Anti-Counterfeit Code Generation Algorithm and Security Design: Ensuring 10B+ Codes Remain Unique and Unbreakable

The security of anti-counterfeit codes is the cornerstone of the entire anti-counterfeiting system. If codes themselves can be guessed, copied, or forged, then all the traceability, marketing, and data analytics built on top would rest on sand. ZhiShuYun has generated over 10 billion anti-counterfeit codes, and throughout this process, the code security system has evolved from simple to complex, from single-layer protection to multi-layer defense-in-depth. This article discloses the technical details of this security architecture.

Code ID uniqueness guarantee — beyond UUID. Ensuring no duplication across 10 billion+ code IDs requires multiple mechanisms. Layer 1: A Snowflake variant generates 64-bit long integer IDs — 1 reserved bit + 41-bit millisecond timestamp + 5-bit datacenter ID + 5-bit worker ID + 12-bit sequence number. Within a single worker, the 12-bit sequence supports 4,096 IDs per millisecond, and combined with the timestamp, guarantees incrementing, non-duplicate IDs within a single datacenter. Layer 2: Database unique constraint as a safety net — even if an extremely low-probability ID collision occurs at the algorithm level, the database UNIQUE KEY constraint will reject the write and trigger regeneration. Layer 3: Pre-allocation + range locking — during batch code generation, atomically claim an ID range (e.g., 1-10,000) in the database first, with workers sequentially allocating within the range, avoiding per-record database lock contention.

Encryption design for code payload information. The QR code URL format is: https://lcmq.com/v/{encrypted payload}. The encrypted payload is not a raw code ID but AES-256-GCM encrypted ciphertext. GCM mode provides both encryption and integrity verification (Authentication Tag) — any tampering with the ciphertext will cause decryption failure. Keys are managed in KMS (Key Management Service), rotated regularly, and never leave the HSM (Hardware Security Module). The encrypted payload also embeds a generation timestamp and HMAC signature, so even if an attacker obtains the encryption algorithm (through reverse engineering), they cannot generate valid codes without the keys.

Four-layer defense-in-depth system. Layer 1 — Code unguessability: The encryption mechanism described above creates no mathematically derivable relationship between code ID and the ciphertext in the URL. Layer 2 — Code registration verification: Every code has a registration record on the server side; when a consumer scans, the server checks whether the code is registered in the system (legitimately generated or forged). Unregistered codes, even with correct decryption format, trigger counterfeit alerts. Layer 3 — Per-code behavior monitoring: Query count, time intervals, geographic location, and other data for each code are tracked in real time. If the same code is queried from different cities within a short period, this is a classic code-copying signal — the system immediately flags the code as "at risk" and notifies the brand. Layer 4 — Global anomaly pattern recognition: AI models learn attack patterns from massive scan logs, automatically identifying large-scale attacks such as batch probing and distributed forgery, triggering defense mechanisms early in the attack lifecycle.

Anti-cracking design — security is more than algorithms. The weakest link in security is often not the algorithm but the engineering implementation. Key anti-cracking measures include: Timing noise — noise parameters that change over time are added to code URLs, so even the same code generates different URLs at different scan times, countering URL collection + replay attacks. Environment fingerprinting — scan requests include device fingerprint, UserAgent, network characteristics, and other environmental information; a single device querying large numbers of different codes is typical crawler/probing behavior. Rate limiting — query rate limits per IP/device, with a single device allowed to query at most 60 different codes per minute (normal consumer behavior is far below this threshold). Honeypot codes — specially planted honeypot codes are embedded in the system; any query against a honeypot code is a definitive attack signal.