A severe logic flaw within the XRP Ledger (XRPL) codebase was narrowly averted this month, a recent blog post states
Security researchers discovered a vulnerability that could have allowed attackers to drain user wallets without needing their private keys.
The bug, which was spotted in the proposed “Batch” amendment (XLS-56), was identified earlier this month by independent researcher Pranamya Keshkamat and an autonomous AI security tool named Apex
HOT Stories
Critical XRP Ledger Bug in Batch Amendment Could Have Drained User Wallets
Crypto Market Review: XRP Volatility Squeeze is a $2 Recipe, Will Dogecoin (DOGE) Zero Removal Happen in February? Shiba Inu (SHIB) Bullruns Aren’t Possible Yet
The amendment was still in its voting phase and had not been activated on the XRPL mainnet. Hence, no user funds were at risk or lost.
The vulnerability explained
The Batch amendment would allow multiple “inner” transactions to be grouped together.
These inner transactions are intentionally left unsigned in order to save processing power. Instead, authorization is delegated to the outer batch’s list of signers.
A critical loop error caused a major vulnerability in the process of calling signers.
If the system encountered a signer for an account that did not yet exist on the ledger, and the signing key matched that new account, the system immediately declared the validation a success. It then exited the loop early, avoiding validator checks
A specific sequence of batched transactions could have been used by the attacker to exploit the aforementioned vulnerability
Had the Batch amendment been activated on the mainnet before this discovery, the XRPL ecosystem would have potentially suffered a severe blow. An attacker could have stolen funds, modified the ledge state, and destabilized the ecosystem
Earlier this week, developers released the Rippled 3.1.1 reference server software. This emergency patch explicitly marks the Batch amendment as unsupported,
A comprehensive fix that removes the early-exit loop and adds tighter authorization guards has been developed. It is currently undergoing rigorous peer review
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Gerelateerde artikelen
SoFi Adds XRP Deposit Support but Restricts Withdrawals to External Wallets
Gate News message, April 22 — SoFi Crypto added XRP deposit support to its platform on April 21, but the launch drew user backlash over the bank's continued restriction on withdrawing crypto to external
GateNews2u geleden
XRP’s Explosive Rise Isn’t Over Yet: Breaking Down Its Massive Returns
XRP delivered massive historical returns, contradicting claims of no appreciation.
Analyst highlights “Bifrost Bridge” channel as key to long-term bullish structure.
Current consolidation and ecosystem growth signal potential for another major breakout.
Critics often claim that Ripple’s
CryptoNewsLand2u geleden
Ripple 執行長稱讚 SEC 新方向,美國加密監管進入重置模式
瑞波公司(Ripple)執行長布拉德·加林豪斯(Brad Garlinghouse)於 4 月 20 日公開稱讚美國證券交易委員會(SEC)新任主席保羅·阿特金斯(Paul Atkins)推動的監管方向轉變,形容其為「讓人重拾理智的清新之氣」。加林豪斯將 SEC 的政策轉向視為美國加密貨幣市場情緒好轉的核心驅動力。
MarketWhisper5u geleden
SoFi 新增 XRP 存款,Ripple:更廣泛存取帶動實用性成長
美國金融科技公司 SoFi Technologies 於 4 月 21 日宣布在其平台上新增 XRP 存款服務,使這一代幣進入受貨幣監理署(OCC)監管的全國性特許銀行環境。SoFi 目前支援 27 種加密貨幣的交易,並提供多種加密貨幣存款功能。Ripple 稱,這正是實用性增長的途徑。
MarketWhisper6u geleden
SoFi Enables XRP Deposits but Restricts Withdrawals, Drawing User Criticism
Gate News message, April 21 — SoFi announced that its crypto business now supports XRP deposits, but the platform currently does not allow withdrawals to external wallets. Users can only hold or trade XRP within the platform and cannot transfer tokens to on-chain wallets.
Some users criticized the
GateNews10u geleden
XRP Price Near $1.45 as ETF Inflows Build Pressure
Key Insights
Institutional XRP ETF inflows reached $41.6 million over four days, lifting assets under management above $1.08 billion and strengthening market confidence.
XRP faces strong resistance near $1.45, where CoinGlass data highlights a short max
CryptoNewsLand14u geleden
