Skip to content
Advertisement

Laravel UUID’s and their uniqueness?

I have two tables, one for lists and another that stores a history of lists that were created. These lists are very temporary and they can be deleted by numerous methods so I add a reason field on the history for that.

//Lists table
Schema::create('lists', function (Blueprint $table) {
  $table->increments('id');
  $table->string('name');
  $table->text('message');
  $table->uuid('uuid');
  $table->timestamps();
});

//History table
Schema::create('history', function (Blueprint $table) {
  $table->increments('id');
  $table->string('name');
  $table->text('message');
  $table->string('reason');
  $table->uuid('uuid');
  $table->timestamps();
});

Now both have a uuid field and I can generate an actual string to store with Laravel’s helper function $uuid = (string) Str::uuid();

$list = new List;
$list->name = 'A basic fact of life';
$list->message = 'Pineapple does not belong on pizza.'
$uuid = (string) Str::uuid();
$list->uuid = $uuid;
$list->save();

Now when I successfully delete a record from Lists, I additionally create a new record in the history with its data.

$list = find($id);
$destroy = List::destroy($id);
if($destroy) {
  $history = new History;
  $history->name = $list->name;
  $history->message $list->message;
  $history->uuid = $list->uuid;
  $history->reason = 'some reason';
  $history->save();
}

So my question is, how will Laravel know that the next UUID I generate is actually unique?

The so called duplicate question linked doesn’t actually say how or whether it knows the next UUID is actually unique to the past ones created but rather gives a probability.

Advertisement

Answer

Laravel implements UUID v4, defined by RFC 4122 to be unique. The RFC states (emphasis mine):

Identifier uniqueness considerations:
This document specifies three algorithms to generate UUIDs: the first leverages the unique values of 802 MAC addresses to guarantee uniqueness, the second uses pseudo-random number generators, and the third uses cryptographic hashing and application-provided text strings. As a result, the UUIDs generated according to the mechanisms here will be unique from all other UUIDs that have been or will be assigned.

Laravel doesn’t so much “know” that it’s unique, but rather “trusts” it is because the algorithm is defined to be unique with respect to all others generated by that algorithm.

There’s an important caveat here. The algorithm requires a sufficient entropy source to guarantee the commonly cited claim that you’d need to create trillions a day for the next 100 years to have a 50/50 chance of a dupe. To that end, Laravel leans on ramsey/uuid to do the actual v4 generation. ramsey/uuid uses, long story short, random_bytes for its entropy. This is a cryptographically strong source, sufficient to qualify for v4 generation per the RFC. Now the important part:

If none of the aforementioned sources are available, then an Exception will be thrown.

So your code, where you do (string)Str::uuid() will throw an exception when it can’t generate a truly random, globally unique value.

User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement