Share
Share this article
Copy linkX (Twitter)LinkedInFacebookEmail
Tech
Share
Share this article
Copy linkX (Twitter)LinkedInFacebookEmail
AI tool catches critical XRP Ledger bug that co
Tech
Share
Share this article
Copy linkX (Twitter)LinkedInFacebookEmail
AI tool catches critical XRP Ledger bug that co
AI tool catches critical XRP Ledger bug that could have drained wallets
AI tool catches critical XRP Ledger bug that could have drained wallets
The vulnerability in the Batch amendment's signature validation was found during the voting phase and never reached mainnet, but the exploit path was severe enough that validators were immediately told to vote it down.
By Shaurya Malwa
Feb 27, 2026, 10:32 a.m.
Make us preferred on Google
What to know:
- A critical bug in the XRP Ledger's pending Batch amendment could have allowed attackers to steal funds from any account without accessing private keys, but it was caught before activation.
- The flaw stemmed from a loop error in the batch-signature validation logic that let a malicious batch transaction bypass checks and move a victim's funds.
- Discovered by researcher Pranamya Keshkamat and Cantina AI's Apex tool, the vulnerability prompted validators to reject the amendment, led to an emergency rippled 3.1.1 release, and spurred XRPL Labs to adopt AI-assisted code audits.
An autonomous AI security tool caught a bug in the XRP Ledger that, if left undetected, could have let an attacker steal funds from any account on the network without ever touching the victim's private keys.
The vulnerability, disclosed Thursday by XRPL Labs, sat in the signature-validation logic of the Batch amendment, a pending upgrade that would allow multiple transactions to be bundled and executed together.
The amendment was still in its voting phase among validators and had not been activated on mainnet, meaning no funds were ever at risk. But the exploit path was about as bad as it gets for a blockchain.
Here's what the bug did in plain terms. Batch transactions let users bundle several operations into one. Because the individual transactions inside the batch don't carry their own signatures, the system relies on a list of batch signers to confirm that every account involved has authorized the bundle.
The validation function that checked those signers had a critical loop error. If it encountered a signer whose account didn't yet exist on the ledger, and whose signing key matched their own account — the normal case for a brand-new account — it immediately declared the entire check successful and stopped looking at the rest of the list.
An attacker could exploit this by constructing a batch with three transactions. The first creates a new account the attacker controls. The second is a simple transaction from that new account, making it a required signer. The third is a payment from the victim's account to the attacker.
Because the new account doesn't exist yet when validation runs, the signer check exits early after the first entry and never verifies the second. The victim's funds move without their keys ever being involved.
Pranamya Keshkamat and Cantina AI's autonomous security tool Apex identified the flaw through static analysis of the codebase on Feb. 19 and submitted a responsible disclosure. Ripple's engineering team validated the report the same evening with an independent proof-of-concept.
The response was fast. Validators on the network's Unique Node List were immediately advised to vote "No" on the amendment.
An emergency release, rippled 3.1.1, was published on Feb. 23, marking both the Batch and the related fixBatchInnerSigs amendments as unsupported to prevent them from ever activating. A corrected replacement called BatchV1_1 has been built and is under review, with no release date set.
The fact that an AI tool found this is notable on its own.
XRPL Labs said it would add AI-assisted code audit pipelines as a standard step in its review process going forward, alongside expanded static analysis specifically designed to catch the kind of premature loop exits that caused this bug.
More For You
Vitalik Buterin reveals his bold new plan to fix Ethereum’s scaling problem
The new post reflects Buterin’s renewed focus on scaling Ethereum’s base layer, after several years in which much of the ecosystem’s scaling strategy centered on layer-2 rollups.
What to know:
- Ethereum co-founder Vitalik Buterin has outlined a new scaling roadmap that boosts Ethereum’s near-term capacity while preparing for a longer-term shift to advanced cryptography and data-heavy “blobs.”
- In the short term, upcoming upgrades like "Glamsterdam" and "ePBS" aim to let nodes check blocks more efficiently and use more of each 12-second slot, so Ethereum can safely fit more transactions into each block.
- Longer term, Buterin proposes making permanent data storage more expensive, relying more on zero-knowledge proofs and blobs, to increase throughput without turning Ethereum into a network that only large, well-funded operators can afford to run.
Read full story
Latest Crypto News
Bitcoin slides to $65,000 in weekend sell-off, with solana, XRP, dogecoin down 6%
U.S. Senate Democrats asked Treasury, DOJ to probe Binance's illicit finance controls
Coinbase’s head of litigation says states are 'gaslighting' on prediction markets
Citi and Morgan Stanley expand bitcoin and crypto custody, trading and tokenization efforts
Bitcoin's rebound cancelled as U.S. stocks fall, gold surges, amid mounting macro risks
Vitalik Buterin reveals his bold new plan to fix Ethereum’s scaling problem
Top Stories
Bitcoin ETF holders and treasury firms stack protection against price crash below $60,000, Deribit says
The worst may lie ahead. Bitcoin chart revisits historic pattern.
Barclays looks for tech provider for new blockchain settlement engine: Bloomberg
Punters want crypto: UK Gambling Commission explores how to keep bettors on licensed sites
U.S. regulator's GENIUS pitch casts dark cloud over crypto sector's stablecoin model
Germany's AllUnity issues regulated stablecoin tied to safe haven Swiss franc
Market Opportunity
XRP Price(XRP)
$1.3534
$1.3534$1.3534
USD
XRP (XRP) Live Price Chart
Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.
You May Also Like
Pepe Coin Price Prediction: Why Pepeto Could Claim Top Meme Coin Status as PEPE Crashes 80% From Its Peak
Pepe Coin price prediction has again captured attention as the token continues its volatile crash in 2026. PEPE posted a remarkable 1,300% increase in 2024 that
Share
Techbullion2026/03/01 00:49
Why The Green Bay Packers Must Take The Cleveland Browns Seriously — As Hard As That Might Be
The post Why The Green Bay Packers Must Take The Cleveland Browns Seriously — As Hard As That Might Be appeared on BitcoinEthereumNews.com. Jordan Love and the Green Bay Packers are off to a 2-0 start. Getty Images The Green Bay Packers are, once again, one of the NFL’s better teams. The Cleveland Browns are, once again, one of the league’s doormats. It’s why unbeaten Green Bay (2-0) is a 8-point favorite at winless Cleveland (0-2) Sunday according to betmgm.com. The money line is also Green Bay -500. Most expect this to be a Packers’ rout, and it very well could be. But Green Bay knows taking anyone in this league for granted can prove costly. “I think if you look at their roster, the paper, who they have on that team, what they can do, they got a lot of talent and things can turn around quickly for them,” Packers safety Xavier McKinney said. “We just got to kind of keep that in mind and know we not just walking into something and they just going to lay down. That’s not what they going to do.” The Browns certainly haven’t laid down on defense. Far from. Cleveland is allowing an NFL-best 191.5 yards per game. The Browns gave up 141 yards to Cincinnati in Week 1, including just seven in the second half, but still lost, 17-16. Cleveland has given up an NFL-best 45.5 rushing yards per game and just 2.1 rushing yards per attempt. “The biggest thing is our defensive line is much, much improved over last year and I think we’ve got back to our personality,” defensive coordinator Jim Schwartz said recently. “When we play our best, our D-line leads us there as our engine.” The Browns rank third in the league in passing defense, allowing just 146.0 yards per game. Cleveland has also gone 30 straight games without allowing a 300-yard passer, the longest active streak in the NFL.…
Share
BitcoinEthereumNews2025/09/18 00:41
Pepeto Price Prediction 2026 to 2030: Why the Micro Cap Math Points to Returns Old Meme Coins Cannot Match
Combined utility and community energy are a double edged sword in crypto. When a meme coin brings both real products and cultural power, the upside compounds in
Share
Techbullion2026/03/01 01:12