UUID: An Unpackaged Review
Overview
Do you have a large distributed system and want data to be unique across the whole system? When it comes to keeping information unique in a system of any scale, single / distributed systems, UUID provides a great way to do so. In this article, let’s briefly go through the different versions of UUID and it’s package support in npm .
As we all know, a universally unique identifier (UUID) is used to identify information in computer systems. It’s a 128 bit number, represented in 32 hexadecimal digits and split up into 5 groups. The effect is that these identifiers are practically unique with almost a zero probability of duplication. A load off your mind! :P
Highlights
The package being used here in npm is uuid and as you know, can be installed using the command npm install uuid. It provides typescript typings through @types/uuid
For React Native, import the following:
import 'react-native-get-random-values';
To delve a little deeper, there are four versions of UUID which are supported by npm, versions 1,3,4 and 5. Let us see the features and usage of all the uuid versions there are, so you can decide which version is best applicable to your use case.
uuid v1
The v1 uuids are generated by using the date-time and the MAC address of the system on which it is being generated. With such a unique combination, it is nearly impossible to duplicate the uuid.
Usage:
import {v1 as uuidv1} from ‘uuid’;
Ways to define it -
uuidv1();uuidv1(options);uuidv1(options, buffer, offset);
Options includes a wide variety of properties such as node, clockseq, msecs, nsecs, random, clockseq and range .If you want the id in the form of a buffer, you can specify that argument too!
A sample list for the ‘options’ argument -
const optionsv1 = {
node: [0x09, 0x56, 0x21, 0x67, 0x92, 0xab],
clockseq: 0x1357,
msecs: new Date('2020-06-12').getTime(),
nsecs: 7777,
};
uuidv1(optionsv1, buffer, 0);
In case you would want uuid to indicate the date and the computer on which it was generated, v1 is a great option to go with. But a drawback of this is that the anonymity is lost in a way. Someone could identify the MAC address of the device and time at which the uuid was generated. It is unique but not un-guessable. A great application would be to use v1 UUIDs for transaction IDs.
uuid v3 and v5
The v3 and v5 uuid generation work on the same principle. Both uuids are generated from custom names and namespaces. The only difference between v3 and v5 are the hash algorithms used to generate them. v3 uuid generation uses MD5 whereas v5 uses SHA-1.
import { v3 as uuidv3 } from 'uuid'; //v3import { v5 as uuidv5 } from 'uuid'; //v5
Ways to define it -
uuidv3/uuidv5(name, namespace);uuidv3/uuidv5(name, namespace, buffer);uuidv3/uuidv5(name, namespace, buffer, offset);
Custom names and namespaces can be provided for the uuids to be generated. The uuid is generated in the given namespace using the specified input name. The MD5/SHA1 algorithms work on the base hash created by appending the namespace and name together. v3 and v5 versions are interoperable between implementations. Different systems can generate the same UUIDs if the the same base name and namespaces are used in them.
A sample definition -
uuidv3('v3unpackaged.reviews', MY_NAMESPACE);
uuidv5('v5unpackaged.reviews', MY_NAMESPACE);Where the first argument is the 'name' provided and the second argument is the 'namespace' UUID which is either a byte array or a string.
Few drawbacks are that multiple domains can generate different UUIDs even if their resource paths are the same, and some services can always consistently generate the same UUID.
One of the use cases of v3 and v5 uuids are exclusively used could be in content-addressable storage systems. Some implementations of CAS systems are Git, git-annex, Cassette, casync and many more.
uuid v4
v4 UUIDs are used for creating uuids from pseudo-random or truly random numbers.Each and every bit of the 128 bits is generated in a completely random manner.
import { v4 as uuidv4 } from 'uuid';
Ways to define it -
uuidv4();uuidv4(options);uuidv4(options, buffer, offset);
options — There are two types of values which can be specified.
rng: This option is a random number generator which returns an array of 16 randomly generated values.random: An array of 16 hex numbers can be passed to be used in place of the randomly generated values.
A sample definition -
const v4options = {
random: [0xab, 0xcd, 0xef, 0x12, 0x34, 0x56, 0x78, 0x90, 0x13, 0x57, 0x24, 0x68, 0xaf, 0xbe, 0xcd, 0x01],
};
uuidv4(v4options, buffer, 0);With the total number of possible combinations (2¹²⁸), duplication of UUIDs would be near impossible unless trillions of IDs are generated every second, for many many years. This in a practical sense is not possible.
Considering how random the UUIDs are, this would probably be the best way to generate UUIDs. ID generation is quick and easy. This is also the most used version of UUID.
If you are unsure of which uuid version to use while generating unique values, it would be best to use the v4 due to it’s randomness.
Concerns/Pain points of all the UUID versions in general
- Taking all these UUIDs into consideration, sometimes they can prove to be a bit too heavy on the systems in terms of their storage. They are stored as varchar(36) in mysql and 16-byte datums in postgresql.
- It’s also advisable to not store UUIDs are primary keys, one because of their size but also because of the fact that string sorting is much slower than numbers.
In conclusion, all these UUID versions are useful in their own ways for their respective use cases. I hope you’ve got a decent insight into what each UUID versions represent and how they can be defined and used in your applications.
Evaluation Metrics
Links
Video Review of the Package
Video review of the package with interesting use cases and in-depth exploration of the features is coming soon!
Disclosures
The content and evaluation scores mentioned in this article/review is subjective and is the personal opinion of authors at Unpackaged Reviews based on everyday usage and research on popular developer forums. They do not represent any company’s views and is not impacted by any sponsorships/collaboration.
