RFC: Consider adding one or two extra characters to the encoding for a checksum

jetify-com / typeid

Type-safe, K-sortable, globally unique identifier inspired by Stripe IDs

Apache License 2.0

2.91k stars 38 forks source link

RFC: Consider adding one or two extra characters to the encoding for a checksum #14

Open loreto opened 1 year ago

loreto commented 1 year ago

One the top comments in the HackerNews discussion was:

I've been doing this kind of thing for years with two notable differences: ...

I add two base-32 characters as a checksum (salted of course). This is prevents having to go look at the datastore when the value is bogus either by accident or malice. I'm unsure why other implementations don't do this.

Should we do that as part of the official TypeID spec?

conradludgate commented 1 year ago

checksum (salted of course) value is bogus either by accident or malice

This is implying some cryptographic solution AFAIU (A CRC checksum won't protect from malice). I feel like a cryptographic addition to this specification would overcomplicate it considerably and add.

With adding 2 extra base32 characters, however, we have 12 bits to play with, so we can use a CRC-12 for the checksum