Crypto: Xrpl Foundation Patches ‘critical’ Flaw That Almost Made It To Mainnet

The AI bug hunter scanned the Ripple blockchain codebase to catch the vulnerability before it was deployed, enabling engineers to patch it.

XRP Ledger Foundation has confirmed it patched a critical vulnerability found in a yet-to-be-enabled amendment of Ripple’s XRP Ledger, averting a potentially major exploit.

On Feb.19, a security engineer at cybersecurity firm Cantina, Pranamya Keshkamat, and the Cantina AI security bot identified a “critical logic flaw” in the signature-validation logic of Ripple’s blockchain, XRP Ledger, reported the XRP Ledger Foundation on Thursday.

The vulnerability in the signature validation code batch amendment would have allowed an attacker to execute transactions from victim accounts, including draining funds, without ever having the victim’s private keys.

“The amendment was in its voting phase and had not been activated on mainnet; no funds were at risk,” said the XRPLF.

In addition to the potential theft of funds and modification of the ledger state, the vulnerability could have “destabilized the ecosystem,” the XRPLF said.

Related: Cybersecurity stocks fall after Anthropic unveils Claude Code Security

Cantina and Spearbit CEO Hari Mulackal said, “Our autonomous bug hunter, Apex, found this critical bug.”

“Had this been exploited, it would have been the largest security hack by dollar value in the world, with nearly $80 billion at direct risk,” he added, possibly referring to XRP (XRP) market capitalization.

The autonomous AI security tool developed by Cantina AI identified the vulnerability via “static analysis of the rippled codebase,” and submitted a disclosure report allowing the Ripple engineering teams to validate it and begin patching the code.

Source: CoinTelegraph