Much fewer than 32 bytes will do, too. If the server doesn't have the file but wants to pretend it does, it could report random numbers. Those would be correct for a chance of 1 in 256 for 1 byte or 1 in ~4bn for 4 bytes I think that's safe enough.
Sketch of a protocol I discussed with nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s for proving storage of a file.
before uploading, select 32 random bytes from the file, store their indices and the sha256 hash. do this 1000 more times (select 32 different random byes, calc sha256).
upload the file to the server. every day, ask for the hash of the 32 bytes at the indices stored from the server. if it matches transfer some sats. if not the server no longer has the file. you can check for 1000 days.
Discussion
Chances would be greater for real world data. It's not perfectly random. Server could record the most common byte sequences and report those.
Correct but then again I'm assuming the file is on the server for archival storage to begin with so it's probably compressed in one way or the other which does a pretty good job at removing the common sequences and making it pretty close to random.