PRESS RELEASE. Road Town, BVI, February 29th, 2024 – In a significant move for cryptocurrency and mobile technology enthusiasts, LBank Exchange, a premier global digital asset trading platform, has announced the listing of The Quantum Resistant Ledger (QRL) on March 1, 2024. Users of LBank Exchange can brace themselves for the QRL/USDT trading pair, which […]
Bitcoin News
XRP Ledger (XRPL) Token Market Cap Surged 47% In Q4 To $169M: What Caused The Surge?
A recent report by Messari sheds light on the state of the XRP Ledger (XRPL) and its notable performance during the fourth quarter (Q4) of 2023.
The report highlights significant milestones, including its native token market capitalization, distribution, burning mechanism, price movement, legal battle, and network activity.
Distribution Of 4 Billion XRP Contributes To Market Cap Growth?
As of Q4 2023, XRP, the native token of the XRPL, emerged as the sixth-largest cryptocurrency by market capitalization, reaching .7 billion. The token’s circulating market cap witnessed a substantial 21.2% increase quarter-over-quarter (QoQ) and an impressive 93.6% growth year-over-year (YoY).
According to Messari, the increase in market capitalization was primarily due to the distribution of 4 billion XRP and a significant price spike on November 13, when the token reached as high as .7503.
Throughout 2023, 4 billion tokens were distributed, accounting for 8% of the XRP supply from the end of 2022. While this distribution contributed to the increase in market cap, it was overshadowed by the impact of the price spike.
Additionally, the XRPL employs a transaction fee-burning mechanism, applying deflationary pressure to the total supply of 100 billion XRP. However, the low transaction fees on the network have resulted in a relatively low burn rate of approximately 12 million XRP since the inception of the XRP Ledger.
Network Activity Shows Mixed Trends In Q4 2023
Q4 2023 marked a significant turning point for XRP, concluding a multi-year legal battle with the US Securities and Exchange Commission (SEC). In July 2023, the district court ruled that XRP is not considered an investment contract or a security, distinguishing it from many other blockchain assets.
This ruling triggered a surge in XRP’s price, with an increase of over 70% on July 14 and a peak of .82 on July 20. The subsequent relisting of XRP on major cryptocurrency exchanges further bolstered its position.
Network activity on the XRPLedger displayed mixed trends in Q4. While active addresses decreased by 31.3% QoQ, transactions increased by 22.7% QoQ.
Notably, a significant portion of transaction activity originated from a group of accounts sending transactions to a single account for inscription-related activity. The number of accounts on the XRPL increased by 188,000, reaching 5.00 million in Q4.
Overall, the Q4 2023 report on the XRP Ledger showcases its growth, driven by various factors such as price spikes, legal victories, and network activity. With its expanding market capitalization and increasing adoption, XRP continues to solidify its position in the cryptocurrency market.
Featured image from Shutterstock, chart from TradingView.com
WHAT IS XRP LEDGER (XRP)?
XRP Ledger, created by Ripple Labs Inc., is an open-source blockchain technology and digital asset. This means that developers can contribute to its development and enhance its functionality. XRP serves as the native cryptocurrency of the XRP Ledger and is the commonly recognized name for it. The XRP Ledger is purposefully designed to enable swift, cost-effective, and secure transactions. It functions as a distributed ledger, where transaction records are stored across a network of validators, which are participating computers, ensuring the integrity of the ledger.
XRP has garnered significant recognition for its ability to facilitate expeditious and streamlined cross-border payments. Its primary objective is to enhance liquidity and establish connections between diverse currencies, enabling seamless value transfers for both financial institutions and individuals across international borders. Ripple, the entity responsible for XRP, has forged partnerships with numerous financial institutions to investigate the potential of XRP in the realms of remittances and international settlements.
It is imperative to emphasize that although XRP is commonly linked with Ripple, the XRP Ledger functions autonomously, separate from the company. XRP can be exchanged on different cryptocurrency platforms and stored in digital wallets that are compatible with the XRP Ledger.
Additionally, there is a diverse range of cryptocurrency exchanges that support the XRP Ledger (XRP) for individuals interested in buying, selling, or trading XRP. Some notable examples include Binance, Coinbase, Kraken, BitStamp, Huobi, and more.
Founders Of XRP Ledger (XRP)
In early 2011, developers David Schwartz, Jed McCaleb, and Arthur Britto were intrigued by Bitcoin but concerned about its energy consumption and scalability issues. They aimed to create a more sustainable system for value transfer. Their predictions about Bitcoin’s energy usage were proven right when estimates revealed that Bitcoin mining consumed more energy than Portugal in 2019. They also foresaw the risks of one miner or collusion of miners gaining over 50% of the mining power, which remains a concern today as mining power concentrates in China.
Undeterred, the developers continued their work and created a distributed ledger called Ripple, with a digital asset initially called “ripples” (later referred to as XRP). The name Ripple encompassed the open-source project, the unique consensus ledger (Ripple Consensus Ledger), the transaction protocol (Ripple Transaction Protocol or RTXP), the network, and the digital asset.
To eliminate confusion, the community started referring to the digital asset as “XRP.” By June 2012, Schwartz, McCaleb, and Britto completed the code development and finalized the Ledger.
How XRP Ledger (XRP) Works
The XRP Ledger represents a pioneering blockchain technology that places a strong emphasis on scalability and interoperability. This focus enables the ledger to offer a wide array of possibilities for diverse applications that surpass the realms of traditional financial systems.
By demonstrating the capacity to handle substantial transaction volumes and foster seamless connectivity among different assets, the XRP Ledger stands poised to bring about a revolution across multiple industries and ignite innovation. Its scalable and interoperable nature creates opportunities for novel use cases and transformative solutions within the blockchain ecosystem.
Prominent Features Of XRP Ledger
Consensus Ledger
Functioning as a distributed and decentralized ledger, the XRP Ledger stores the transaction history across an independent network of validators. Every validator preserves a copy of the ledger, and transactions undergo validation and agreement via the consensus algorithm. This approach ensures that the ledger’s transaction history is securely stored and that transactions are verified and approved through a collaborative process among validators. By employing this distributed and decentralized framework, the XRP Ledger establishes a reliable and transparent system for recording and validating transactions.
Gateways and Interoperability
The XRP Ledger enables the establishment of gateways, which are entities responsible for issuing and redeeming assets on the ledger. These gateways play a crucial role in bridging various currencies and assets, fostering seamless interoperability across different financial systems.
By facilitating the transfer and exchange of diverse assets, the gateways enhance the connectivity and compatibility between different forms of value representation. This feature of the XRP Ledger promotes greater efficiency and accessibility in cross-border transactions and opens up opportunities for enhanced liquidity and streamlined financial operations.
Transaction Speed and Scalability
Engineered with scalability and rapid transaction settlement in mind, the XRP Ledger (XRP) is adept at processing a substantial number of transactions per second. With the capability to settle transactions within a matter of seconds, the ledger is well-suited for a wide range of use cases that demand swift and efficient transaction execution.
Its high scalability and speedy transaction settlement empower businesses and individuals alike to conduct seamless and timely transactions, fostering enhanced productivity and responsiveness in various applications and industries.
Consensus Algorithm
Within the XRP Ledger, a distinctive consensus algorithm known as the Ripple Protocol Consensus Algorithm (RPCA) is employed. Diverging from conventional proof-of-work (PoW) or proof-of-stake (PoS) algorithms, RPCA relies on a group of trusted validators to authenticate and validate transactions. These validators assume the crucial role of collectively establishing consensus regarding the sequence and legitimacy of transactions on the network. By leveraging this innovative consensus mechanism, the XRP Ledger ensures the integrity and reliability of its transaction validation process, providing a secure and efficient environment for conducting business.
Native Cryptocurrency (XRP)
XRP operates as the inherent digital currency of the XRP Ledger, serving multiple purposes, such as facilitating transactions, offering liquidity, and bridging diverse currencies. As a medium of value exchange, XRP can be transferred between various entities on the XRP Ledger, enabling seamless transactions and facilitating the exchange of value. This versatile cryptocurrency plays a vital role in supporting the functionality and efficiency of the XRP Ledger ecosystem.
The Impact Of XRP On The Financial Industry
Undoubtedly, the XRP Ledger, along with its native currency XRP, has made a notable impact on the financial industry, bringing forth a range of positive innovations across various important aspects such as:
Decentralized Finance (DeFi)
The XRP Ledger’s utilization of smart contracts and tokenization creates possibilities for decentralized finance (DeFi) applications, paving the way for the development of groundbreaking financial services like lending, borrowing, and decentralized exchanges. With its rapid and scalable nature, the XRP Ledger provides an ideal foundation for constructing DeFi applications, potentially extending financial services to underserved communities and diminishing dependence on conventional intermediaries.
Asset Tokenization
The capacity of the XRP Ledger to tokenize tangible assets like real estate, art, and commodities has the potential to unleash liquidity for assets that have historically lacked it. Through the representation of these assets as digital tokens on the ledger, fractional ownership becomes feasible, enabling enhanced accessibility and transferability. This breakthrough can introduce fresh investment prospects and enhance market efficiency.
Cross-Border Payments
The swift transaction settlement and economical fees offered by the XRP Ledger make it an attractive choice for cross-border payments. Its efficient currency-bridging capabilities simplify and expedite international transactions, potentially reducing expenses and enhancing liquidity for financial institutions. This can result in expedited and cost-effective remittances, benefiting both businesses and individuals.
Liquidity and Market Efficiency
The XRP Ledger’s utilization of XRP as a bridge currency and liquidity tool has the potential to bolster market efficiency and enhance liquidity for diverse assets. By enabling seamless value exchange across different currencies, the XRP Ledger contributes to improved market liquidity, simplifying the process of buying, selling, and trading assets for users. This heightened liquidity has the capacity to foster more efficient markets and enhance the process of price discovery.
XRP Distribution And Price Dynamics
The distribution of XRP tokens by Ripple Labs is a nuanced process that goes beyond a simple monthly release schedule. Currently, the majority of XRP is held in 16 escrow contracts, and their release is influenced by multiple factors, such as market conditions and ecosystem adoption. The original 55-month distribution projection was an estimate, and Ripple has the ability to adjust the pace based on their assessment.
Certainly, this distribution strategy impacts the price of XRP. A significant influx of XRP could potentially exert downward pressure on its value. However, attributing price fluctuations solely to this factor would be narrow-minded. The overall market sentiment towards cryptocurrencies, demand from financial institutions, regulatory developments, and news related to Ripple all contribute significantly. To truly understand the price action of XRP, a comprehensive analysis of these intertwined factors is necessary, recognizing the intricate interplay between Ripple’s distribution strategy and the dynamic cryptocurrency landscape.
Tokenomics Of XRP Supply
XRP has a fixed supply of 100 billion tokens, making it a pre-mined cryptocurrency with no possibility of additional token creation. Only a fraction of the tokens are actively traded, while 20 billion went to the founders. The distribution involves 55 smart contracts that release 1 billion tokens monthly over 55 months, resulting in a monthly increment of 1 billion tokens. The circulating supply is around 53.7 billion tokens, with the remaining held in escrow.
Over 60% of the total supply is concentrated in the top 100 wallets, raising decentralization concerns. Ripple owns 6.5 billion XRP, adjusting the circulating supply to approximately 47 billion tokens.
XRP exhibits a mild deflationary trend from burning fees, reducing the total supply to about 99,988,221,902 XRP.
Buying XRP Coins
Purchasing XRP coins can be a relatively straightforward procedure; however, the available choices cater to diverse levels of experience and comfort. Here is a breakdown of different approaches tailored to meet your specific requirements:
Beginner-Friendly Exchanges
Coinbase and Binance are user-friendly platforms suitable for newcomers. They provide intuitive interfaces, clear instructions, and customer support to assist users throughout the process.
Peer-to-Peer (P2P) Exchanges
Platforms like Paxful are P2P exchanges that enable direct XRP purchases from other individuals. This decentralized approach offers privacy and flexibility but requires caution when evaluating counterparties and following safety measures.
Decentralized Exchanges (DEX)
Uniswap is an example of a DEX platform that operates on blockchains. They facilitate direct peer-to-peer trading without intermediaries, providing enhanced security and control over funds. However, using DEX platforms will require compatible wallets.
Tracking Prices of XRP Ledger (XRP)
To effectively track the prices of XRP Ledger (XRP), the digital asset native to the XRP Ledger, and stay up to date with its market movements and fluctuations, there are several reliable methods and platforms that you can utilize, such as widely recognized cryptocurrency tracking platforms like CoinMarketCap
CoinMarketCap is a highly regarded platform for monitoring cryptocurrencies, offering extensive data on a diverse range of digital assets, such as XRP Ledger (XRP). Users can explore the XRP page on CoinMarketCap to access up-to-the-minute price updates, historical data, market trends, and other pertinent information relating to XRP. CoinMarketCap serves as a trusted resource for individuals seeking to track and analyze the performance of XRP Ledger within the global cryptocurrency market.
Ripple Lawsuit With Securities And Exchange Commission (SEC)
The Ripple vs. SEC legal dispute, which began in December 2020, has a profound impact on XRP. The SEC accuses Ripple of conducting an unregistered securities offering through XRP sales, while Ripple argues that XRP is a utility token for cross-border payments and not a security. This ongoing battle has caused turbulence for XRP, resulting in price volatility and adoption uncertainty. The outcome of the case will have significant implications for XRP and the broader cryptocurrency industry.
The lawsuit has led to a hesitant market as businesses and individuals are cautious about embracing XRP due to the uncertainty surrounding its classification. The resolution will determine whether XRP’s utility as a token will prevail or if the SEC’s classification as a security will cast a long shadow over its future. As the market awaits a definitive answer, the trajectory of Ripple’s digital creation remains uncertain.
Conclusion
XRP Ledger (XRP) boasts an established name, a decentralized network, and lightning-fast, low-cost transactions. This has cemented its role as a preferred bridge currency for cross-border payments.
Despite facing legal challenges, XRP has an impressive track record as one of the pioneering cryptocurrencies, gaining widespread adoption among major financial institutions through RippleNet. The community’s dedication and the project’s foundational strengths provide a solid basis for potential success. However, the outcome of the SEC lawsuit will be a crucial determinant in shaping the future of XRP, whether it will be positive or negative.
Nevertheless, navigating the world of XRP necessitates careful consideration. While some may prioritize user-friendly platforms for entry, experienced traders might seek advanced features offered by decentralized exchanges (DEXs).
Regardless of your experience level, remember that cryptocurrencies remain volatile, and responsible investing practices are paramount. Consider these factors, research, and choose the path that aligns with your personal financial goals and risk tolerance.
Binance Freezes $4.2 Million in Stolen XRP; Ripple Investigation Aided by XRP Ledger Foundation
After the unauthorized access of Ripple co-founder Chris Larsen’s personal holdings, Binance CEO Richard Teng revealed that the platform had successfully “managed to freeze .2 million” of the compromised assets. Teng elaborated that Binance is committed to “support[ing] Ripple in their investigations,” indicating ongoing collaboration.
New Binance CEO Discusses Freezing .2 Million Worth of Larsen’s Crypto
Last Wednesday, Ripple’s co-founder and executive chairman, Chris Larsen, reported “unauthorized access” to several of his personal XRP accounts. Larsen disclosed this in response to a post from onchain analyst Zachxbt, who noticed the token movement.
It’s estimated that 213 million XRP, worth 2 million, were transferred out of Larsen’s personal holdings. In the wake of this security breach, Binance’s newly appointed CEO, Richard Teng, announced that his platform succeeded in freezing a portion of the stolen funds.
“After finding out early on about the exploit that occurred at Ripple, we’re happy to say that the Binance team has managed to freeze .2 Million worth of XRP stolen by the exploiter,” Teng detailed. “We appreciate both the [community] efforts in flagging it to exchanges – as always [Zachxbt] did a great job – and the Ripple team’s work in collaborating with us.”
The Binance chief executive added:
We will continue to support Ripple in their investigations and their efforts to retrieve back the funds, including closely monitoring the majority of funds still in the exploiter’s external wallets in case they deposit to Binance.
Thomas Silkjær, the head of analytics and compliance at the XRP Ledger Foundation, swiftly acknowledged Teng’s X post and expressed his gratitude for Teng’s prompt and responsible actions. “This tweet is a bit ambiguous,” Silkjær added. “The compromised accounts are personal accounts of [Chris Larsen] – not an exploit at [Ripple]. The initial investigation was done by [XRP Ledger Foundation] and initiated as it was happening – not carelessly published on social media the day after like [Zachxbt].”
The XRP Ledger Foundation member continued:
Ripple is now leading the investigation (for Chris), after we did a complete handover of data.
Following this, Silkjær proceeded to share a post authored by Larsen, in which Larsen categorized the situation as “an isolated incident.” In Larsen’s post, the Ripple executive extended his gratitude to Silkjær and the XRP Ledger Foundation. When a concerned individual suggested that Larsen should have made the announcement 12 hours earlier, Silkjær, the lead for analytics and compliance at the foundation, emphasized the importance of caution in such matters.
“It is reckless to publish information during an attack as it might influence the methodology of the attackers,” Silkjær responded. “There are good reasons to not go public with anything right away.”
What do you think about the Ripple exec’s xrp stash being pilfered and the mystery behind this case? Let us know what you think about this subject in the comments section below.
RippleX Announces Major Update For XRP Ledger EVM Sidechain, Can This Trigger A Price Recovery
The XRP Ledger ecosystem is currently buzzing with new exciting developments that could potentially propel the price of XRP to new heights. RippleX, an extension of Ripple and an open developer platform has announced new updates for the upcoming XRP Ledger Ethereum Virtual Machine (EVM) sidechain.
XRPL EVM Sidechain Signals Hope For XRP Price Resurgence
On Tuesday, RippleX released the latest developments and progress on the XRPL EVM Sidechain via an X (formerly Twitter) post. This significant update was shared by Peersyst Technology, a blockchain technology firm and an XRPL EVM developer.
Peersyst revealed on its official X handle that the XRPL ecosystem is getting closer to launching its highly anticipated sidechain. This advanced EVM sidechain is designed to bridge Web3 applications to XRPL and improve the functionality and scalability capabilities of the ledger.
Various XRP enthusiasts, including Patrick L. Riley, the Chief Executive Officer (CEO) of Reaper Financial, remain optimistic about the launch and integration of the EVM sidechain into the XRP Ledger. In a December 2023 interview with crypto market analyst Zach Rector, Riley predicted that “XRP will surpass Bitcoin as the number one cryptocurrency.”
According to Peersyst, the RippleX developer team has officially published the XChainBridge public amendment. This revision is currently open for voting and has already garnered seven validator votes out of 28, marking a crucial step in the launch of the XRPL EVM sidechain.
The blockchain company also announced a second update on the XRPL EVM, stating that the sidechain has successfully undergone stringent audit procedures by Bishop Fox, a leading provider of security solutions. Another audit has also been conducted with a prominent supplier, with details disclosed soon.
In addition, the blockchain firm has shared updates on the EVM sidechain’s progress to Cosmos, a blockchain network utilizing the support of Evmos, a scalable high throughput Proof of Stake (PoS) blockchain. Peersyst disclosed that a new version of the bridge is set to launch, allowing users to automatically connect any existing token in the EVM sidechain to the XRP Ledger.
Other updates on the EVM sidechain include the introduction of a new User Interface (UI) and the implementation of a Software Development Kit (SDK) for developers. Additionally, a better version of the Blockscout explorer is being developed, promising quicker inspections and explorations of transactions within the XRPL EVM blockchain.
Can This Trigger A Price Recovery?
The XRPL EVM emerges as a potential game changer for the price of XRP, introducing new updates that will enhance transparency, security, and speed within the XRP Ledger. Since this is a positive development, it could lead to renewed interest in the underlying XRP token.
If this interest is sustained and eventually leads to more demand for the token, it could trigger a price rally. At this point, the bulls will be looking to break the resistance, which bears have mounted at .55 to signal a resumption of the rally.
While other altcoins have been witnessing price surges, XRP has been struggling to rally. It is currently trading at .51, with a 9.63% loss in the last seven days, according to data from Coinmarketcap.
Tunisian Universities’ Hackathons to Boost Understanding of Distributed Ledger Technology
Two Tunisian universities working in collaboration with the blockchain company Dar Blockchain and the Hashgraph Association are set to hold three-day hackathons. Hackathon participants are set to learn how decentralized finance (defi) can help revolutionize and make financial services widely available to Tunisian and African communities.
Driving the Youth’s Adoption of Web3
Two Tunisian universities, ESPRIT University and SUP’COM University, are set to hold concurrent hackathons from Jan. 26 to 28. The objective of the hackathon is to boost the adoption and understanding of Distributed Ledger Technology (DLT). The hackathons are a collaborative effort between the two universities, the Tunisian company Dar Blockchain, and the Hashgraph Association.
According to a press statement released on Jan. 8, the two events will provide participants with a platform to learn, collaborate, and contribute to the transformation of industries. Mohamed Mnif and Jaafar Saied, the co-founders of Dar Blockchain, said they expect the hackathon to help drive the adoption of Web3 by Tunisia’s youth.
“We are proud to be launching the first Hedera Hackathon at two reputable universities as part of our aim to set up chapters in local universities and offer training as we lay the foundation for a real understanding of DLT and blockchain. Tunisian youth and university students will be equipped with the skills and knowledge needed to foster Web3 adoption, not only in MENA but globally,” the two co-founders said.
Empowering Future Generations
According to the statement, participants in the hackathon will learn how decentralized finance (defi) can revolutionize and make financial services available to Tunisian and African communities. They will also learn about decentralized autonomous organizations (DAOs).
Participants will be grouped into teams of 3 to 5 members whose applications must be submitted no later than Jan. 20, 2024. However, the statement specifies that at least one team member must be a certified Hedera developer.
Commenting on the announcement, Kamal Youssefi, President of The Hashgraph Association, said: “Through the utilization of the Hedera Network and distributed ledger technology we can empower future generations to build enhanced economies, technologies, and societies.”
Youseefi stated that his organization feels privileged to work with the two higher learning institutions, which he described as “future-driven universities.”
Register your email here to get a weekly update on African news sent to your inbox:
What are your thoughts on this story? Let us know what you think in the comments section below.
Developer Alerts Ledger Live Software Could Be Tracking User IDs, Apps and Balances
Rektbuilder, a developer, has stated that cryptocurrency hardware wallet company Ledger can track user identities, apps, and even cryptocurrency balances in the device through the use of Ledger Live, its wallet management software. The developer discovered this behavior while working on Lecce Libre, a lighter, less intrusive software for the hardware wallet.
Ledger Live Sends User Information to Ledger, Developer Alleges
Developer Rektbuilder alerted about the information that Ledger, the hardware wallet manufacturer, receives through its wallet management program Ledger Live. According to his findings, the software embeds checks for the ID of each device when installing or updating apps and firmware.
The developer, currently working on “Lecce Libre,” a less intrusive and lighter app to manage Ledger hardware wallets, warned that removing this verification code breaks the app, meaning that using it is mandatory. He stated:
I tried disabling the remote tracking and it’s impossible, it breaks if you do. Which means Ledger knows it’s you every time you plug the device in.
Previously, he had also reported having removed balance summary details involving network calls for asset balances. Rektbuilder stated that the Ledger Live made 2,000 network calls for “all sorts of unnecessary stuff,” having already removed them in Lecce Libre.
He escalated his concerns, stressing that due to the available recovery function that allows retrieving the private keys in the device, nobody can be sure these are not being read.
Emin Gün Sirer, founder and CEO of Ava Labs, also called on Ledger to address the issues presented by Rektbuilder. He stressed that Ledger “should be able to confirm or deny (1) if these claims are true, (2) if there’s a way to work entirely offline without tracking, and (3) if the private keys are readable from the secure element.”
Ledger, which recently faced an attack that caused users to lose 0,000 in assets, has contacted Rektbuilder, who reported they are now working with the wallet company to obtain feedback on the issues raised.
What do you think about Ledger Live’s alleged privacy issues? Tell us in the comments section below.
Ledger Commits To Full Restitution For Victims Of $600,000 ConnectKit Attack
Hardware wallet manufacturer Ledger has responded to a recent security breach resulting in the theft of 0,000 worth of user assets.
The company has pledged to enhance its security protocols by eliminating Blind Signing, a process where transactions are displayed in code rather than plain language, by June 2024.
Ledger Takes Responsibility For ConnectKit Attack
In a statement, Ledger emphasized its focus on addressing the recent security incident and preventing similar occurrences in the future.
The company acknowledged the approximately 0,000 in assets that were impacted by the ConnectKit attack, particularly affecting users blind signing on Ethereum Virtual Machine (EVM) decentralized applications (dApps).
Furthermore, Ledger pledged to make sure affected victims are fully compensated, including non-Ledger customers, with CEO & Chairman Pascal Gauthier personally overseeing the restitution process.
According to the statement, Ledger has already initiated contact with affected users and is actively working with them to resolve their specific cases.
In addition, by June 2024, blind signing will no longer be supported on Ledger devices, contributing to a “new standard of user protection” and advocating for “Clear Signing,” which refers to a process that allows users to verify transactions on their Ledger devices before signing them across dApps.
On this matter, Ledger’s CEO Pascal Gauthier stated:
My personal commitment: Ledger will dedicate as much internal and external resources as possible to help the affected individuals recover their assets.
Heightened dApp Security Measures
According to an incident report released by the hardware wallet manufacturer, the attack exploited the Ledger Connect Kit, injecting malicious code into dApps utilizing the kit.
This malicious code redirected assets to the attacker’s wallets, tricking EVM dApp users into “unknowingly signing transactions” that drained their wallets.
Ledger addressed the attack by deploying a genuine fix for the Connect Kit within 40 minutes of detection. The compromised code remained accessible for a limited time due to the nature of content delivery networks (CDNs) and caching mechanisms.
Ledger acknowledged the risks faced by the entire industry in safeguarding users and emphasized the need to continually raise the bar for security in dApps.
The company plans to strengthen its access controls, conduct audits of internal and external tools, reinforce code signing, and improve infrastructure monitoring and alerting systems.
Additionally, Ledger will educate users on the importance of Clear Signing and the potential risks associated with blind signing transactions without a secure display.
Notably, with Clear Signing, users are presented with a clear and readable representation of the transaction details, enabling them to review and validate the transaction before providing their signature.
This added layer of transparency and verification helps users mitigate the risks associated with front-end attacks or malicious code injected into decentralized applications
Featured image from Shutterstock, chart from TradingView.com
Ledger Responds to Connect Kit Exploit With Reimbursement Plan, Security Overhaul
In a decisive move following a significant security incident, Ledger, a well known crypto hardware wallet manufacturer and security firm, announced a response plan. Approximately 0,000 in assets were stolen from users due to an exploit involving blind signing on EVM decentralized applications (dapps). Ledger detailed on Dec. 20, 2023, that it has vowed to fully reimburse all affected users, including non-customers, a commitment underscored by the company’s CEO, Pascal Gauthier.
Crypto Security Firm Ledger Vows Full Payback Post 0K Hack
The incident, detected on December 14, 2023, involved an exploit of the Ledger Connect Kit, which led to the injection of malicious code into various dapps. This code deceived users into signing transactions that drained their wallets. Ledger’s detection and the crypto community’s response led to several alerts, though the attack resulted in the loss of around 0k in user assets.
The company said on the social media platform X that it is not only addressing the immediate repercussions of the attack but also taking steps to prevent future incidents. By June 2024, Ledger devices will no longer support blind signing, shifting to a more secure method known as Clear Signing. This method will enable users to verify all transaction details on their Ledger devices before signing, enhancing security significantly.
As part of its remedial actions, Ledger detailed that it has been meticulously reviewing and auditing all their access controls. They are reinforcing policies around code review, deployment, distribution, and access control. This includes integrating external tools into their maintenance and offboarding checks and conducting regular internal audits to ensure effective implementation.
Additionally, Ledger further explained that it is intensifying its focus on security training for employees. The company already conducts security training sessions, including phishing training, and plans to reinforce this program in early 2024. The X announcement also said that Ledger is also prioritizing regular third-party security assessments, with a specific audit focused on access control, code promotion, and distribution slated for early next year.
The company announced on X that it created an active outreach for impacted users, working through specifics with them to ensure full reimbursement of their stolen crypto assets. This gesture of reimbursement is expected to be completed by the end of February 2024. Lastly, the company has urged dapp developers to support the Clear Signing security feature, highlighting the need for collaboration across the ecosystem to enhance user protection.
What do you think about Ledger addressing the recent exploit and reimbursing victims? Share your thoughts and opinions about this subject in the comments section below.
Ledger Connect Kit Breach: Hacker Siphons $484K, Company Rolls Out Version 1.1.8
The unknown attacker that compromised Ledger’s Connectkit Library has reportedly siphoned 4,000 from wallets, according to the onchain intelligence firm Lookonchain. Ledger disclosed a former employee fell victim to a phishing attack and the attacker gained access to the Ledger Connectkit Library and uploaded a malicious bug.
Ledger Responds to 4K Hack
The latest and secure version 1.1.8 of the Ledger Connect Kit is currently being disseminated automatically, according to the last update from Ledger. The company advised a waiting period of 24 hours before resuming use of the Ledger Connect Kit. This precaution follows a security breach detailed in the ensuing timeline: Initially, a phishing attack targeted a former Ledger Employee’s NPMJS account early today, Central European Time.
Ledger said the breach enabled the attacker to release a compromised version of the Ledger Connect Kit (versions 1.1.5 through 1.1.7), which manipulated a deceptive Walletconnect project to reroute funds to a hacker’s wallet. Alerted to the issue, Ledger’s technology and security teams rapidly deployed a solution within 40 minutes of becoming aware, though the malicious file was active for about five hours, the company disclosed.
The estimated time during which funds were siphoned was under two hours. In response to the incident, Ledger said it collaborated with Walletconnect to disable the rogue project and has now issued the verified Ledger Connect Kit version 1.1.8. Ledger further explained that development teams working with the Ledger Connect Kit on NPM have been restricted to read-only access to prevent direct package updates. Ledger noted that Tether had frozen the bad actor’s address and the wallet was now visible via Chainalysis software.
The onchain analysis platform Lookonchain reported that 4,000 was stolen from wallets. However, Ledger has not confirmed the figures but did disclose the wallet address which is: “0x658729879fca881d9526480b82ae00efc54b5c2d.” The wallet currently holds 4K at the time of writing.
The hardware wallet manufacturing company is actively engaging with affected customers and is working with law enforcement to track down the attacker. In addition, Ledger detailed it is analyzing the exploit to prevent future attacks. Ledger reiterated the importance of Clear Signing and suggested using an additional Ledger mint wallet or manual transaction parsing for blind signing.
What do you think about the Ledger exploit? Share your thoughts and opinions about this subject in the comments section below.