XRPL One Step Closer to Welcoming EVM Sidechain as Security Firm Completes Audit

Leading cybersecurity firm Bishop Fox has completed a thorough security audit of the XRP Ledger’s (XRPL) EVM sidechain implementation. 

This milestone brings the XRPL one step closer to integrating the EVM sidechain, as the audit firm has vouched for the security architecture of the sidechain. The RippleX team disclosed the development in a recent statement. 

Bishop Fox has completed individual audits and remediation reports for both the XLS-38 Bridge and EVM Sidechain on the #XRPLedger.

See the reports from @bishopfox and learn more: https://t.co/uE4bzKdo2S

— RippleX (@RippleXDev) November 17, 2023

According to the report, the audit scrutinized the EVM sidechain implementation, consensus mechanism, and the bridging system connecting the XRPL and the EVM. This bridging implementation utilizes the cross-chain bridging (XLS-38d) specification for the XRPL.

After diligent examination, Bishop Fox presented their remediation reports addressing vulnerabilities in the EVM Sidechain and the XLS-38 Cross-Chain Bridge. 

EVM Sidechain Audit Highlights

The audit confirmed that the RPC networking interfaces are robustly safeguarded against injection-based attacks. Moreover, the auditor detected no fundamental issues with the bridging functionality during the assessment.

Of the 11 findings, three were categorized as “medium” risk, and eight were labeled as “low” risk. By and large, the audit firm identified no critical or high-severity issues. 

Meanwhile, the examination uncovered minor concerns about using outdated dependencies and implementing unsafe command and code execution patterns. As a recommendation, Bishop Fox advised the developer team to prioritize updating software dependencies and eliminating unsafe execution patterns.

In parallel, the auditor underlined that the developer team had successfully resolved the identified issues in the most recent implementation following earlier remediation reports. Also, it stated that the fixes would be incorporated into the XRPL EVM sidechain’s mainnet launch. 

Audit XLS-38 Cross-Chain Bridge 

Furthermore, the audit firm mentioned that the RippleX engineering team had addressed issues highlighted in their audit of the XLS-38 Cross-Chain Bridge within the rippled code.

Subsequently, the Bishop Fox team conducted thorough remediation testing and published a comprehensive report confirming the successful implementation of these fixes.

EVM Sidechain

It is worth mentioning that Peersyst is developing the XRPL EVM sidechain in collaboration with Ripple to optimize decentralized finance. 

This development offers builders the unique opportunity to pioneer their DeFi applications on a novel chain, catering to a user base exceeding 4.5 million XRP holders. Builders can leverage well-known smart contract languages to create and deploy cross-chain dApps effortlessly.

Furthermore, they can utilize a secure bridge built upon the XLS-38 cross-chain bridging specification for seamless fund transfers between the XRPL mainnet and the EVM sidechain.