento/module-re-captcha-webapi-ui/view/frontend/web/js/webapiReCaptcha.js
+++ b/vendor/magento/module-re-captcha-webapi-ui/view/frontend/web/js/webapiReCaptcha.js
@@ -25,8 +25,10 @@
              * @param {String} token
              */
             reCaptchaCallback: function (token) {
-                //Make the token retrievable in other UI components.
-                registry.tokens[this.getReCaptchaId()] = token;
+                if (!this.getIsInvisibleRecaptcha()) {
+                    //Make the token retrievable in other UI components.
+                    registry.tokens[this.getReCaptchaId()] = token;
+                }

                 if (typeof registry._listeners[this.getReCaptchaId()] !== 'undefined') {
                     registry._listeners[this.getReCaptchaId()](token);