Chat conversation IDs are sequential integers exposed in the public API and frontend URLs (e.g., /dashboard/chat?id=42). This allows trivial enumeration of conversations and leaks information about total conversation count.
Current State
chat_conversations.id is a sequential INTEGER primary key- This integer ID is exposed in:
- API path params:
GET /api/v1/chat/conversations/{conversation_id}
- API request/response bodies:
ChatCompletionRequest.conversation_id, ConversationResponse.id
- Frontend URLs:
?id={conversationId}
- The
User model already follows the dual ID pattern — id: int PK + uuid: UUID (uuid7) for public exposure
Chat conversation IDs are sequential integers exposed in the public API and frontend URLs (e.g.,
/dashboard/chat?id=42). This allows trivial enumeration of conversations and leaks information about total conversation count.Current State
chat_conversations.idis a sequentialINTEGERprimary keyGET /api/v1/chat/conversations/{conversation_id}ChatCompletionRequest.conversation_id,ConversationResponse.id?id={conversationId}Usermodel already follows the dual ID pattern —id: intPK +uuid: UUID(uuid7) for public exposure