|
|
|
|
|
|
by nivertech
1290 days ago
|
|
|
ULID leaks information about when the user was created (while serial IDs leaking the order in which users were created and their cardinality). I'm using ULIDs for the cases when the entity is publicly orderd by time: any timestamped event, e.g. a chat message, a log entry, or a sensor measurement/metric. But need to be careful that the timestamp resolution is detailed enough. Also, while ULID might be good for optimizing RDBMS indexes, it might create hotspots in NoSQL K/V stores (i.e. all entities will be created on the same node in the cluster). |
|
|
How often is this really a bad thing? Are you worried about someone enumerating the entire space of possible ULIDs for every millisecond without ever rate-limiting them? Not many people are building anonymous, privacy-first websites and there's plenty of other ways to determine when a user first started using the site regardless.