{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2017:D5P5K3S7Q5INU5EVWIG7FACMOX","short_pith_number":"pith:D5P5K3S7","canonical_record":{"source":{"id":"1710.00564","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-10-02T10:05:14Z","cross_cats_sorted":[],"title_canon_sha256":"2663893e4f956b3dfba0df9b06c0d3e6b76e672b8a245a7fecd16a011a0256ea","abstract_canon_sha256":"3f1e5e7b0bcf4b208c9366afb3bcf0682c3aa1024af73c44f7414404c4364de4"},"schema_version":"1.0"},"canonical_sha256":"1f5fd56e5f8750da7495b20df2804c75e8f2891f0d3ca98c5a1f6917b9f80bd0","source":{"kind":"arxiv","id":"1710.00564","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1710.00564","created_at":"2026-05-18T00:33:47Z"},{"alias_kind":"arxiv_version","alias_value":"1710.00564v1","created_at":"2026-05-18T00:33:47Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1710.00564","created_at":"2026-05-18T00:33:47Z"},{"alias_kind":"pith_short_12","alias_value":"D5P5K3S7Q5IN","created_at":"2026-05-18T12:31:10Z"},{"alias_kind":"pith_short_16","alias_value":"D5P5K3S7Q5INU5EV","created_at":"2026-05-18T12:31:10Z"},{"alias_kind":"pith_short_8","alias_value":"D5P5K3S7","created_at":"2026-05-18T12:31:10Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2017:D5P5K3S7Q5INU5EVWIG7FACMOX","target":"record","payload":{"canonical_record":{"source":{"id":"1710.00564","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-10-02T10:05:14Z","cross_cats_sorted":[],"title_canon_sha256":"2663893e4f956b3dfba0df9b06c0d3e6b76e672b8a245a7fecd16a011a0256ea","abstract_canon_sha256":"3f1e5e7b0bcf4b208c9366afb3bcf0682c3aa1024af73c44f7414404c4364de4"},"schema_version":"1.0"},"canonical_sha256":"1f5fd56e5f8750da7495b20df2804c75e8f2891f0d3ca98c5a1f6917b9f80bd0","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T00:33:47.797051Z","signature_b64":"O354vGELqcCXIRWvGX71eFFbBWpJthagY577bVYgSc3hrOyhKJ05WiYHsQTR53Y+VmyoVskInGE+wGVa42zVCw==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"1f5fd56e5f8750da7495b20df2804c75e8f2891f0d3ca98c5a1f6917b9f80bd0","last_reissued_at":"2026-05-18T00:33:47.796379Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T00:33:47.796379Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1710.00564","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:33:47Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"Hu12nYgDblbe9lmMcK+STEiTDAPrr95gJSdpd4+gRkxBOOq0y/iPmRA9zamCSIvseb2Q7Qdh5FB0YxlkYslLBw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-28T22:18:02.718013Z"},"content_sha256":"eddedddd9734323c373cd1baec8434e22c14f5294f2b55fd3bbbba2fa84f2b89","schema_version":"1.0","event_id":"sha256:eddedddd9734323c373cd1baec8434e22c14f5294f2b55fd3bbbba2fa84f2b89"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2017:D5P5K3S7Q5INU5EVWIG7FACMOX","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"CrySL: Validating Correct Usage of Cryptographic APIs","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.SE","authors_text":"Eric Bodden, Johannes Sp\\\"ath, Karim Ali, Mira Mezini, Stefan Kr\\\"uger","submitted_at":"2017-10-02T10:05:14Z","abstract_excerpt":"Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development process. The fact that insecure usages are not the exception but the norm precludes approaches based on property inference and anomaly detection.\n  In this paper, we present CrySL, a definition language that enables cryptography experts to specify the secure usage of the cryptographic libraries that they provide. CrySL combines the generic concepts of method-call "},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1710.00564","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T00:33:47Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"1bdUEw5akkkWHUoI2KWh42xVP/pyOauY7wkJQZXPHCM0hPCmrkfwYJK21vfui61RJESMtlQQSP0OhUWPtfZ8Cg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-28T22:18:02.718726Z"},"content_sha256":"6fcd546fac6080a0375634b3b776ce65d615e6a5f62020a6716ba6a749d26713","schema_version":"1.0","event_id":"sha256:6fcd546fac6080a0375634b3b776ce65d615e6a5f62020a6716ba6a749d26713"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/D5P5K3S7Q5INU5EVWIG7FACMOX/bundle.json","state_url":"https://pith.science/pith/D5P5K3S7Q5INU5EVWIG7FACMOX/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/D5P5K3S7Q5INU5EVWIG7FACMOX/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-28T22:18:02Z","links":{"resolver":"https://pith.science/pith/D5P5K3S7Q5INU5EVWIG7FACMOX","bundle":"https://pith.science/pith/D5P5K3S7Q5INU5EVWIG7FACMOX/bundle.json","state":"https://pith.science/pith/D5P5K3S7Q5INU5EVWIG7FACMOX/state.json","well_known_bundle":"https://pith.science/.well-known/pith/D5P5K3S7Q5INU5EVWIG7FACMOX/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2017:D5P5K3S7Q5INU5EVWIG7FACMOX","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"3f1e5e7b0bcf4b208c9366afb3bcf0682c3aa1024af73c44f7414404c4364de4","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-10-02T10:05:14Z","title_canon_sha256":"2663893e4f956b3dfba0df9b06c0d3e6b76e672b8a245a7fecd16a011a0256ea"},"schema_version":"1.0","source":{"id":"1710.00564","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1710.00564","created_at":"2026-05-18T00:33:47Z"},{"alias_kind":"arxiv_version","alias_value":"1710.00564v1","created_at":"2026-05-18T00:33:47Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1710.00564","created_at":"2026-05-18T00:33:47Z"},{"alias_kind":"pith_short_12","alias_value":"D5P5K3S7Q5IN","created_at":"2026-05-18T12:31:10Z"},{"alias_kind":"pith_short_16","alias_value":"D5P5K3S7Q5INU5EV","created_at":"2026-05-18T12:31:10Z"},{"alias_kind":"pith_short_8","alias_value":"D5P5K3S7","created_at":"2026-05-18T12:31:10Z"}],"graph_snapshots":[{"event_id":"sha256:6fcd546fac6080a0375634b3b776ce65d615e6a5f62020a6716ba6a749d26713","target":"graph","created_at":"2026-05-18T00:33:47Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Various studies have empirically shown that the majority of Java and Android apps misuse cryptographic libraries, causing devastating breaches of data security. Therefore, it is crucial to detect such misuses early in the development process. The fact that insecure usages are not the exception but the norm precludes approaches based on property inference and anomaly detection.\n  In this paper, we present CrySL, a definition language that enables cryptography experts to specify the secure usage of the cryptographic libraries that they provide. CrySL combines the generic concepts of method-call ","authors_text":"Eric Bodden, Johannes Sp\\\"ath, Karim Ali, Mira Mezini, Stefan Kr\\\"uger","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-10-02T10:05:14Z","title":"CrySL: Validating Correct Usage of Cryptographic APIs"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1710.00564","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:eddedddd9734323c373cd1baec8434e22c14f5294f2b55fd3bbbba2fa84f2b89","target":"record","created_at":"2026-05-18T00:33:47Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"3f1e5e7b0bcf4b208c9366afb3bcf0682c3aa1024af73c44f7414404c4364de4","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2017-10-02T10:05:14Z","title_canon_sha256":"2663893e4f956b3dfba0df9b06c0d3e6b76e672b8a245a7fecd16a011a0256ea"},"schema_version":"1.0","source":{"id":"1710.00564","kind":"arxiv","version":1}},"canonical_sha256":"1f5fd56e5f8750da7495b20df2804c75e8f2891f0d3ca98c5a1f6917b9f80bd0","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"1f5fd56e5f8750da7495b20df2804c75e8f2891f0d3ca98c5a1f6917b9f80bd0","first_computed_at":"2026-05-18T00:33:47.796379Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T00:33:47.796379Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"O354vGELqcCXIRWvGX71eFFbBWpJthagY577bVYgSc3hrOyhKJ05WiYHsQTR53Y+VmyoVskInGE+wGVa42zVCw==","signature_status":"signed_v1","signed_at":"2026-05-18T00:33:47.797051Z","signed_message":"canonical_sha256_bytes"},"source_id":"1710.00564","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:eddedddd9734323c373cd1baec8434e22c14f5294f2b55fd3bbbba2fa84f2b89","sha256:6fcd546fac6080a0375634b3b776ce65d615e6a5f62020a6716ba6a749d26713"],"state_sha256":"a1fcf03dbf97a5c9f051626d9a81515fc028f790f50d0a35baa44e21e8ac3248"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"DIs2CDCMbdA1TarAlUbw7okpUIoh1ZCOauqE97GhQbZ8FvpZV8cbRG6ZOlQEFF1GtBjP/bo+58/Xcd6lL5e1AA==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-28T22:18:02.722488Z","bundle_sha256":"935d7337e4b8224f1c7d6e6b98bbd007e3dc58bba13f8bead892249ae0dcf962"}}