The best UUID type for a database Primary Key

Imagine having a tool that can automatically detect JPA and Hibernate performance issues. Wouldn’t that be just awesome?

Well, Hypersistence Optimizer is that tool! And it works with Spring Boot, Spring Framework, Jakarta EE, Java EE, Quarkus, or Play Framework.

So, enjoy spending your time on the things you love rather than fixing performance issues in your production system on a Saturday night!


In this article, we are going to see what UUID (Universally Unique Identifier) type works best for a database column that has a Primary Key constraint.

While the standard 128-bit random UUID is a very popular choice, you’ll see that this is a terrible fit for a database Primary Key column.

Standard UUID and database Primary Key

A universally unique identifier (UUID) is a 128-bit pseudo-random sequence that can be generated independently without the need for a single centralized system in charge of ensuring the identifier’s uniqueness.

The RFC 4122 specification defines five standardized versions of UUID, which are implemented by various database functions or programming languages.

For instance, the UUID() MySQL function returns a version 1 UUID number.

And the Java UUID.randomUUID() function returns a version 4 UUID number.

For many devs, using these standard UUIDs as a database identifier is very appealing because:

  • The ids can be generated by the application. Hence no central coordination is required.
  • The chance of identifier collision is extremely low.
  • The id value being random, you can safely send it to the UI as the user would not be able to guess other identifier values and use them to see other people’s data.

But, using a random UUID as a database table Primary Key is a bad idea for multiple reasons.

First, the UUID is huge. Every single record will need 16 bytes for the database identifier, and this impacts all associated Foreign Key columns as well.

Second, the Primary Key column usually has an associated B+Tree index to speed up lookups or joins, and B+Tree indexes store data in sorted order.

However, indexing random values using B+Tree causes a lot of problems:

  • Index pages will have a very low fill factor because the values come randomly. So, a page of 8kB will end up storing just a few elements, therefore wasting a lot of space, both on the disk and in the database memory, as index pages could be cached in the Buffer Pool.
  • Because the B+Tree index needs to rebalance itself in order to maintain its equidistant tree structure, the random key values will cause more index page splits and merges as there is no pre-determined order of filling the tree structure.

If you’re using SQL Server or MySQL, then it’s even worse because the entire table is basically a clustered index.

Clustered Index Table

And all these problems will affect the secondary indexes as well because they store the Primary Key value in the secondary index leaf nodes.

Clustered Index and Secondary Index

In fact, almost any database expert will tell you to avoid using the standard UUIDs as database table Primary Keys:

TSID – Time-Sorted Unique Identifiers

If you plan to store UUID values in a Primary Key column, then you are better off using a TSID (time-sorted unique identifier).

One such implementation is offered by the Hypersistence TSID OSS library, which provides a 64-bit TSID that’s made of two parts:

  • a 42-bit time component
  • a 22-bit random component

The random component has two parts:

  • a node identifier (0 to 20 bits)
  • a counter (2 to 22 bits)

The node identifier can be provided by the tsid.node system property when bootstrapping the application:


The node identifier can also be provided via the TSID_NODE environment variable:

export TSID_NODE="12"

The library is available on Maven Central, so you can get it via the following dependency:


You can create a TSID object like this:

TSID tsid =;

From the Tsid object, we can extract the following values:

  • the 64-bit numerical value,
  • the Crockford’s Base32 String value that encodes the 64-bit value,
  • the Unix milliseconds since epoch that is stored in the 42-bit sequence

To visualize these values, we can print them into the log:

long tsidLong = tsid.toLong();
String tsidString = tsid.toString();
long tsidMillis = tsid.getUnixMilliseconds();
    "TSID numerical value: {}", 
    "TSID string value: {}", 
    "TSID time millis since epoch value: {}", 

And we get the following output:

TSID numerical value: 470157774998054993
TSID string value: 0D1JP05FJBA2H
TSID time millis since epoch value: 1689931148668

When generating ten values:

for (int i = 0; i < 10; i++) {
        "TSID numerical value: {}",

We can see that the values are monotonically increasing:

TSID numerical value: 470157775044192338
TSID numerical value: 470157775044192339
TSID numerical value: 470157775044192340
TSID numerical value: 470157775044192341
TSID numerical value: 470157775044192342
TSID numerical value: 470157775044192343
TSID numerical value: 470157775044192344
TSID numerical value: 470157775048386649
TSID numerical value: 470157775048386650
TSID numerical value: 470157775048386651

Awesome, right?

Using the TSID in your application

Because the default TSID factories come with a synchronized random value generator, it’s better to use a custom TsidFactory that provides the following optimizations:

  • It can generate the random values using a ThreadLocalRandom, therefore avoiding Thread blocking on synchronized blocks
  • It can use a small number of node bits, therefore leaving us more bits for the random-generated numerical value.

So, we can define the following TsidUtil that provides us a TsidFactory to use whenever we want to generate a new TSID object:

public class TsidUtils {
    public static final String TSID_NODE_COUNT_PROPERTY = 
    public static final String TSID_NODE_COUNT_ENV = 

    public static TSID.Factory TSID_FACTORY;

    static {
        String nodeCountSetting = System.getProperty(
        if (nodeCountSetting == null) {
            nodeCountSetting = System.getenv(

        int nodeCount = nodeCountSetting != null ?
            Integer.parseInt(nodeCountSetting) :

        TSID_FACTORY = getTsidFactory(nodeCount);

    private TsidUtils() {
        throw new UnsupportedOperationException(
            "TsidUtils is not instantiable!"

    public static TSID randomTsid() {
        return TSID_FACTORY.generate();

    public static TSID.Factory getTsidFactory(int nodeCount) {
        int nodeBits = (int) (Math.log(nodeCount) / Math.log(2));

        return TSID.Factory.builder()

    public static TSID.Factory getTsidFactory(int nodeCount, int nodeId) {
        int nodeBits = (int) (Math.log(nodeCount) / Math.log(2));

        return TSID.Factory.builder()

When running this test case that operates 16 threads on 2 nodes:

int threadCount = 16;
int iterationCount = 100_000;

CountDownLatch endLatch = new CountDownLatch(threadCount);

ConcurrentMap<TSID, Integer> tsidMap = new ConcurrentHashMap<>();

long startNanos = System.nanoTime();

AtomicLong collisionCount = new AtomicLong();

int nodeCount = 2;

for (int i = 0; i < threadCount; i++) {
    final int threadId = i;
    new Thread(() -> {
        TSID.Factory tsidFactory = TsidUtils.getTsidFactory(
            threadId % nodeCount

        for (int j = 0; j < iterationCount; j++) {
            TSID tsid = tsidFactory.generate();
            Integer existingTsid = tsidMap.put(
                (threadId * iterationCount) + j
            if(existingTsid != null) {

}"Starting threads");
    "{} threads generated {} TSIDs in {} ms with {} collisions",
    new DecimalFormat("###,###,###").format(
        threadCount * iterationCount
        System.nanoTime() - startNanos

We get the following result:

16 threads generated 1,600,000 TSIDs in 1179 ms with 0 collisions

The thread id is included in the random part, so up to 256 threads there shouldn’t be any collisions when generating the TSID.

In the unlikely case that you get a collision and you end up with a constraint violation, you can use the @Retry annotation to retry the business method and avoid the collision to propagate to the client.

Check out this article for more details about how you can use the @Retry annotation.

Using the TSID as a Primary Key value

Since the TSID is a time-sorted 64-bit number, the best way to store it in the database is to use a bigint column type:

    id bigint NOT NULL,
    title varchar(255),
    PRIMARY KEY (id)

And on the application side, you need to use a 64-bit number, like the Java Long object type:

@Table(name = "post")
public class Post {

    private Long id;

    private String title;

That’s it!

I'm running an online workshop on the 11th of October about High-Performance SQL.

If you enjoyed this article, I bet you are going to love my Book and Video Courses as well.


Using the standard UUID as a Primary Key value is not a good idea unless the first bytes are monotonically increasing.

For this reason, using a time-sorted TSID is a much better idea. Not only that it requires half the number of bytes as a standard UUID, but it fits better as a B+Tree index key.

While SQL Server offers a time-sorted GUID via the NEWSEQUENTIALID, the size of the GUID is 128 bits, so it’s twice as large as a TSID.

The same issue is with version 7 of the UUID specification, which provides a time-sorted UUID. However, it uses the same canonical format (128 bits) which is way too large. The impact of the Primary Key column storage is amplified by every referencing Foreign Key columns.

If all your Primary keys are 128-bit UUIDs, then the Primary Key and Foreign Key indexes are going to require a lot of space, both on the disk and in the database memory, as the Buffer Pool holds both table and index pages.

Transactions and Concurrency Control eBook

16 Comments on “The best UUID type for a database Primary Key

  1. Great article, Vlad! Just a comment for the MySQL users: MySQL can generate timestamp-based (type 1) UUIDs. Those can be stored in binary form with their time-low and time-high parts swapped. This addresses most storage and query performance concerns.

    • The TSID is useful when:

      • you cannot use a DB sequence
      • you need to generate the ID on the client side
      • you want to scale the DB ID generation
  2. Thank you! I will try both generators and play around. I think this topic should be mentioned in books too.


  3. Doesn’t this result in guessable IDs if multiple IDs are generated within the same millisecond? If the TSID is also used within an web API an attacker could guess other valid/used TSIDs, right? With a UUID guessing IDs is (nearly) impossible but with TSIDs it seams quite easy (just increment/decrement). An attacker who could create one TSID every millisecond, even every used TSID could be generated.
    So the security of an application should not rely on the TSID IMHO. Or am I missing something?

    • Doesn’t this result in guessable IDs if multiple IDs are generated within the same millisecond?

      A SEQUENCE or IDENTITY generates even more easily guessable ids, yet this problem can be addressed by the data adapter layer.

      If the TSID is also used within a web API, an attacker could guess other valid/used TSIDs, right?

      No one said you have to expose the ids externally. The auto-generated ids are the most common PK option, and there are ways you can prevent this situation using externalIds. The same pattern applies to TSIDs.

      With a UUID guessing IDs is (nearly) impossible but with TSIDs it seams quite easy (just increment/decrement).

      Yes, you can use a UUID as the external id. Just don’t save it in the DB.

      So the security of an application should not rely on the TSID IMHO.

      The security of your app is not derived from the PK column type. Paying the performance penalty for using a UUID PK doesn’t make your app secure. All you need to do is make sure you never expose a guessable id externally. Just like you don’t expose your JPA entities externally, and you’re using external DTOs or Value Objects to decouple the web and the data access layer, you can replace the guessable ids with external ids.

  4. I never knew of about TSID. Many thanks, for educating people like me.

  5. The only way I can think of achieving this in a spring boot / spring data rest / JPA application would be to use Tsid as the PK (rather than the long representation) and then you need to add an AttributeConverter<Tsid, Long>, a spring Converter<String, Tsid>, Converter<Tsid, String> and a jackson Serializer/Deserializer which sounds like a lot of work.
    Is there another option I am missing?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.