Derives a stable, public player ID from a secret UUID using SHA-256.
Takes the first 16 hex characters of the SHA-256 hash, producing
a deterministic ID that cannot be reversed to recover the secret.
Uses the Web Crypto API (crypto.subtle) when available (browser / Node),
and a dependency-free pure-JS SHA-256 fallback otherwise (e.g. React Native
/ Hermes, which does not expose crypto.subtle). Both paths produce the
same digest, so the derived ID is identical across host runtimes and never
leaks any part of the secret.
Derives a stable, public player ID from a secret UUID using SHA-256.
Takes the first 16 hex characters of the SHA-256 hash, producing a deterministic ID that cannot be reversed to recover the secret.
Uses the Web Crypto API (
crypto.subtle) when available (browser / Node), and a dependency-free pure-JS SHA-256 fallback otherwise (e.g. React Native / Hermes, which does not exposecrypto.subtle). Both paths produce the same digest, so the derived ID is identical across host runtimes and never leaks any part of the secret.