SHA-256 IP Hashing
SHA-256 IP Hashing is a server-side technique where each visitor's IP address is hashed with SHA-256 before any storage, so ONOXIA can identify abuse patterns and rate-limit without retaining personally identifiable IP data.
Purpose
Under GDPR, an IP address is personal data. Storing IPs in plain text creates compliance risk and requires explicit lawful basis. Hashing removes the data subject's identifiability while preserving the only property ONOXIA needs from the IP — equality, for rate-limiting and abuse detection.
Scope
Applies to every request that hits the ONOXIA bot worker, the chat dashboard, the embed CDN, and the email agent ingress. Plain IPs never leave the request handler; the hash is computed before any log line or database write.
Components
- Pre-hash salt — per-deployment secret, rotated quarterly, never logged.
- Algorithm — SHA-256 over
salt || ip. - Storage — only the resulting 32-byte hash is persisted, indexed for rate-limit lookups.
- Retention — hashes are deleted after the rolling rate-limit window expires.
Outputs
- Rate-limit decisions per visitor without storing the IP.
- Abuse detection (repeated identical hashes from the same conversation flagged automatically).
- An auditable GDPR position: no plaintext IPs anywhere in the stack.
Relationships
SHA-256 IP Hashing constrains every storage path used by the SoftwareApplication and is a precondition for the GDPR claim made by the Shadow DOM Chat Widget on the marketing site.
Authority
Defined by OCENOX LTD.
Version
1.0 — 2026-05-22
関連用語
- Retrieval-Augmented Generation (RAG) — A pattern that retrieves passages from a private knowledge base before an LLM generates an answer, so responses cite your own documents instead of fabricating facts.
- Persona Configuration — A per-site bundle that defines who the bot is, how it speaks, which tools it may call, and what it must refuse. Personas sit between the visitor's question and the LLM, shaping the system prompt and tool registry for every conversation on that site.