Proof-of-work (PoW) has recently become the backbone of cryptocurrencies. However, users with Application Specific Integrated Circuits (ASICs) can produce PoWsolutions at orders of magnitude lower cost than typical CPU/GPU users. Memory-hard PoWs, i.e., PoWschemes that require a lot of memory to generate proofs, have been proposed as a way to reduce the advantage of ASIC-equipped users. Equihash is a recent memory-hard PoW proposal adopted by the cryptocurrency Zcash. Its simplicity, compact proof size, and tunable parameters make it a good candidate for practical protocols. However, we find its security analysis and claims are fiawed. Most importantly, we refute Equihash's claim that its security is based on Wagner's algorithm for the generalized birthday problem. Furthermore, no tradeo--resistance bound is known for Equihash, and its analysis on the expected number of solution is incorrect. Our -ndings do not expose any immediate threat to Equihash. The main purpose of this short note is to raise awareness that Equihash should be considered a heuristic scheme with no formally proven security guarantees.