branca-spec icon indicating copy to clipboard operation
branca-spec copied to clipboard

Published 20 hours ago verified publisher icon tuupola

Describe base62 in more detail

Open tuupola opened this issue 6 years ago • 4 comments

Should specify that used Base62 encoding is byte by byte.

tuupola avatar Sep 03 '18 12:09 tuupola

Why not Base64UrlSafe? libsodium has a constant-time implementation of it already, including URL safe variant... also exposed through php-sodium.

ghost avatar Oct 12 '20 20:10 ghost

  1. Usability, you can double click base62 encoded token to fully select it.
AAAAAAAAA_BBBBBBBBB-CCCCCCCCCC

vs

AAAAAAAAAABBBBBBBBBBCCCCCCCCCC
  1. Usability, when using 0-9A-Za-z character set Base62 encoded strings preserve the sort order of the encoded values. Since the timestamp is in the beginning of token the Branca tokens can be sorted by their creation time.
$ branca encode --key supersecretkeyyoushouldnotcommit --payload "foo 1" > test.txt
$ branca encode --key supersecretkeyyoushouldnotcommit --payload "bar 2" >> test.txt
$ branca encode --key supersecretkeyyoushouldnotcommit --payload "pop 3" >> test.txt

$ cat test.txt 
1WgabfDGgbzPwVRnRwTBHMOBODseP3p2Mu60FrbbIjfQtq9em2cjptHeouoe8fZj97BO
1WgabfE9f73X78BZPpf6Mmgh7UoW2M6jORCD4Xzcfyta5ukNnGHxI3EEnBRrdkV7fOn9
1WgabfEjdXYAC0H4l4NMHeQBHd2kO6tptlbam8fbZD6LfXxXBXrN4uLoaVMbxBMiiMSk

$ sort --random-sort test.txt 
1WgabfE9f73X78BZPpf6Mmgh7UoW2M6jORCD4Xzcfyta5ukNnGHxI3EEnBRrdkV7fOn9
1WgabfDGgbzPwVRnRwTBHMOBODseP3p2Mu60FrbbIjfQtq9em2cjptHeouoe8fZj97BO
1WgabfEjdXYAC0H4l4NMHeQBHd2kO6tptlbam8fbZD6LfXxXBXrN4uLoaVMbxBMiiMSk

$ sort --random-sort test.txt | sort
1WgabfDGgbzPwVRnRwTBHMOBODseP3p2Mu60FrbbIjfQtq9em2cjptHeouoe8fZj97BO
1WgabfE9f73X78BZPpf6Mmgh7UoW2M6jORCD4Xzcfyta5ukNnGHxI3EEnBRrdkV7fOn9
1WgabfEjdXYAC0H4l4NMHeQBHd2kO6tptlbam8fbZD6LfXxXBXrN4uLoaVMbxBMiiMSk
  1. Aesthetics, I personally do dislike how the _ and - characters look in a token, especially when passed in an url or something similar.

There is a small performance hit by using base62 instead of base64, but it is negligible since one should keep the amount data encoded into the token reasonably small anyway.

tuupola avatar Oct 13 '20 10:10 tuupola

Thanks for taking the time to explain! It may be beneficial to also mention this in the specification itself.

ghost avatar Oct 13 '20 12:10 ghost

Good idea. Maybe some separate design notes document. I try to keep the spec short and concise too.

tuupola avatar Oct 13 '20 13:10 tuupola