Frank,
I mentioned the blockchain for obtaining a pool of preprocessed random hashes to be used as UUIDs, but those are apparently hashed at 256bits. And as Gustaf mentions, using standards outside of their definition tends to confuse things and break convention;
Maybe verifiable, unpredictable 128bit UUID format hashes can be generated using a system/satellite salt reference and object_id et cetera with SHA-3/ It apparently has little risk of collisions and relatively low processor demands, and the bit length can be configured to fit UUID.
cheers,
Ben