Hashcash, originally proposed in 1997, is a mechanism designed to throttle systematic abuse of un-metered internet resources such as email and anonymous remailers. This paper reviews its various applications, improvements, and related publications, along with initial experimental experiences. Hashcash is a CPU cost-function that computes a token used as a proof-of-work, with both interactive and non-interactive variants. The paper discusses the properties of cost-functions, including efficiency, verifiability, and auditability, and introduces the Hashcash cost-function, which is publicly auditable, trapdoor-free, and has unbounded probabilistic cost. It also explores the use of Hashcash in interactive settings, such as TCP, TLS, SSH, and IPSEC, to defend against DoS attacks and provide graceful degradation of service. The paper further discusses improvements to Hashcash, such as using a fixed target string for collisions and reducing variance in cost. It evaluates the effectiveness of non-parallelizable cost-functions against Distributed DoS (DDoS) attacks and concludes that while they offer marginal protection, they are more complex and less efficient than Hashcash. Finally, the paper lists several applications of Hashcash and provides a classification scheme for cost-functions based on their characteristics.Hashcash, originally proposed in 1997, is a mechanism designed to throttle systematic abuse of un-metered internet resources such as email and anonymous remailers. This paper reviews its various applications, improvements, and related publications, along with initial experimental experiences. Hashcash is a CPU cost-function that computes a token used as a proof-of-work, with both interactive and non-interactive variants. The paper discusses the properties of cost-functions, including efficiency, verifiability, and auditability, and introduces the Hashcash cost-function, which is publicly auditable, trapdoor-free, and has unbounded probabilistic cost. It also explores the use of Hashcash in interactive settings, such as TCP, TLS, SSH, and IPSEC, to defend against DoS attacks and provide graceful degradation of service. The paper further discusses improvements to Hashcash, such as using a fixed target string for collisions and reducing variance in cost. It evaluates the effectiveness of non-parallelizable cost-functions against Distributed DoS (DDoS) attacks and concludes that while they offer marginal protection, they are more complex and less efficient than Hashcash. Finally, the paper lists several applications of Hashcash and provides a classification scheme for cost-functions based on their characteristics.