XRP Ledger: RippleX Breaks Silence on Recent Bug Incident
11/28/2024 18:40Recent XRP Ledger incident stemmed from bug
Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
In a move to address the concerns of the XRP community, RippleX has provided a crucial update on the state of the XRP Ledger following a recent bug incident. On Nov. 25, 2024, at 1:39 p.m. UTC, the XRP Ledger experienced an issue in which several nodes across the network crashed and restarted at similar times.
The network did not execute any transactions for about 10 minutes as it recovered because, during times of instability, the XRPL network consensus mechanism prioritizes safety over progress.
No funds were lost (just a momentary pause of new transactions). At 1:49 p.m. UTC on the same day, the XRPL network returned to normal functioning and forward progress.
— Brad Chase (@bachase_ripple) November 27, 2024As promised – an update on the cause of the XRP Ledger’s 10 min pause earlier this week, details on how the fix was developed and what’s next. And, if you haven’t already upgraded your XRPL infra to 2.3.0, please do so ASAP!
Thank you to all across the community who work day in… https://t.co/9oqtIt0Y1a
Brad Chase, VP at RippleX, highlighted the update in an X post: "As promised—an update on the cause of the XRP Ledger’s 10 min pause earlier this week, details on how the fix was developed and what’s next."
Nov. 25 XRPL Bug: Current status and what’s next
As stated in the RippleX official blog post, the issue stemmed from a bug introduced more than six months ago. In certain instances, rippled's caching layer may return an inconsistent result type, causing a server to crash. Although this bug remained undiscovered during the refactoring test, there is no prior evidence of exploitation.
Last week, at the end of testing, rippled 2.3.0, the RippleX team discovered the bug and published a fix in an internal release candidate.
To reduce risks, it was decided not to isolate the issue before release or generate a standalone fix, as this would have allowed for reverse engineering and bug exploitation. When a similar issue arose on the mainnet, the fix was validated, and the RippleX team collaborated directly with the community and other UNL operators to arrange updates and secure the network.
Thanks to the community's swift response once the update was released, 33 of 35 validators on the default UNL have already upgraded to rippled 2.3.0, as have nearly half of known servers.
While the network's core has been upgraded, unpatched nodes remain potentially vulnerable; hence, all users are recommended to update their infrastructure to rippled 2.3.0. To reduce potential dangers for unpatched users, RippleX says it will withhold specific technical specifics until the majority of servers have been upgraded.
Regarding what's next, RippleX says to give remaining node operators sufficient time, until Dec. 12, to upgrade to share more technical details. Once these details are available, the bug will become easier to identify, potentially increasing the risk for nodes that remain unpatched. In the meantime, RippleX strongly recommends upgrading to 2.3.0 as soon as possible.