ID of Syncthing

Hi, I have a question. Is there any chance that the ID of a device can be duplicated with another device, I dont’t know how the ID was created in Syncthing, please explain it. Thanks.

They can’t (well mustn’t) be duplicated (that would mean two devices pretend to be one single device, breaking connections), but they can be moved. They IDs are stored in the cert.pem and key.pem files in your configuration directory. Just move them to the new device and it will get the same ID.

Can you explain why they can’t be duplicated, what method or something guarantees that ?

I already wrote what the practical implications are, however it’s already in the name: device IDentifier or Identity Document. Meaning it has to be unique, otherwise it doesn’t identify a device anymore.

What I’m thinking is that if the ID of a device is duplicated with another device, so both devices couldn’d connect to and couldn’ be connected, is that right ?

Let me repeat just for clarity: You mustn’t use the same ID on two devices.

And then: What do you actually want to achieve? I.e. what’s your use-case?

As to breaking connections: I didn’t think through exactly what would happen, that also depends on the exact setup in which you have duplicate IDs. I didn’t do it because it’s needlessly lost time to think about it in detail: It’s against the core principle of what the ID is, and that premise is used throughout the code - don’t do it.

What I worry about is the chance there is a device that has the same ID can really happen or not, even if that is a very small chance

It’s a SHA256 hash. There won’t be a collision.

https://docs.syncthing.net/dev/device-ids.html

Human intuition of probabilities doesn’t work at the scales involved here.

The chance of your hash matching mine specifically1, is 1/2256. That’s about 1/1077. There are roughly 1080 atoms in the known universe. So the odds are roughly like taking the entire known universe, throwing it as a die, and having it land on a specific atom of your choice. Good luck.

Of course, if SHA256 is cryptographically broken then all bets are off. But then so are all TLS certificates in the world, etc, so Syncthing will be the least of our worries.


1) Yes, birthday paradox etc, but it matters less if two hashes match that never meet.

1 Like