---
id: document-sha256-tradeoff
name: Document SHA-256 API Key Hashing Trade-Off
status: completed
depends_on: []
scope: narrow
risk: low
impact: isolated
level: implementation
---

## Description

W13: API keys are stored as SHA-256 hashes — a fast hash, not a deliberately slow KDF (bcrypt/Argon2). If the database is compromised, SHA-256 hashes can be brute-forced faster than slow hashes. However, API keys are high-entropy machine-generated strings (128-bit+), making brute-force infeasible even with a fast hash. No ADR documents this trade-off.

Add documentation to ADR-010 or relevant section explaining why SHA-256 is acceptable for high-entropy API keys.

## Acceptance Criteria

- [ ] ADR-010 (or a new ADR) documents the SHA-256 vs KDF trade-off
- [ ] Rationale includes: high-entropy keys make brute-force infeasible, O(1) verification latency at high throughput
- [ ] Explicitly states this is acceptable because keys are machine-generated, unlike human passwords
- [ ] Cross-reference from `identity.md` api_keys section to the ADR

## References

- docs/reviews/storage-architecture-review-2026-04-21.md#W13
- docs/architecture/storage/identity.md:74
- docs/decisions/ADR-010

## Notes

> To be filled by implementation agent

## Summary

> To be filled on completion