I admire your dedication to keeping your users data secure, anonymous and private.
> For Wishy.gift I use SHA512 with a fixed salt
Just a FIY in case you don’t know: if you want to allow different accounts with the same email, in case of a data breach it would be obvious by the duplicate hash this has occurred. Salting with a different nonce for every row is not much harder and would protect in that case.
Lets imagine that a@exam.com and b@exam.com have same hash, so you use different salt so that they are different.
How do you know which one is which? Which salt belongs to what email?
> For Wishy.gift I use SHA512 with a fixed salt Just a FIY in case you don’t know: if you want to allow different accounts with the same email, in case of a data breach it would be obvious by the duplicate hash this has occurred. Salting with a different nonce for every row is not much harder and would protect in that case.