{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2019:4OPK6QAWFJPHCX43PEKYQS5TQN","short_pith_number":"pith:4OPK6QAW","schema_version":"1.0","canonical_sha256":"e39eaf40162a5e715f9b7915884bb383578cac8f5268d5361bbca48e8222e28f","source":{"kind":"arxiv","id":"1901.08960","version":1},"attestation_state":"computed","paper":{"title":"OAuthGuard: Protecting User Security and Privacy with OAuth 2.0 and OpenID Connect","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Chris J Mitchell, Thomas Chen, Wanpeng Li","submitted_at":"2019-01-24T16:14:40Z","abstract_excerpt":"Millions of users routinely use Google to log in to websites supporting OAuth 2.0 or OpenID Connect; the security of OAuth 2.0 and OpenID Connect is therefore of critical importance. As revealed in previous studies, in practice RPs often implement OAuth 2.0 incorrectly, and so many real-world OAuth 2.0 and OpenID Connect systems are vulnerable to attack. However, users of such flawed systems are typically unaware of these issues, and so are at risk of attacks which could result in unauthorised access to the victim user's account at an RP. In order to address this threat, we have developed OAut"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1901.08960","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-01-24T16:14:40Z","cross_cats_sorted":[],"title_canon_sha256":"aa0c21324520411f387dd6aa6219e3493b773e9c1450c1991337908933de1d6f","abstract_canon_sha256":"225b4444e3838b4577edb09ebf99b8a81e4f295d04570ecee7280e67819a39f2"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:55:31.079749Z","signature_b64":"6wzctEfcv8bfOKwpa3hMWKJIcr9ubAwSlA83zDWjgdFUQ9MoVY3XvV23uxVq3/eUy+H67CEHxed/k3NCEUvQAA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"e39eaf40162a5e715f9b7915884bb383578cac8f5268d5361bbca48e8222e28f","last_reissued_at":"2026-05-17T23:55:31.079241Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:55:31.079241Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"OAuthGuard: Protecting User Security and Privacy with OAuth 2.0 and OpenID Connect","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Chris J Mitchell, Thomas Chen, Wanpeng Li","submitted_at":"2019-01-24T16:14:40Z","abstract_excerpt":"Millions of users routinely use Google to log in to websites supporting OAuth 2.0 or OpenID Connect; the security of OAuth 2.0 and OpenID Connect is therefore of critical importance. As revealed in previous studies, in practice RPs often implement OAuth 2.0 incorrectly, and so many real-world OAuth 2.0 and OpenID Connect systems are vulnerable to attack. However, users of such flawed systems are typically unaware of these issues, and so are at risk of attacks which could result in unauthorised access to the victim user's account at an RP. In order to address this threat, we have developed OAut"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1901.08960","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1901.08960","created_at":"2026-05-17T23:55:31.079307+00:00"},{"alias_kind":"arxiv_version","alias_value":"1901.08960v1","created_at":"2026-05-17T23:55:31.079307+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1901.08960","created_at":"2026-05-17T23:55:31.079307+00:00"},{"alias_kind":"pith_short_12","alias_value":"4OPK6QAWFJPH","created_at":"2026-05-18T12:33:10.108867+00:00"},{"alias_kind":"pith_short_16","alias_value":"4OPK6QAWFJPHCX43","created_at":"2026-05-18T12:33:10.108867+00:00"},{"alias_kind":"pith_short_8","alias_value":"4OPK6QAW","created_at":"2026-05-18T12:33:10.108867+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN","json":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN.json","graph_json":"https://pith.science/api/pith-number/4OPK6QAWFJPHCX43PEKYQS5TQN/graph.json","events_json":"https://pith.science/api/pith-number/4OPK6QAWFJPHCX43PEKYQS5TQN/events.json","paper":"https://pith.science/paper/4OPK6QAW"},"agent_actions":{"view_html":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN","download_json":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN.json","view_paper":"https://pith.science/paper/4OPK6QAW","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1901.08960&json=true","fetch_graph":"https://pith.science/api/pith-number/4OPK6QAWFJPHCX43PEKYQS5TQN/graph.json","fetch_events":"https://pith.science/api/pith-number/4OPK6QAWFJPHCX43PEKYQS5TQN/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN/action/timestamp_anchor","attest_storage":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN/action/storage_attestation","attest_author":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN/action/author_attestation","sign_citation":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN/action/citation_signature","submit_replication":"https://pith.science/pith/4OPK6QAWFJPHCX43PEKYQS5TQN/action/replication_record"}},"created_at":"2026-05-17T23:55:31.079307+00:00","updated_at":"2026-05-17T23:55:31.079307+00:00"}