“You Can’t Steal XRP from XRPL,” Ripple CTO on The Risks of Trustless Bridges

The Ripple CTO recently reaffirmed the security of the XRP Ledger (XRPL) while discussing the risks of trustless bridges.

He made this commentary during a discussion that started when XRPL Labs founder Wietse Wind called the community’s attention to a 2020 idea he shared with Richard Holland to bring lightweight WebAssembly (WASM) smart contracts to the XRPL. 

Wind noted how that vision came to life through Hooks smart contracts on the Xahau Network, a sidechain built to expand XRPL’s capabilities. For context, the XRPL still does not feature native smart contracts, leaving the Hooks-enabled Xahau as the viable option for those looking for this feature.

Do “Trustless Bridges” Exist?

Meanwhile, responding to comments predicting how the use of Hooks will grow significantly by 2030, Wind said that if XRPL eventually adds native smart contracts, developers could build code-based “trustless” bridges between XRPL and Xahau without needing a central intermediary. 

However, RippleX engineer Mayukha Vadari countered this idea, saying that no bridge can ever be completely trustless because connecting two separate networks always requires some level of trust. 

No such thing as a trustless bridge – there always has to be some level of trust somewhere to communicate between two separate networks

— Mayukha Vadari (@msvadari) November 12, 2025

She added that even if developers minimize trust, it never disappears entirely. When Holland suggested a technical workaround involving a bidirectional “xpop” system that would let each chain recognize the other’s validator keys, Vadari insisted that such an approach still depends on trust.

Meanwhile, Wind argued that the same element of trust that exists within two networks connected by a bridge also exists within a single network.

Ripple CTO on The Risks of Bridges

At this point, Ripple CTO David Schwartz came forward to explain the major difference. According to him, the main difference lies in how assets exist within a single network compared to how they move between two. 

There's a huge difference in kind here though.

You can't steal XRP from XRPL because there is no place other than XRPL that XRP can be. Any problem with XRP can be fixed by XRPL's governance, as bitcoin had to do in 2013. And it will be because every chain's governance cares…

— David 'JoelKatz' Schwartz (@JoelKatz) November 12, 2025

He explained that XRP only exists on the XRPL. Because of that, no one can steal XRP by moving it elsewhere, as it has no other home. If something goes wrong, XRPL’s governance system can fix the issue because it directly manages the network and its native asset. 

Schwartz compared this to Bitcoin’s early governance decision in 2013. Essentially, decentralized systems always protect their own tokens because their credibility depends on it.

Meanwhile, the Ripple CTO contrasted that with the risk of bridging assets between chains. Schwartz illustrated his point by highlighting a scenario where a bridge transfers ETH from Ethereum to the XRPL. 

Notably, if someone managed to steal the ETH on Ethereum, Ethereum’s governance wouldn’t feel incentivized to take any action because, from its perspective, nothing in its own system broke. 

The XRPL also couldn’t do anything to recover those funds because it doesn’t control Ethereum’s assets. Essentially, this situation shows that the trust in bridges remains largely different from that associated with single networks, as each blockchain governs only its own environment.

A Different Kind of Trust

Schwartz also mentioned the difference between the two kinds of trust. He said users can safely trust a decentralized system that can’t take their funds, but it’s a different story when one network depends on another. 

Wind later clarified that he used the word “trustless” to mean a system without a central authority, not one that removes trust entirely. 

My point was more about the "trustless" aspect referring to no central party involved in the bridge other than two pieces of code on either end.

Just as "trustless" takes for granted that it still involves trust in the networks we use, even if we use only one of them, even if…

— Wietse Wind – 🪝🛠 Xaman® + XRPL + Xahau (@WietseWind) November 12, 2025

He pointed out that the blockchain community often uses “trustless” to describe setups that eliminate human control, even though people still rely on the code, network, and consensus to function correctly.