I don't want to share my primary key in the API, So I used UUID4 to generate unique row id.
But I need to find that row by using generated uuid which may cause performance issues as it's string and also length is too long.
I tried converting this uuid to decimal on base 16.

const uuid = UUIDV4() //57d419d7-8ab9-4edf-9945-f9a1b3602c93
const uuidToInt = parseInt(uuid, 16)
console.log(uuidToInt) //1473518039

By default it is only converting first chunk to decimal
Is safe to use it this way?
How much possibility is there to loose uniqueness of the row?

I don't want to share my primary key in the API, So I used UUID4 to generate unique row id.
But I need to find that row by using generated uuid which may cause performance issues as it's string and also length is too long.
I tried converting this uuid to decimal on base 16.

const uuid = UUIDV4() //57d419d7-8ab9-4edf-9945-f9a1b3602c93
const uuidToInt = parseInt(uuid, 16)
console.log(uuidToInt) //1473518039

By default it is only converting first chunk to decimal
Is safe to use it this way?
How much possibility is there to loose uniqueness of the row?

• javascript
• uuid

• It's only converting the first part of the uuid - up to the "-". You can't do that with a single "parseInt". – Michael Chaney Commented Feb 7, 2020 at 12:43
• yes, that I realized, also updated the description.thanks – Sujeet Commented Feb 7, 2020 at 12:44
• maybe we should start with your initial sentence: "I don't want to share my primary key in the API" why not? are these uuids or are they numbers? If they are numeric, do they expose any information, besides being a unique identifier? – Thomas Commented Feb 7, 2020 at 13:31
• Of course they do. users/:id/profile. maybe bad route design. But what if anyone else is trying to get user's data. Maybe Admin. So yeah. – Sujeet Commented Feb 7, 2020 at 15:37
• "maybe bad route design" not at all. "But what if anyone else is trying to get user's data." then he should not get it. The API endpoints should be secured that only people with the right credentials can access them. Security through obscurity is very weak. – Thomas Commented Feb 7, 2020 at 16:01

3 Answers 3

I tried converting this uuid to decimal on base 16.

decimal or hexadecimal. A number can't be both. Besides that, the uuid is already a hexadecimal format.

That's how you can convert it into a decimal value.

var uuid = "57d419d7-8ab9-4edf-9945-f9a1b3602c93";
var hex = "0x" + uuid.replace(/-/g, "");
var decimal = BigInt(hex).toString(); // don't convert this to a number.
var base64 = btoa(hex.slice(2).replace(/../g, v => String.fromCharCode(parseInt(v, 16))));

console.log({
  uuid,
  hex,
  decimal,
  base64
});

Careful, don't convert the BigInt value to a regular number, JS Numbers can not deal with values that big. They have only 53bits of precision. You'll lose the 75 least significant bits of your uuid.

Edit: added base64.

Is safe to use it this way?

That depends on your definition of safe.

How much possibility is there to loose uniqueness of the row?

A UUIDv4 has 128 bits, so there are 2¹²⁸ theoretical possible binations.

So that's 18'446'744'073'709'551'616 possible UUIDs.

Taking the first section of an UUID leaves you with 32 bits which gives you 2³² possible binations: 4'294'967'296.

var uuid = "144b60e1-6860-4c42-a698-5e17e8a4dcca";
var hex = "0x" + uuid.replace(/-/g, "");
var decimal = BigInt(hex).toString(); // don't convert this to a number.
var base64 = btoa(hex.slice(2).replace(/../g, v => String.fromCharCode(parseInt(v, 16))));

console.log({
  uuid,
  hex,
  decimal,
  base64
});