Just the Beginning: Ripple Director Teases More XRP Ledger Improvements Ahead

Vijay Khanna, RippleX Director of Engineering, shares progress made by the XRP Ledger AI red team, which culminated in the release of rippled version 3.1.3 while hinting at more improvements ahead.

In a tweet, Khanna highlighted the tremendous amount of effort that went into ensuring the XRPL version 3.1.3 release could be safely deployed to mainnet.

Khanna signals that the XRPL version 3.1.3 upgrade is the beginning, adding that there is still a lot more work ahead.

You Might Also Like

The XRPL 3.1.3 version included bug fixes and improvements to one amendment, “fixCleanup3_1_3”, a collection of fixes for NFTs, Permissioned Domains, Vaults, and the Lending Protocol.

XRP Ledger AI-assisted red team reports progress

Back in March, Ripple revealed the launch of a dedicated AI-assisted red team to continuously hunt for vulnerabilities in the XRP Ledger. Two months later, the team led by Ripple software engineer Mayukha Vadari shares a progress report on how the effort is structured, the kinds of bugs found, and lessons learned along the way.

The red team combines several complementary techniques with the aim of catching different classes of bugs.

To date, the team has publicly disclosed 287 xrpld issues on GitHub (231 open, 49 closed), with more issues regularly created as triage continues. These issues are mainly code-quality improvements and defense-in-depth enhancements with none affecting system stability, availability, or the safety of funds.

You Might Also Like

The SDK scan found many issues across multiple language implementations, several of which have already been patched: 44 issues in xrpl-py, 48 issues in xrpl.js, and 126 issues in xrpl-rust have also been disclosed.

The 3.1.3 release, which was dedicated entirely to security and bug fixes, also included 20 red-team findings across several categories. There were also several assorted smaller fixes included, some of which were found by AI.

Whats next？

The 3.1.3 release was the first dedicated security release to emerge from the AI-assisted red team effort. Future planned releases, including 3.2.0, are expected to include more fixes from the backlog of confirmed findings.

Analysis will be improved to better encompass cross-feature interactions, and Antithesis fault-injection tests will be performed on new release branches.

More comprehensive attackathons will also be done on new amendments before they are activated on mainnet, with the security bar for new amendments raised.