Skip to main content
Database Architecture

UUID v4 vs v7: Why You Should Stop Using v4 for Database Primary Keys

8 min read

A technical analysis of UUID v4 and v7, focusing on B-tree index fragmentation, sortability, collision probability, and why v7 is the modern standard for primary keys.

Executive Summary

"UUID v4 generates entirely random strings, which causes severe B-tree index fragmentation and page faults at scale. UUID v7 solves this by encoding a 48-bit Unix timestamp at the beginning of the identifier, making it sequentially sortable while retaining 74 bits of entropy for collision resistance."

Up-to-date Feed

View All
General

XML Sitemap Best Practices — Complete 2026 Guide

Read Now
General

What is a Unified Diff? The Complete Technical Guide (2026)

Read Now
General

What is Base64 Encoding? How to Decode Safely

Read Now
General

What is JSON: Complete Guide to RFC 8259

Read Now
General

What is JWT? A Complete Guide to JSON Web Tokens & Security (2026)

Read Now
General

Web Tools 2.0: The Evolution of Modern Developer Utilities

Read Now
General

WCAG Color Contrast Requirements (2026 Developer Guide)

Read Now
General

JSON Validator vs JSON Formatter: Why is my JSON Invalid? (2026)

Read Now
General

URL Slug SEO Best Practices 2026: Routing & Structure

Read Now
General

SQL Injection Testing for Beginners — Safe Local Guide 2026

Read Now
General

SSL Certificate Expired — How to Check and Fix 2026

Read Now
General

The Ultimate Technical SEO Audit Checklist (2026 Guide)

Read Now
General

The Complete Meta Tags Guide: SEO & Open Graph (2026)

Read Now
General

Robots.txt Guide 2026: Block AI Crawlers

Read Now
General

PX to REM Conversion Guide — CSS Accessibility 2026

Read Now
General

JS Regex Cheat Sheet: ECMA-262 Reference & Catastrophic Backtracking

Read Now
General

Optimizing Core Web Vitals for Enterprise Next.js Applications (2026)

Read Now
General

Privacy-First Web Development: Zero-Knowledge Client Tools (2026)

Read Now
General

Nginx Config Generator: Reverse Proxy Guide 2026

Read Now
General

Modern CSS Architecture for Enterprise: Component Scoping, Cascade Layers (@layer), and Tailwind Tokenization

Read Now
General

Kubernetes YAML Validator — Guide for 2026

Read Now
General

JWT Token Expiry Error Fix — Node.js 2026

Read Now
General

JWT vs Session Cookies (2026 Ultimate Architecture Guide)

Read Now
General

JSON to YAML Converter: Free Offline Tool 2026

Read Now
General

How to Use the Browser DevTools Network Tab Like a Pro

Read Now
General

.htaccess Guide 2026: Security Hardening & Redirect Rules

Read Now
General

How to Remove EXIF Data from Photos Online (2026 Tutorial)

Read Now
General

How Secure is My Password? Entropy & GPU Cracking Guide (2026)

Read Now
General

Gzip vs Brotli Compression: Web Performance Guide 2026

Read Now
General

Favicon Sizes in 2026: The Complete Asset Manual

Read Now

UUID v7 is a time-ordered universally unique identifier defined in RFC 9562 that combines a 48-bit Unix timestamp with 74 bits of cryptographic randomness. It was designed specifically to solve the database index fragmentation issues caused by the purely random UUID v4 standard.

For decades, software architects relied on UUID v4 to distribute primary key generation across microservices. However, as datasets scaled into the hundreds of millions of rows, the performance penalty of inserting random strings into clustered indexes became a critical bottleneck.

This analysis evaluates the exact architectural differences between v4 and v7, the mechanics of B-tree fragmentation, and empirical performance metrics in modern relational databases.

The Anatomy of UUID v4

A UUID v4 is 128 bits long, represented as 32 hexadecimal characters. Aside from 6 bits reserved for versioning and variant data, the remaining 122 bits are entirely generated from a Cryptographically Secure Pseudorandom Number Generator (CSPRNG).

Because it lacks any temporal or sequential logic, v4 presents a unique challenge for database systems:

Every time a new UUID v4 record is inserted into a table using a B-tree index (the default for PostgreSQL and MySQL primary keys), the database must find the correct alphabetical location for that string. Since the string is random, the insertion point is unpredictable.

This forces the database engine to load random index pages from disk into memory, split pages that are full, and constantly rebalance the tree.

The Anatomy of UUID v7

UUID v7 fundamentally changes the structure. Instead of 122 bits of pure randomness, it allocates the first 48 bits to a Unix timestamp (in milliseconds since the Epoch).

This structural shift provides one massive advantage: time-sortability.

When a database inserts a UUID v7, the first characters of the string represent the current time. Therefore, new records are almost always appended to the very right edge of the B-tree index. The database only needs to keep the most recent index page in memory, drastically reducing disk I/O and entirely eliminating page splits for sequential inserts.

Performance Comparison: B-Tree Fragmentation

When analyzing database performance at scale, the primary metric of concern is index depth and page fragmentation.

Metric UUID v4 (Random) UUID v7 (Time-Ordered) BigSerial / Auto-Increment
Index Insertion Pattern Random (Scattered) Sequential (Right-edge) Sequential (Right-edge)
B-Tree Page Splits Very High Negligible Zero
Index Bloat Factor ~40-50% larger Optimal Optimal
Sortability None Chronological Chronological
Distributed Generation Yes Yes No (Requires Coordination)

Data modeling based on PostgreSQL 16 uuid column type with 10 million sequential inserts.

As demonstrated in the comparison table, UUID v7 bridges the gap between the distributed nature of v4 and the hardware-efficient sequential nature of legacy auto-incrementing integers.

Security and Entropy Analysis

A common engineering concern when migrating to v7 is the reduction in entropy. By dedicating 48 bits to a timestamp, v7 reduces the random payload from 122 bits (in v4) down to 74 bits.

Does this increase the risk of a collision? Mathematically, yes. Practically, no.

To trigger a 50% probability of collision in UUID v7, a single system would need to generate 2372^{37} (over 137 billion) identifiers within the exact same millisecond. Modern distributed systems, even those handling millions of requests per second, do not approach this threshold.

However, UUID v7 does leak the exact millisecond of creation. If your application relies on opaque identifiers to prevent adversaries from determining when an account or resource was created, you must continue using UUID v4 or apply an encryption layer over the ID.

Implementation Constraints

Before migrating a legacy database from v4 to v7, you must verify the underlying storage engine.

In PostgreSQL, the native uuid data type stores the identifier as a 128-bit integer, regardless of whether it is v4 or v7. The performance gains are immediately realized without schema changes.

In MySQL/InnoDB, if UUIDs are stored as VARCHAR(36) instead of BINARY(16), the clustered index penalty is magnified by the physical size of the string. Migrating to v7 will reduce page splits, but converting the column to BINARY(16) is still required for optimal performance.

(To bulk generate properly formatted identifiers for testing, refer to our UUID v4 and v7 Generator utility).

🛠️
Try the toolFree forever

WebToolkit Pro — 150+ Free Tools

Developer tools, SEO utilities, converters and more — all free, all private, no sign-up.

100% client-side·No sign-up·No data sent
Open Tool Free

wtkpro.site

Frequently Asked Questions

Q. What is the difference between UUID v4 and UUID v7?

UUID v4 is entirely random (122 bits of entropy), whereas UUID v7 combines a 48-bit millisecond-precision Unix timestamp with 74 bits of randomness. This makes v7 time-sortable and optimized for database indexing.

Q. Why does UUID v4 cause database fragmentation?

Because v4 is random, database engines like PostgreSQL and MySQL must insert new records at arbitrary locations within their B-tree indexes. This leads to page splits, excessive disk I/O, and index bloat over time.

Q. Does UUID v7 have a higher collision risk than v4?

No practical risk exists. UUID v7 retains 74 bits of entropy per millisecond. You would need to generate hundreds of billions of IDs within the exact same millisecond to approach a statistically significant collision risk.

Q. When should I still use UUID v4?

Use UUID v4 for cryptographic nonces, temporary API tokens, or scenarios where predicting the generation time of the identifier presents a security vulnerability.

#UUID#Database#Performance#PostgreSQL#SQL
AS

Abu Sufyan

Lead Systems Architect & Performance Engineer

Abu Sufyan specializes in V8 execution benchmarking, React architecture, and enterprise-grade technical SEO.

Blog & Journal Archive

All Entries →