MaskedUUID.AspNetCore 1.0.3

.NET 9.0 This package targets .NET 9.0. The package is compatible with this framework or higher. 
dotnet add package MaskedUUID.AspNetCore --version 1.0.3
                    


                    

                
NuGet\Install-Package MaskedUUID.AspNetCore -Version 1.0.3
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="MaskedUUID.AspNetCore" Version="1.0.3" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="MaskedUUID.AspNetCore" Version="1.0.3" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="MaskedUUID.AspNetCore" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add MaskedUUID.AspNetCore --version 1.0.3
                    


                    

                
#r "nuget: MaskedUUID.AspNetCore, 1.0.3"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package MaskedUUID.AspNetCore@1.0.3
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=MaskedUUID.AspNetCore&version=1.0.3
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=MaskedUUID.AspNetCore&version=1.0.3
                    


                            Install as a Cake Tool

MaskedUUID.AspNetCore

A library for ASP.NET Core that masks the timestamp portion of UUIDv7 using the UUIDv47 algorithm with reversible transformation.

Overview

This library uses UUIDv47Sharp (C# implementation) to reversibly mask GUIDs.

What is UUIDv47?

UUIDv47 is a reversible encoding format that hides the timestamp portion of UUIDv7.

  • UUIDv7 → UUIDv47: XOR encryption with a 128-bit key to hide the timestamp
  • Reversibility: The original UUIDv7 can be restored from UUIDv47 using the same key
  • Key Management: Provide keys via IMaskedUUIDKeyProvider (flexible support for different keys per tenant, etc.)

Implementations

Why use UUIDv47?

UUIDv7 contains a 48-bit timestamp at the beginning, which means exposing it directly reveals the resource creation timestamp.

This poses the following information leakage risks:

  • Business information such as user registration time and order time becomes guessable
  • Growth rate and new user count leak to the outside
  • Business status becomes visible to competitors

This library automatically performs UUIDv7 ↔ UUIDv47 conversion at the following timing:

  • API Response: MaskedGuid type properties are converted to UUIDv47 when output to JSON
  • API Request: UUIDv47 strings are automatically restored to the original GUID when received
  • URL Parameter: Accept UUIDv47 IDs in URLs like /items/{id} with automatic restoration
  • SignalR: Automatic conversion of MaskedGuid type properties in Hub send/receive

Specifications (Important)

MaskedGuid Masking Scope

  • MaskedGuid is masked (encoded/decoded) only during JSON input/output.
  • MaskedGuid.ToString() returns the raw Guid string (not the masked string).

JSON Serialization Behavior

  • MaskedGuid uses IMaskedUUIDService for masking during JSON conversion.
  • Guid.Empty (empty GUID) becomes null in JSON output.
  • null / "" (empty string) in JSON input is treated as Guid.Empty.

Operation Scope (Within HTTP Request)

  • JSON conversion for MaskedGuid resolves IMaskedUUIDService from HttpContext.
  • Therefore, JSON serialization/deserialization of MaskedGuid outside HTTP requests (background processing, non-Web environments) will throw an exception.

ModelBinder Target

  • URL/Query binding targets only MaskedGuid / MaskedGuid? types.
  • [MaskedUUID] attribute is not used (no attribute-based processing).
  • MaskedGuid? is treated as null when the decode result is Guid.Empty.
  • MaskedGuid remains as Guid.Empty when the decode result is Guid.Empty.
    • In JSON conversion, Guid.Empty is output as null and treated as Guid.Empty when read.

Usage (Overview)

  1. Register IMaskedUUIDKeyProvider
  2. Register IMaskedUUIDService
  3. Add AddMaskedUUID() and AddMaskedUUIDModelBinder()

See samples/MaskedUUID.Sample for samples.

MVC / API Controllers

// Register KeyProvider (Singleton recommended, Scoped also acceptable)
builder.Services.AddSingleton<IMaskedUUIDKeyProvider, MyKeyProvider>();

// Add MaskedUUID support
builder.Services.AddMaskedUUID();

// Add ModelBinder (for URL/query parameters)
mvcBuilder.AddMaskedUUIDModelBinder();

// Or all at once
mvcBuilder.AddMaskedUUIDControllers();

SignalR

Use the AddMaskedUUID() extension method for SignalR support.

// Register KeyProvider
builder.Services.AddSingleton<IMaskedUUIDKeyProvider, MyKeyProvider>();

// Add MaskedUUID support to SignalR
builder.Services.AddSignalR().AddMaskedUUID();

SignalR Scope Support

SignalR converters resolve services in the following priority order:

  1. Hub Scope - Scope within Hub invocation (via HubFilter)
  2. HttpContext Scope - For HTTP connections
  3. Transient Scope - Fallback

This ensures correct operation whether KeyProvider/Service is Singleton / Scoped / Transient.

Development (Reference Key Usage)

// Use reference keys for development/testing (do not use in production)
builder.Services.AddSignalR().AddMaskedUUIDWithReferenceKeys();

OpenAPI / Swagger

Supports .NET 10+ and .NET 9.

// Add OpenAPI schema transformer
builder.Services.AddOpenApi(options => options.AddMaskedGuidSchemaTransformer());

Automatically handles JsonSchemaType enum in .NET 10+ and string-based type specification in .NET 9.

Product Compatible and additional computed target framework versions.
.NET net9.0 is compatible.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
1.0.3 41 3/1/2026
1.0.2 41 3/1/2026
1.0.1 38 2/28/2026
1.0.0 41 2/28/2026