SHA-256 Cryptanalytic Experiments

Sharing what I saw posted elsewhere. By Noctarion, an independent cryptography researcher.

I ran 60 cryptanalysis experiments on SHA-256. Here’s what I found.

TL;DR
SHA-256 cannot be broken. No shortcut for mining exists. But proving that produced 7 novel findings.

The 7 novel findings:

1. Double-SHA-256 is NOT two independent hashes (9.56σ)
2. |HW(a)-16| → leading zeros: 20.48σ
3. Round 8 is the “insulator” — 17× drop
4. Nonce identity preserved (26.25σ) — but useless
5. Mixing: 85% linear + 15% nonlinear
6. First algebraic mining impossibility proof via Z3
7. Groebner basis: 2^71 worse than brute force

All 19 Frameworks — 0 Exploitable Signals

Sources:

• I ran 60 cryptanalysis experiments on SHA-256. Here's what I found. - DEV Community
• SHA-256 Cryptanalytic Experiments — 60 Python Scripts (Noctarion 2026)

Paper link (awaiting review, should show later):

• https://eprint.iacr.org/2026/109079

Bitcoin SE post:

• https://bitcoin.stackexchange.com/questions/130694/why-does-sha-256d-double-sha-256-in-bitcoin-have-a-constrained-message-schedul