|
|
|
|
|
|
by Aissen
1417 days ago
|
|
|
> the client will have to generate 50k hashes(can be configured for higher difficulty) I completely forgot how PoW worked, it's clearer now. You should probably add that this is a probabilistic average, so people will have to be ready for much longer (and faster) resolutions. With what you said, an adversary can probably just DoS mCaptcha without any computation, if verification is stateless (by sending garbage at line rate); if it is stateful (e.g CSRF token), you'll have to do a cache query, which is probably on the same order of magnitude of a single hash. |
|
|