From d395230dccaad68365fcbcbffcf6e542675b21c7 Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Mon, 24 Mar 2025 07:10:07 +0800
Subject: README.md: Clarify hash algorithm selection issue

---
 README.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index 3a6fb88..7d8da10 100644
--- a/README.md
+++ b/README.md
@@ -23,8 +23,10 @@ It may experience occasional outages.
   HTTP protocol.
 - Currently we round times to the nearest week for persistence, but this could
   cause issues if a user completes the challenge at the end of a rounded week.
-- SHA-256 is actually a pretty bad choice for proof-of-work. We should use
-  something like bcrypt or scrypt or argon2.
+- SHA-256 is actually a pretty bad choice for proof-of-work. I'm not sure what
+  what be a good solution though, it'd be nice to have something that's more
+  memory-hard, but password-based key derivation functions are too heavy
+  on the server.
 - Safari on iOS and iPadOS seem to unpredictably make their requests from
   different address families, which causes the challenge to fail.
 
-- 
cgit v1.2.3