Shield

Identity (TypeID)

How Shield uses prefix-qualified, globally unique identifiers for every entity.

Every entity in Shield has a TypeID. TypeIDs are globally unique, sortable, URL-safe identifiers built on UUIDv7 with a human-readable prefix that tells you what kind of entity you're looking at.

A TypeID looks like this:

scan_01h455vb4pex5vsknk084sn02q

The scan prefix identifies this as a scan. The suffix is a base32-encoded UUIDv7 that encodes creation time, so IDs sort chronologically.

The id package

The id package wraps the TypeID Go library (v2) with a single ID struct. All entity types share the same struct -- the prefix distinguishes them.

Creating IDs

import "github.com/xraph/shield/id"

scanID             := id.New(id.PrefixScan)              // scan_01h455vb...
policyID           := id.New(id.PrefixPolicy)            // pol_01h455vb...
findingID          := id.New(id.PrefixFinding)           // find_01h455vb...
piiTokenID         := id.New(id.PrefixPIIToken)          // pii_01h455vb...
complianceReportID := id.New(id.PrefixComplianceReport)  // crpt_01h455vb...
checkID            := id.New(id.PrefixCheck)             // schk_01h455vb...
instinctID         := id.New(id.PrefixInstinct)          // inst_01h455vb...
judgmentID         := id.New(id.PrefixJudgment)          // jdg_01h455vb...
awarenessID        := id.New(id.PrefixAwareness)         // awr_01h455vb...
valueID            := id.New(id.PrefixValue)             // val_01h455vb...
reflexID           := id.New(id.PrefixReflex)            // rflx_01h455vb...
boundaryID         := id.New(id.PrefixBoundary)          // bnd_01h455vb...
safetyProfileID    := id.New(id.PrefixSafetyProfile)     // sprf_01h455vb...

Convenience constructors: id.NewScanID(), id.NewPolicyID(), id.NewFindingID(), id.NewPIITokenID(), id.NewComplianceReportID(), id.NewCheckID(), id.NewInstinctID(), id.NewJudgmentID(), id.NewAwarenessID(), id.NewValueID(), id.NewReflexID(), id.NewBoundaryID(), id.NewSafetyProfileID().

Parsing IDs

parsed, err := id.Parse("scan_01h455vb4pex5vsknk084sn02q")
parsed, err := id.ParseWithPrefix("scan_01h455vb...", id.PrefixScan)  // validates prefix
parsed, err := id.ParseScanID("scan_01h455vb...")                     // convenience

Nil ID

var empty id.ID
empty.IsNil()  // true
empty.String() // ""
id.Nil.IsNil() // true

Database storage

id.ID implements Scanner and driver.Valuer. Stores as a string, returns NULL for nil IDs.

JSON serialization

id.ID implements TextMarshaler and TextUnmarshaler. Nil IDs serialize as empty strings.

Prefix reference

ConstantPrefixEntity
id.PrefixScanscanScan
id.PrefixPolicypolPolicy
id.PrefixFindingfindFinding
id.PrefixPIITokenpiiPII token
id.PrefixComplianceReportcrptCompliance report
id.PrefixCheckschkSafety check
id.PrefixInstinctinstInstinct
id.PrefixJudgmentjdgJudgment
id.PrefixAwarenessawrAwareness
id.PrefixValuevalValue
id.PrefixReflexrflxReflex
id.PrefixBoundarybndBoundary
id.PrefixSafetyProfilesprfSafety profile

Architecture

How Shield's six safety layers and packages fit together.

Entities

The core data types in Shield — Scans, Instincts, Awareness, Boundaries, Values, Judgments, Reflexes, Profiles, and more.

On this page

The id packageCreating IDsParsing IDsNil IDDatabase storageJSON serializationPrefix reference