axiom-file-protection-ref

# iOS File Protection Reference

**Purpose**: Comprehensive reference for file encryption and data protection APIs
**Availability**: iOS 4.0+ (all protection levels), latest enhancements in iOS 26
**Context**: Built on iOS Data Protection architecture using hardware encryption

## When to Use This Skill

Use this skill when you need to:
- Protect sensitive user data at rest
- Choose appropriate FileProtectionType for files
- Understand when files are accessible/encrypted
- Debug "file not accessible" errors after device lock
- Implement secure file storage
- Compare Keychain vs file protection approaches
- Handle background file access requirements

## Overview

iOS Data Protection provides **hardware-accelerated file encryption** tied to the device passcode. When a user sets a passcode, every file can be encrypted with keys protected by that passcode.

**Key concepts**:
- Files are encrypted **automatically** when protection is enabled
- Encryption keys are derived from device hardware + user passcode
- Files become **inaccessible** when device is locked (depending on protection level)
- No performance cost (hardware AES encryption)

---

## Protection Levels Comparison

| Level | Encrypted Until | Accessible When | Use For | Background Access |
|-------|-----------------|-----------------|---------|-------------------|
| **complete** | Device unlocked | Only while unlocked | Sensitive data (health, finances) | ❌ No |
| **completeUnlessOpen** | File closed | After first unlock, while open | Large downloads, videos | ✅ If already open |
| **completeUntilFirstUserAuthentication** | First unlock after boot | After first unlock | Most app data | ✅ Yes |
| **none** | Never | Always | Public caches, temp files | ✅ Yes |

### Detailed Level Descriptions

#### .complete

**Full Description**:
> "The file is stored in an encrypted format on disk and cannot be read from or written to while the device is locked or booting."

**Use For**:
- User health data
- Financial informa