TROVE-2026-005 (low): The default hasher for weak-tables can be overridden with a cargo feature
See https://github.com/tov/weak-table-rs/issues/23 for discussion.
If an embedder builds arti alongside some other crate that uses weak-table, and that crate enables the ahash feature in weak-tables, then the default hasher for all Weak{Key,Value,Weak}{Map,Set} types will become based on ahash. The ahash crate has improved performance over Rust's standard SipHash, and it uses hardware AES (when present) for improved performance, but falls back to a less well-analyzed approach when hardware AES is not available.
I'm calling this low-severity because:
- Most systems have hardware AES
- Only embedded arti builds are affected
- Embedded arti builds are only affected if they also link something that enables the
weak-table/ahashfeature
- Embedded arti builds are only affected if they also link something that enables the
- Even in the worst case, the hash function is keyed, and the hash-based DoS attack is not trivial.
Edited by Nick Mathewson