Identity (TypeID)
How Shield uses type-safe, prefix-qualified identifiers for every entity.
Every entity in Shield gets a type-prefixed, K-sortable, UUIDv7-based identifier using the TypeID specification. IDs are validated at parse time to ensure the prefix matches the expected type.
Prefix table
| Type | Prefix | Go type | Example |
|---|---|---|---|
| Scan | scan_ | id.ScanID | scan_01h2xcejqtf2nbrexx3vqjhp41 |
| Policy | pol_ | id.PolicyID | pol_01h2xcejqtf2nbrexx3vqjhp41 |
| Finding | find_ | id.FindingID | find_01h2xcejqtf2nbrexx3vqjhp41 |
| PII Token | pii_ | id.PIITokenID | pii_01h2xcejqtf2nbrexx3vqjhp41 |
| Compliance Report | crpt_ | id.ComplianceReportID | crpt_01h2xcejqtf2nbrexx3vqjhp41 |
| Safety Check | schk_ | id.CheckID | schk_01h2xcejqtf2nbrexx3vqjhp41 |
| Instinct | inst_ | id.InstinctID | inst_01h455vb4pex5vsknk084sn02q |
| Judgment | jdg_ | id.JudgmentID | jdg_01h455vb4pex5vsknk084sn02q |
| Awareness | awr_ | id.AwarenessID | awr_01h455vb4pex5vsknk084sn02q |
| Value | val_ | id.ValueID | val_01h455vb4pex5vsknk084sn02q |
| Reflex | rflx_ | id.ReflexID | rflx_01h455vb4pex5vsknk084sn02q |
| Boundary | bnd_ | id.BoundaryID | bnd_01h455vb4pex5vsknk084sn02q |
| SafetyProfile | sprf_ | id.SafetyProfileID | sprf_01h455vb4pex5vsknk084sn02q |
Constructors
Each type has a constructor that generates a new UUIDv7-based ID with the correct prefix:
import "github.com/xraph/shield/id"
scanID := id.NewScanID() // scan_01h...
policyID := id.NewPolicyID() // pol_01h...
instID := id.NewInstinctID() // inst_01h...
judgID := id.NewJudgmentID() // jdg_01h...
profileID := id.NewSafetyProfileID() // sprf_01h...Parsing
Parse functions validate both the format and the prefix:
scanID, err := id.ParseScanID("scan_01h2xcejqtf2nbrexx3vqjhp41")
// err is nil — prefix matches
_, err = id.ParseScanID("inst_01h455vb4pex5vsknk084sn02q")
// err: id: expected prefix "scan", got "inst"Use id.ParseAny when you need to accept any valid TypeID regardless of prefix:
anyID, err := id.ParseAny("inst_01h455vb4pex5vsknk084sn02q")
// anyID.Prefix() == "inst"K-sortability
TypeIDs embed UUIDv7 timestamps, making them naturally sortable by creation time. This means:
- Database indexes on TypeID columns are efficient for time-range queries
- IDs created later always sort after earlier IDs
- No need for separate
created_atindexes for ordering