Ripple has announced a collaboration with blockchain security firm Immunefi to launch an “attackathon” focused on the upcoming lending protocol of the XRP Ledger. This initiative aims to enhance security by incentivizing white hat hackers to identify potential flaws in the protocol’s codebase. A substantial reward of up to $200,000 will be offered to participants who uncover serious bugs, emphasizing the importance of ensuring the platform’s security before its implementation.
The proposed lending protocol is designed to facilitate fixed-term, uncollateralized loans on the XRP Ledger. Leveraging off-chain procedures to assess creditworthiness, the protocol will operate without utilizing smart contracts or wrapped assets. The funds will be pooled on-chain, with repayments governed by specific, protocol-enforced terms.
Jasmine Cooper, Head of Product at RippleX, expressed confidence in the initiative, highlighting its significance in preparing for a crucial upgrade to the XRPL. “The XRPL community is preparing for one of its most significant upgrades yet with the proposed lending protocol, which is expected to go to validator vote later this year,” she stated. Cooper noted that it is essential to ensure the code is secure and resilient before proceeding with major amendments.
To foster participation, especially among those with limited experience on the XRP Ledger, Ripple and Immunefi will facilitate a two-week educational session. During this phase, interested individuals will have the opportunity to receive support from Ripple engineers, utilize development guides, and access testing environments. The actual attackathon is set to commence on October 27 and will continue until November 29.
The announcement detailed that if at least one valid bug is identified during the attackathon, the entire $200,000 prize will be awarded. Should no bugs be discovered, participants who provide valid insights will still be eligible for a fallback pool allocation of $30,000.
The concept for the XRP Ledger lending protocol was first unveiled at the XRP Ledger Apex conference, a summit hosted by Ripple aimed at promoting the development of the decentralized network. The attackathon is particularly focused on identified vulnerabilities, addressing concerns like liquidation logic, interest accrual inconsistencies, and potential administrative attacks that could compromise protocol integrity.
Notably, although Ripple is intricately linked to the development of the XRP Ledger and its native token XRP, it operates independently from the majority of XRP Ledger validators. Former Ripple CTO David Schwartz previously revealed that Ripple maintains around “1% of the XRP Ledger.”
Despite facing a security ranking at the lower end from research firm Kaiko in August, Ripple developers have contested these findings, pointing to endorsements from reputable security firms, including CertiK and Halborn. The ongoing efforts in security enhancement through initiatives like the attackathon signify Ripple’s commitment to strengthening the integrity and resilience of the XRP Ledger as it prepares for significant advancements in its lending capabilities.
