pith. sign in
Pith Number

pith:FGGNHRZU

pith:2026:FGGNHRZUZPKOWPDHKFIAHVLHDK
not attested not anchored not stored refs resolved

Security Incentivization: An Empirical Study of how Micropayments Impact Code Security

Alexander Lercher, Christoph Wedenig, Fabian Oraze, Georg Sengstbratl, Johann Glock, Martin Pinzger, Rainer W. Alexandrowicz, Stefan Rass

Tying team bonuses to improvements in security scanner results reduces code issue density.

arxiv:2605.13100 v1 · 2026-05-13 · cs.CR · cs.SE

Open paper page JSON Open Graph Bundle Merged state Verified badge What is a Pith Number?
Add to your LaTeX paper 
\usepackage{pith}
\pithnumber{FGGNHRZUZPKOWPDHKFIAHVLHDK}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge

Record completeness

1 Bitcoin timestamp
2 Internet Archive
3 Author claim open · sign in to claim
4 Citations open
5 Replications open
Portable graph bundle live · download bundle · merged state
The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

The treatment group achieved significantly lower security issue density overall (beta regression: β = -0.396, p = 0.0342), indicating improved measurable security under incentivization.

C2weakest assumption

That static analysis findings from the chosen tools (Bearer, Detekt, mobsfscan) accurately capture meaningful security risks and that student team behavior generalizes to professional developers.

C3one line summary

Linking team bonuses to automated security scan results reduced issue density in a controlled experiment with 84 students across 14 teams.

References

56 extracted · 56 resolved · 0 Pith anchors

[1] Vipindev Adat, Amrita Dahiya, and B. B. Gupta. Economic incentive based solution against distributed denial of service attacks for IoT customers. In2018 IEEE International Conference on Consumer Elect 2018
[2] Aikido - Unified Security Platform from Code to Runtime, 2025 2025
[3] Ross J. Anderson and T. Moore. The economics of information security.Science, 314:610 – 613, 2006 2006
[4] Owura Asare, Meiyappan Nagappan, and N. Asokan. Is GitHub’s Copilot as bad as humans at introducing vulnerabilities in code?Empirical Softw. Engg., 28(6), September 2023. online: https://doi.org/10.10 2023 · doi:10.1007/s10664-023-10380-1
[5] Designing user incentives for cybersecurity 2014
Receipt and verification
First computed 2026-05-18T03:08:58.302194Z
Builder pith-number-builder-2026-05-17-v1
Signature Pith Ed25519 (pith-v1-2026-05) · public key
Schema pith-number/v1.0

Canonical hash

298cd3c734cbd4eb3c67515003d5671a9da76bd882a7aae02124ef498d170410

Aliases

arxiv: 2605.13100 · arxiv_version: 2605.13100v1 · doi: 10.48550/arxiv.2605.13100 · pith_short_12: FGGNHRZUZPKO · pith_short_16: FGGNHRZUZPKOWPDH · pith_short_8: FGGNHRZU
Agent API
Resolver JSON Graph JSON Events JSON Schema Signing key
Verify this Pith Number yourself 
curl -sH 'Accept: application/ld+json' https://pith.science/pith/FGGNHRZUZPKOWPDHKFIAHVLHDK \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: 298cd3c734cbd4eb3c67515003d5671a9da76bd882a7aae02124ef498d170410
Canonical record JSON 
{
  "metadata": {
    "abstract_canon_sha256": "66c0c7d10395460ad942b429dd9bc5e193150ea3d23a3f33b436d7677690d5e1",
    "cross_cats_sorted": [
      "cs.SE"
    ],
    "license": "http://creativecommons.org/licenses/by/4.0/",
    "primary_cat": "cs.CR",
    "submitted_at": "2026-05-13T07:12:13Z",
    "title_canon_sha256": "1ab30c78dc2aacd3e665bd4e0c850d709c39d5bf095745075d9ca62e3f7fda82"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2605.13100",
    "kind": "arxiv",
    "version": 1
  }
}