It's an inevitable consequence of a good hash function. Every string you try is going to give you a different hash, so you just need to try enough strings.

But each time you add another digit to the prefix you're looking for, the difficulty of the match goes up by about 16 times.

If you're only looking for a few digits in the hash, then any brute force that is capable of changing the string every time you attempt the match will always find it. If you're looking for seven digits in the hash only, then it'll take on average 134217727 attempts. Which isn't really all that many on modern hardware.

So, implications-wise: where is the rub here? Where can this be used or exploited for fun or profit?

1.) Pick one of the old abandoned Bitcoin addresses

2.) Start looking for a key match using this technique

3.) Heat death of the universe

4.) Profit!

I wonder how many of the Lastpass vaults had the private keys in the very unencrypted notes sections...

Find somewhere people look at only a small fraction of a hash?

That's mostly git commits.

Oh, that's evil.

In some places my tooling only shows 7 digits of the git SHA. I wonder how hard it would be to write something to tweak my commits until those are all the same. And I wonder how long it would take until someone noticed...

It just makes it seem like sha256 can be reversed (which would be a major security issue) but it's an illusion as the sentence only predicts the first 7 digits of its own hash which isn't difficult to guess through brute force.

If you keep randomly changing letters or words in a sentence, you can eventually make sha256 spit out a hex string whose start matches any 7 digit hex sequence you want.

So it would be a problem if someone had a 7 character password? Of varying entropy or only digits?

If the password was in hex format yes. Hex has 16 alphanumeric characters. The English alphabet has 36 alphanumeric characters so that's a lot harder to break at as 36 ^ 7 is much larger than 16 ^ 7.