diff --git a/pkg/mining/auth.go b/pkg/mining/auth.go
index fe726c1..ffc1947 100644
--- a/pkg/mining/auth.go
+++ b/pkg/mining/auth.go
@@ -199,13 +199,13 @@ func (da *DigestAuth) validateBasic(c *gin.Context, authHeader string) bool {
 
 // nonce := da.generateNonce() // 32-char hex string, cryptographically random
 func (da *DigestAuth) generateNonce() string {
-	b := make([]byte, 16)
-	if _, err := rand.Read(b); err != nil {
+	randomBytes := make([]byte, 16)
+	if _, err := rand.Read(randomBytes); err != nil {
 		// Cryptographic failure is critical - fall back to time-based nonce
 		// This should never happen on a properly configured system
 		return hex.EncodeToString([]byte(fmt.Sprintf("%d", time.Now().UnixNano())))
 	}
-	return hex.EncodeToString(b)
+	return hex.EncodeToString(randomBytes)
 }
 
 // opaque := da.generateOpaque() // MD5 of realm, stable per auth instance
@@ -261,6 +261,6 @@ func parseDigestParams(header string) map[string]string {
 
 // h := md5Hash("user:realm:pass") // "5f4dcc3b5aa765d61d8327deb882cf99"
 func md5Hash(s string) string {
-	h := md5.Sum([]byte(s))
-	return hex.EncodeToString(h[:])
+	digest := md5.Sum([]byte(s))
+	return hex.EncodeToString(digest[:])
 }