In a move to address the concerns of the XRP community, RippleX has provided a crucial update on the state of the XRP Ledger following a recent bug incident. On Nov. 25, 2024, at 1:39 p.m. UTC, the XRP Ledger experienced an issue in which several nodes across the network crashed and restarted at similar times.
The network did not execute any transactions for about 10 minutes as it recovered because, during times of instability, the XRPL network consensus mechanism prioritizes safety over progress.
No funds were lost (just a momentary pause of new transactions). At 1:49 p.m. UTC on the same day, the XRPL network returned to normal functioning and forward progress.
As promised – an update on the cause of the XRP Ledger’s 10 min pause earlier this week, details on how the fix was developed and what’s next. And, if you haven’t already upgraded your XRPL infra to 2.3.0, please do so ASAP!Thank you to all across the community who work day in… https://t.co/9oqtIt0Y1a
— Brad Chase (@bachase_ripple) November 27, 2024
Brad Chase, VP at RippleX, highlighted the update in an X post: "As promised—an update on the cause of the XRP Ledger’s 10 min pause earlier this week, details on how the fix was developed and what’s next."
Nov. 25 XRPL Bug: Current status and what’s next
As stated in the RippleX official blog post, the issue stemmed from a bug introduced more than six months ago. In certain instances, rippled's caching layer may return an inconsistent result type, causing a server to crash. Although this bug remained undiscovered during the refactoring test, there is no prior evidence of exploitation.
Last week, at the end of testing, rippled 2.3.0, the RippleX team discovered the bug and published a fix in an internal release candidate.
card
To reduce risks, it was decided not to isolate the issue before release or generate a standalone fix, as this would have allowed for reverse engineering and bug exploitation. When a similar issue arose on the mainnet, the fix was validated, and the RippleX team collaborated directly with the community and other UNL operators to arrange updates and secure the network.
Thanks to the community's swift response once the update was released, 33 of 35 validators on the default UNL have already upgraded to rippled 2.3.0, as have nearly half of known servers.
While the network's core has been upgraded, unpatched nodes remain potentially vulnerable; hence, all users are recommended to update their infrastructure to rippled 2.3.0. To reduce potential dangers for unpatched users, RippleX says it will withhold specific technical specifics until the majority of servers have been upgraded.
card
Regarding what's next, RippleX says to give remaining node operators sufficient time, until Dec. 12, to upgrade to share more technical details. Once these details are available, the bug will become easier to identify, potentially increasing the risk for nodes that remain unpatched. In the meantime, RippleX strongly recommends upgrading to 2.3.0 as soon as possible.
