A massive week for the developer portal: 22 documentation PRs merged, completing the bulk of the rippled-to-xrpld rename across xrpl.org and documenting dozens of rippled 3.2.0 features including new reserve values, gRPC TLS support, retired amendments, and a new agentic transactions section. In rippled, 23 PRs merged to develop — headlined by the upgrade to C++23, two Number arithmetic fixes, a performance optimization replacing dynamic_cast chains with type-tag dispatch, and the retirement of the fixUniversalNumber amendment. Clio published release candidate 2.7.1-rc2 with a proxy support fix, and xrpl4j landed two bug fixes to its main branch.
This week's XRPL development was defined by two major themes: a massive push to update the developer documentation at xrpl.org, and a systematic audit that uncovered dozens of potential issues in the core server code.
On the documentation front, 22 changes were published to the developer portal, completing the long-planned rename from "rippled" to "xrpld" across the entire site. If you've been reading the XRPL docs, you'll start seeing references to xrpld (the server binary), xrpld.cfg (the config file), and new file paths — all reflecting what the upcoming 3.2.0 release will ship. Beyond the rename, the docs team added a brand-new tutorial for sending Multi-Purpose Tokens (in JavaScript, Python, and Go), a new section on agentic transactions (automated payments using the x402 standard), documentation for 35 retired amendments, new reserve values (1 XRP base, 0.2 XRP per object), and many more 3.2.0 features. If you're a developer building on the XRPL, the documentation is substantially more complete this week.
On the core server (rippled), the codebase was upgraded from C++20 to C++23 — a significant modernization that enables newer language features and reduced the code by nearly 500 lines. Two separate bugs in the Number type — used internally for precise arithmetic — were fixed: one where comparing two negative numbers could give wrong results, and another where adding two negative numbers could round in the wrong direction. Transaction invariants (runtime safety checks) were temporarily disabled due to a performance issue, with a smarter replacement approach already in progress that would only run each check on relevant data. A core team member also filed over 60 new bug reports from a systematic audit, covering everything from pagination not working in certain API calls to edge cases in amount parsing. Most are low severity, but several are MEDIUM-priority issues that will likely see fixes in coming weeks. On the SDK side, community member @RaymondSeven discovered that the JavaScript, Python, and Java libraries all have various edge cases in how they handle token amounts and binary encoding — issues that could cause applications to silently process incorrect values. The Clio API server published release candidate 2.7.1-rc2 with a fix for proxy connection handling.
For the latest updates, follow @XRPLF and @RippleXDev on X, or check the XRPLF repos directly for full activity.
Note: All rippled changes below were merged to the develop branch and are not yet live on the network. A tagged release is required for any change to reach production.
Note: SDK PRs below were merged to each library's main branch. They become available to application developers only after a tagged release is published (npm for xrpl.js, Maven Central for xrpl4j, PyPI for xrpl-py). If no corresponding SDK release appears in the data, treat the feature as merged-but-pending-release and phrase availability accordingly.
fixUniversalNumber amendment: Removes all conditional code paths for the fixUniversalNumber amendment, which has been enabled on mainnet for over 2 years. This is routine amendment housekeeping that simplifies the codebase. rippled#5962 (+55/−379 across 17 files)fixCleanup3_3_0 amendment. rippled#6843 (+477/−338)Number comparison operator: Corrects operator< which returned the wrong result when two Numbers had the same exponent and were both negative. The fix reverses the mantissa comparison for negative values. rippled#7406 (+121/−18)Number addition/subtraction rounding edge cases: Adding two negative numbers with the same exponent that produce a result with a different exponent was reversing Upward and Downward rounding directions. rippled#7528 (+356/−39)[[maybe_unused]] for assert=OFF builds: Fixes a build failure where fix320Enabled was unused when assertions are disabled, causing -Werror=unused-variable to fail. rippled#7446 (+1/−1)std::move and std::string_view where possible: Sink parameters taken by value are now moved, and lightweight string read operations use std::string_view. rippled#7424 (+86/−86 across 35 files)XRPL_ASSERT_IF for amendment-gated assertions: Adds a new XRPL_ASSERT_IF(guard, cond, message) macro that fires only when both the guard (e.g., an amendment is enabled) and condition are true, replacing verbose if (...) { XRPL_ASSERT(...); } patterns. rippled#7378 (+59/−49)hasInvalidAmount() on type tag instead of dynamic_cast: Replaces a chain of up to three failed RTTI casts per field with a switch on the serialized-type tag. This eliminates expensive runtime type checking for the common case (non-amount scalar fields). rippled#7402 (+25/−7)SHAMapStore unit tests from needlessly creating a "main" directory on disk when an in-memory database is configured. rippled#7323 (+5/−1)Oracle::aggregatePrice: Adds test coverage verifying the null transaction check in Oracle price aggregation. rippled#7306 (+89/−0)Contributor @mathbunnyru continued the CI modernization effort with five merged PRs:
gh and file to nix packages: rippled#7444 (+8/−3)Clio 2.7.1-rc2 was released — a release candidate; not recommended for production.
A massive documentation week with 22 PRs merged, completing the 3.2.0 documentation push:
rippled to xrpld — final sweep: Updates prose, CLI commands, API labels, and diagram images across 190 English doc files. xrpl-dev-portal#3700 (+717/−717)rippled-.md pages to xrpld-.md: File renames, redirect entries, sidebar updates, and install/config docs updated to the 3.2.0 xrpld path layout across 437 files. xrpl-dev-portal#3701 (+2,376/−2,350)rippled.cfg → xrpld.cfg and config directory: xrpl-dev-portal#3677 (+249/−250 across 139 files)CheckCashMakesTrustLine version. xrpl-dev-portal#3688 (+163/−117)server_definitions formats and flags: Documents five new response sections from 3.2.0. xrpl-dev-portal#3687 (+121/−10)ledger_entry options for fee, amendments, NUNL, and hashes: xrpl-dev-portal#3686 (+77/−26)terlocked error code, delegate multi-signing, non-delegatable transactions, empty permissions behavior: xrpl-dev-portal#3675, #3679, #3680, #3681, #3684, #3685, #3683, #3676, #3691Math.abs(Long.MIN_VALUE) overflow in XrpCurrencyAmount.ofDrops(long): When drops equals Long.MIN_VALUE, Math.abs() silently overflows, producing a negative value that bypasses validation. The fix adds an explicit guard. Closes xrpl4j#755. Merged — pending Maven Central release. xrpl4j#798 (+15/−0)ReferenceHolding to MpTokenIssuanceObject: Adds the ReferenceHolding field to the MPT issuance ledger object and updates integration tests to use the rippleci/xrpld Docker image. Merged — pending Maven Central release. xrpl4j#795 (+33/−3)rippled — Fix Audit/Attackathon reports (Phase 2) (rippled#7537, +72/−7) — Fixes CheckCash to hard-cap MPT DeliverMin at half of maxMPTokenAmount. Approved by two reviewers; likely to merge soon.
rippled — Rewrite build environment docs (rippled#7533, +667/−433 across 17 files) — A comprehensive rewrite of rippled's build documentation. Approved by @godexsoft.
rippled — Only run invariants on relevant ledger entry types (rippled#7440, +1,203/−28 across 20 files) — Refactors invariant checking to dispatch each invariant only to relevant ledger entry types instead of all entries. Includes a performance harness. Approved by AI reviewer.
rippled — Add invariant for pseudo-account deletion (rippled#7445, +228/−11) — Ensures that when a ledger object with an associated pseudo-account (AMM, Vault, LoanBroker) is deleted, its pseudo-account is also deleted. Approved by @gregtatcam and three other reviewers.
rippled — Remove clear mutable flags for DynamicMPT (XLS-94) (rippled#7439, +631/−1,164) — Aligns the DynamicMPT implementation with a spec change: mutable MPT issuance flags are now strictly one-way (enable only, no toggling).
rippled — Fix AMM auction slot free acquisition (rippled#7430, +79/−28) — Fixes an issue where auction slots could be acquired for free when the AMM trading fee is zero, preventing fee-change speculation.
rippled — Fix MPT STIssue serialization endianness (rippled#7429, +65/−0) — Normalizes MPT sequence bytes in STIssue serialization to be host-endian independent. Approved by two reviewers.
rippled — Add delegate filter for account_tx RPC (rippled#6126, +415/−3) — Adds an API filter parameter for delegation-related transactions. Labeled "API Change." Approved by @kuznetsss.
rippled — Untrusted Validator Squelching (rippled#5399, +3,379/−1,080) — Limits message propagation from untrusted validators. Approved by @gregtatcam but has conflicts and is blocked pending a draft XLS specification.
xrpl4j — Multiple bug fix PRs from @cybele-ripple remain open and approved: secp256k1 deriveScalar byte accumulation fix (xrpl4j#801), HopType.toJson() field fix (xrpl4j#799), XrpCurrencyAmount.equals/hashCode sign fix (xrpl4j#800), LockedAmount base-10 serialization (xrpl4j#803), AffectedNodeDeserializer NPE fix (xrpl4j#797), and an alternative warn-and-skip approach (xrpl4j#807).
xrpl.js — Deep amount comparison fix (xrpl.js#3338, +41/−2) — Fixes handleDeliverMax using reference equality (!==) for IOU/MPT amounts, causing spurious validation errors. From community member @satyakwok. Active code review discussion.
opensource.ripple.com — Remove Dynamic MPT clear flags (opensource.ripple.com#217, +54/−44) — Aligns documentation with XLS-94 spec changes removing tmfMPTClear* flags. Has change requests.
book_offers marker pagination being non-functional #7458, amountFromJson wrong-variable bug #7464). Watch for fix PRs to follow.Massive audit/attackathon issue filing: Core team member @mvadari filed over 60 new bug issues against rippled this week, covering RPC handlers, peer protocol, invariant checkers, resource charging, and more. Severities range from INFORMATIONAL to MEDIUM. Notable findings include book_offers pagination being non-functional (rippled#7458), amountFromJson reading from the wrong variable for unsigned integers (rippled#7464), and channel_authorize/channel_verify accepting zero-amount claims that would be rejected on-chain (rippled#7474).
MPT amount overflow in xrpl.js: Community member @RaymondSeven reported (xrpl.js#3368) that xrpl.js accepts out-of-range MPT amounts (above 2^63−1) and silently truncates them to their low 64 bits — e.g., 2^64 serializes as 0. This could cause applications to sign transactions transferring far less than intended.
Currency decoding bugs in xrpl-py: The same reporter filed two issues in xrpl-py: a UnicodeDecodeError on valid 160-bit currency codes with non-ASCII bytes (xrpl-py#1007), and misclassification of malformed 160-bit currency codes as ISO codes due to only checking buffer[0] (xrpl-py#1006).
Binary codec issues in xrpl4j: @RaymondSeven also filed two xrpl4j issues: incorrect 2-byte variable-length decoding formula (xrpl4j#805) and missing recursion depth limits during deserialization (xrpl4j#804).
New XLS proposals: Two new draft proposals appeared in XRPL-Standards discussions:
Contributor @xrpl365 got a Node.js version fix merged on the developer portal (xrpl-dev-portal#3666), correcting the documented minimum from Node.js 20 to 22 since the Redocly dependency requires Promise.withResolvers.
Compared to last week (June 1–7, 2026):
| Metric | This Week | Last Week | Change |
| Repos with activity | 8 | 8 | flat |
| rippled PRs merged | 23 | 22 | ↑1 |
| rippled PRs opened | 15 | 17 | ↓2 |
| rippled new issues | 60 | 2 | ↑58 |
| xrpl.js PRs merged | 0 | 13 | ↓13 |
| xrpl.js PRs opened | 2 | 9 | ↓7 |
| xrpl.js releases | 0 | 6 | ↓6 |
| xrpl.js new issues | 1 | 0 | ↑1 |
| xrpl-py PRs merged | 0 | 2 | ↓2 |
| xrpl-py new issues | 2 | 0 | ↑2 |
| xrpl-py releases | 0 | 1 | ↓1 |
| xrpl4j PRs merged | 2 | 1 | ↑1 |
| xrpl4j PRs opened | 7 | 7 | flat |
| xrpl4j new issues | 2 | 0 | ↑2 |
| xrpl-dev-portal PRs merged | 22 | 2 | ↑20 |
| xrpl-dev-portal PRs opened | 5 | 16 | ↓11 |
| xrpl-dev-portal commits | 31 | 4 | ↑27 |
| XRPL-Standards PRs merged | 2 | 0 | ↑2 |
| XRPL-Standards PRs opened | 1 | 1 | flat |
| XRPL-Standards discussions | 2 | 0 | ↑2 |
| Clio PRs merged | 5 | 7 | ↓2 |
| Clio releases | 1 | 2 | ↓1 |
| opensource.ripple.com PRs opened | 1 | 0 | ↑1 |
| Releases (total) | 1 | 9 | ↓8 |
The big story this week is the dramatic shift from the SDK release wave (last week: 9 releases, 15 SDK PRs merged) to a documentation blitz (22 portal PRs merged vs. 2 last week) and a massive audit issue filing (60 new rippled issues vs. 2 last week). Several items that were "In Progress" last week landed: the Number comparison fix (rippled#7406), transaction invariants disable (rippled#7409), the XRPL_ASSERT_IF macro (rippled#7378), the hasInvalidAmount performance optimization (rippled#7402), and the const function arguments refactor (rippled#7423) all merged. The developer portal shifted sharply from opening (16→5) to merging (2→22) as the 3.2.0 documentation wave completed.