Skip to content
- The XRPL EVM sidechain and Axelar integration passed a security audit.
- They fixed one critical issue and addressed minor ones.
- They have now improved validator security and token management.
Ajit Kulkarni, a crypto product builder, announced another completed audit of the XRPL EVM Sidechain, including XRP integration. The audit also covered its integration with Axelar. Informal Systems led the process in February 2025. Known for their expertise in blockchain security, the firm reviewed the sidechain’s architecture, node code, and Cosmos EVM fork.
The XRPL EVM Sidechain provides support for smart contracts in the Ethereum format on the XRP Ledger. The team built it using the Cosmos SDK and implemented CometBFT as the consensus algorithm. The auditors aimed to assess the system’s security, reliability, and readiness for use.
It’s one of XRPL’s attempts at offering a secure and scalable smart contract platform for developers and institutions. There was only one serious issue that came forward with the audit. It involved the crisis module, which failed to interrupt the chain when a failure occurred. It could allow users to ignore security vulnerabilities.
XRPL Sidechain Fixes Bolster Security
It correlates with a previously known issue in the Cosmos SDK framework. RippleX and Peersyst acted promptly. They added a fix and are evaluating long-term resolutions. Informal Systems reviewed and approved the fix. They considered other audit findings low risk or informational.
These included suggestions for improved structure, organization, and practices in the code. The team resolved problems like redundant burning during validator removal, missing checks for the minimum number of validators, and unclear logic for preventing ownership lockouts.
It reviewed the XRPL EVM Sidechain’s validator setup too. It runs on a Proof-of-Authority model with variations over CometBFT’s proof-of-stake base. Governance regulates it by making the changes visible and stopping centralization.
Validator Discipline and Token Control
A dedicated staking token, BondDenom, enables validator roles. It’s minted only when a validator is added and burned when removed. There are no additional tokens floating around. Delegations and re-delegations are disabled. Validators don’t receive staking rewards, and slashing doesn’t occur.
This strict model ensures validator behavior is predictable. It minimizes consensus risk and makes the sidechain institutional-grade. Token management also experienced significant improvement. The sidechain’s Cosmos EVM fork facilitates minting, burning, and transferring ERC-20 tokens using precompiled contracts.
These operations can be done only by authorized parties. Gated ownership by governance or secure precompile checks ensures ownership. In the future, we could include a more explicit separation between revocation of ownership and transfers, which would preclude accidental lockouts.
All issues that Informal Systems raised have been addressed. XRPL EVM Sidechain is now in place to facilitate smart contracts, tokenization, and cross-chain finance. With security and governance on board, it’s a major leap forward for the XRP Ledger’s ecosystem.
Related Reading: Bitcoin Drops Below $84K as Whale Activity and Trump’s Tariff Policy Stir Market Volatility
