XRP Ledger Foundation confirmed it patched a critical vulnerability in a yet-to-be-enabled amendment to the XRP Ledger that could have allowed attackers to execute transactions from victim accounts without possessing their private keys.
On Feb. 19, Cantina security engineer Pranamya Keshkamat and Cantina’s autonomous security bot Apex identified a “critical logic flaw” in the signature-validation logic of the proposed batch amendment. The flaw would have permitted unauthorized transaction execution, including draining funds and altering ledger state.
The amendment was still in its voting phase and had not been activated on mainnet, so no funds were at risk, the XRPLF said. The foundation warned that a large-scale exploit could have destabilized the ecosystem and caused substantial loss of confidence in XRPL with significant broader disruption.
Cantina and Spearbit CEO Hari Mulackal said their autonomous bug hunter found the critical bug, and noted that, had it been exploited, nearly $80 billion could have been at direct risk—likely referencing XRP’s market capitalization.
Cantina’s AI tool detected the vulnerability through static analysis of the rippled codebase and submitted a disclosure report that enabled Ripple engineering teams to validate and patch the issue. Validators were advised to vote against the amendment, and an emergency release (rippled 3.1.1) published on Feb. 23 blocked the amendment from activating.
The incident highlights the growing role of AI in cybersecurity to detect code flaws that human reviewers can miss. Around the same time, Anthropic released Claude Code Security, an AI vulnerability scanner it says can reason like a skilled security researcher.
Cointelegraph is committed to independent, transparent journalism. Readers are encouraged to verify information independently.
