Its memory requirement of 128KB is a compromise
between computation-hardness for the prover and verification efficiency for the verifier.
You don't want verification of a proof-of-work to take a lot of resources, since every client has to perform it.