alt Hacker NewsSure.
Now generate your random ID. Did you use a CSPRNG, or were your devs lazy and just used a PRNG? Are you doing that every time you're generating one of these IDs in any system that might need to communicate with your API? Or maybe they just generated one random number, and now they're adding 1 every time.
Now transfer it over a wire. Are you sure the way you're serializing it is how the remote system will deserialize it? Maybe you should use a string representation, since character transmission is a solved problem with UTF-8. OK, so who decides what that canonical representation is? How do we make it recognizable as an ID without looking like something that people should do arithmetic with?
It's not like random IDs were a new idea in 2002.
Replies
How's your UUIDv4 generated?
> Are you sure the way you're serializing it is how the remote system will deserialize it?
It's 16 bytes. There's no serialization.
You are really making it seem like a huge problem. Generate random bytes, serialize to a string and store in a db. Done
A downvote tells me nothing. Please tell me what I'm missing, maybe I could learn something
None of these are rocket-science problems, they're just standardization issues. You build a library with your generate_id/serialize_id/deserialize_id functions that work with a wrapper type, and tell your devs to use that library. UUID libraries are exactly that, except backed by an RFC.