From d3f5bcbecf91f8872289101f14499d0208d7e76c Mon Sep 17 00:00:00 2001
From: acetone <acetone@i2pmail.org>
Date: Fri, 5 May 2023 20:58:26 +0300
Subject: [PATCH] caching info added to readme

---
 README.md | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 4e09c54..98acea1 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 Offline captcha without any file system or database storage.
 
-Dependency: Qt5.
+Dependency: Qt (5+).
 
 ## Inspiration
 
@@ -34,6 +34,8 @@ The system remembers the previous time token in order to ensure the correct perc
 Due to this architecture, the lifetime of each captcha ranges from 1.5 to 3 minutes, after which the verification token will always show failure.
 
 To make it impossible to use one captcha twice, the used verification captcha id gets into a special cache, where it is stored for several minutes of the life cycle of TIME_BASED_SECRET_TOKEN.
-The captcha token is considered used after the first validation check. Storing captcha id is very cheap: the id has a weight of 8 bytes (for a 64-bit system). For example, to store a million solved captchas at one time would need less than 8 MB of RAM.
+The captcha token is considered used after the first validation check. Storing captcha id is very cheap: the id has a weight of 8 bytes (for a 64-bit system). For example, to store a million solved captchas at one time would need less than 8 MB of RAM. So easy!
 
-Check `examples` folder to see C++ interface or if your project not in C++, also you can use Zero Storage Captcha as separate cross-platform local [service](https://github.com/ZeroStorageCaptcha/api-daemon).
+To protect the CPU from an attack where an attacker will request a lot of captchas, you should use caching (`example3.cpp`). This is a compromise between using RAM and saving CPU: it will take about 36 MB to store 4096 captchas (the default cache size). A cached captcha will be reused after <=3 minutes when its token has expired and has not been answered (correctly). Captchas that get a correct answer are immediately deleted from the cache and will not be used again.
+
+Check `examples` or if your project not in C++ (or without Qt framework), you can use Zero Storage Captcha as separate cross-platform local [service](https://github.com/ZeroStorageCaptcha/api-daemon).