🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

@thi.ng/ksuid

Package Overview
Dependencies
Maintainers
1
Versions
167
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@thi.ng/ksuid

Configurable K-sortable unique IDs, ULIDs, binary & base-N encoded, 32/48/64bit time resolutions

3.2.88
latest
Source
npm
Version published
Weekly downloads
1K
-17.57%
Maintainers
1
Weekly downloads
 
Created
Source

@thi.ng/ksuid

npm version npm downloads Mastodon Follow

[!NOTE] This is one of 209 standalone projects, maintained as part of the @thi.ng/umbrella monorepo and anti-framework.

🚀 Please help me to work full-time on these projects by sponsoring me on GitHub. Thank you! ❤️

About

Configurable K-sortable unique IDs, ULIDs, binary & base-N encoded, 32/48/64bit time resolutions.

Idea based on segmentio/ksuid, though the added flexibility in terms of configuration & implementation also enables the creation of ULIDs:

FeatureKSUID defaultULID default
Configurable bit size160 bits128 bits
Base-N encoding schemebase62(1)base32 (Crockford)
Timestamp resolutionseconds (32 bits)milliseconds (48 bits)
milliseconds (64 bits)
Epoch start time offsetapprox. 2020-09-13(2)none
Time-only base ID generation
ID parsing / decomposition
Configurable RNG source(3)
  • (1) See @thi.ng/base-n for alternatives
  • (2) With the default offset, the max. supported date for KSUID32 is 2156-10-20T18:54:55Z
  • (3) Default: window.crypto, Math.random as fallback

IDs generated w/ this package are composed of a 32, 48 or 64 bit Unix epochs and N additional bits of a random payload (from a configurable source). By default all timestamps are shifted to free up bits for the future. IDs can be generated as byte arrays or base-N encoded strings. For the latter, the JS runtime MUST support BigInt.

KSUID bit layout diagram

CLI usage

Since v3.1.0 a small CLI for ad-hoc KSUID generation is included. Currently only KSUID32 is supported and IDs are always based on the current time:

npx @thi.ng/ksuid
# 0dwncLZE8byaQdccncWDmsNmlYt

# optionally provide number of random bytes to be used (default: 16)
npx @thi.ng/ksuid 8
# 01ogp9KDpWlQ0pXCY

Status

STABLE - used in production

Search or submit any issues for this package

Breaking changes

Since v3.0.0 all epoch time-shift config values are to be given in milliseconds. This change is unifying this behavior and is only a breaking change if using KSUID32 and specifying custom epoch offsets (using defaults is not impacted). Previously, KSUID32 used an offset given in seconds, whereas the other implementations already used milliseconds.

Related packages

  • @thi.ng/base-n - Arbitrary base-n conversions w/ presets for base8/16/32/36/58/62/64/83/85, support for bigints and encoding/decoding of byte arrays
  • @thi.ng/idgen - Generator of opaque numeric identifiers with optional support for ID versioning and efficient re-use
  • @thi.ng/random - Pseudo-random number generators w/ unified API, distributions, weighted choices, ID generation

Installation

yarn add @thi.ng/ksuid

ESM import:

import * as ksuid from "@thi.ng/ksuid";

Browser ESM import:

<script type="module" src="https://esm.run/@thi.ng/ksuid"></script>

JSDelivr documentation

For Node.js REPL:

const ksuid = await import("@thi.ng/ksuid");

Package sizes (brotli'd, pre-treeshake): ESM: 990 bytes

Dependencies

API

Generated API docs

import { defKSUID32, defKSUID64, defULID } from "@thi.ng/ksuid";

// init 32bit epoch (resolution: seconds) w/ defaults
const id = defKSUID32();
// init 64bit epoch (resolution: milliseconds), same API
const id = defKSUID64();
// init 48bit epoch (resolution: milliseconds), same API
const id = defULID();

id.next();
// '05XCWbXa3akRqLDBUw4ogCVKGkd'

const a = id.nextBinary()
// Uint8Array(20) [
//     0, 160,  48, 77, 101, 251,
//   244,  17, 155, 97,  24, 101,
//    70,  71, 207, 23,  32,  21,
//   244, 116
// ]

// format a binary KSUID
id.format(a);
// '05XCZ32AaDZfZt0SWE2C22o6cqK'

id.parse("05XCZ32AaDZfZt0SWE2C22o6cqK")
// {
//   epoch: 1610498125000,
//   id: Uint8Array(16) [
//     101, 251, 244,  17, 155, 97,
//      24, 101,  70,  71, 207, 23,
//      32,  21, 244, 116
//   ]
// }

new Date(1610498125000).toISOString()
// '2021-01-13T00:35:25.000Z'

Creating custom IDs:

import { BASE36 } from "@thi.ng/base-n";

// using base36, no time shift, 64bit random part
const id36 = defKSUID32({ base: BASE36, epoch: 0, bytes: 8 });

id36.next();
// '2VOUKH4K59AG0RXR4XH'

Benchmarks

Benchmarks can be run via yarn bench. All timings in milliseconds (test config: Node v20.4.0, MBA M1 2021, 16GB). The benchmark collects N KSUIDs w/ different configs in an array, with each case being run 100 times.

TitleIterSizeTotalMeanMedianMinMaxQ1Q3SD%
b62, 128bit, n=1000010012158.6821.5921.5719.9125.9120.4221.876.26
b62, 64bit, n=1000010011200.4012.0011.9511.2714.6611.8212.103.99

Authors

If this project contributes to an academic publication, please cite it as:

@misc{thing-ksuid,
  title = "@thi.ng/ksuid",
  author = "Karsten Schmidt",
  note = "https://thi.ng/ksuid",
  year = 2020
}

License

© 2020 - 2025 Karsten Schmidt // Apache License 2.0

Keywords

32bit
64bit
base62
bigint
binary
bytes

FAQs

Package last updated on 09 Jun 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

The Growing Risk of Malicious Browser Extensions

Research

Security News

The Growing Risk of Malicious Browser Extensions

Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.

By Kush Pandya  -  Jun 13, 2025