Readit News logoReadit News
aabbdev commented on Think memcmp is safe? Think again   github.com/stateless-me/f... · Posted by u/aabbdev
aabbdev · 2 months ago
Shipped a timing leak via early-exit memcmp + secret branch. Flatline is a single-header toolbox for constant-time C (CT compare/select/lookup/div) guided by B.I.D.—no Branch on secrets, no secret Index, no variable-latency ops. DUDECT tests; feedback on LTO/autovec welcome
Posted by u/aabbdev 2 months ago
Think memcmp is safe? Think againgithub.com/stateless-me/f...
aabbdev commented on UUIDv47: Store UUIDv7 in DB, emit UUIDv4 outside (SipHash-masked timestamp)   github.com/stateless-me/u... · Posted by u/aabbdev
kevlened · 3 months ago
One impact of the_mitsuhiko's second point is during debugging.

Usually if you see an id in your http logs you can simply search your database for that id. The v4 to v7 indirection creates a small inconvenience.

The mismatch may be resolved if this was available as a fully transparent database optimization.

aabbdev · 3 months ago
A Postgres extension is currently in development to provide transparent database optimization with custom type uuid45 and optional helpers ;)
aabbdev commented on UUIDv47: Store UUIDv7 in DB, emit UUIDv4 outside (SipHash-masked timestamp)   github.com/stateless-me/u... · Posted by u/aabbdev
the_mitsuhiko · 3 months ago
Two pieces of feedback here:

1. You implicitly take away someone else's hypothetical benefit of leveraging UUID v7, which is disappointing for any consumer of your API.

2. By storing the UUIDs differently on your API service from internally, you're going to make your life just a tiny bit harder because now you have to go through this indirection of conversion, and I'm not sure if this is worth it.

aabbdev · 3 months ago
You can always treat IDs as UUIDv4, while actually storing them as UUIDv7—combining the benefits of both. From your perspective, they’re just UUIDv4
aabbdev commented on UUIDv47: Store UUIDv7 in DB, emit UUIDv4 outside (SipHash-masked timestamp)   github.com/stateless-me/u... · Posted by u/aabbdev
aabbdev · 3 months ago
Hi, I’m the author of uuidv47. The idea is simple: keep UUIDv7 internally for database indexing and sortability, but emit UUIDv4-looking façades externally so clients don’t see timing patterns.

How it works: the 48-bit timestamp is XOR-masked with a keyed SipHash-2-4 stream derived from the UUID’s random field. The random bits are preserved, the version flips between 7 (inside) and 4 (outside), and the RFC variant is kept. The mapping is injective: (ts, rand) → (encTS, rand). Decode is just encTS ⊕ mask, so round-trip is exact.

Security: SipHash is a PRF, so observing façades doesn’t leak the key. Wrong key = wrong timestamp. Rotation can be done with a key-ID outside the UUID.

Performance: one SipHash over 10 bytes + a couple of 48-bit loads/stores. Nanosecond overhead, header-only C11, no deps, allocation-free.

Tests: SipHash reference vectors, round-trip encode/decode, and version/variant invariants.

Curious to hear feedback!

Posted by u/aabbdev 3 months ago
UUIDv47: Store UUIDv7 in DB, emit UUIDv4 outside (SipHash-masked timestamp)github.com/stateless-me/u...
a

u/aabbdev

KarmaCake day112September 17, 2025View Original