A recent post from Whale Alert (@whale_alert), a popular whale-tracking service on X, triggered massive concern across the cryptocurrency community. Whale Alert reported a staggering 25 billion XRP transaction, nearly half of the asset’s circulating supply.
This post sparked speculation about the reason for this record-breaking transaction and its potential effects on XRP’s price and the broader market.
Read Also: Ripple CTO Explains Reasons Behind XRP and XLM Price Correlation
David Schwartz, Chief Technology Officer (CTO) at Ripple, swiftly shed light on the situation. The transaction, in fact, never moved the reported amount. Whale Alert simply encountered an error while interpreting XRP Ledger (XRPL) data, leading to a misleading alert.
The “billions of XRP moved” statement is misleading, the actual amount transferred was worth just a few cents. Kudos to @Bitfinex and @paoloardoino for effectively neutralizing an exploit attempt.
What happened here isn’t a flaw or vulnerability with the XRP Ledger. The Partial… https://t.co/qucpX7yJ7B
— David "JoelKatz" Schwartz (@JoelKatz) January 16, 2024
Whale Alert also released a statement notifying its users of the error and deleted the post immediately.
🛠️ There was an issue with properly reading the #Ripple node response, resulting in a few wrong posts. We fixed the issue.
— Whale Alert (@whale_alert) January 14, 2024
Clarifying the event, Paolo Ardoino, CTO of Bitfinex, the targeted exchange, revealed it to be an attempted exploit leveraging XRPL’s “Partial Payment” feature. This feature allows senders to specify a desired total amount in the “Amount” field while actually transferring a smaller sum.
The exploit attempt failed, however, due to Bitfinex’s secure handling of partial payments. Unlike some systems that solely focus on the “Amount” field, Bitfinex prioritizes the “Delivered Amount,” ensuring accuracy and preventing manipulation.
After multiple hacks and exploits across the crypto industry throughout last year, these malicious actors have begun their activities again this year.
While the incident triggered initial concern, its resolution showed the importance of responsible reporting and proper system configuration. Schwartz commended Bitfinex and Ardoino for their vigilance and confirmed that no XRPL vulnerability was involved.
The Partial Payment Feature and Potential Exploits
XRPL’s Partial Payment feature can benefit legitimate users. If a user accidentally receives unwanted XRP, they can utilize this feature to return the exact amount without incurring additional fees. However, malicious actors can also target this feature for nefarious purposes.
The exploit modus operandi involves specifying a significant sum in the “Amount” field while sending a significantly smaller amount in reality.
We are on twitter, follow us to connect with us :- @TimesTabloid1
— TimesTabloid (@TimesTabloid1) July 15, 2023
Read Also: “This Makes Me Angry”, Says Ripple CTO David Schwartz. Here’s why
If a system overlooks the “Delivered Amount” or lacks proper partial payment handling mechanisms, it could be tricked into crediting the attacker with the full specified amount, falling victim to the exploit.
As Schwartz emphasizes, this incident serves as a valuable reminder for all institutions and applications using XRPL of the need for proper understanding, integration, and configuration of XRPL features.
With a total circulating supply of 54.2 Billion XRP, a transaction involving almost half of all circulating tokens would have been catastrophic for the market.
However, Bitfinex quickly foiled the attempt, and now the XRP community can turn their attention to positive developments, like the BlackRock CEO’s recent comments on a potential XRP ETF application.
Follow us on Twitter, Facebook, Telegram, and Google News
