...
Why we use a publicly available Salt: in order to prevent the so called rainbow table attack. There are precomputed tables available for any hash methods, thus finding the plain text of a hash (without a salt) is fairly easy. In case (and we do) a Salt is used, the rainbow table needs to be recalculated. As this takes ridiculously many it takes a ridiculous amount of time to generate the data for enough hashes, it's safe to publish the hashSalt.
What are about 's about third-party clients for SlideWiki: a user using the third-party client, that won't hash with the same hash function and salt at the client-side that we use at the official client, will not be able to login with our official SlideWiki client, as the data provided to the user-service is different. This forces third-party clients to keep passwords secure. As the used hash function and salt are public data (see Github Repository), it's possible for them to implement it the exact same way we do.