I stay corrected: don’t use row UID as a “secure random key” to amend data.
Reason: the form still leaks all row IDs even with all security settings turned on:
So the constructed SHA1 or something that’s not directly a transformation of a row ID is actually not that bad of an idea.