Prepared by:
HALBORN
Last Updated 12/04/2025
Date of Engagement: July 21st, 2025 - August 5th, 2025
100% of all REPORTED Findings have been addressed
All findings
13
Critical
4
High
1
Medium
4
Low
4
Informational
0
XRPL Foundation engaged Halborn to conduct a focused security assessment of the current system, with particular emphasis on the new XLS-66 Lending Protocol. The engagement took place from 21 July 2025 to 05 August 2025. The scope, detailed in the scope section, encompassed all modules implementing or interacting with Lending functionality, including Loan, Vault, LoanBroker, batch helpers, invariants, and the supporting math/utilities—along with the unit-test harness and newly developed fuzzers.
The XRPL (XRP Ledger) is a decentralized layer-1 network supporting payments, tokenization, and, through recent amendments, increasingly sophisticated DeFi primitives. XLS-66 extends this stack with native collateralized lending: borrowers open Vaults, draw Loans, and interact with on-ledger Loan Brokers that manage interest, fees, and claw-backs.
While the amendment introduces powerful functionality, it also adds complex state machines, long-lived accounting fields, and precision-sensitive arithmetic—areas prone to subtle security vulnerabilities. Ensuring the protocol’s correctness is therefore critical to safeguarding user funds and maintaining XRPL’s low-latency, deterministic consensus guarantees.
Halborn assigned a full-time senior security engineer specializing in C++ ledger internals, consensus protocols, and decentralized finance. The objectives were to:
• Verify that Lending logic strictly enforces its economic and safety invariants
• Identify vulnerabilities that could result in fund loss, ledger corruption, consensus failure, or denial of service
All identified issues are reproducible with single transactions at standard fees. Proof-of-Concepts (PoCs) have been provided. Full details and remediation guidance are available in the Findings section.
Halborn employed a hybrid approach:
• Architectural review of XLS-66 data flow and state machines
• Manual source code inspection of C++ transaction paths, helpers, and invariants
• Differential analysis comparing pre-Lending behavior
• Custom invariant-enabled fuzzers
| EXPLOITABILITY METRIC () | METRIC VALUE | NUMERICAL VALUE |
|---|---|---|
| Attack Origin (AO) | Arbitrary (AO:A) Specific (AO:S) | 1 0.2 |
| Attack Cost (AC) | Low (AC:L) Medium (AC:M) High (AC:H) | 1 0.67 0.33 |
| Attack Complexity (AX) | Low (AX:L) Medium (AX:M) High (AX:H) | 1 0.67 0.33 |
| IMPACT METRIC () | METRIC VALUE | NUMERICAL VALUE |
|---|---|---|
| Confidentiality (C) | None (C:N) Low (C:L) Medium (C:M) High (C:H) Critical (C:C) | 0 0.25 0.5 0.75 1 |
| Integrity (I) | None (I:N) Low (I:L) Medium (I:M) High (I:H) Critical (I:C) | 0 0.25 0.5 0.75 1 |
| Availability (A) | None (A:N) Low (A:L) Medium (A:M) High (A:H) Critical (A:C) | 0 0.25 0.5 0.75 1 |
| Deposit (D) | None (D:N) Low (D:L) Medium (D:M) High (D:H) Critical (D:C) | 0 0.25 0.5 0.75 1 |
| Yield (Y) | None (Y:N) Low (Y:L) Medium (Y:M) High (Y:H) Critical (Y:C) | 0 0.25 0.5 0.75 1 |
| SEVERITY COEFFICIENT () | COEFFICIENT VALUE | NUMERICAL VALUE |
|---|---|---|
| Reversibility () | None (R:N) Partial (R:P) Full (R:F) | 1 0.5 0.25 |
| Scope () | Changed (S:C) Unchanged (S:U) | 1.25 1 |
| Severity | Score Value Range |
|---|---|
| Critical | 9 - 10 |
| High | 7 - 8.9 |
| Medium | 4.5 - 6.9 |
| Low | 2 - 4.4 |
| Informational | 0 - 1.9 |
Critical
4
High
1
Medium
4
Low
4
Informational
0
| Security analysis | Risk level | Remediation Date |
|---|---|---|
| Loan-Set inside Batch bypasses Counter-party Signature | Critical | Solved - 07/29/2025 |
| LoanPay Triggers Unbounded Loop in loanComputePaymentParts | Critical | Solved - 10/05/2025 |
| Negative LoanOriginationFee Breaks accountSendMPT Invariant | Critical | Solved - 10/24/2025 |
| Zero InterestRate in LoanSet Causes LoanPay divide-by-zero | Critical | Solved - 07/23/2025 |
| EscrowFinish Accepts Unbounded Size crypto-condition | High | Not Applicable - 07/30/2025 |
| LoanPay Writes Over-Precision debtDecrease | Medium | Solved - 10/16/2025 |
| LoanPay Can Drive totalInterestOutstanding Below Zero | Medium | Solved - 10/21/2025 |
| LoanPay Stores Inconsistent Principal | Medium | Solved - 10/21/2025 |
| LoanPay Writes Over-Precision totalPrincipalPaid | Medium | Solved - 10/21/2025 |
| LoanPay Stores Over-Precision totalInterestPaid | Low | Solved - 10/21/2025 |
| LoanSet allows an overflow in NextPaymentDueDate | Low | Solved - 10/26/2025 |
| LoanSet accepts out-of-range InterestRate | Low | Solved - 07/30/2025 |
| DebtMaximum = 0 Mistakenly Blocks All Loans | Low | Solved - 07/30/2025 |
//Critical
//Critical
//Critical
//Critical
//High
//Medium
//Medium
//Medium
//Medium
//Low
//Low
//Low
//Low
Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.
// Download the full report
Lending Protocol
* Use Google Chrome for best results
** Check "Background Graphics" in the print settings if needed
