I wonder if it'd get anywhere. There's not enough CPU/memory allocated in a lot of these platforms to make it work e.g. Deno deploy and Cloudflare workers (bundled) has 50ms of CPU time.

Then that means those platforms are insecure and should not be used, or authentication moved to another layer that does not suffer from those limitations. My rule of thumb is that if authentication does not consistently require at least 1 second, passwords are probably stored insecurely. Fortunately password managers with unique generated passwords limit the blast radius.

Cloudflare Workers "Bundled" is a legacy mode that is not the default these days. Unbound mode (the default for paid subscriptions) offers 30s CPU time.

Sad to hear - until Unbound has more features such as more memory the bundled mode is useful in the common case to be "legacy".

Is that WASM libsodium that's problematic? Can you expand on the issue?

It was this WASM library: https://github.com/urbit/argon2-wasm.

I couldn't get vitest to work with code that imports WASM, and I couldn't get vite to bundle WASM code for web workers.

An algorithm that requires a ton of memory doesn't really make sense for web applications IMHO. bcrypt and bscrypt are better choices.

It does if your application is a password manager like bitwarden, lastpass, 1password, etc.

Or really anything where you need or want client side encryption protected by a passport.

Is 2 KiB really ton of memory?

If you use Argon2 with 2 KiB, there's something really wrong with your parameters.

Argon2 with 2 KiB has more memory hardness than BCRYPT.