Fowler–Noll–Vo is a non-cryptographic hash designed for fast hash table lookups. It is 32 bits. It has no preimage resistance. It was never meant to keep secrets.
h = 2166136261
for each byte:
h = (h XOR byte) * 16777619
return h >>> 0
A preimage attack finds any input that produces a given hash output. For a cryptographic hash (SHA-256, bcrypt), this is computationally infeasible. For Wyhash with a constrained input space, it takes milliseconds.
Claude Code's /buddy system generates companions deterministically:
userId = config.oauthAccount.accountUuid
seed = wyhash(userId + "friend-2026-401")
rng = Mulberry32(seed)
rarity = rng() → weighted pick
species = rng() → uniform pick
eyes = rng() → uniform pick
hat = rng() → uniform pick (none if common)
shiny = rng() < 0.01
stats = rng() × 5 → peak/dump/fill
The "bones" (appearance, stats) are never stored — they're re-derived from the userId hash on every read. The "soul" (name, personality) is generated once by Claude and persisted. Editing config can't change rarity... but editing the UUID input can.
32-bit output = only ~4.3 billion possible companions total. Modern browsers compute Wyhash at ~5M hashes/sec per Web Worker. With 8 workers: ~400M/sec. Worst case: 11 seconds to try every possible seed. With prefix constraints, typically under 100ms.
This is not a security vulnerability. Wyhash is working as designed — it was never meant to be cryptographic. This tool exists to demonstrate a design choice, not to exploit one.
Built by Jake L'Ami with Claude Opus 4.6 (Ike). Claude reverse-engineered the companion system from the Claude Code source, computed the hash collisions, built the brute forcer, and wrote the web app. The human bought the domain at 2am.
If Anthropic's safety and alignment team would like to talk about what else we found in the source: the domain name is the ask.