ExCuid2 generates secure, collision-resistant unique identifiers designed for efficiency and horizontal scaling. They are an excellent choice for primary keys in distributed databases. Includes a type to work with Ecto
Features:
Collision-Resistant: Uses multiple entropy sources to minimize the probability of collisions, even in high-concurrency systems.
Secure: Starts with a random letter to prevent enumeration attacks and uses :crypto.strong_rand_bytes for cryptographically secure entropy.
Scalable: Includes a process fingerprint to ensure uniqueness across different nodes and application restarts.
Efficient: Implemented with a stateful Agent to manage an atomic counter quickly and safely.
Customizable: Allows generating IDs with a length between 24 and 32 characters.
Supervisable: Can be added directly to your application’s supervision tree.
This is not a comment on your implementation, but I had never heard of these before and had a look at the original repo and I have to say it gives off some weird vibes. It seems like their main argument is that UUIDv4 is bad if you use a weak source of entropy (yeah, obviously) and that CUID is better because it combines “multiple sources of entropy”.
There are a lot of weird claims about security and other things. The section on k-sortability is particularly bizarre (“cloud databases” store all their data in memory so it doesn’t matter? seriously?).
Anyway, :crypto.strong_rand_bytes() should have sufficient entropy to generate ids, or at least I hope it does! Is there any other functionality that CUID2 offers over the (well-standardized) UUIDv4/7?
Of course, if someone is already using these it’s still good to have a library for them, so definitely don’t take my comments as directed at you
