XRP Foundation patched up a ‘critical flaw’ flagged by an AI agent before it was activated on the mainnet. Had the flaw gone unnoticed, a hacker could have accessed vulnerable accounts without even needing a private key.
Attacker could access accounts without private keys
The XRP Foundation patched up a flaw that could have cost it millions of dollars just in the nick of time. Just about a week ago, Engineer Pranamya Keshkamat and Cantina AI identified a critical logic flaw in the signature-validation logic of the XRP while batch amendment (batch of protocol upgrades) was still in its voting phase and was not activated on the mainnet.
According to the report; “The bug allowed an attacker to execute inner transactions on behalf of arbitrary victim accounts without their private keys, enabling unauthorized fund transfers and ledger state changes.”
Had the amendment been activated before this bug was caught, an attacker could have:
Stolen funds: Executed inner payment transactions draining victim accounts down to the reserve, without access to victim private keys.
Modified ledger state: Submitted change account rules/settings, could have changed trust lines for issued currencies, and also deleted the account and recovered remaining XRP.
Destabilized the ecosystem: A successful large-scale exploit could have caused substantial loss of confidence in XRPL, with potentially significant disruption for the broader ecosystem, read the report.
XRP continues its search for support
Meanwhile, the crashing XRP prices are still searching for a support level on the weekly chart as exchange flows increase. The coin has been on a downtrend since July 2025. The weekly chart shows that XRP is approaching the 200-day moving average.
XRP’s descent should come to an end once it hits this support level at $1.12. The Relative Strength Index indicator, which was heading into the oversold region, has now changed the direction of its motion. This shows that the selling pressure is coming to an end, and XRP’s crash will end soon.
