A severe logic flaw within the XRP Ledger (XRPL) codebase was narrowly averted this month, a recent blog post states
Security researchers discovered a vulnerability that could have allowed attackers to drain user wallets without needing their private keys.
The bug, which was spotted in the proposed “Batch” amendment (XLS-56), was identified earlier this month by independent researcher Pranamya Keshkamat and an autonomous AI security tool named Apex
HOT Stories
Critical XRP Ledger Bug in Batch Amendment Could Have Drained User Wallets
Crypto Market Review: XRP Volatility Squeeze is a $2 Recipe, Will Dogecoin (DOGE) Zero Removal Happen in February? Shiba Inu (SHIB) Bullruns Aren’t Possible Yet
The amendment was still in its voting phase and had not been activated on the XRPL mainnet. Hence, no user funds were at risk or lost.
The vulnerability explained
The Batch amendment would allow multiple “inner” transactions to be grouped together.
These inner transactions are intentionally left unsigned in order to save processing power. Instead, authorization is delegated to the outer batch’s list of signers.
A critical loop error caused a major vulnerability in the process of calling signers.
If the system encountered a signer for an account that did not yet exist on the ledger, and the signing key matched that new account, the system immediately declared the validation a success. It then exited the loop early, avoiding validator checks
A specific sequence of batched transactions could have been used by the attacker to exploit the aforementioned vulnerability
Had the Batch amendment been activated on the mainnet before this discovery, the XRPL ecosystem would have potentially suffered a severe blow. An attacker could have stolen funds, modified the ledge state, and destabilized the ecosystem
Earlier this week, developers released the Rippled 3.1.1 reference server software. This emergency patch explicitly marks the Batch amendment as unsupported,
A comprehensive fix that removes the early-exit loop and adds tighter authorization guards has been developed. It is currently undergoing rigorous peer review
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
XRP Ledger Plans to Become Native DeFi Lending Powerhouse - U.Today
The XLS-66 proposal aims to enhance the XRP Ledger with native lending and borrowing capabilities, allowing users to earn returns on idle capital. For activation, it requires 80% validator approval, currently lacking sufficient support.
UToday2h ago
Here’s Where Ripple’s XRP Price Could Be Headed This Week
The crypto market opened the week sliding again, and the XRP price moved lower alongside the broader sell-off. Bitcoin spot ETFs recorded $348.83 million in net outflows on March 6, data from SoSoValue shows, adding more weight to the risk-off sentiment.
However, rising tensions in the Middle
CaptainAltcoin2h ago
Price Predictions 3/6: BTC,ETH,BNB,XRP,SOL,DOGE,ADA,BCH,HYPE,XMR
Bitcoin (CRYPTO: BTC) faced a renewed test after a brief relief rally, sliding back below the $68,500 mark as sellers reasserted control. The move comes after the asset briefly flirted with the $74,000 threshold, a level that previously functioned as a ceiling during the latest ascent. Traders now e
CryptoBreaking7h ago
Outflows from the XRP ETF reach $16.6 million as the XRP price stays at $1.36
Funds withdrawn from XRP ETF funds unexpectedly turned negative at the end of the first trading week of March, ending the promising growth streak of spot XRP funds in the US. After three consecutive sessions of inflows, these products shifted to a net outflow on Thursday and t
TapChiBitcoin8h ago
Ripple’s Global Payments Expansion Strengthens XRP’s Institutional Role
Ripple’s global payments network is rapidly expanding as financial institutions increasingly seek full-service blockchain infrastructure partners, positioning Ripple’s ecosystem and XRP liquidity framework at the center of next-generation cross-border finance.
Ripple’s Expanding Payments Network
Coinpedia9h ago
Is The XRP Ledger Quantum Ready?
Like Bitcoin and Ethereum, XRP isn’t quantum-ready yet, but its adaptability enables its network to seamlessly integrate post-quantum migration solutions ahead of the two largest chains by market cap.
Unlike BTC and ETH, XRP can update its cryptography through mere validator consensus.
Quantum co
Blockzeit9h ago
