A severe logic flaw within the XRP Ledger (XRPL) codebase was narrowly averted this month, a recent blog post states
Security researchers discovered a vulnerability that could have allowed attackers to drain user wallets without needing their private keys.
The bug, which was spotted in the proposed “Batch” amendment (XLS-56), was identified earlier this month by independent researcher Pranamya Keshkamat and an autonomous AI security tool named Apex
HOT Stories
Critical XRP Ledger Bug in Batch Amendment Could Have Drained User Wallets
Crypto Market Review: XRP Volatility Squeeze is a $2 Recipe, Will Dogecoin (DOGE) Zero Removal Happen in February? Shiba Inu (SHIB) Bullruns Aren’t Possible Yet
The amendment was still in its voting phase and had not been activated on the XRPL mainnet. Hence, no user funds were at risk or lost.
The vulnerability explained
The Batch amendment would allow multiple “inner” transactions to be grouped together.
These inner transactions are intentionally left unsigned in order to save processing power. Instead, authorization is delegated to the outer batch’s list of signers.
A critical loop error caused a major vulnerability in the process of calling signers.
If the system encountered a signer for an account that did not yet exist on the ledger, and the signing key matched that new account, the system immediately declared the validation a success. It then exited the loop early, avoiding validator checks
A specific sequence of batched transactions could have been used by the attacker to exploit the aforementioned vulnerability
Had the Batch amendment been activated on the mainnet before this discovery, the XRPL ecosystem would have potentially suffered a severe blow. An attacker could have stolen funds, modified the ledge state, and destabilized the ecosystem
Earlier this week, developers released the Rippled 3.1.1 reference server software. This emergency patch explicitly marks the Batch amendment as unsupported,
A comprehensive fix that removes the early-exit loop and adds tighter authorization guards has been developed. It is currently undergoing rigorous peer review
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Gerelateerde artikelen
Rakuten Pay Integrates XRP for 44 Million Japanese Users, Enables Payments at 5M+ Merchants
Rakuten Pay has integrated XRP, enabling 44 million users to spend the cryptocurrency at over 5 million merchants in Japan. This integration highlights a shift from trading cryptocurrencies to everyday payments, supported by Japan's favorable regulations and fintech infrastructure.
GateNews17u geleden
MoonPay Hints at Potential Ripple Collaboration With XRP-Themed Post
MoonPay's recent social media post featuring an XRP theme has sparked speculation about a potential partnership with Ripple. As both companies focus on enhancing cryptocurrency infrastructure, the implications of this possible collaboration, along with Ripple's initiatives in institutional finance, highlight a shift towards practical applications in the crypto space.
GateNews18u geleden
Gate疯狂星期三火热上线,完成任务赢XRP和格兰菲迪威士忌,USDT理财最高享100%年化,BTC/ETH/SOL质押最高享16%挖矿年化
Gate News 消息,据2026年4月15日Gate官方公告
Gate推出"疯狂星期三"活动,活动时间为2026年4月15日14:00至4月19日16:00(UTC+8)。用户完成多重任务可解锁盲盒,有机会赢取XRP代币和格兰菲迪威士忌。盲盒任务包括闪兑、现货、合约交易,充值、邀请及VIP晋升等多个类别,每个档位对应不同的盲盒开启次数。
活动二推出USDT理财产品,14天定期理财年化收益6%,新用户可参与3天100%年化收益产品。此外,余币宝还提供USAT、USDD、0G、APT等多币种理财,年化收益最高达300%。活动三针对质押用户推出加息政策,质押BTC、ETH、SOL最高享16%年化收益,其中SOL质押0-1个最高年化可达16%。
GateAnnouncement22u geleden
XRP 今日新聞:CLARITY 法案 5 月闖關,渣打銀行看漲 8 美元
Ripple 執行長Garlinghouse在高峰會上確認CLARITY法案目標通過時間為5月底,並表示穩定幣收益率的爭議接近解決。若法案通過,XRP預期將上漲至5-10美元,否則可能回落至1.2美元。該法案的通過將為數位資產市場建立監管框架,明確XRP的商品屬性,降低機構投資者的合規障礙。
MarketWhisper04-15 02:58
Rakuten Wallet Integrates XRP for Payments Across 5M+ Merchants in Japan
Rakuten Wallet has launched XRP as a payment method, allowing users to buy XRP with Rakuten Points and spend it at millions of merchants in Japan. This integration expands XRP's reach to a vast, non-crypto user base within Rakuten's extensive ecosystem.
GateNews04-15 01:16
