Ask HN: We just had an actual UUID v4 collision...

May 8, 2026 · Source ↗

A team with ~15K records reported a UUID v4 collision between a mobile-generated and server-generated ID—prompting the thread to diagnose what almost certainly isn’t a true collision.

What Matters

UUID v4 collision probability for 15K records is ~2×10⁻²⁹; statistically negligible within any observable timeframe.
Top suspects per thread: data import/migration/restore duplication, race condition, or a poorly seeded PRNG on one of the two generation environments.
[HN: @mittermayr] UUIDs were originally generated client-side on phones; the colliding ID was generated server-side on Ubuntu—different entropy sources, possible seeding issue.
[HN: @AntiUSAbah] Letting users generate UUIDs is itself suspect; the database flagging mechanism should be audited before assuming a true collision occurred.
UUID v7 trades entropy bits for timestamp prefix, potentially increasing same-millisecond collision risk in high-throughput scenarios.

Original | Discuss on HN

Bentos

Topics

Ask HN: We just had an actual UUID v4 collision...

What Matters

Bentos

Topics

What Matters

Related coverage

Floats Don't Agree with Themselves

Nintendo announces price increases for Nintendo Switch 2

The surprisingly complex journey to text-selectable client-side generated PDFs

Dithering with CSS