chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.

Ripple

L1 & L2 Network Operatorsmedium·risk 0.4300·TVL ·blast $0·active
websitegithubtwitterdiscord
Static profile (Identity / Contract / Dependency / Governance / Reputation)

Identity

Sector
L1 & L2 Network Operators
Subsector tags
infra_tooling, general_defi, consumer_appDemo
Chain deployments
Website
https://www.ripple.xyzDemo
Launch date
Immutable
noDemo
Permissionless
yesDemo

Contract

Primary address
Proxy pattern
UNKNOWN
Upgrade authority
UNKNOWN
Multisig threshold
Compiler
0.8.13
Uses assembly
noDemo
Bug bounty
noneDemo
Contract addresses
0xa350d4cbab11ef15f3265988425b0f9c18f16b5bDemo
Audits tier
2

Dependency

Oracle providers
Bridge dependencies
Stablecoin dependencies
LST / LRT deps
Demo
DEX liquidity venues
aerodrome, velodromeDemo
CEX listings
Demo
Custodian
Demo
KMS provider
aws_kmsDemo
RPC provider
quicknodeDemo
Frontend host
netlifyDemo
npm lockfile sha
sha256:69473860e63646ac4091aa60048ca944fbcb6a646ac2fbb8aebd4d575cb1bdb9Demo

Governance

Governance type
token_votingDemo
Governance token
0x739cec4a3d86ac28890eb49b61d1bc9e88cfb527Demo
Treasury size
$0Demo
Team size
74Demo
Jurisdiction
USDemo
Incorporated entity
Ripple Holdings AGDemo
Anonymous team
noDemo
Security disclosure
yesDemo
IR SLA (hours)
12Demo

Reputation

GitHub
https://github.com/ripple/rippleDemo
Commit velocity (30d)
1Demo
Contributors
22Demo
Twitter
@rippleDemo
Discord
https://discord.gg/152y9wDemo
Last incident
Jan 4, 2024Demo
KYT screening
cleanDemo

Threat History

1 recorded incident
frontend dns hijackfrontendunattributed_criminalDemo
$3.7M

On 2024-01-04, Ripple suffered a frontend dns hijack incident resulting in approximately $3,716,110 in losses. The exploit targeted the frontend layer. Attribution: unattributed_criminal. This is a demonstration entry — not a real incident.

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0008
View incident →

Peer Incidents · Method B

8 root-cause predicate matches

Vulnerable to: phishing drainer

Matches the phishing drainer predicate

18 historical peer events
  • GoldfinchDemo
    $1M
  • BitgetDemo
    $739.9K
  • OrcaDemo
    $180.8K
  • Ether.fiDemo
    $443.4K
  • Alchemy PayDemo
    $334.2K
  • + 13 more

Vulnerable to: flash loan governance

Matches the flash loan governance predicate

18 historical peer events
  • ThirdwebDemo
    $33.2M
  • LayerZero Labs (physical verification context only)Demo
    $40.2M
  • First Digital USDDemo
    $12.1M
  • Protocol-Native Treasury Agents (DAO-embedded)Demo
    $13.8M
  • F2PoolDemo
    $3.5M
  • + 13 more

Vulnerable to: frontend dns hijack

Matches the frontend dns hijack predicate

11 historical peer events
  • Bridge.xyz / StripeDemo
    $10.4M
  • UK FCA Digital SandboxDemo
    $3.6M
  • Three SigmaDemo
    $2.7M
  • CryptoQuantDemo
    $517.3K
  • Celsius (defunct)Demo
    $22M
  • + 6 more

Vulnerable to: supply chain npm

Matches the supply chain npm predicate

10 historical peer events
  • Beefy FinanceDemo
    $176.2K
  • PowerledgerDemo
    $7.4M
  • UnichainDemo
    $8.8M
  • MEXCDemo
    $1M
  • Mango MarketsDemo
    $915.6K
  • + 5 more

Vulnerable to: kms misconfiguration

Matches the kms misconfiguration predicate

9 historical peer events
  • Stably, Inc. (issuance via regulated partners depending on program)Demo
    $505K
  • MatrixdockDemo
    $4.3M
  • EulerDemo
    $3.6M
  • NosanaDemo
    $1.7M
  • Tron FoundationDemo
    $1.3M
  • + 4 more

Vulnerable to: dvn collapse

Matches the dvn collapse predicate

8 historical peer events
  • Blast, Blockdaemon Wallet +2Demo
    $93.6M
  • Fordefi, XSGDDemo
    $17M
  • Element Finance, QuantozDemo
    $1.1M
  • Mercado Bitcoin, SwellDemo
    $15.3M
  • Internet Computer (DFINITY), Mantle +1Demo
    $10.3M
  • + 3 more

Vulnerable to: regulatory seizure

Matches the regulatory seizure predicate

6 historical peer events
  • RaydiumDemo
    $1.9M
  • CoinDCXDemo
    $29.8M
  • Silo FinanceDemo
    $14M
  • Base BridgeDemo
    $8.3M
  • EigenDADemo
    $101M
  • + 1 more

Vulnerable to: governance proposal malicious

Matches the governance proposal malicious predicate

5 historical peer events
  • Stripe CryptoDemo
    $1.5M
  • Notional V3Demo
    $507.1K
  • Hong Kong Monetary Authority — Ethereum pilotsDemo
    $18.9M
  • FalconXDemo
    $4.8M
  • AvailDemo
    $30.8M

Dependency Twins · Method A + B + C ensemble

Top 10 of 25 precomputed
#1

GCash

Payment Rails, On/Off-Ramps & CBDCs · medium
Ensemble
0.383
A · Jaccard0.10
B · Overlap1
C · Cosine0.91
Matches on
  • kms_provider = aws_kms
  • subsector_tags = infra_tooling, general_defi, consumer_app
  • method_b_root_causes = kms_misconfiguration
#2

Lighthouse

L1 & L2 Network Operators · medium
Ensemble
0.383
A · Jaccard0.10
B · Overlap1
C · Cosine0.91
Matches on
  • kms_provider = aws_kms
  • subsector_tags = consumer_app, infra_tooling, general_defi
  • method_b_root_causes = flash_loan_governance
#3

Protocol-Native Treasury Agents (DAO-embedded)

AI Agents & Autonomous On-Chain Systems · medium
Ensemble
0.379
A · Jaccard0.03
B · Overlap2
C · Cosine0.70
Matches on
  • subsector_tags = general_defi, consumer_app
  • method_b_root_causes = flash_loan_governance
#4

Kaiko (market integrity contexts)

Compliance, Forensics & Audit Tooling · medium
Ensemble
0.378
A · Jaccard0.08
B · Overlap1
C · Cosine0.91
Matches on
  • frontend_host = netlify
  • subsector_tags = infra_tooling, general_defi, consumer_app
  • method_b_root_causes = phishing_drainer
#5

Krebit

Identity, NFTs, Gaming & Consumer Apps · medium
Ensemble
0.377
A · Jaccard0.10
B · Overlap1
C · Cosine0.89
Matches on
  • kms_provider = aws_kms
  • subsector_tags = general_defi, infra_tooling, consumer_app
  • method_b_root_causes = phishing_drainer
#6

Arcade

Lending, Money Markets & CDPs · medium
Ensemble
0.374
A · Jaccard0.10
B · Overlap1
C · Cosine0.88
Matches on
  • kms_provider = aws_kms
  • subsector_tags = infra_tooling, consumer_app, general_defi
  • method_b_root_causes = kms_misconfiguration
#7

Chorus One

Liquid Staking & Restaking · medium
Ensemble
0.374
A · Jaccard0.10
B · Overlap1
C · Cosine0.88
Matches on
  • kms_provider = aws_kms
  • subsector_tags = general_defi, consumer_app, infra_tooling
  • method_b_root_causes = phishing_drainer
#8

Tron Foundation

L1 & L2 Network Operators · medium
Ensemble
0.374
A · Jaccard0.10
B · Overlap1
C · Cosine0.88
Matches on
  • kms_provider = aws_kms
  • subsector_tags = general_defi, consumer_app, infra_tooling
  • method_b_root_causes = kms_misconfiguration
#9

Ethereum Calldata

Rollups, Data Availability & ZK Infra · medium
Ensemble
0.374
A · Jaccard0.10
B · Overlap1
C · Cosine0.88
Matches on
  • kms_provider = aws_kms
  • subsector_tags = infra_tooling, general_defi, consumer_app
  • method_b_root_causes = supply_chain_npm
#10

Thirdweb

RPC, Node & Dev Infrastructure · medium
Ensemble
0.364
A · Jaccard0.03
B · Overlap2
C · Cosine0.66
Matches on
  • subsector_tags = infra_tooling, general_defi
  • method_b_root_causes = flash_loan_governance, phishing_drainer