This post records a third cryptographic timestamp for the same research workspace anchored earlier on 2026-05-13. It captures the post-Wave-20 expanded state after four days of additional iteration on the underlying material.
The first two anchors for this workspace are at /blog/research-timestamp-2026-05-13 (06:52 UTC, 3,232 files) and /blog/research-timestamp-2026-05-13-final (17:55 UTC, 11,327 files). This anchor extends the same chain-of-custody with a third checkpoint covering the V7 Wave 19 + V8 Wave 20 expansion.
Timestamp claim
Generated: 2026-05-17 01:07:28 UTC (epoch 1779066448).
SHA-256 of canonical manifest:
bb02b887ee80e1f6491894cff41b022da21f5333090c1d86c6c729d4f1805988
Coverage: 16,349 files / 357,564,936 bytes. The manifest covers the workspace's research-related markdown, JSON, Python, and text files at the time of generation, including all newly-produced V7 Wave 19 + V8 Wave 20 evidence directories.
Bitcoin anchor: OpenTimestamps .ots proof generated alongside this hash. Bitcoin attestation lands approximately 1-3 hours after publication; the cryptographic commitment is immediate via the OpenTimestamps Calendar servers.
Relationship to earlier anchors
| Anchor | Date | UTC | Hash (SHA-256) | Files |
|---|---|---|---|---|
| First | 2026-05-13 | 06:52 | ebe56d7153eafb8589cc76296da45756f9038794548f288e1ed5c848c548f36c | 3,232 |
| Second | 2026-05-13 | 17:55 | 467dc3a906418f84e114a6911e3a7890a6c8492e12c55cea4f2347a1a6e767ca | 11,327 |
| Third (this) | 2026-05-17 | 01:07 | bb02b887ee80e1f6491894cff41b022da21f5333090c1d86c6c729d4f1805988 | 16,349 |
Each manifest is canonically serialized. Files appear in earlier or later manifests with their own per-file SHA-256. The three hashes together produce an auditable chain-of-custody record across the four-day window.
What the 2026-05-17 anchor adds over the 2026-05-13 anchors
Between 2026-05-13 22:00 UTC and 2026-05-17 01:07 UTC, the underlying research workspace produced two additional recorded waves of iteration. The expanded state captured at this anchor adds, in aggregate:
- Five new filing-candidate drafts from the intermediate wave (additional primitives identified, additional disclosure variants, additional architectural observations bounded by adjacent defenses)
- Several end-to-end exploitation chains empirically confirmed via byte-level evidence captured at operator-controlled collectors
- Multiple credential-class observations across the platform's surface, including persistence variants
- Multiple bypass-class observations against the platform's published security boundaries, each rolled back cleanly with state verification
- Forensic decode of one platform-internal component with associated architecture documentation
- One composite end-to-end chain narrative consolidating prior-wave and new-wave findings into a single attacker model
- An iterated next-session plan ready for execution, reviewed adversarially via three independent reviewers before lock-in
Specific technical details, affected endpoints, internal architecture, exact severity claims, and reproduction steps are intentionally withheld from this public anchor. They are contained inside the canonical manifest hashed by this post, and will be disclosed via coordinated channels with the affected platform's security team.
Why three anchors
The 2026-05-13 06:52 UTC anchor establishes priority over the pre-iteration state. The 2026-05-13 17:55 UTC anchor establishes priority over the same-day expanded state. This 2026-05-17 anchor establishes priority over the four-days-later expanded state, including all V7 Wave 19 and V8 Wave 20 findings. The three hashes together produce a complete forensic timeline across the workspace's research period.
Verification
Independent verification of the manifest's integrity is possible from the local manifest.json plus a short Python snippet:
python3 -c '
import json, hashlib
with open("manifest.json") as f:
d = json.load(f)
canonical = json.dumps(d, sort_keys=True, separators=(",", ":")).encode()
print(hashlib.sha256(canonical).hexdigest())
'The output should match the hash above.
What this proves vs does not prove
| Proves | Does NOT prove | |---|---| | The exact contents of every file in the manifest at the moment of the timestamp | That the findings are valid or that the platform will accept them | | Any later identical findings by independent researchers are NOT independent of this work | That the platform was unaware of these findings before this anchor | | Research was NOT generated after 2026-05-17 01:07 UTC | That the underlying conclusions are correct (independent of forensic timing) | | The expanded manifest is a strict superset of the 2026-05-13 22:00 anchor | That coordination has begun (status: still pending across multiple channels) |
Context
Coordinated disclosure to security@aiven.io and Bugcrowd is in progress; the platform-side channel has been intermittent in the period leading to this anchor. This third public anchor protects the research timeline independent of platform availability while coordination resolves.
AI assistance
Research and drafting were performed in collaboration with Claude Code (Anthropic), including the V9 plan's tri-model adversarial review pass (Claude Opus 4.7 author, Claude Sonnet adversarial reviewers, OpenAI Codex senior-engineering review). All claims, probes, and submissions were independently verified against live HTTP/SQL responses before inclusion in the manifest.