scan-v5.json (27985B)
1 { 2 "scan_version": 5, 3 "paper_type": "empirical", 4 "paper": { 5 "title": "Lethe: Purifying Backdoored Large Language Models with Knowledge Dilution", 6 "authors": [ 7 "Chen Chen", 8 "Yuchen Sun", 9 "Jiaxin Gao", 10 "Xueluan Gong", 11 "Qian Wang" 12 ], 13 "year": 2025, 14 "venue": "arXiv.org", 15 "arxiv_id": "2508.21004", 16 "doi": "10.48550/arXiv.2508.21004" 17 }, 18 "checklist": { 19 "claims_and_evidence": { 20 "abstract_claims_supported": { 21 "applies": true, 22 "answer": true, 23 "justification": "All major abstract claims—98% ASR reduction, outperforming 8 baselines on 8 attacks across 5 LLMs, cost-efficiency, and robustness to adaptive attacks—are directly supported by Tables 2, 3, 7, and 17.", 24 "source": "haiku" 25 }, 26 "causal_claims_justified": { 27 "applies": true, 28 "answer": true, 29 "justification": "Causal claims about individual component contributions are supported by ablation studies in Table 4 and Tables 15–16, which isolate internal-only, external-only, and combined mechanisms across all model/attack combinations.", 30 "source": "haiku" 31 }, 32 "generalization_bounded": { 33 "applies": true, 34 "answer": false, 35 "justification": "The paper makes broad claims about 'real-world deployment' and applicability to 'LLMs' generally, but testing is limited to 5 English-only models (1.5B–7B), two task domains, and specific backdoor attack families; no explicit boundaries on what won't generalize are stated.", 36 "source": "haiku" 37 }, 38 "alternative_explanations_discussed": { 39 "applies": true, 40 "answer": false, 41 "justification": "The paper does not consider alternatives—e.g., that model merging provides general robustness rather than specifically diluting backdoors, or that CDA improvements stem from regularization effects unrelated to backdoor removal.", 42 "source": "haiku" 43 }, 44 "proxy_outcome_distinction": { 45 "applies": true, 46 "answer": true, 47 "justification": "ASR directly measures backdoor activation on poisoned inputs and CDA directly measures clean accuracy; these metrics align precisely with the paper's stated objectives without proxy substitution.", 48 "source": "haiku" 49 } 50 }, 51 "limitations_and_scope": { 52 "limitations_section_present": { 53 "applies": true, 54 "answer": false, 55 "justification": "There is no dedicated limitations section; the conclusion contains a single sentence noting LETHE is limited to language models, which does not qualify as a limitations discussion.", 56 "source": "haiku" 57 }, 58 "threats_to_validity_specific": { 59 "applies": true, 60 "answer": false, 61 "justification": "No threats to validity are discussed; the paper does not address concerns such as small Chat-Backdoor test size (100 samples), reliance on GPT-4o as an evaluator, or the scope of the adaptive attack evaluation (only CBA tested).", 62 "source": "haiku" 63 }, 64 "scope_boundaries_stated": { 65 "applies": true, 66 "answer": false, 67 "justification": "No explicit scope boundaries are stated about what results do NOT show; future work mentions in the conclusion imply current scope but do not formally bound claims.", 68 "source": "haiku" 69 } 70 }, 71 "conflicts_of_interest": { 72 "funding_disclosed": { 73 "applies": true, 74 "answer": false, 75 "justification": "No funding acknowledgment, grant numbers, or institutional support is mentioned anywhere in the paper.", 76 "source": "haiku" 77 }, 78 "affiliations_disclosed": { 79 "applies": true, 80 "answer": true, 81 "justification": "Author affiliations are clearly stated on the title page: Nanyang Technological University and Wuhan University, with institutional email addresses.", 82 "source": "haiku" 83 }, 84 "funder_independent_of_outcome": { 85 "applies": false, 86 "answer": false, 87 "justification": "No funding is disclosed, so independence cannot be assessed.", 88 "source": "haiku" 89 }, 90 "financial_interests_declared": { 91 "applies": true, 92 "answer": false, 93 "justification": "No competing interests or financial interests declaration is present in the paper.", 94 "source": "haiku" 95 } 96 }, 97 "scope_and_framing": { 98 "key_terms_defined": { 99 "applies": true, 100 "answer": true, 101 "justification": "Key terms are defined: 'backdoor attack' taxonomy (Section 2.2), 'knowledge dilution' as a concept (Section 2.4), 'internal/external dilution' mechanisms (Section 3), and evaluation metrics ASR and CDA (Appendix E).", 102 "source": "haiku" 103 }, 104 "intended_contribution_clear": { 105 "applies": true, 106 "answer": true, 107 "justification": "Three explicit contributions are enumerated at the end of Section 1: the LETHE framework, the internal dilution via LoRA+model merging, and the external dilution via TextRank+WordNet.", 108 "source": "haiku" 109 }, 110 "engagement_with_prior_work": { 111 "applies": true, 112 "answer": true, 113 "justification": "Table 1 systematically compares LETHE against 14 prior defenses across 6 dimensions, and Sections 2.3–2.4 explicitly discuss how LETHE addresses identified gaps in detection-only, domain-limited, and fine-tuning-based approaches.", 114 "source": "haiku" 115 } 116 } 117 }, 118 "type_checklist": { 119 "empirical": { 120 "artifacts": { 121 "code_released": { 122 "applies": true, 123 "answer": true, 124 "justification": "An anonymized code repository is provided at https://anonymous.4open.science/r/Lethe-B9F4 containing defense implementation, attack scripts, and evaluation code.", 125 "source": "haiku" 126 }, 127 "data_released": { 128 "applies": true, 129 "answer": true, 130 "justification": "All four datasets are publicly available (SST-2, Emotion, HumanEval) or provided with download scripts (Chat-Backdoor subset); sources and licenses are documented in the Open Science section.", 131 "source": "haiku" 132 }, 133 "environment_specified": { 134 "applies": true, 135 "answer": false, 136 "justification": "The paper specifies Python 3.10, Ubuntu 22.04, and NVIDIA A100 80GB hardware, but no requirements.txt, Dockerfile, or full dependency version list is provided.", 137 "source": "haiku" 138 }, 139 "reproduction_instructions": { 140 "applies": true, 141 "answer": false, 142 "justification": "Hyperparameters are scattered across appendices but no step-by-step reproduction instructions are present in the paper; the repository is promised to contain these but they are not verifiable from the paper itself.", 143 "source": "haiku" 144 } 145 }, 146 "statistical_methodology": { 147 "confidence_intervals_or_error_bars": { 148 "applies": true, 149 "answer": false, 150 "justification": "All results in Tables 2, 3, and 4 are single-run point estimates; no confidence intervals, standard deviations, or error bars are reported for any metric.", 151 "source": "haiku" 152 }, 153 "significance_tests": { 154 "applies": true, 155 "answer": false, 156 "justification": "No statistical significance tests are applied to any comparative claims; superiority over 8 baselines is asserted from raw metric differences alone.", 157 "source": "haiku" 158 }, 159 "effect_sizes_reported": { 160 "applies": true, 161 "answer": true, 162 "justification": "Effect sizes are reported as percentage ASR reductions with baseline context (e.g., 'up to 98%' reduction; Figure 4 shows average ASR 2.03% vs. BEEAR's 9.09%), providing magnitude interpretation.", 163 "source": "haiku" 164 }, 165 "sample_size_justified": { 166 "applies": true, 167 "answer": false, 168 "justification": "Test set sizes (100 samples for Chat-Backdoor, 164 for HumanEval) are reported but not justified; no power analysis or sample size rationale is provided.", 169 "source": "haiku" 170 }, 171 "variance_reported": { 172 "applies": true, 173 "answer": false, 174 "justification": "No variance, standard deviation, or multi-run statistics are reported; all metrics are single-point estimates from single experimental runs.", 175 "source": "haiku" 176 } 177 }, 178 "evaluation_design": { 179 "baselines_included": { 180 "applies": true, 181 "answer": true, 182 "justification": "Eight state-of-the-art defense baselines are included: Editing, Wanda, Fine-tuning, Fine-pruning, Speculative, Cleangen, NAD, and BEEAR, with detailed implementation settings in Appendix D.", 183 "source": "haiku" 184 }, 185 "baselines_contemporary": { 186 "applies": true, 187 "answer": true, 188 "justification": "Baselines include recent methods published through 2024–2025 (BEEAR 2024, Cleangen 2024, BAIT 2025), and Table 1 shows comprehensive comparison along multiple capability dimensions.", 189 "source": "haiku" 190 }, 191 "ablation_study": { 192 "applies": true, 193 "answer": true, 194 "justification": "Table 4 and Tables 15–16 provide full ablation comparing internal-only (INT), external-only (EXT), and combined LETHE across all model/attack/dataset combinations.", 195 "source": "haiku" 196 }, 197 "multiple_metrics": { 198 "applies": true, 199 "answer": true, 200 "justification": "ASR, CDA, and Defense Score (harmonic mean) are used for classification; Pass@1 for code generation; GPT-4o-based harmfulness scoring for text generation.", 201 "source": "haiku" 202 }, 203 "human_evaluation": { 204 "applies": false, 205 "answer": false, 206 "justification": "Human evaluation is not used; generation quality is assessed via automated GPT-4o-based scoring, not human raters.", 207 "source": "haiku" 208 }, 209 "held_out_test_set": { 210 "applies": true, 211 "answer": true, 212 "justification": "Standard held-out test splits are used for all datasets (SST-2: 1.8k, Emotion: 2k, HumanEval: 164 problems, Chat-Backdoor: 100 test samples).", 213 "source": "haiku" 214 }, 215 "per_category_breakdown": { 216 "applies": true, 217 "answer": true, 218 "justification": "Results are broken down by model (5 LLMs), attack type (8 attacks), dataset (4), and domain (classification vs. generation), with supplementary tables in Appendix G covering all 5 model/dataset combinations.", 219 "source": "haiku" 220 }, 221 "failure_cases_discussed": { 222 "applies": true, 223 "answer": true, 224 "justification": "Section 6.3 presents concrete failure cases where internal dilution alone fails ('car steal' query) and external dilution is needed, demonstrating mechanism-level failure modes.", 225 "source": "haiku" 226 }, 227 "negative_results_reported": { 228 "applies": true, 229 "answer": true, 230 "justification": "The paper reports elevated DTBA ASR on DeepSeek-R1 (16%), shows external-only dilution is consistently weaker than internal-only, and notes slightly higher ASR on Llama-2-13B vs. 7B.", 231 "source": "haiku" 232 } 233 }, 234 "setup_transparency": { 235 "model_versions_specified": { 236 "applies": true, 237 "answer": false, 238 "justification": "Models are identified by name and parameter count only; no specific HuggingFace checkpoint versions, commit hashes, or release dates are provided for any of the 5 LLMs.", 239 "source": "haiku" 240 }, 241 "prompts_provided": { 242 "applies": true, 243 "answer": true, 244 "justification": "Full GPT-4o evaluation prompts for both CDA quality scoring and ASR harmfulness detection are provided verbatim in Box D.1 and Box D.2.", 245 "source": "haiku" 246 }, 247 "hyperparameters_reported": { 248 "applies": true, 249 "answer": true, 250 "justification": "Key hyperparameters are reported throughout: learning rate 0.0002, batch sizes, LoRA settings, SLERP interpolation parameter, TextRank damping factor 0.85, generation temperature 0.7, and TIES pruning thresholds.", 251 "source": "haiku" 252 }, 253 "scaffolding_described": { 254 "applies": false, 255 "answer": false, 256 "justification": "No agentic scaffolding is used; LETHE is a model-level defense mechanism applied to static models, not an agent pipeline.", 257 "source": "haiku" 258 }, 259 "data_preprocessing_documented": { 260 "applies": true, 261 "answer": false, 262 "justification": "Data splits used (10% clean training data, specified test sizes) are stated but tokenization, filtering, normalization, and poisoning pipeline preprocessing are not documented.", 263 "source": "haiku" 264 } 265 }, 266 "data_integrity": { 267 "raw_data_available": { 268 "applies": true, 269 "answer": true, 270 "justification": "SST-2, Emotion, and HumanEval are publicly available from their original sources; Chat-Backdoor subset is provided in JSON format with any identifying information removed.", 271 "source": "haiku" 272 }, 273 "data_collection_described": { 274 "applies": true, 275 "answer": true, 276 "justification": "Dataset composition is described: SST-2 source and splits, Emotion Twitter origin, Chat-Backdoor composition from UltraChat/HH-RLHF/HuggingFaceH4, and HumanEval source with licensing notes.", 277 "source": "haiku" 278 }, 279 "recruitment_methods_described": { 280 "applies": false, 281 "answer": false, 282 "justification": "No human participants; all datasets are automated benchmarks or pre-existing public corpora.", 283 "source": "haiku" 284 }, 285 "data_pipeline_documented": { 286 "applies": true, 287 "answer": false, 288 "justification": "The pipeline from data to attack injection to defense evaluation is partially described via pseudocode (Algorithms 1–2) but lacks end-to-end documentation including poisoning data construction details.", 289 "source": "haiku" 290 } 291 }, 292 "contamination": { 293 "training_cutoff_stated": { 294 "applies": true, 295 "answer": false, 296 "justification": "Training data cutoffs are not stated for any of the 5 LLMs, despite using SST-2 and HumanEval which predate most model cutoffs and could be memorized.", 297 "source": "haiku" 298 }, 299 "train_test_overlap_discussed": { 300 "applies": true, 301 "answer": false, 302 "justification": "Potential overlap between LLM pre-training data and evaluation benchmarks (SST-2, HumanEval) is not discussed, though this could affect CDA baseline measurements.", 303 "source": "haiku" 304 }, 305 "benchmark_contamination_addressed": { 306 "applies": true, 307 "answer": false, 308 "justification": "SST-2 and HumanEval are well-known benchmarks likely present in pre-training corpora; whether contamination affects CDA baselines is not addressed.", 309 "source": "haiku" 310 } 311 }, 312 "human_studies": { 313 "pre_registered": { 314 "applies": false, 315 "answer": false, 316 "justification": "No human participants; ethics section states 'No human subjects were involved.'", 317 "source": "haiku" 318 }, 319 "irb_or_ethics_approval": { 320 "applies": false, 321 "answer": false, 322 "justification": "No human participants.", 323 "source": "haiku" 324 }, 325 "demographics_reported": { 326 "applies": false, 327 "answer": false, 328 "justification": "No human participants.", 329 "source": "haiku" 330 }, 331 "inclusion_exclusion_criteria": { 332 "applies": false, 333 "answer": false, 334 "justification": "No human participants.", 335 "source": "haiku" 336 }, 337 "randomization_described": { 338 "applies": false, 339 "answer": false, 340 "justification": "No human participants.", 341 "source": "haiku" 342 }, 343 "blinding_described": { 344 "applies": false, 345 "answer": false, 346 "justification": "No human participants.", 347 "source": "haiku" 348 }, 349 "attrition_reported": { 350 "applies": false, 351 "answer": false, 352 "justification": "No human participants.", 353 "source": "haiku" 354 } 355 }, 356 "cost_and_practicality": { 357 "inference_cost_reported": { 358 "applies": true, 359 "answer": true, 360 "justification": "Table 17 reports training and inference times in minutes for LETHE and all 8 baselines on Llama-2 across five attack/dataset configurations.", 361 "source": "haiku" 362 }, 363 "compute_budget_stated": { 364 "applies": true, 365 "answer": true, 366 "justification": "Hardware is specified (NVIDIA A100 80GB, 10-core Intel Xeon Silver 4210R, Ubuntu 22.04) and training times of 19–34 minutes are reported for LETHE.", 367 "source": "haiku" 368 } 369 } 370 } 371 }, 372 "claims": [ 373 { 374 "claim": "LETHE reduces attack success rate of advanced backdoor attacks by up to 98% while maintaining model utility (CDA degradation <3%)", 375 "evidence": "Tables 2 and 3 show ASR reduced from near 100% to under 5–7% in most configurations across 5 LLMs and 8 attacks; CDA consistently maintained", 376 "supported": "strong" 377 }, 378 { 379 "claim": "LETHE outperforms all 8 state-of-the-art defense baselines across all tested settings", 380 "evidence": "Defense Score (DS) in Figure 3 shows LETHE achieves the highest aggregated score; Table 2 shows consistent advantage case-by-case", 381 "supported": "strong" 382 }, 383 { 384 "claim": "LETHE is particularly effective against model-editing-based attacks, achieving average ASR of 2.03% vs. best baseline 9.09%", 385 "evidence": "Figure 4 shows average ASR of 2.03% against BadEdit/ROME/MEMIT attacks compared to BEEAR's 9.09%", 386 "supported": "moderate" 387 }, 388 { 389 "claim": "Internal dilution alone substantially reduces backdoor effectiveness across all attack types", 390 "evidence": "Table 4 shows internal-only reduces CBA ASR from 74.9% to 4.7% (GPT2-XL) and 100% to 1.8% (DeepSeek-R1) on Emotion dataset", 391 "supported": "strong" 392 }, 393 { 394 "claim": "LETHE is cost-efficient, requiring only 20–35 minutes of training versus >150 minutes for fine-tuning-based methods", 395 "evidence": "Table 17 shows LETHE training times of 19–34 min on Llama-2 vs. 153–227 min for NAD and Fine-tuning baselines", 396 "supported": "strong" 397 }, 398 { 399 "claim": "LETHE remains effective against adaptive attacks designed to evade its merging mechanism", 400 "evidence": "Table 7 shows adaptive CBA reduced from up to 100% to average ~11% ASR across 5 models; however only CBA tested adaptively", 401 "supported": "moderate" 402 }, 403 { 404 "claim": "LETHE does not degrade non-backdoored model performance", 405 "evidence": "Table 8 shows CDA of 92.4% (LoRA) and 91.0% (Full) with LETHE applied to clean Llama-2, compared to 92.4% and 91.6% without", 406 "supported": "weak" 407 }, 408 { 409 "claim": "LoRA-based clean model construction is sufficient for dilution, comparable to full fine-tuning", 410 "evidence": "Table 12 shows <1% average difference in ASR and CDA between LoRA and full fine-tuning strategies on Llama-2", 411 "supported": "moderate" 412 } 413 ], 414 "methodology_tags": [ 415 "benchmark-eval", 416 "empirical" 417 ], 418 "key_findings": "LETHE is a backdoor purification framework combining internal knowledge dilution (LoRA-fine-tuned clean model merged into the backdoored model via SLERP) with external knowledge dilution (TextRank keyword extraction + WordNet definitions injected into prompts). Tested on 5 LLMs against 8 backdoor attacks across 4 datasets and 2 task domains, LETHE achieves up to 98% ASR reduction while limiting CDA degradation to under 3%, consistently outperforming 8 baseline defenses. The framework is particularly strong against model-editing-based attacks (2.03% average ASR vs. BEEAR's 9.09%) and is substantially more efficient than fine-tuning-based methods (20–35 min vs. >150 min). The combination of both mechanisms outperforms either alone, with external dilution providing critical backup when internal dilution fails to suppress specific backdoor shortcuts, as shown in case studies with harmful-content queries.", 419 "red_flags": [ 420 { 421 "flag": "No variance or error bars", 422 "detail": "All results across all tables are single-run point estimates with no confidence intervals, standard deviations, or repeated-trial statistics, making it impossible to assess result stability." 423 }, 424 { 425 "flag": "No statistical significance testing", 426 "detail": "Superiority claims over 8 baselines across hundreds of metric comparisons are based on raw number comparisons without any statistical tests." 427 }, 428 { 429 "flag": "No funding disclosure", 430 "detail": "No acknowledgment of funding sources or grants despite research from two universities; potential institutional interests cannot be assessed." 431 }, 432 { 433 "flag": "LLM-as-judge evaluation for generation tasks", 434 "detail": "CDA and ASR for Chat-Backdoor rely on GPT-4o binary scoring; no inter-rater reliability, prompt sensitivity analysis, or human validation of GPT-4o judgments is reported." 435 }, 436 { 437 "flag": "Adaptive attack evaluation limited to one attack", 438 "detail": "Robustness to adaptive attacks is demonstrated only for CBA; claims about general robustness to adaptive strategies cannot be generalized from a single attack type." 439 }, 440 { 441 "flag": "Small Chat-Backdoor test set", 442 "detail": "Only 100 test samples are used for Chat-Backdoor generation evaluation, making statistical reliability of generation results questionable." 443 }, 444 { 445 "flag": "No limitations section", 446 "detail": "The paper contains no dedicated limitations or threats-to-validity section; a single sentence about future work in non-text domains is the only scope acknowledgment." 447 } 448 ], 449 "cited_papers": [ 450 { 451 "title": "BadEdit: Backdooring large language models by model editing", 452 "relevance": "Direct baseline attack evaluated; represents model-editing-based backdoor injection requiring only 15 samples—a key challenge LETHE addresses." 453 }, 454 { 455 "title": "Composite backdoor attacks against large language models (CBA)", 456 "relevance": "Multi-trigger baseline attack; one of the hardest attacks evaluated, used in adaptive attack robustness testing." 457 }, 458 { 459 "title": "BEEAR: Embedding-based adversarial removal of safety backdoors in instruction-tuned language models", 460 "relevance": "State-of-the-art defense baseline for generation tasks; the primary comparison point demonstrating LETHE's superiority for advanced attacks." 461 }, 462 { 463 "title": "Neural attention distillation: Erasing backdoor triggers from deep neural networks (NAD)", 464 "relevance": "Knowledge-distillation-based defense baseline; demonstrates prior use of knowledge-level manipulation for backdoor removal." 465 }, 466 { 467 "title": "LoRA: Low-rank adaptation of large language models", 468 "relevance": "Core technical component of LETHE's internal dilution mechanism for parameter-efficient clean model training." 469 }, 470 { 471 "title": "Arcee's MergeKit: A toolkit for merging large language models", 472 "relevance": "Implementation framework used for LETHE's SLERP-based internal model merging operation." 473 }, 474 { 475 "title": "Editing models with task arithmetic", 476 "relevance": "Foundational work for model merging via task vectors, underpinning TIES merging and motivating LETHE's parameter-space correction approach." 477 }, 478 { 479 "title": "Backdooring instruction-tuned large language models with virtual prompt injection (VPI)", 480 "relevance": "Triggerless backdoor attack evaluated across both text generation and code generation tasks." 481 }, 482 { 483 "title": "Here's a free lunch: Sanitizing backdoored models with model merge", 484 "relevance": "Related concurrent work using model merging for defense, but requires multiple same-architecture models—a practical limitation LETHE explicitly addresses." 485 }, 486 { 487 "title": "TextRank: Bringing order into text", 488 "relevance": "Foundational unsupervised algorithm for LETHE's external dilution keyword extraction mechanism." 489 } 490 ], 491 "engagement_factors": { 492 "practical_relevance": { 493 "score": 2, 494 "justification": "Directly addresses a real MLaaS threat for practitioners fine-tuning LLMs from third parties; requires only 10% clean data and ~30 min of compute to apply." 495 }, 496 "surprise_contrarian": { 497 "score": 1, 498 "justification": "Using model merging rather than fine-tuning as the primary defense mechanism is a novel framing, but knowledge injection for defense is not highly counter-intuitive." 499 }, 500 "fear_safety": { 501 "score": 3, 502 "justification": "Directly addresses backdoored LLMs providing harmful outputs (drug synthesis, hacking instructions) in real deployments; includes explicit case studies of harmful content generation." 503 }, 504 "drama_conflict": { 505 "score": 1, 506 "justification": "Adversarial attacker-defender framing provides mild drama, but no major community controversy or contested claims angle." 507 }, 508 "demo_ability": { 509 "score": 2, 510 "justification": "Code is released in an anonymous repository with defense scripts and evaluation harness; practitioners with an A100 GPU could apply LETHE to their own fine-tuned models." 511 }, 512 "brand_recognition": { 513 "score": 1, 514 "justification": "Research from Nanyang Technological University and Wuhan University—respected institutions but not high-profile AI labs driving community attention." 515 } 516 }, 517 "hn_data": { 518 "threads": [ 519 { 520 "hn_id": "44103431", 521 "title": "Grammars of Formal Uncertainty", 522 "points": 34, 523 "comments": 5, 524 "url": "https://news.ycombinator.com/item?id=44103431", 525 "created_at": "2025-05-27T02:27:19Z" 526 }, 527 { 528 "hn_id": "45472586", 529 "title": "Physics of Learning: A Lagrangian perspective to different learning paradigms", 530 "points": 3, 531 "comments": 0, 532 "url": "https://news.ycombinator.com/item?id=45472586", 533 "created_at": "2025-10-04T11:38:44Z" 534 }, 535 { 536 "hn_id": "45418635", 537 "title": "Can LLMs Be Creative? Paper: Combinatorial Creativity: A New Frontier", 538 "points": 2, 539 "comments": 0, 540 "url": "https://news.ycombinator.com/item?id=45418635", 541 "created_at": "2025-09-29T20:53:22Z" 542 }, 543 { 544 "hn_id": "43835454", 545 "title": "CompleteMe: Reference-Based Human Image Completion", 546 "points": 1, 547 "comments": 0, 548 "url": "https://news.ycombinator.com/item?id=43835454", 549 "created_at": "2025-04-29T17:20:32Z" 550 }, 551 { 552 "hn_id": "42884637", 553 "title": "Player Performance and Skill Rating in Esports [pdf]", 554 "points": 1, 555 "comments": 0, 556 "url": "https://news.ycombinator.com/item?id=42884637", 557 "created_at": "2025-01-31T04:14:07Z" 558 } 559 ], 560 "top_points": 34, 561 "total_points": 41, 562 "total_comments": 5 563 } 564 }