1 files changed, 18 insertions, 4 deletions

diff --git a/README.md b/README.md
index 4134431..8d42710 100644
--- a/README.md
+++ b/README.md
@@ -8,15 +8,15 @@ go get code.northwest.io/nostr
 
 ## Why This Library?
 
-**1 dependency.** That's it.
+**Zero dependencies.**
 
-Other Nostr libraries pull in 30+ dependencies. This one has exactly one direct dependency: `btcec` for Schnorr signatures (required by the protocol).
+Other Nostr libraries pull in 30+ dependencies. This one has none. The secp256k1 cryptography is implemented in pure Go, embedded in the library.
 
 ```
-require github.com/btcsuite/btcd/btcec/v2 v2.3.4
+require (nothing)
 ```
 
-No WebSocket libraries, no logging frameworks, no kitchen sink. Just the core protocol.
+No external crypto libraries, no WebSocket libraries, no logging frameworks, no kitchen sink. Just the core protocol.
 
 ## What's Included
 
@@ -31,6 +31,20 @@ No WebSocket libraries, no logging frameworks, no kitchen sink. Just the core pr
 
 This is a minimal core library. It implements NIP-01 and the basics. It doesn't implement every NIP, handle connection pooling, or manage relay discovery. Build that yourself, or don't.
 
+## Cryptography
+
+This library uses an internal pure-Go implementation of secp256k1 and BIP-340 Schnorr signatures.
+
+**Tradeoffs:**
+
+- ✅ Zero dependencies, fully auditable
+- ✅ Passes all BIP-340 test vectors
+- ✅ Interoperable with btcec/bitcoin implementations
+- ⚠️ **Not constant-time** — uses Go's `math/big`, which has variable-time operations
+- ⚠️ ~10x slower than btcec (still fast enough for typical Nostr usage)
+
+For applications signing thousands of events per second or with strict timing-attack threat models, consider a library backed by btcec or libsecp256k1.
+
 ## Usage
 
 ```go