XRP Ledger Scores Lowest on Blockchain Security Ranking, Faces Fresh Scrutiny - Coinedict

The XRP Ledger (XRPL), which powers the world’s third-largest cryptocurrency by market cap, is facing scrutiny after scoring the lowest in a recent blockchain security ranking.

According to blockchain analytics company Kaiko, XRPL received just 41 out of 100 points in its quarterly Blockchain Ecosystem Ranking, placing it at the bottom among 15 major blockchains. In comparison, Ethereum scored the highest at 83, while Polygon and Stellar scored 44 and 45, respectively.

Key Findings

XRPL security score: 41/100, lowest among 15 blockchains

April 2025 hack: Compromised XRPL’s software supply chain, exposing private keys to risk

Validator weakness: About 190 active validators compared to Ethereum’s over 1 million

Decentralization concerns: Only 35 validators in XRPL’s default “unique node list”

Security Concerns Highlighted

The biggest issue for XRPL was a software supply chain attack in April 2025. Hackers compromised xrpl.js, the official JavaScript library used by developers to interact with the XRP Ledger. With over 140,000 weekly downloads, this library is integrated into numerous apps and websites in the crypto ecosystem.

The attack was identified when malicious package versions appeared on Node Package Manager (NPM). Security firm Aikido confirmed that the attacker had stolen a developer’s token, allowing them to upload compromised versions of the library. The harmful code could have enabled hackers to steal private keys from crypto wallets.

“This could have been catastrophic,” noted security researcher Eriksen, emphasizing that while the main ledger itself wasn’t directly hacked, the breach revealed serious vulnerabilities.

Validator Centralization Still a Problem

Beyond the supply chain incident, Kaiko highlighted validator distribution as another weakness. Unlike Ethereum, which has over a million validators, or Solana, with more than 1,700, the XRP Ledger operates with about 190 active validators.

Even more concerning, only 35 validators are part of XRPL’s default “unique node list,” the group most users rely on to reach consensus. While this setup increases speed and reliability, critics argue it makes XRPL more vulnerable to centralized failures or coordinated attacks.

A Bright Spot: Real-World Adoption in Healthcare

Despite security concerns, real-world adoption of XRPL is gaining ground.

Wellgistics Health (WGRX), a Nasdaq-listed pharmaceutical distributor, has launched an XRP Ledger-based payments system for thousands of U.S. pharmacies. This solution allows pharmacies to pay for drug inventory instantly, avoiding high credit card fees and banking delays.

Integrated with RxERP, a pharmaceutical ERP and e-commerce tool, this system promises lower costs, real-time settlement, and better transparency for over 6,500 pharmacies and 200 manufacturers.

CEO Brian Norton stated that pharmacy owners are more open to blockchain solutions than many believe, showing a surprising interest in innovation within the healthcare industry.

The latest Kaiko report puts the XRP Ledger under pressure, ranking it the least secure among major blockchains due to validator centralization and April’s hack.

However, real-world partnerships like Wellgistics’ pharmacy payments rollout indicate that despite security issues, XRPL is moving forward in adoption—especially in sectors that value speed, transparency, and low fees.

Whether XRPL can address its decentralization and validator problems could determine if it improves in future blockchain security rankings.