Comment by eaf7e281
20 hours ago
> leak state (e.g. UUIDv7)
But according to PostgreSQL, UUIDv7 provides better performance in the database, so is this essentially a trade off between security and speed?
20 hours ago
> leak state (e.g. UUIDv7)
But according to PostgreSQL, UUIDv7 provides better performance in the database, so is this essentially a trade off between security and speed?
Yes, because UUIDv7 gives up some random bits in order to include the timestamp, which is done in a way that makes UUIDv7s quick to sort by timestamp.
How does including the timestamp expose me to adversarial exploitation?
It reveals the time you created the UUID, for one. That can lead to a bunch of problems.
The same way using an auto increment integer ID does, but imagine that integer also leaked your created timestamp column too.
I’ve not come across any.