Ripple Hack: Key Clarifications by Ripple CTO

Fri, 9/02/2024 – 11:55

Cover image via

Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.

Yesterday, blockchain security firm Hacken stirred a fresh buzz of speculation after revealing the details of its investigation into the recent hack, which saw 213 million XRP worth about $112.5 million siphoned from Ripple cofounder Chris Larsen’s wallets.


In the wake of the hack, funds from the compromised wallet were initially transferred to eight different wallets before eventually making their way to centralized exchanges.

Hacken, in its investigation, flagged one of the wallets, a new address involved in a $64 million transaction, to be directly connected with the XRP pack of addresses, with some outgoing and incoming transactions connecting them.

Hacken concluded in its investigation that two wallets connected to XRP’s authorized wallet played key roles in the hacking incident.

Hacken pointed out that among the exchange addresses, one from Kraken (rLHzPsX6oXkzU2qL12kHCH8G8cnZv1rBJh) draws attention and speculates that it was allegedly used to funnel out the funds. Also, it assumes that the wallet used in the hack had longstanding ties with XRP, given its interactions with the above-mentioned Kraken wallet in 2020.

This line drew the attention of Ripple CTO David Schwartz, who used the opportunity to make an important clarification on the said Kraken wallet.

Schwartz berated Hacken researchers for not knowing how XRP Ledger works, noting that all XRP deposits to Kraken are made to the same wallet. In this case, the Kraken address “rLHzPsX6oXkzU2qL12kHCH8G8cnZv1rBJh” cited by Hacken is Kraken’s “only” XRP deposit address.

The Kraken support website validates this narrative, noting that all Kraken accounts share a single XRP deposit address: rLHzPsX6oXkzU2qL12kHCH8G8cnZv1rBJh, hence, the need for a unique and mandatory destination tag. This destination tag is used to determine what account a deposit should be assigned and credited to.

According to Thomas Silkjaer, Head of Analytics and Compliance at the XRP Ledger Foundation, Kraken’s use of a single XRP deposit address has been around since 2014. He pointed out that, in this scenario, regarding Hacken’s investigation, looking at reused destination tags for a pointer would be void.


Leave a Comment