The XRP Ledger Foundation confirmed it patched a critical vulnerability in a proposed amendment that, if enabled, could have allowed attackers to execute transactions from victim accounts without their private keys.
On Feb. 19, Cantina security engineer Pranamya Keshkamat and Cantina’s autonomous security bot Apex discovered a ‘‘critical logic flaw’’ in the signature-validation code of the batch amendment under review. The bug would have permitted unauthorized transaction execution, potentially enabling attackers to drain funds or otherwise alter ledger state.
Because the amendment was still in the voting phase and had not been activated on mainnet, the foundation said no funds were exposed. However, it warned that a large-scale exploit after activation could have destabilized the ecosystem and severely damaged confidence in XRPL.
Cantina and Spearbit CEO Hari Mulackal noted their autonomous bug hunter found the flaw, and said that, had the issue been exploited, nearly $80 billion could have been directly at risk—a reference likely tied to XRP’s market capitalization.
Cantina’s AI-driven tool identified the vulnerability via static analysis of the rippled codebase and submitted a disclosure that helped Ripple engineering teams validate and patch the problem. Validators were advised to vote against the amendment, and an emergency rippled release (v3.1.1) published on Feb. 23 blocked the amendment from activating.
The episode underscores the increasing role of AI in cybersecurity: automated analysis flagged a subtle logic error that human review might have missed. Around the same time, Anthropic announced Claude Code Security, an AI vulnerability scanner the company says can reason similarly to an experienced security researcher.
Cointelegraph emphasizes independent, transparent reporting; readers are encouraged to verify details independently.