hash-truncation-is-16-hex
OUT premise
Source hashes are SHA-256 truncated to the first 16 hex characters (64 bits), reducing collision resistance to ~32 bits for birthday attacks compared to the full 256-bit hash.
Summary
The system identifies content using shortened SHA-256 hashes, keeping only the first 16 hex characters instead of the full hash. This dramatically weakens collision resistance — an attacker or even normal usage at scale could find two different inputs producing the same truncated hash with roughly 2^32 (about 4 billion) attempts, which is computationally trivial by modern standards. This matters because hash collisions could cause the system to confuse distinct pieces of content, leading to incorrect lookups or silent data corruption.
Dependents
These beliefs depend on this one:
- architecture-sustains-gapless-lifecycle — Architectural safety (clean layer boundaries with atomic isolated mutations) sustains gapless lifecycle management (staleness detection plus propagation lifecycle awareness) — beliefs are correctly managed at every point in their lifecycle, backed by structural guarantees that lifecycle operations execute atomically and without cross-layer leakage.
- belief-currency-is-actively-managed — The system actively manages belief currency bidirectionally: the production-ready derive pipeline safely introduces new beliefs through defensive validation, while the staleness CI gate detects drift in existing beliefs against source material — together preventing both unsafe additions and undetected obsolescence.
- complete-system-is-self-correcting — The system actively maintains its own consistency along two independent dimensions: the TMS core handles exceptional conditions (contradictions trigger deterministic resolution, propagation respects lifecycle state), while belief currency management detects and surfaces drift in source material — no inconsistency persists undetected or unresolved.
- external-beliefs-are-safe-and-current — External beliefs are managed end-to-end across their complete lifecycle with no gap between ingestion safety and ongoing maintenance: defensively contained at ingestion through layered validation, correctly lifecycle-managed through import reconciliation and staleness checking, and actively tracked for currency — no external belief enters unvalidated, drifts undetected, or persists without lifecycle oversight.
- lifecycle-management-is-gapless — The system manages belief lifecycle without gaps across all operation types: staleness checking detects all forms of source drift, propagation respects node lifecycle states, and both read and write paths enforce consistent lifecycle semantics — no operation ignores or corrupts lifecycle state.
- self-correction-is-resource-sustainable — The system's self-correction capability — contradiction resolution at derivation time and staleness detection at maintenance time — is resource-sustainable: accurate bidirectional token budgets support continuous belief derivation and maintenance, ensuring the correction loop can operate indefinitely without resource exhaustion.
- staleness-gate-catches-all-drift — The staleness CI gate detects all forms of source material drift without false negatives.
Details
| Source | entries/2026/04/23/reasons_lib-check_stale-check_stale.md |