The headline this week is a shipped release: rippled 3.1.2 was released on March 12 with security fixes that, in the worst case, could cause servers to crash or restart — all operators should update immediately. On the developer portal (xrpl-dev-portal), the 3.1.2 release announcement was published and README cleanup was merged. In Clio (the API server), a cluster cache-loading improvement landed, allowing operators to limit simultaneous cache loads to one node at a time. In the JavaScript SDK (xrpl.js), a fix was merged to expose new server_definitions fields that were added to rippled's develop branch last week.
The most important news this week is a security patch release for rippled (version 3.1.2), the software that validators and full node operators run to participate in the XRP Ledger network. The official release notes describe fixes for issues that, in the worst case, could cause a server to crash or restart unexpectedly. There are no new protocol features in this update — it is purely a stability and security patch. If you operate a validator or node, you should upgrade to 3.1.2 as soon as possible. The release is available now and package checksums are listed in the official blog post.
For the API server Clio — the software many node operators and developers use to efficiently handle read queries against the ledger — a useful improvement landed this week. When multiple Clio nodes are running together in a cluster, all of them previously could attempt to load the ledger data cache at the same time, creating a surge of load on the underlying database. The fix adds an option to limit this so only one node loads the cache at a time, reducing pressure on startup. Separately, the community flagged and immediately began addressing another Clio issue: once a node falls into a "fallback" writer state (a mode added recently for reliability), it had no way to exit that state without restarting the entire cluster. A fix is in review and close to merging.
In the JavaScript SDK (xrpl.js), the library was updated this week to recognize new fields that rippled will start returning in server_definitions responses in a future release. This is preparatory work — once those fields are live in a released version of rippled, JavaScript clients will be able to automatically discover the full structure of every supported transaction type, reducing the need for manually maintained definition files. On the standards side, a notable new draft specification (XLS-99) was submitted proposing a Concentrated Liquidity AMM for XRPL — a more capital-efficient market-making mechanism than the existing AMM — though this is an early draft and far from implementation.
For updates, follow @XRPLF and @RippleXDev on X, and see the rippled 3.1.2 release page for upgrade instructions.
rippled 3.1.2 released — operators should update (release, blog: xrpl.org/blog/2026/rippled-3.1.2) — Version 3.1.2 shipped on March 12 with security fixes. Per the official blog post, these fixes address issues that, in the worst case, could cause servers to crash or restart. There are no new features or amendments in this release. If you operate a rippled server, update to 3.1.2 as soon as possible to ensure service continuity. This is a patch on the 3.1.x branch and does not include changes currently in develop.
Clio: Limit simultaneous cache loading in cluster (clio#2985, +1,283/−79 across 34 files, merged) — Closes clio#2707. Adds a configurable option so that in a Clio cluster, only one node loads the ledger cache at a time rather than all nodes hammering the backend simultaneously. This reduces load spikes during startup in clustered deployments. Approved by a core team reviewer.
SAV and Lending transactions marked NotDelegable (rippled#6489, +67/−148 across 3 files, merged to develop) — Marks Single Asset Vault (XLS-65) and Lending Protocol (XLS-66) transaction types as NotDelegable under the Permission Delegation (XLS-75) amendment. Any new transaction type defaults to non-delegable until delegation support is explicitly tested and confirmed. This was listed as "In Progress" last week and has now merged. No behavioral change for current mainnet since neither XLS-65 nor XLS-66 is enabled yet.
Enforce feature name lengths and character set (rippled#5555, +94/−7 across 3 files, merged to develop) — Adds a compile-time check that amendment feature names conform to a restricted character set (no Unicode, enforced length bounds). Prevents future amendments from accidentally using names that appear correct in some tools but are ambiguous. Approved by a core team reviewer.
Split combined transactor files into individual classes (rippled#6495, +2,568/−2,460 across 33 files, merged to develop) — Splits files that previously contained multiple unrelated transactor classes into one class per file (DID, Escrow, CrossChain Payment, etc.), following the pattern established by the rest of the codebase. Pure refactor, no behavioral changes. Approved by a core team reviewer. Cross-chain bridge files are deferred to a follow-up PR.
Exception handling improvements across transactors (rippled#6540, +105/−117 across 15 files, merged to develop) — Replaces LogicError with Throw in transactors and adds const to exception catch statements, as flagged by clang-tidy. Approved by 2 core team reviewers.
Mutex wrapper ported from Clio (rippled#6447, +443/−0 across 2 files, merged to develop) — Adds a well-tested mutex wrapper originally developed in Clio to rippled's library, making it available for future use across the codebase.
Remove dead code in CreateOffer (rippled#6541, +3/−9 in 1 file, merged to develop) — Removes a redundant check in offer creation that could never be reached. Spotted via AI code review.
Remove testline JTX helper (rippled#6539, +151/−266 across 8 files — open, approved) — see In Progress.
Replace levelization shell script with Python (rippled#6325, +343/−135 across 5 files, merged to develop) — Rewrites the internal levelization script (used to verify module dependency ordering) from shell to Python, reducing run time from ~5 minutes to ~1 second. Approved by a core team reviewer.
Improved InvariantCheck documentation (rippled#6518, +32/−1 in 1 file, merged to develop) — Adds inline documentation to the InvariantCheck framework, improving readability for contributors.
Confidential MPT: address auditor feedback (rippled#6511, +299/−77 across 5 files, merged to develop branch's confidential-transfer feature branch) — Addresses auditor findings for the in-development Confidential MPT (XLS-96) feature. Approved by a core team reviewer.
Confidential MPT: fix credential checks (rippled#6471, +268/−65 across 2 files, merged, related to confidential-transfer branch) — Audit finding no. 14: corrects credential validation logic in ConfidentialMPTSend. Approved.
Confidential MPT: safety size checks in helper functions (rippled#6484, +16/−9 in 1 file, merged) — Audit finding no. 17: adds bounds checks in cryptographic helper functions. Approved.
Confidential MPT: fix destination version increment (rippled#6462, +9/−2 across 2 files, merged) — Audit finding no. 12: removes an incorrect destination account sequence bump in ConfidentialMPTSend.
Confidential MPT: increment version on clawback (rippled#6454, +6/−1 across 2 files, merged) — Audit finding no. 11: ensures the confidential token version is incremented when clawback occurs.
A sustained push to enable clang-tidy bugprone-* checks continued this week, with multiple checks merged:
bugprone-inc-dec-in-conditions (rippled#6455) — prevents increment/decrement side effects inside conditionalsbugprone-optional-value-conversion (rippled#6470) — prevents implicit conversions through dereferenced std::optional valuesbugprone-reserved-identifier (rippled#6456)bugprone-too-small-loop-variable (rippled#6473)bugprone-suspicious-stringview-data-usage (rippled#6467) — prevents unsafe string_view::data() usage where null-terminated strings are expectedbugprone-suspicious-missing-comma (rippled#6468)bugprone-pointer-arithmetic-on-polymorphic-object (rippled#6469)bugprone-unused-local-non-trivial-variable (rippled#6458)bugprone-unused-raii (rippled#6505)bugprone-unhandled-self-assignment (rippled#6504) — approved by 2 reviewersFollow-up cleanup PRs also merged: rippled#6526 (fix missed bugprone-inc-dec-conditions check), rippled#6509 (fix clang-tidy issues from unused-local-non-trivial-variable merge).
CMake install components reorganized (rippled#6485, +25/−148 across 3 files, merged to develop) — Groups installation artifacts into Runtime (executables) and Development (library, headers) components, simplifying packaging workflows. Removes a flaky symlink creation step.
CI: artifact uploads scoped to XRPLF/rippled only (rippled#6523, +9/−11 across 5 files, merged) — Prevents CI failures in forks that lack upload credentials.
CI: Conan recipe upload rules fixed (rippled#6524, +9/−3 across 2 files, merged) — Corrects a mismatch between short and full git refs used to gate Conan uploads in pull request vs. push events.
CI: clang-tidy run fixed when .clang-tidy is changed (rippled#6521, +2/−2 across 2 files, merged) — Approved by a core team reviewer.
Clio: multiple CI dependency updates (clio#2991, clio#2992, clio#2993, clio#2994, clio#2995, merged) — Docker action suite (build-push, buildx, login, metadata, setup-qemu) all bumped to v4.0.0 for Node 24 compatibility.
xrpl.js: expose new server_definitions fields (xrpl.js#3227, +122/−41 across 3 files, merged) — Updates the ServerDefinitionsResponse type in xrpl.js to include five new fields (TRANSACTION_FORMATS, LEDGER_ENTRY_FORMATS, and associated flags/flag data) that were added to rippled's develop branch last week. Prepares the library for the upcoming rippled release that will expose these definitions over the API.
rippled 3.1.2 release announcement published (xrpl-dev-portal#3541, +63/−1 across 3 files, merged) — Adds the 3.1.2 release blog post and updates the link in 3.1.1 build instructions. Approved.
README cleanup and translation docs update (xrpl-dev-portal#3540, +10/−149 across 8 files, merged) — Removes outdated build instructions and duplicate files, updates translation contribution docs, and removes several places that still referred to rippled by the old name. Approved.
Dynamic MPT documentation published (opensource.ripple.com#184, +311/−1 across 5 files, merged) — Adds developer documentation for XLS-94 (Dynamic Multi-Purpose Tokens). Preview was at a staging URL; now merged. Approved after reviewer feedback was addressed.
xrpl4j: document manual release process (xrpl4j#705, +132/−0 in 1 file, merged) — Adds a guide to the Java SDK repository documenting the manual release steps for xrpl4j artifacts. Intended as a reference for future release automation.
rippled — RPC input validation tightening (rippled#6529, +288/−41 across 17 files, open) — Fixes type checking on several RPC endpoints (account_channels, subscribe, ledger, ledger_data, account_info) so malformed field types return proper errors rather than being silently accepted. Also upgrades urlgravatar from HTTP to HTTPS. This is an API change — clients sending non-string/non-boolean values to these fields will now receive errors. Under automated review; no human approvals yet.
rippled — Runtime fee_vote CLI/RPC command (rippled#6531, +558/−18 across 15 files, open) — Closes rippled#6180. Adds a new fee_vote RPC/CLI command allowing validators and operators to update fee vote targets (reference_fee, account_reserve, owner_reserve) at runtime without restarting rippled. Submitted by an external contributor. No reviews yet.
rippled — Refactored transactor files: "Modularise ledger" (rippled#6536, +793/−607 across 90 files, open) — Continues the ongoing modularization of rippled's codebase, this time reorganizing ledger-related modules. Approved by a core team reviewer.
rippled — Expanded pathfinding table for non-XRP→XRP routes (rippled#6507, +167/−4 across 3 files, open) — Submitted by an external contributor; adds new route patterns to the pathfinder's non-XRP→XRP path table and raises the maximum returned path count from 4 to 6 (aligning with Payment's accepted path limit). Under automated review; no human approvals yet.
rippled — LendingProtocol V1.1 feature amendment (multiple open PRs) — Active development on follow-on fixes for the Lending Protocol continues: rippled#6527 renames the fix amendment to featureLendingProtocolV1_1; rippled#6528 makes VaultID conditional on LoanBrokerSet operations (required for new, optional for update), gated behind featureLendingProtocolV1_1.
rippled — cppcoreguidelines clang-tidy checks (draft) (rippled#6538, +400/−404 across 147 files, draft) — Large draft PR enabling the remaining cppcoreguidelines-* checks across 147 files. Still in early/exploratory stage.
rippled — TSAN fixes for std-coroutine switch (rippled#6525, +61/−95 across 5 files, draft, labeled DraftRunCI/StdCoroutineSwitch) — Fixes thread-sanitizer issues in the coroutine work stream, removes TSAN+UBSAN combination that causes crashes, and cleans up suppressions.
rippled — Fix unchecked-optional-access in tests (rippled#6502, +509/−157 across 55 files, open) — Approved by a core team reviewer; addresses a large number of unchecked optional access patterns in test files, preparing to enable the corresponding clang-tidy check.
xrpl-py — XLS-68 Sponsorship support (first pass) (xrpl-py#920, +2,823/−3 across 31 files, open) — First pass at implementing XLS-68 (Sponsored Fees and Reserves) in the Python SDK, adding SponsorshipSet, SponsorshipTransfer transaction types, sponsor signature models, and ledger entry support. Under automated code review; active development.
xrpl4j — Refactor signing API using Immutables (xrpl4j#712, +110/−478 across 7 files, open) — Closes xrpl4j#711. Removes 450+ lines of boilerplate in SignatureUtils by adding two interface methods to Transaction that let the Immutables library auto-generate type-safe helpers for every transaction subclass. 4 reviews recorded, no human approvals yet.
Clio — Recover from fallback writer state (clio#3000, +740/−39 across 16 files, open) — Closes clio#2997. Adds a recovery timer so Clio can automatically try to exit the Fallback database writer state every hour without requiring a full cluster restart. Outstanding change requests from a core team reviewer (described as "nits").
XRPL-Standards — Concentrated Liquidity AMM draft (XLS-99) (XRPL-Standards#498, +1,869/−0 in 1 file, open) — New draft spec proposing a Concentrated Liquidity AMM (CLAMM) for XRPL, automatically assigned XLS-99 by the bot. Introduces three new ledger entry types (CLAMM, CLAMMTick, CLAMMPosition), seven transaction types, and four RPCs. Positions represented as NFTokens (XLS-20) for secondary market tradability.
XRPL-Standards — Vault Metadata Standard draft (XLS-98) (XRPL-Standards#493, +123/−0 in 1 file, open) — New draft proposing a standard formatting for Vault metadata, automatically assigned XLS-98.
XRPL-Standards — LendingProtocol V1.1 spec updates (multiple open PRs) — Companion to the rippled development: XRPL-Standards#497 makes VaultID conditional in LoanBrokerSet; XRPL-Standards#496 updates impairment logic (a finding from the Bug Bounty Program); XRPL-Standards#495 fixes an equation in XLS-66; XRPL-Standards#494 updates the First Loss Capital calculation formula.
fee_vote command: If this lands, it would give validators the ability to update their fee vote targets without a server restart — a meaningful operational improvement. Currently no reviews; worth watching for maintainer feedback given it's from an external contributor and touches RPC/CLI surfaces.account_channels, subscribe, ledger, and ledger_data will start receiving errors. Watch for a human approval and merge.Fallback state without a full restart.Bug filed: Known Amendments page anchor scrolling broken (xrpl-dev-portal#3539, labeled bug/web dev/redocly) — Filed by an external contributor. When clicking an amendment anchor link from another page (e.g., from the Lending Protocol concept page), the Known Amendments page loads at the correct URL but fails to scroll to the target amendment. Steps to reproduce are documented.
New xrpl4j issue: reduce boilerplate in SignatureUtils (xrpl4j#711, labeled enhancement) — Filed by a core team contributor, noting that every new transaction type added to xrpl4j requires manual additions to large switch statements in SignatureUtils. The companion PR xrpl4j#712 proposes the fix.
Clio: fallback writer state has no recovery path (clio#2997, labeled bug) — Filed and addressed in the same week: the new FallbackRecovery state PR (clio#3000) was opened immediately after the issue was filed.
LendingProtocol impairment logic: Bug Bounty finding — The spec update PR XRPL-Standards#496 notes that the minimum grace period on loan impairment was only 60 seconds, potentially allowing a broker to force a borrower default before any realistic first payment. This was reported through the Bug Bounty Program and is being addressed in the spec.
Compared to last week (March 2–8, 2026):
| Metric | This Week | Last Week | Change |
| Repos with activity | 7 | 6 | ↑1 |
| rippled PRs merged | 33 | 22 | ↑11 |
| rippled PRs opened | 17 | 15 | ↑2 |
| rippled commits | 34 | 17 | ↑17 (by 12 contributors) |
| xrpl-dev-portal PRs merged | 2 | 4 | ↓2 |
| xrpl-dev-portal PRs opened | 0 | 6 | ↓6 |
| xrpl-dev-portal commits | 7 | 10 | ↓3 |
| xrpl.js PRs merged | 1 | 2 | ↓1 |
| xrpl.js PRs opened | 1 | 5 | ↓4 |
| xrpl.js commits | 1 | 2 | ↓1 |
| xrpl-py PRs merged | 0 | 1 | ↓1 |
| xrpl-py PRs opened | 1 | 1 | flat |
| XRPL-Standards PRs merged | 0 | 4 | ↓4 |
| XRPL-Standards PRs opened | 6 | 2 | ↑4 |
| clio PRs merged | 13 | 11 | ↑2 |
| clio PRs opened | 1 | 2 | ↓1 |
| clio commits | 15 | 11 | ↑4 |
| xrpl4j PRs merged | 1 | 0 | ↑1 |
| xrpl4j PRs opened | 2 | 0 | ↑2 |
| xrpl4j commits | 1 | 0 | ↑1 |
| opensource.ripple.com PRs merged | 1 | 0 | ↑1 |
| Releases | 2 | 0 | ↑2 (rippled 3.1.2 + Clio nightly) |
| New issues filed | 4 | 2 | ↑2 |
Notable carryover: rippled#6495 (split combined transactor files) and rippled#6489 (SAV/Lending as NotDelegable) were both listed as "In Progress" last week and merged this week. The clang-tidy push continues at an elevated pace — 10 new checks merged this week vs. 5 last week.