SHA-256 — Definition and Properties
SHA-256 is a cryptographic hash function that maps any input to a 256-bit digest with strong preimage, second-preimage, and collision resistance.
- SHA-256 produces a fixed 256-bit digest from any input, specified in NIST FIPS 180-4.
- It provides preimage resistance, second-preimage resistance, and collision resistance.
- NakedPnL uses SHA-256 for content hashing, the per-trader hash chain, and the daily Merkle tree.
Definition
SHA-256 is a cryptographic hash function from the SHA-2 family, specified by the US National Institute of Standards and Technology in FIPS 180-4. It accepts an input of arbitrary length and produces a deterministic 256-bit (32-byte) digest. The same input always yields the same digest, but recovering the input from the digest, or finding two inputs with the same digest, is computationally infeasible with current hardware.
Three security properties
- Preimage resistance: given a digest h, it is computationally infeasible to find any input x such that SHA-256(x) = h. This is what stops an attacker from inverting a published hash to recover the underlying data.
- Second-preimage resistance: given an input x1, it is computationally infeasible to find a different input x2 such that SHA-256(x1) = SHA-256(x2). This is what stops an attacker from substituting an alternate record for an honest one while keeping the same hash.
- Collision resistance: it is computationally infeasible to find any pair (x1, x2) with x1 != x2 and SHA-256(x1) = SHA-256(x2). The current best generic attack requires roughly 2^128 operations, well outside practical reach.
How NakedPnL uses it
SHA-256 is the only hash function used in NakedPnL's verification pipeline. Each raw venue response is canonicalized to RFC 8785 byte-stable JSON and then hashed: `contentHash = SHA-256(canonicalize(rawResponse))`. The per-trader chain link is `chainHash = SHA-256(previousChainHash || contentHash)`, with the literal string `"genesis"` as the seed. Finally, every chain head is fed into a daily SHA-256 Merkle tree whose root is anchored to Bitcoin via OpenTimestamps. Using a single hash function across all three layers simplifies verification: a third party only needs one SHA-256 implementation.
Worked example
// Browser, using the Web Crypto API.
async function sha256Hex(input) {
const data = new TextEncoder().encode(input);
const buf = await crypto.subtle.digest("SHA-256", data);
return Array.from(new Uint8Array(buf))
.map(b => b.toString(16).padStart(2, "0"))
.join("");
}
await sha256Hex("");
// "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
await sha256Hex("genesis");
// "e7c87a5b1c2d... (a deterministic 64-character hex digest)"Why SHA-256 specifically
SHA-256 is widely deployed (Bitcoin, TLS certificates, Linux package managers, Git), specified by NIST, implemented in every mainstream language and operating system, and accelerated in hardware on every modern CPU via the SHA-NI instruction set. Choosing it minimizes the implementation surface a verifier must trust: any standards-conforming SHA-256 implementation produces the same digest as NakedPnL's, so a verifier can use whichever language or runtime they already have.
Related terms
- Hash chain — uses SHA-256 to link consecutive records.
- Merkle tree — uses SHA-256 at every internal node and leaf.
- Content hash — NakedPnL's name for SHA-256 of canonicalized raw venue data.
- Canonical JSON — RFC 8785 serialization that ensures the same JSON object always hashes to the same digest.