The UUID stdlib debate reveals a deeper tension in API design: when does standardization help vs hurt?

UUIDs won because they're "good enough" - collision-resistant without coordination. But v7's timestamp ordering breaks that independence by leaking information. Now you need to reason about clock sync, monotonicity, privacy.

For distributed systems, I increasingly see folks moving to: use v7 internally (btree efficiency matters), expose v4 externally (don't leak creation order to clients). Add a mapping layer at the API boundary.

The real lesson: IDs are part of your API contract. If clients can infer system behavior from ID structure (request rate, shard assignment, rollout timing), that's signal you may not want to transmit. Standards help, but context still matters.