AI tool catches critical XRP Ledger bug that could have drained wallets

• A critical bug in the XRP Ledger's pending Batch amendment could have allowed attackers to steal funds from any account without accessing private keys, but it was caught before activation.
• The flaw stemmed from a loop error in the batch-signature validation logic that let a malicious batch transaction bypass checks and move a victim's funds.
• Discovered by researcher Pranamya Keshkamat and Cantina AI's Apex tool, the vulnerability prompted validators to reject the amendment, led to an emergency rippled 3.1.1 release, and spurred XRPL Labs to adopt AI-assisted code audits.

An autonomous AI security tool caught a bug in the XRP Ledger that, if left undetected, could have let an attacker steal funds from any account on the network without ever touching the victim's private keys.

The vulnerability, disclosed Thursday by XRPL Labs, sat in the signature-validation logic of the Batch amendment, a pending upgrade that would allow multiple transactions to be bundled and executed together.

The amendment was still in its voting phase among validators and had not been activated on mainnet, meaning no funds were ever at risk. But the exploit path was about as bad as it gets for a blockchain.

Here's what the bug did in plain terms. Batch transactions let users bundle several operations into one. Because the individual transactions inside the batch don't carry their own signatures, the system relies on a list of batch signers to confirm that every account involved has authorized the bundle.

The validation function that checked those signers had a critical loop error. If it encountered a signer whose account didn't yet exist on the ledger, and whose signing key matched their own account — the normal case for a brand-new account — it immediately declared the entire check successful and stopped looking at the rest of the list.

An attacker could exploit this by constructing a batch with three transactions. The first creates a new account the attacker controls. The second is a simple transaction from that new account, making it a required signer. The third is a payment from the victim's account to the attacker.

Because the new account doesn't exist yet when validation runs, the signer check exits early after the first entry and never verifies the second. The victim's funds move without their keys ever being involved.

Pranamya Keshkamat and Cantina AI's autonomous security tool Apex identified the flaw through static analysis of the codebase on Feb. 19 and submitted a responsible disclosure. Ripple's engineering team validated the report the same evening with an independent proof-of-concept.

The response was fast. Validators on the network's Unique Node List were immediately advised to vote "No" on the amendment.

An emergency release, rippled 3.1.1, was published on Feb. 23, marking both the Batch and the related fixBatchInnerSigs amendments as unsupported to prevent them from ever activating. A corrected replacement called BatchV1_1 has been built and is under review, with no release date set.

The fact that an AI tool found this is notable on its own.

XRPL Labs said it would add AI-assisted code audit pipelines as a standard step in its review process going forward, alongside expanded static analysis specifically designed to catch the kind of premature loop exits that caused this bug.

• Ethereum co-founder Vitalik Buterin has outlined a new scaling roadmap that boosts Ethereum’s near-term capacity while preparing for a longer-term shift to advanced cryptography and data-heavy “blobs.”
• In the short term, upcoming upgrades like "Glamsterdam" and "ePBS" aim to let nodes check blocks more efficiently and use more of each 12-second slot, so Ethereum can safely fit more transactions into each block.
• Longer term, Buterin proposes making permanent data storage more expensive, relying more on zero-knowledge proofs and blobs, to increase throughput without turning Ethereum into a network that only large, well-funded operators can afford to run.

Disclosure & Polices: CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of Bullish (NYSE:BLSH), an institutionally focused global digital asset platform that provides market infrastructure and information services. Bullish owns and invests in digital asset businesses and digital assets and CoinDesk employees, including journalists, may receive Bullish equity-based compensation.