TLDR
- Ripple and Immunefi are offering $200K in rewards to find bugs in XRPL’s new lending protocol.
- The XRPL Lending Protocol uses off-chain credit scoring for uncollateralized loans.
- The bug hunt event will run from October 27 to November 29, 2025.
- Ripple’s Attackathon supports researchers with educational resources and Devnet environments.
Ripple, in collaboration with Immunefi, is launching a $200,000 “Attackathon” to test its new XRPL Lending Protocol. The event, which starts on October 27, aims to identify vulnerabilities within the protocol before it goes live. Researchers will focus on areas critical to the safety and solvency of the system, including vault logic, liquidation processes, and access controls. This move is part of Ripple’s effort to bridge traditional finance with decentralized systems while maintaining regulatory compliance.
$200K Attackathon for XRPL Lending Protocol
Ripple is offering a substantial $200,000 reward pool for the upcoming bug-hunting competition aimed at securing the new XRPL Lending Protocol. The competition will run from October 27 to November 29, providing security researchers and white-hat hackers the opportunity to test the protocol’s security. The event is being organized in partnership with Immunefi, a well-known security platform in the blockchain space.
The XRPL Lending Protocol, governed by the XLS-66 standard, will offer uncollateralized loans on the XRP Ledger. Unlike traditional decentralized finance (DeFi) systems, this protocol does not rely on smart contracts or wrapped assets.
Instead, it assesses creditworthiness off-chain, which allows financial institutions to apply their own risk models. Ripple has stated that the goal of the protocol is to bridge traditional financial systems with on-chain finance, offering transparency while staying within regulatory boundaries.
Educational Support for Participants
To ensure the event’s success, Ripple is providing full educational support through an “Attackathon Academy.” This initiative will offer walkthroughs and Devnet environments to help researchers familiarize themselves with the XRPL’s architecture. The Academy runs from October 13 to October 27, leading up to the official start of the competition.
Ripple’s educational platform is designed to help participants understand the protocol’s intricacies, which include vault logic, liquidation models, and permissioned access controls. Researchers will have access to relevant documentation and resources to assist in identifying potential vulnerabilities in the system. The initiative aims to make it easier for security experts to participate in the bug hunt and contribute meaningfully to the project’s security.
Focus on Vulnerability Identification
The primary goal of the Attackathon is to identify vulnerabilities that could threaten the safety of funds or the solvency of the XRPL Lending Protocol. Specific areas under scrutiny include vault logic, liquidation processes, and the accuracy of interest calculations. Additionally, permissioned access controls will also be tested to ensure that unauthorized actors cannot compromise the protocol.
The competition will reward valid bug reports with a share of the $200,000 pool. However, if no significant vulnerabilities are found, Ripple will distribute $30,000 to participants who contribute meaningful findings. The testing will also cover various linked standards, such as XLS-65, XLS-33, XLS-70, and XLS-80, which are integral to the functionality of the protocol. Researchers are required to provide reproducible proof-of-concept exploits for any identified vulnerabilities to qualify for rewards.
Bridging Traditional and On-Chain Finance
Ripple has pitched the XRPL Lending Protocol as a means of bridging traditional credit markets with on-chain finance. The protocol’s off-chain creditworthiness assessment allows financial institutions to apply their own risk models while using the XRP Ledger as the execution layer. The protocol is designed to offer uncollateralized loans, which sets it apart from many existing DeFi models that rely on collateralization and smart contracts.
Ripple’s emphasis on providing financial institutions with the ability to use their own risk models could make the protocol appealing to traditional lenders. The integration of on-chain finance with traditional systems is an innovative step, providing transparency while maintaining regulatory guardrails.
By hosting the Attackathon, Ripple aims to ensure the security of its new protocol, which is expected to play a role in the future of decentralized finance. The event will not only test the protocol’s vulnerability to attack but also contribute to refining its features and ensuring its readiness for real-world use.
Stay Ahead of the Market with Benzinga Pro!
Want to trade like a pro? Benzinga Pro gives you the edge you need in today's fast-paced markets. Get real-time news, exclusive insights, and powerful tools trusted by professional traders:
- Breaking market-moving stories before they hit mainstream media
- Live audio squawk for hands-free market updates
- Advanced stock scanner to spot promising trades
- Expert trade ideas and on-demand support
