So, sequential Guid can be predictable
Or even with normal Guids, could be necessary to have small URLs

What is the best way to approach this?
Is it okay to hash it as a byte array with this library?

Is instance of hashids.net thread safe? Can I use it as singleton in my app?
new Hashids("this is my salt");

Hey mate, cool library. I am running into some issues when with zeros:

var hashids = new Hashids("this is my salt");
var hash = hashids.Encrypt(1, 2, 0); //produces KjfAI
var numbers = hashids.Decrypt(hash); //returns empty array

If I change the order of the numbers it seems to work correctly.

var hashids = new Hashids("this is my salt");
var hash = hashids.Encrypt(0, 1, 2); //produces AUXt9
var numbers = hashids.Decrypt(hash); //returns [ 0, 1, 2 ]

As I understand it, certain offensive or inappropriate words are omitted when generating a hash. Cool. What if the dirty words list get longer as time goes by? Will it change the logic of the hashing algorithm then? Will I be able to de-hash something I hashed today 10 years in the future?

Thanks!

please give me a sample

1 character length strings produce:
System.IndexOutOfRangeException: Index was outside the bounds of the array.
at HashidsNet.Hashids.GenerateHashFrom(Int64 number, Span`1& result)
at HashidsNet.Hashids.GetNumberFrom(String hash)
at HashidsNet.Hashids.DecodeSingle(String hash)

2 character length strings produce:
System.ArgumentException: Destination is too short. (Parameter 'destination')
at HashidsNet.Hashids.GenerateHashFrom(Int64 number, Span`1& result)
at HashidsNet.Hashids.GetNumberFrom(String hash)
at HashidsNet.Hashids.DecodeSingle(String hash)

for any "hash" strings of 1 or 2 character length. NoResultException should be produced in these cases.

Hi,

It looks like the hex decoding isn't working. I tried the example on the project page and it is losing the first character:

    var hashids = new Hashids("this is my salt");
    var hash = hashids.EncodeHex("DEADBEEF");  //kRNrpKlJ
    var decoded = hashids.DecodeHex(hash);  //EADBEEF
    hashids.DecodeHex("kRNrpKlJ");  //EADBEEF

On longer hex values it is missing more characters:

    var hashids = new Hashids("this is my salt");
    var hash = hashids.EncodeHex("1234567890ABCDEF"); //57DeZ32Xq1t7X5y
    var decoded = hashids.DecodeHex(hash); //67890ABCDEF

Thanks,

Val

I have tried to install hashids into a xamarin froms plc app and it doesn't add properly.

This is the error:

Could not install package 'System.Runtime.InteropServices.RuntimeInformation 4.0.0'. You are trying to install this package into a project that targets '.NETPortable,Version=v4.5,Profile=Profile111', but the package does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author.

It could be incredibly useful if you can give support to xamarin!!
Thanks!! :)

Drop in source copy doesn't seem to compile under DNX Core RC1:

C:\projects\bogus\Source\Bogus\Hashids.cs(363,35):
DNXCore,Version=v5.0 error CS0117: 'string' does not contain a definition for 'Copy'

Any ideas?

Thanks,
Brian

When bundled with Azure Functions using dotnetcore3.1, hashids.net does not work in runtime and throws following exception Could not load file or assembly 'Microsoft.Extensions.ObjectPool, Version=5.0.0.0, Culture-neutral ...

What is the workaround to use hashids in Azure Functions ?

hi team, can we decrease the MaxNumberHashLength to 8 or 10?

On a quad core/4hz machine with .NET Core 3.1 using static vs creating a new instance is about 110 times slower (using encode/decode) testing with 1M integers.

Using a single instance is super fast, so due to performance gains I'd like to use a single instance and share it across threads. So therefore it brings into question thread safety.

I've been testing encode/decode with Parallel.For and I don't see any issues. No locks and ids generated are valid compared to creating new instances.

I'd appreciate if you can confirm thread safety for this library, due to performance gains its worth using a single instance instead of just creating a new instance every time.

Hello! I came across your library and had a question about a possible use case; I wanted to ask if this is a valid usage and makes sense for how hashing works. Let's take it step-by-step:

1. Query for some entity which has an ID and concurrency token
2. Hash ID using concurrency token
3. Update entity using hashed ID
4. Try to decode hashed ID with concurrency token in table
5. Update database with new data using ID and token

Except I would never be able to decode the hashed ID because I wouldn't know the primary key, so I wouldn't know which concurrency token to use. Is there any support for partial decoding? I suppose that would defeat the purpose of hashing if that were possible, but I thought I would ask anyway.

Hopefully that makes sense! Let me know if something like this is possible, or if that's not something that would work with your library. Thanks!

Hello, i have this implementation in my code but the results does not return only 8 hash characters.
Hashids hashids = new Hashids(salt, 8, "0123456789abcdefghijklmnopqrstuvwxyz");
string hash = hashids.EncodeLong(666555444333222L);

Is this possible to return only 8 characters?

I have issue:
var hashids = new Hashids("This is my salt", minHashLength, "0123456789");

the way resolve exception ?

Thank for support

The website seems not to be working correctly.

Getting ERR_TOO_MANY_REDIRECTS

Hi,

I'd like to propose an optimization for the Decode method. I'll be decoding a single ID most of the time, so it might make sense to add add the following methods:

//decode a single int ID from a hash
int DecodeSingle(string hash);

//decode a single long ID from a hash
long DecodeSingleLong(string hash);

This approach would not require allocating an array for returning single values.

The package Nuget for the framework .NET 4.0 is compile with the framework 4.5.
So it's not possible to use hashids beacause the runtime oblige to have us project with framework 4.5.

Problem

Version upgrade should not change hash, if salt, alphabet, minimum length have not been changed. Tested with .NET 6 console application.

Results:

v1.4.0

HashID encode: id1: 500, id2: 60123, Encoded: qyrFRr7jCY, Should Be: 58QtxV6Qsw
HashID decode: qyrFRr7jCY, Decoded: [500,60123,0]

v1.3.0

HashID encode: id1: 500, id2: 60123, Encoded: 58QtxV6Qsw, Should Be: 58QtxV6Qsw
HashID decode: 58QtxV6Qsw, Decoded: [500,60123,0]

Code to reproduce

using System.Text.Json;

const string SALT = "OhMySaltiestSalt+2!!!!";
const string ALPHABET = "bcdfghjkmnpqrstvwxyzBCDFGHJKLMNPQRSTVWXYZ3456789";
const int MINUMUM_LENGTH = 10;
const string DEFAULT_SEPS = "cfhistuCFHISTU";

var id1 = 500;
var id2 = 60123;

HashidsNet.Hashids hashids = new HashidsNet.Hashids(SALT, MINUMUM_LENGTH, ALPHABET, DEFAULT_SEPS);
string hashid = hashids.Encode(id1, id2, 0);
string shouldBe = "58QtxV6Qsw";

Console.WriteLine($"HashID encode: id1: {id1}, id2: {id2}, Encoded: {hashid}, Should Be: {shouldBe}");
Console.WriteLine($"HashID decode: {hashid}, Decoded: {JsonSerializer.Serialize(hashids.Decode(hashid))}");

Seems like that when decoding input with length smaller than minHashLength the Decode throws System.ArgumentException & System.ArgumentOutOfRangeException exceptions

Expected Behavior

I guess it would be to validate the input before doing a .Decode() and either throw meaningful exception or return empty array

Current Behavior

Currently. the library sometimes throws (undocumented?) System.ArgumentException & System.ArgumentOutOfRangeException exceptions.

Possible Solution

Have a proper validation of the input before doing any actions or something else

Steps to Reproduce

1. new HashidsNet.Hashids(salt: "Dqa2s3RJBYPHUzg&R5qkF3Z4HLaWp#A^kMc^DqKVmqag2tasQjhz-PSM23=4", minHashLength: 9)
2. .Decode("5111111")
3. System.ArgumentException: Destination is too short. (Parameter 'destination')

&

1. new HashidsNet.Hashids(salt: "Dqa2s3RJBYPHUzg&R5qkF3Z4HLaWp#A^kMc^DqKVmqag2tasQjhz-PSM23=4", minHashLength: 10)
2. .Decode("5111111")
3. System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.

Context (Environment)

.NET version: ASP.NET Core 6.0 - basic API controller
Hashids.net version: 1.6.1
StackTrace 1:

System.ArgumentException: Destination is too short. (Parameter 'destination')
   at System.Text.StringBuilder.CopyTo(Int32 sourceIndex, Span`1 destination, Int32 count)
   at HashidsNet.Hashids.GenerateHashFrom(ReadOnlySpan`1 numbers, Span`1& result)
   at HashidsNet.Hashids.GetNumbersFrom(String hash)
   at HashidsNet.Hashids.Decode(String hash)
   at WebApplication1.Controllers.WeatherForecastsApi2Controller.GetWeatherForecast2()

StackTrace 2:

System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
   at System.Text.StringBuilder.CopyTo(Int32 sourceIndex, Span`1 destination, Int32 count)
   at HashidsNet.Hashids.GenerateHashFrom(ReadOnlySpan`1 numbers, Span`1& result)
   at HashidsNet.Hashids.GetNumbersFrom(String hash)
   at HashidsNet.Hashids.Decode(String hash)
   at WebApplication1.Controllers.WeatherForecastsApi2Controller.GetWeatherForecast2()

Possible Implementation

/

I had an issue with the salt size while testing an application I was creating and it was frustrating that I could not find anywhere the salt limitation, I only realized after a few tests. Did I miss something?

I tried with 5, 7, 10 and 15 hashid sizes and the result is the same.

Length: 40 | G596a7LjZE | 2Nda1MaEwz
Length: 41 | Nm9Vao3Rbr | 6Zw3Ll37Np
Length: 42 | kxmv3QVBGd | gXQ3v0aepv
Length: 43 | gXQ1v0Ve2J | gXQVv0apme
Length: 44 | ALmv18aPQN | ALma18VPQN
Length: 45 | Z1ma1v8zxO | Z1ma1v8zxO

So I was wondering if there is anything related to salt size on the documentation and I just missed or if we need to add something.

I also read that the salt can't be bigger than the alphabet, so, using the default alphabet (a-z A-Z 0-9) we would have around 60+ characters, technically the salt can have maximum 60ish characters. (?)

The whole point of this issue is: It's not really clear on the documentation. Maybe add something related to this scenario?

I have input numbers of a specific range and length, created in a specific way. However, I need the generated hashes to be of a specific output length. Is this possible?

Currently, the constructor allows one to set a minimum length, but not a maximum.

A very useful library thanks! I stumbled upon a bug, which I thought I'd share:

[TestMethod]
public void TestHashIdsThrowsIndexOutOfRange()
{
var hashids = new Hashids("janottaa", 6);
var numbers = hashids.Decode("NgAzADEANAA=");
}

below code throw System.IndexOutOfRangeException

var hashids = new Hashids("salt", alphabet:"0123456789ABCDEF");
var hash = hashids.EncodeLong(long.MaxValue);

full exception text:

System.IndexOutOfRangeException: Index was outside the bounds of the array.
   at HashidsNet.Hashids.BuildReversedHash(Int64 input, Char[] alphabet, Char[] hashBuffer)
   at HashidsNet.Hashids.GenerateHashFrom(Int64[] numbers)
   at HashidsNet.Hashids.EncodeLong(Int64[] numbers)
   at Program.<<Initialize>>d__0.MoveNext() in :line 7

Hi,
Actually this might be a feature request.
Now Hashids is injecting as a singleton with the only salt and other settings. I'd like to use different salt and encoded id length in certain situations. Is there a way to do this in current version? Or, if not, could you please think about it?
Thank you.

I am using Hashids library in my .NET 6 API to encode int values into string values in my model before sending it off to the API caller. The library is currently working fine.

Recently I have a requirement to provide pascal cased json from the API (default it was returning camel case). In order to achieve this I have gone in the path of sending an Accept header with a custom value and added an output formatter to handle the pascal case conversion.

public class PascalCaseFormatter : SystemTextJsonOutputFormatter { public PascalCaseFormatter(JsonSerializerOptions jsonSerializerOptions) : base(jsonSerializerOptions) { SupportedMediaTypes.Clear(); SupportedMediaTypes.Add(MediaTypeHeaderValue.Parse("application/json;profile=pascal")); } }

then registered it in Startup.cs

`
services.AddHashids(setup =>
{
setup.Salt = Configuration["HashConfiguration:Salt"];
setup.MinHashLength = Convert.ToInt32(Configuration["HashConfiguration:MinHashLength"]);
setup.Alphabet = Configuration["HashConfiguration:Alphabet"];
});

services.AddControllers(options =>
{
options.OutputFormatters.Add(
new PascalCaseFormatter(new JsonSerializerOptions { PropertyNamingPolicy = null }));
});
`

In the accept header if I send as application/json;profile=pascal I get pascal cased json result for any model which does not have a hashid converter in it. When I have a model as below, then an error is thrown from the hashids library mentioning that the service provider is not found.

public class ApplicantAccountVm { [JsonConverter(typeof(HashidsJsonConverter))] public int ApplicantAccountId { get; set; } }
Result for this model,

What should I do to register hashid in this situation?

Basically this issue but for this library.
In short, salts seem to have a 24 character limit, anything beyond that doesn't actually affect the result. This should ideally be mentioned in the README.

error: There are no versions available for the package 'HashidsNet'. for Dotnet

Would it be possible to have something like https://github.com/Xabaril/AspNetCore.Hashids?

It works with Json serialization and easily integrates with API

We're running into issues where the HashIds are too similar for users to differentiate, ie:

Is there a way to enforce better variation?

It will be performance improvement and for complex types people would be able to use structs, as it makes more sense then using arrays. because structure is fixed, better use value type with fixed signature

We were using the 1.4.1 version of this library and decoding a null string returned an empty array. But after upgrading to the 1.7.0 version it throws a NullReferenceException.

With git bisect I found that the bug was introduced in the commit 480cabe.

The bug is in the long[] Hashids.GetNumbersFrom(string hash) method. If hash is null, the variable result will be an empty array, which is expected but in the next line of GetNumbersFrom it uses the Length property of hash, which is null and the NullReferenceException is thrown.

After creating the issue I'll create a PR with the unit tests and the fix.

Hi guys

I am using this package and I really love it.
However, I have run into a duplicate issue where these two Ids are hashed to the same 17 charecter string:
518441536
520571136

the resulting hash : gOnbdg2ENEBPRP5mY
that is of coursing using the same Salt.

I see there was the same issue opened last year Nov and the person said they were mistaken but I am pretty sure there is an issue here.

I am actively using this package and just last week i started seeing this problem.

@ullmark is this something that is being worked on to find the root cause?

Hi,

I'm getting some invalid results with the library when decoding large numbers. I discovered this whilst I was adding some unit tests to stress test my implementation.

It occurs when I have a custom alphabet. I've not tried other alphabets.

For the purposes of setting the salt, I've used a guid and I've also set the min hash length to 15, and all tests use the same values.

I'm hoping it's just a range thing caused by this particular alphabet, but perhaps other custom alphabets can error like this.

Of course, doubt I'd ever see ids that big, but it did concern me a bit when the unit test on long.MaxValue failed, and spurred me on to find what the highest number I could decode correctly is ( it's 9549259626800016 , see below).

The hash for long.MaxValue in this case is 5jEpN7mlkn0BRvq

Passing Example

As a control on my salt and min hash length, here is a basic example where I do not customise the alphabet, and the test passes as expected:

[Fact]
public void DefaultAlphabet()
{
    var longToTest = long.MaxValue;

    string SALT = "0741cbe4-2140-4615-8b5b-93294aa52c9f";
    int MIN_HASH_LENGTH = 15;

    var hashids = new HashidsNet.Hashids(SALT, MIN_HASH_LENGTH);
    var hashed = hashids.EncodeLong(longToTest);
    var decoded = hashids.DecodeLong(hashed);

    if (decoded.Length == 0)
    {
        throw new Exception("No result returned");
    }

    Assert.Equal(longToTest, decoded[0]);
}

Failing Examples

Here is an example where I customise the alphabet, by removing all instances of i (lower and upper) as well as the number 1. In this case, no result is returned and the exception "No result returned" is thrown.

I found that the highest number I can get to pass is 9549259626800016. If I try to run the custom alphabet test with 9549259626800017, it fails with the same exception as long.MaxValue.

long.MaxValue fails 👎

[Fact]
public void HashIdsCustomSanityTest()
{
    var longToTest = long.MaxValue;

    string SALT = "0741cbe4-2140-4615-8b5b-93294aa52c9f";
    int MIN_HASH_LENGTH = 15;
    string ALPHABET = "abcdefghjklmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ234567890";

    var hashids = new HashidsNet.Hashids(
        SALT, MIN_HASH_LENGTH, ALPHABET
        );
    var hashed = hashids.EncodeLong(longToTest);
    var decoded = hashids.DecodeLong(hashed);

    if (decoded.Length == 0)
    {
        throw new Exception("No result returned");
    }

    Assert.Equal(longToTest, decoded[0]);
}

9549259626800016 passes 👍

[Fact]
public void HashIdsCustomSanityTest()
{
    var longToTest = 9549259626800016;

    string SALT = "0741cbe4-2140-4615-8b5b-93294aa52c9f";
    int MIN_HASH_LENGTH = 15;
    string ALPHABET = "abcdefghjklmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ234567890";

    var hashids = new HashidsNet.Hashids(
        SALT, MIN_HASH_LENGTH, ALPHABET
        );
    var hashed = hashids.EncodeLong(longToTest);
    var decoded = hashids.DecodeLong(hashed);

    if (decoded.Length == 0)
    {
        throw new Exception("No result returned");
    }

    Assert.Equal(longToTest, decoded[0]);
}

9549259626800017 fails 👎

Same exception thrown as above.

[Fact]
public void HashIdsCustomSanityTest()
{
    var longToTest = 9549259626800017;

    string SALT = "0741cbe4-2140-4615-8b5b-93294aa52c9f";
    int MIN_HASH_LENGTH = 15;
    string ALPHABET = "abcdefghjklmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ234567890";

    var hashids = new HashidsNet.Hashids(
        SALT, MIN_HASH_LENGTH, ALPHABET
        );
    var hashed = hashids.EncodeLong(longToTest);
    var decoded = hashids.DecodeLong(hashed);

    if (decoded.Length == 0)
    {
        throw new Exception("No result returned");
    }

    Assert.Equal(longToTest, decoded[0]);
}

Is this lib still being maintained? I saw that there is another recent lib called "Official .NET port of Sqids" and I was in doubt which one to use

https://github.com/sqids/sqids-dotnet

I'm using this library to mask the Ids for a Web Api. I'm using a constant Guid + the name of the resource to produce the salt. I noticed that if the salts are only different when over 42 characters long then the Masks are identical.

I threw together a sample to show what I mean.

    class Program
    {
        static string formatString =
            "Length: {0}" + Environment.NewLine +
            "Num Equal: {1}" + Environment.NewLine +
            "Num Different: {2}" + Environment.NewLine;

        static void Main(string[] args)
        {
            for(int i = 0; i < 100; i++)
            {
                var numEqual = 0;
                var numDifferent = 0;
                for(int j = 0; j  < 100; j++)
                {
                    var saltBase = RandomString(i);

                    var salt1 = saltBase + "AAAA";
                    var salt2 = saltBase + "ZZZZ";

                    var hasher1 = new HashidsNet.Hashids(salt1);
                    var hash11 = hasher1.Encode(1);
                    var hash12 = hasher1.Encode(2);
                    var hash13 = hasher1.Encode(3);

                    var hasher2 = new HashidsNet.Hashids(salt2);
                    var hash21 = hasher2.Encode(1);
                    var hash22 = hasher2.Encode(2);
                    var hash23 = hasher2.Encode(3);

                    if (hash11 == hash21
                        && hash12 == hash22
                        && hash13 == hash23)
                    {
                        numEqual++;
                    }
                    else
                    {
                        numDifferent++;
                    }
                }
                Console.WriteLine(string.Format(formatString, i, numEqual, numDifferent));
            }
        }

        public static string RandomString(int length)
        {
            var str = "";
            do
            {
                str += Guid.NewGuid().ToString().Replace("-", "");
            }

            while (length > str.Length);

            return str.Substring(0, length);
        }
    }

Sample Output:

Length: 41
Num Equal: 0
Num Different: 100

Length: 42
Num Equal: 96
Num Different: 4

Length: 43
Num Equal: 90
Num Different: 10

Length: 44
Num Equal: 100
Num Different: 0

I switched salt generation to be resource name + Guid() and I have much better results with only an odd single overlap every now and then.

Am I using the library wrong?

We're currently using hashids to generate short-form ids based on a sequence, so that ids are human readable.

We're producing "friendly" ids by tracking sequences within "categories", e.g. "Cat1" = 1, "Cat2" = 4, and so generating a new ID is a process of:

1. Incrementing the sequence value
2. Requesting Hashids to encode the value of the sequence where the category is the salt

Are the encoded Hashids guaranteed to be unique between salts, e.g. does an encoded ID for salt 'B' NEVER show up in the encoded sequence for salt 'B' (and vice versa)?

I have a reproducable bug in which certain input does create a valid hashid, but the Decode fails!

Repro code where the result is empty, instead of equal to the source:

var hashId = new Hashids(salt: "0Q6wKupsoahWD5le", alphabet: "abcdefghijklmnopqrstuvwxyz1234567890!", seps: "cfhistu");

var source = new long[] { 35887507618889472L, 30720L, Int64.MaxValue };

var encoded = hashId.EncodeLong(source);

var result = hashId.DecodeLong(encoded);

// ASSERT result == source FAILS

(Both the first (35887507618889472L) and the last (Int64.MaxValue) long values fail here)

After some investigation of my own, it turns out the root cause is the use of the Math.Pow function in the Unhash function. Due to its double nature, it is subject to rounding errors.

Proposed solution: update the Unhash function with the following code:

private long Unhash(string input, string alphabet)
{
    long number = 0;
    var alphabetLength = new System.Numerics.BigInteger(alphabet.Length);

    for (var i = 0; i < input.Length; i++)
    {
        var pos = (long)alphabet.IndexOf(input[i]);
        number += (pos * (long)System.Numerics.BigInteger.Pow(alphabetLength, input.Length - i - 1));
    }

    return number;
}

sample code reproducing:

const string salt = "bjdkmbiy_qyoyntbp-clhc1hbfxkbig3";

var longNumbers = new long[] { 1, 2, 3 }; 

var hashid = new Hashids(salt, alphabet: "abcdefghijklmnopqrstuvwxyz1234567890_-");

debug use source code:

the issue seems to be in a lot of hashid implementations

We are using hashsalt = blacksalt, minhashlenth = 4 and hasalphabet =abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ

When we try to encode the below it generate value with different min length.

**Input:**39300
output: dfrc (output is dummy but perfect as min length is 4)

input: 40000
output: ddfdf (output is dummy but perfect as min length is 5)

Please guide us how to get response of 40000 input with min length 4.

Hi,

I was trying to generate hashid for long data type but it doesn't seem to have support?

Please consider the example below. The only thing I've done was to remove the last letter ('U') from the separators used by default. After removing just this one letter, the decoding function will fail to decode the string and generates an empty array instead.

long[] input = new long[] { 1021432904621883393 };

Hashids target = new Hashids(seps: "cfhistCFHIST"); // default is "cfhistuCFHISTU"

// Encode
string hashid = target.EncodeLong(input); // hashid will be set to "uXGMvwPWDRuwv"

// Decode
long[] decoded = target.DecodeLong(hashid); // decoded will be set to an empty long[]

Assert.Equal(input, decoded); // fails

I'm having a similar issue to #8, but I'm not sure if I've misunderstood something about how HashIds is supposed to work.

My test case is like so:

[TestMethod]
public void HashIdsBug()
{
    var encoder = new Hashids("1234", 6, "ABCDEFGHIJKLMNOPQRSTUVWXY");
    var decoded = encoder.Decode("ZZZZZZ");
}

This throws, because the Zs are not in the alphabet they end up being decoded to a negative number, and when Hashids tries to re-hash them to check the salt, it throws because it tries to index an array with a negative number.

I'm just not sure if this is by design? It's like this even on the hashids.org demo (if you change the variables to those above, it crashes). I would think that Hashids should be resistant to this sort of thing, same as decoding with the wrong salt.

If this is a bug, it can be fixed easily by either checking if any decoded numbers are < 0 before trying to re-encode them, or checking the input hash for any characters which aren't in the alphabet. @ullmark I'm happy to submit a pull request if you agree that this is broken.

I've generated two id's for these numbers: 205, 449 (I've called twice the method)
I'm using salt, which is this: "Models.Rendszer.Cimke_ohd3mjNekCk9e9iL"
Min. hash length: 18
The encode provided the same id for the numbers: "1YOvmed9z46Lyn3w0E"
How is it possible?

Hi @ullmark ,

I've ended up in a scenario where Decode method throws an exception when we pass any of the characters in the "guard" generated by SetupGuards method.

There's how you reproduce:

// this generates the following guards: rKEa
var hashids = new Hashids("please fix me <3", 15); 

// passing any of the chars defined in the guard may throw and exception
Action invocation = () => hashids.Decode("a");

invocation.ShouldThrow<IndexOutOfRangeException>();

And here's what happens in GetNumbersFrom(string hash) method, please find below:

(...)

// by passing a guard char this replace fails to add a separator (" ")
var hashBreakdown = guardsRegex.Replace(hash, " ");

// hashArray will be empty since there's no  " " to split..
var hashArray = hashBreakdown.Split(new[] { ' ' }, StringSplitOptions.RemoveEmptyEntries);

if (hashArray.Length == 3 || hashArray.Length == 2)
       i = 1;

//  ...and this line fails.
hashBreakdown = hashArray[i];

I'm not sure what the guards stands for in that case (didn't made much effort there, eh) but I believe that's not how it's supposed to behave.

Kind regards,
Pedro.