Trail of Bits
Audit Open Original ↗

Ripple Labs XRP Ledger Confidential Transfer

Type

Security review

Client

Ripple Labs

Date

2026-04

Domain

Crypto

Effort

6 wks

Section

Cryptography Reviews

Trail of Bits's security review of Ripple Labs (Apr 2026) identified 17 issues: 3 high, 3 medium, 3 low, 7 informational, and 1 undetermined.

Findings · 17

  1. 1 Undocumented ElGamal decryption limit Low
  2. 2 Deprecated OpenSSL SHA-256 API and unchecked return values Informational
  3. 3 Fiat-Shamir domain tag considerations Informational
  4. 4 Timing side channels in ElGamal decryption Informational
  5. 5 Timing side channels in Bulletproof generation Undetermined
  6. 6 Aggregated Bulletproofs cannot handle certain in-range values High
  7. 7 Missing participant count validation Low
  8. 8 Missing return value checks Informational
  9. 9 Insufficient compiler warning flags and security hardening options Informational
  10. 10 Missing range proof enables confidential balance overdraft High
  11. 11 ConfidentialClawback resets the balance version counter Medium
  12. 12 ConfidentialSend increments the receiver’s version counter High
  13. 13 MergeInbox allows version counter increment without balance change Informational
  14. 14 Discrepancies between specification fields and implementation Informational
  15. 15 Incorrect TransactionContextID for Convert and ConvertBack Medium
  16. 16 Multi-ciphertext equality proof uses per-recipient nonces instead of shared r Medium
  17. 17 Missing input length validation in low-level cryptographic helper functions Low

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related