Primary Keys Using Uuid V7 Are Potentially an HR Violation

Posted3 months agoActive3 months ago

MikeNotThePope

21 points

16 comments

mikenotthepope.comTechstory

calmmixed

Debate

40/100

Database DesignUuidData Privacy

Key topics

Database Design

Uuid

Data Privacy

The article discusses how using UUID v7 as primary keys in databases could potentially be an HR violation due to the timestamp information they contain, sparking a discussion on data privacy and database design trade-offs.

Snapshot generated from the HN discussion

Discussion Activity

Moderate engagement

First comment

Peak period

2-3h

Avg / period

3.2

Comment distribution16 data points

Loading chart...

Based on 16 loaded comments

Key moments

01Story posted
Oct 6, 2025 at 12:56 PM EDT
3 months ago
Step 01
02First comment
Oct 6, 2025 at 1:01 PM EDT
5m after posting
Step 02
03Peak activity
6 comments in 2-3h
Hottest window of the conversation
Step 03
04Latest activity
Oct 6, 2025 at 5:10 PM EDT
3 months ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (16 comments)

Showing 16 comments

duxup

3 months ago

1 reply

I suppose you can infer, very roughly, that a UUID with an older date stamp inside it is possessed by an older user ... very roughly.

At the same time age of account is all over forums and other places, often used to demonstrate a certain level of trust vs say new accounts.

Is that also a privacy issue? I'm not sure I like the implications if it is.

MikeNotThePopeAuthor

3 months ago

Practically speaking, an applicant's resume/CV will say more about their age than a UUID v7. I think the risk of someone's minimum age being leaked is low, but it's not zero, so I went with UUID v4. Mostly I just thought it was interesting, so I shared :)

tgma

3 months ago

1 reply

The encryption implementation suggested seems overkill and problematic as it increases the size of the ID. UUID is 128 bit which is the same block size as AES. You can simply apply AES to transform the input block with a secret key to and directly expose the result. No need for CBC mode or IVs etc as it is desirable for the same input to map to the same output all the time.

londons_explore

3 months ago

2 replies

Now you have a secret key that must live in every web server yet can never be rotated.

That's a different kind of maintenance nightmare.

ianburrell

3 months ago

1 reply

The solution is to use hash function. It is fine to cut down hash output so 128-bit from SHA-1 would be fine.

tgma

3 months ago

How would you look up the key if it is passed it back to you from another API? It won't be reversible.

If you want to persist two keys, you might as well generate a random second key and persist that. No crypto shenanigans needed.

tgma

3 months ago

That limitation is present in the CBC mode solution presented as well. A random IV will not help you avoid "key rotation" if that's a design requirement. By design, you won't want to rotate the key as the encrypted UUID will likely be stored in external places to refer to the specific user and it cannot change unless you basically persist the encrypted ID somewhere, in which case you might as well have two IDs, one completely random.

onnnon

3 months ago

2 replies

Don't expose primary keys to the public. Create separate external ids instead. I personally use BIGINT primary keys, with UUIDv4 external ids, but any random string will do.

0cf8612b2e1e

3 months ago

1 reply

Certainly seems the easiest solution. A lot of handwringing about poor database performance of UUID4 when you could use it exclusively for an external identifier all for the cost of an additional column.

WorldMaker

3 months ago

Also, poor performance of UUIDv4 primary keys is most related to how write heavy your table is in the first place, and in particular how insertion heavy it is. In theory your users table shouldn't be very write-heavy, even if it may be insertion-heavy compared to other writes.

sigwinch

3 months ago

Plus, it’s easy to tell v4 from v7, if internally you have no choice on keys.

abujazar

3 months ago

1 reply

External IDs shouldn't contain any metadata, UUIDv4 should be used for those. UUIDv7 is suitable for database primary keys when simple incremental IDs are not sufficient, but primary keys should really never be used externally.

MikeNotThePopeAuthor

3 months ago

1 reply

For some things there's no obvious unique identifier other than a something random. Out of curiosity, do you maintain separate IDs, one internal and one external?

abujazar

3 months ago

Yea, I usually keep a simple incremental ID or whatever is default for internal IDs, and a separate external ID for entities that are presented externally. For security and not unnecessarily leaking info about the number of records, time and rate of record creation etc. UUIDv4 is convenient for uniqueness, but impractical if the ID needs to be conveyed over phone or written down – or used in URLs, so I often use some system for slugs or short codes in addition to the UUID.

tracker1

3 months ago

Job history, education history, actual date of birth capture, military service etc are all other parts of applying for a job generally speaking and can also determine if someone is "old" ... as an older guy, I myself have seen a lot of shift the closer I got to my current age of 50yo.

UUIDv7 isn't exactly the compromise it's made out to be in the current context.

jerlam

3 months ago

If this is well-known, won't applicants create new accounts instead of ever using the old ones? Like unsold houses, if they're on the market too long, the listing will be removed and a new one will be created instead of dropping the price to maintain that illusion of a new listing.

View full discussion on Hacker News

ID: 45493390Type: storyLast synced: 11/20/2025, 2:40:40 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Open link View on HN