[chore] tweak NoLLaMas proof-of-work algorithm (#4090)

# Description

- tweaks the NoLLaMas proof-of-work algorithm to further granularity on time spent computing solutions
- standardizes GoToSocial cookie security directive setting in a CookiePolicy{} type

## Checklist

- [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md).
- [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
- [x] I/we have not leveraged AI to create the proposed changes.
- [x] I/we have performed a self-review of added code.
- [x] I/we have written code that is legible and maintainable by others.
- [x] I/we have commented the added code, particularly in hard-to-understand areas.
- [ ] I/we have made any necessary changes to documentation.
- [ ] I/we have added tests that cover new code.
- [ ] I/we have run tests and they pass locally with the changes.
- [x] I/we have run `go fmt ./...` and `golangci-lint run`.

Co-authored-by: tobi <tobi.smethurst@protonmail.com>
Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4090
Co-authored-by: kim <grufwub@gmail.com>
Co-committed-by: kim <grufwub@gmail.com>

2 files changed, 18 insertions, 9 deletions

diff --git a/web/source/nollamas/index.js b/web/source/nollamas/index.js
index b32cae423..94bac4fc7 100644
--- a/web/source/nollamas/index.js
+++ b/web/source/nollamas/index.js
@@ -44,17 +44,20 @@ document.addEventListener('DOMContentLoaded', function() {
 	// Read the challenge and difficulty from
 	// data attributes on the nollamas section.
 	const challenge = nollamas.dataset.nollamasChallenge;
-	const difficulty = nollamas.dataset.nollamasDifficulty;
+	const difficulty1 = nollamas.dataset.nollamasDifficulty1;
+	const difficulty2 = nollamas.dataset.nollamasDifficulty2;
 
-	console.log('challenge:', challenge);   // eslint-disable-line no-console
-	console.log('difficulty:', difficulty); // eslint-disable-line no-console
+	console.log('challenge:', challenge);     // eslint-disable-line no-console
+	console.log('difficulty1:', difficulty1); // eslint-disable-line no-console
+	console.log('difficulty2:', difficulty2); // eslint-disable-line no-console
 
 	// Prepare the worker with task function.
 	const worker = new Worker("/assets/dist/nollamasworker.js");
 	const startTime = performance.now();
 	worker.postMessage({
 		challenge: challenge,
-		difficulty: difficulty,
+		difficulty1: difficulty1,
+		difficulty2: difficulty2,
 	});
 
 	// Set the main worker function.
diff --git a/web/source/nollamasworker/index.js b/web/source/nollamasworker/index.js
index b95ec0917..37a54349a 100644
--- a/web/source/nollamasworker/index.js
+++ b/web/source/nollamasworker/index.js
@@ -25,9 +25,10 @@ onmessage = async function(e) {
 
 	// Get difficulty and generate the expected
 	// zero ASCII prefix to check for in hashes.
-	const difficultyStr = e.data.difficulty;
-	const difficulty = parseInt(difficultyStr, 10);
-	const zeroPrefix = '0'.repeat(difficulty);
+	const difficulty1Str = e.data.difficulty1;
+	const difficulty2Str = e.data.difficulty2;
+	const difficulty1 = parseInt(difficulty1Str, 10);
+	const zeroPrefix = '0'.repeat(difficulty1);
 
 	let nonce = 0;
 	while (true) { // eslint-disable-line no-constant-condition
@@ -43,8 +44,13 @@ onmessage = async function(e) {
 		// Check if the hex encoded hash has
 		// difficulty defined zeroes prefix.
 		if (hashHex.startsWith(zeroPrefix)) {
-			postMessage({ nonce: nonce, done: true });
-			break;
+
+			// Check if the next char after zero prefix
+			// is specifically less than difficulty2 char.
+			if (hashHex.charAt(difficulty1) < difficulty2Str) {
+				postMessage({ nonce: nonce, done: true });
+				break;
+			}
 		}
 
 		// Iter.