- Kaiko’s blockchain safety assessment places XRP Ledger at the bottom.
- Security concerns arose in April following a hack affecting developer resources.
- XRPL’s limited validator quantity and decentralization negatively impacted its ranking.
One might assume the blockchain technology supporting one of the top cryptocurrencies globally would be recognized for its outstanding protection, particularly after a decade in use.
However, a recent report from the blockchain analysis firm Kaiko tells a different story.
According to Kaiko’s latest quarterly Blockchain Ecosystem Ranking, the XRP Ledger, the foundation for the XRP token, received the lowest security score, a mere 41 out of 100.
This rating places it last among the 15 blockchains examined, falling behind Polygon at 44 and Stellar at 45, while Ethereum led the pack with a score of 83.
Kaiko’s ranking system assesses blockchain networks across five categories: governance, integration, liquidity, operational effectiveness, and security.
The security evaluation incorporates factors like operational robustness, validator decentralization, audit frequency, and past incidents to determine risks to the underlying framework.
While specific sub-scores were not disclosed by Kaiko, senior analyst Adam Morgan McCarthy informed DL News that “the most significant issues stemmed from a previous security breach this year, a deficient Nakamoto coefficient, and the limited number of validators.”
The Nakamoto coefficient is a measure used to calculate the number of participants required to work together to potentially compromise a network, when compared to other proof-of-stake chains.
Security Weaknesses
In April, a cyberattack resulted in the compromise of an official software package utilized by XRPL developers, with malicious coding injected to steal users’ private keys.
While the primary ledger and the GitHub repository remained unaffected, the intrusion endangered users and raised considerable concerns about the security of the software supply chain for XRPL.
The network’s somewhat small validator pool and its decentralization method also continue to be causes for concern.
Unlike Ethereum and Solana, which depend on large, decentralized validator sets—over a million and 1,700 respectively—the XRP Ledger functions with about 190 operational validators.
Of these, only 35 are listed in its default unique node list, a curated group relied upon by most participants for reaching a consensus.
Although this setup strives to boost speed and consistency, detractors believe it decreases diversity and makes the system more susceptible to synchronized interruptions.
The XRP Ledger’s minimal Nakamoto coefficient score reflects this constricted validator distribution.
Requests for comments to David Schwartz, XRP Ledger architect and Ripple CTO, were not immediately answered. Likewise, Ripple did not respond to multiple inquiries for clarification.
Ripple’s creators were the ones who created XRP. The blockchain now underpins much of what the business provides.
Kyle Baird is DL News’ Weekend Editor. Got a tip? Email at kbaird@dlnews.com.