RippleX software engineer Mayukha Vadari has highlighted a key security advantage of the XRP Ledger (XRPL) in the wake of a sophisticated exploit that drained roughly $3 million from Ethereum and Base wallets. According to Vadari, XRPL’s native multisign design—baked directly into the protocol—completely sidesteps the smart contract vulnerabilities that allowed attackers to compromise 86 Gnosis Safe wallets in under two hours.
The incident, reported by blockchain security firm Blockaid, saw hackers manipulate the SquidRouterModule to drain funds before swapping the stolen assets into DAI through attacker-controlled Uniswap V3 pools. Reacting to the news, Vadari underscored that because XRPL multisign is not "patched together via 3rd-party smart contracts," the attack vector used in the exploit simply does not exist for XRPL accounts. This built-in feature, which has been operational since June 2016, allows users to approve transactions with multiple secret keys and combine them with master keys or regular key pairs under a single account structure.
Vadari further explained that XRPL’s architecture lets signers or quorum requirements be modified without changing the wallet address, and individual signers can rotate credentials without freezing funds. Addressing critics who compared Bitcoin’s broader multisig adoption, she noted that Bitcoin only expanded beyond basic M-of-N support after the Taproot upgrade in 2021, while XRPL’s native scheme has been available for years and is already heavily used by custodial platforms. The engineer’s remarks have intensified the conversation around protocol-level security features as the crypto industry grapples with a rising number of smart contract-related exploits.
