XRP Ledger: RippleX Breaks Silence on Recent Bug Incident

by

As a seasoned researcher who has witnessed the ebb and flow of numerous blockchain incidents, I must say that the recent XRP Ledger incident was handled with remarkable transparency and swiftness by RippleX. The bug, although serious, was addressed promptly, and the community’s response was commendable.

As a dedicated crypto investor, I’ve been closely following developments within the XRP community. Recently, RippleX came forward with significant updates regarding the status of the XRP Ledger after a bug incident that occurred on November 25, 2024, at 1:39 p.m. UTC. In this event, several nodes across the network encountered an issue that led them to crash and restart synchronously. I’ve been keeping tabs on this situation and eagerly awaiting further updates.

For approximately 10 minutes, the network paused executing transactions due to recovery, as during unstable periods, the XRPL network’s consensus process values security over making progress.

At exactly 1:49 p.m. UTC on that day, there was merely a brief interruption in processing new transactions on the XRPL network. However, normal operations resumed swiftly, and the network continued its usual progression.

As promised – an update on the cause of the XRP Ledger’s 10 min pause earlier this week, details on how the fix was developed and what’s next. And, if you haven’t already upgraded your XRPL infra to 2.3.0, please do so ASAP!

Thank you to all across the community who work day in…

— Brad Chase (@bachase_ripple) November 27, 2024

In a recent post on X, Brad Chase, VP at RippleX, provided insights about the 10-minute halt on the XRP Ledger earlier this week. He covered the reasons behind the pause, the process of creating the solution, and shared plans for the future.

Nov. 25 XRPL Bug: Current status and what’s next

According to the RippleX blog post, the problem originated from a bug that was introduced over six months ago. In specific cases, rippled’s caching system might return an incompatible data type, leading the server to malfunction. This bug went unnoticed during the refactoring test, but there is no previous proof of it being exploited.

In the final stages of testing last week, the RippleX team unearthed a bug within version 2.3.0. They subsequently released a solution as a candidate for internal use.

To minimize risks, it was chosen not to segregate the problem prior to launch or create an individual solution, since doing so would have facilitated reverse engineering and exploitation of bugs. When a similar predicament surfaced on the mainnet, the fix was verified, and the RippleX team worked closely with the community and other UNL operators to coordinate updates and safeguard the network.

Due to the quick action taken by the community following the release of the update, a significant number of validators (33 out of 35) on the default UNL have successfully upgraded to rippled version 2.3.0, and almost half of the identified servers have done the same.

As a researcher, I’ve recently upgraded the core network, but there are still some nodes that haven’t received updates, potentially leaving them vulnerable. Therefore, I strongly advise all users to upgrade their infrastructure to Rippled 2.3.0. To minimize risks for unpatched users, RippleX has decided to withhold detailed technical information until a significant number of servers have been upgraded.

Regarding upcoming changes, RippleX advises current node operators to take their time updating to version 2.3.0 by December 12. Once this update is complete, more technical specifics will be available which may help in identifying any potential bugs. It’s important to note that nodes that are not updated could face a higher risk. In the interim, RippleX strongly suggests upgrading to version 2.3.0 at your earliest convenience.

Read More

2024-11-28 14:42