News
9 Jun 2026, 10:00
Security Milestone: XRP Lending Protocol Completes Military-Grade Assessment

Testing found something conventional methods missed. Ripple software engineer Vito Tumas disclosed that the formal verification process being applied to the XRP Ledger’s upcoming lending protocol has already uncovered complex edge cases that standard testing procedures failed to detect. Related Reading: A 400 Billion Shiba Inu Surprise: Whale Wallet Springs Back To Life Ripple is working alongside blockchain security firm Common Prefix on the effort. Together, the teams construct an abstract model of the protocol and continuously compare it against the C++ implementation of xrpld — the XRP Ledger’s server software — using a verification framework built to catch discrepancies and potential vulnerabilities before they reach users. Why Traditional Testing Falls Short Tumas explained that conventional testing only covers scenarios developers think to anticipate. Formal verification, by contrast, uses mathematical proofs to confirm that code behaves correctly across a much wider set of conditions — including edge cases that human testers may never consider. The technique is used in fields where failure is not an option, among them aircraft systems, nuclear power plants, and military-grade software. Upcoming Lending Protocol is getting Formal Verification 👀!! The tech used to safeguard nuclear power plants, airplanes, military systems is being applied to the $XRP Ledger. Call it Fortress XRP. XRP’s native DeFi (no smart contracts) meets best in class security standards… https://t.co/KSAm0UuJC1 pic.twitter.com/D3aSFOUePS — Vet (@Vet_X0) June 8, 2026 The verification work covers two features central to XRPL’s native DeFi push: the Lending Protocol and Single Asset Vaults. Both are designed to bring borrowing and lending directly to XRPL’s Layer-1 architecture, bypassing the need for traditional smart contracts entirely. Because DeFi functionality is embedded at the protocol level rather than in separate application layers, a flaw would carry consequences for the entire network — not just a single app. AI And Formal Verification XRPL dUNL validator Vet, who brought wider attention to the initiative through a post on X, said artificial intelligence is playing a growing role in making formal verification more practical and accessible at scale. He suggested that combining AI with formal verification could strengthen institutional confidence in the XRP Ledger ecosystem going forward. The XRPL community has seen what AI-assisted security analysis can do. Earlier this year, an AI tool identified a flaw in the proposed Batch amendment that could have exposed user funds to risk. Related Reading: XRP Monthly RSI Drops To All-Time Low As Market Watches For Confirmation Native Lending Inches Toward Activation The lending protocol was introduced under the XLS-66 amendment and entered the validator voting phase earlier this year following the release of XRPL version 3.1.0. According to Vet, developers are still in the testing phase while the necessary security safeguards are put in place before the feature goes live. Both institutional and retail users are expected to be able to access credit using assets such as XRP and RLUSD once the protocol is activated. Featured image from Biotech Healthcare, chart from TradingView
9 Jun 2026, 09:16
Humanity Protocol suffers Private Key theft, H token crashes 90%

Humanity Protocol is the latest Web3 protocol to suffer an exploit, where the native token lost 90% of its value. The protocol’s holdings were compromised after a team wallet’s private keys were exposed. Humanity lost an immediate $4M from the wallet exploit, but the losses may be as large as $31M after the native H token also erased up to 90% of its value. The team warned against interacting with bridges and liquidity pools until control over multisig wallets is recovered. https://x.com/Humanityprot/status/2064167144120877127 Following the exploit, H recovered slightly, but still carried an 83% loss, down to $0.12. In the week before the crash, H performed one of its biggest vertical rallies and held near its all-time highs of up to $0.80. Humanity crashed by as much as 90% after a compromised multisig wallet led to $31M in losses from direct theft of H tokens. | Source: Coingecko Humanity is the latest Web3 project to suffer an exploit, exposing further weaknesses in security . For the past year, hacks and exploits took over $1.47B from various protocols, targeting both large projects like KelpDAO, and niche liquidity hubs. Humanity Protocol aimed to combine privacy with proof of humanity, using palm prints to secure an on-chain identity. The protocol aimed to become multi-chain, and was also exposed to the risk of bridging and drained wallets. What happened to Humanity Protocol? The underlying reason for the hack was that a member of the Humanity Foundation exposed their private keys. Over 19 wallets were drained, with up to $31M in estimated losses, as reported by DeFi llama. The exact estimates vary based on different on-chain data. The exploit was ongoing, with more illicit minting of H, and additional swaps through BNB Chain. The latest transaction intercepted through the attacker’s wallets created another 100M H tokens. The initial reports showed wallets that interacted with Humanity Protocol were drained. Later, it became clear that all wallets were controlled by the team. Humanity Protocol also shows a high concentration of H tokens held by team wallets, as well as by wallet clusters, based on Bubblemaps data . The coincidence of dumping H tokens just days after they reached new price records also raised potential questions on a deliberate exit disguised as a hack. H tokens have been trading for a little under a year, still relying on Gate and Bybit for their liquidity. After the hack, the H tokens stolen were stored into five destination addresses, with most of the funds immediately swapped into ETH. The fast movement of funds after the exploit and the shift to ETH also resembles the approach of DPRK hackers. The recent hack also happened before one of the expected big unlocks of H tokens. On June 25, Humanity Protocol is scheduled to unlock 2.86% of the total supply, or over 15% of the current free float. Humanity Protocol lost money for top VC backers Humanity Protocol was not a niche Web3 project. The protocol raised $50M to reach a valuation of $1.1B. Pantera Capital was the project’s main backer for the second strategic raising round of $20M. Animoca Brands has also supported the project’s seed round. The project has been running since 2024, and is not a recent overhyped token, causing further damage to even legitimate-looking Web3 startups. As a result, Humanity Protocol was operating under the playbook of VC-backed, low-float tokens. The low float allowed for dramatic appreciation of the H token, despite the recent worsening sentiment of crypto markets. On-chain researcher ZachXBT also noted Humanity Protocol most likely used aggressive market makers to achieve peak H valuations, demanding disclosure of the project’s trading practices. The smartest crypto minds already read our newsletter. Want in? Join them .
9 Jun 2026, 08:02
Ex-Ripple CTO Just Dropped the XRP Ledger Blueprint That Stuns XRP Army

The XRP community is once again focusing on the origins and capabilities of the XRP Ledger after crypto enthusiast Lord XRP shared a tweet highlighting comments from former Ripple CTO David Schwartz. In the post, Lord XRP declared that Schwartz had revealed the “blueprint” behind XRP’s role in the future of global payments, emphasizing the network’s speed, low transaction costs, scalability, and borderless functionality. The tweet presented XRP as a technology designed to replace outdated financial infrastructure and pointed to Schwartz’s recent remarks as evidence of the XRP Ledger’s long-standing technological advantages. Alongside the post, Lord XRP attached a video in which Schwartz discussed the design decisions that shaped XRPL more than a decade ago. FOLKS “DAVID SCHWARTZ JUST DROPPED THE BLUEPRINT #XRP IS THE FUTURE OF GLOBAL PAYMENTS..FAST, CHEAP, BORDERLESS AND BUILT FOR SCALE! LEGACY SYSTEMS ARE DONE. XRPL IS TAKING OVER. THIS ISN’T HOPE. THIS IS HAPPENING RIGHT NOW pic.twitter.com/Qf87AbzobE — Lord XRP (@Bitforcoinz) June 7, 2026 Concerns About Traditional Blockchain Asset Exchanges In the video, Schwartz explained that one of the major challenges facing asset exchanges on blockchain networks involves the ability of block producers to reorder transactions for their own benefit. According to him, this issue can create situations where those responsible for producing blocks gain unfair advantages over regular users. Schwartz noted that if asset prices move unexpectedly, a block producer could potentially prioritize their own transactions, capture profitable opportunities, or prevent users from cancelling orders. He described how such possibilities create conflicts of interest that can negatively affect fairness and efficiency in a trading environment. According to Schwartz, these concerns led XRP Ledger developers to recognize a unique opportunity. He stated that the technology behind XRPL was designed to avoid these specific problems, making it particularly suitable for supporting asset exchange directly on the ledger. We are on X, follow us to connect with us :- @TimesTabloid1 — TimesTabloid (@TimesTabloid1) June 15, 2025 The Creation of Issued Assets and an Early Decentralized Exchange Schwartz went on to explain that the XRPL team drew inspiration from work completed by Ryan Fugger in 2004. Building on those ideas, developers created issued assets, which Schwartz described as essentially the first stablecoins. He also stated that the XRP Ledger introduced what is now commonly referred to as a decentralized exchange, or DEX. Rather than treating trading functionality as a separate application, the developers integrated exchange capabilities directly into the ledger itself. Schwartz further explained that the team built what he called a multi-asset ledger, enabling multiple forms of value to exist and move across the same network. These features were implemented years before many of the concepts became common throughout the broader blockchain industry. Lord XRP used Schwartz’s comments to support a broader argument about XRP’s long-term role in financial infrastructure. The tweet asserted that XRP is positioned to serve global payments through technology that is fast, inexpensive, and capable of handling large-scale demand. Disclaimer : This content is meant to inform and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not represent Times Tabloid’s opinion. Readers are advised to conduct thorough research before making any investment decisions. Any action taken by the reader is strictly at their own risk. Times Tabloid is not responsible for any financial losses. Follow us on X , Facebook , Telegram , and Google News The post Ex-Ripple CTO Just Dropped the XRP Ledger Blueprint That Stuns XRP Army appeared first on Times Tabloid .
9 Jun 2026, 07:45
Humanity Protocol Exploited for Over $30M as Hacker Mints 200M Tokens, $H Crashes 90%

One of crypto’s hottest identity narratives just collapsed in real time. Humanity Protocol $H, the project that had been riding a wave of buzz around biometric identity on blockchain, has been exploited for more than $30 million. The token has crashed up to 90% in a matter of hours, the attacker is still holding tens of millions of dollars worth of $H ready to sell, and ZachXBT is already on the scene with accusations that cut far deeper than the hack itself. The Exploit Unfolds In Real Time Lookonchain was one of first to flag the attack, reporting that wallets linked to or previously interacting with Humanity Protocol were being drained as an active exploit unfolded. Initial loss estimates came in around $19 million before climbing rapidly. Within hours, the figure had crossed $30 million and was still moving. Humanity( @Humanityprot ) has been exploited, with losses exceeding $30M! The hacker is currently dumping $H and swapping it for $ETH . $H has already crashed ~90%. https://t.co/0Bhtu6TZDr pic.twitter.com/cNGO70PHDH — Lookonchain (@lookonchain) June 9, 2026 The attacker’s method was aggressive and straightforward. They began dumping $H tokens immediately, rotating the proceeds into ETH to lock in value before the market could fully process what was happening. By the time the full picture emerged, the hacker had already obtained 18,510 ETH worth approximately $30.83 million and an additional 1,548 BNB worth around $924,000 purely from selling $H into whatever liquidity remained. $H responded the way any token does when a large seller with unlimited supply hits an illiquid market, it collapsed. The token crashed between 80% and 90% from its intraday highs in the space of a few hours, erasing months of price appreciation and the entire identity narrative that had been built around the project. The Hacker Mints 200 Million Tokens On BSC Then things got significantly worse. A follow-up alert from Lookonchain revealed that the Humanity hacker had minted 100 million $H tokens on Binance Smart Chain, and then minted another 100 million on top of that. Note that the #Humanity hacker has minted another 100M $H on BSC. By selling $H , the hacker has already obtained 18,510 $ETH ($30.83M) and 1,548 $BNB ($924K). The hacker still holds 111.36M $H ($14M) ready to be sold. However, on-chain liquidity is nearly exhausted. https://t.co/vSArj5j185 pic.twitter.com/aA56QhdNDr — Lookonchain (@lookonchain) June 9, 2026 Two separate minting events, 200 million tokens created from nothing, each worth tens of millions of dollars at pre-crash prices and still carrying meaningful sell value even at the decimated post-crash price. At the time of reporting, the attacker still holds 111.36 million $H valued at approximately $14 million, a loaded gun pointed at whatever on-chain liquidity remains. The problem is that liquidity is nearly exhausted. The market has already absorbed an enormous volume of forced selling, and the depth to absorb another $14 million exit simply may not be there. What happens when an attacker with $14 million in tokens cannot find buyers is a question the Humanity Protocol community is now staring down directly. The minting events are the most alarming part of this story because they go beyond a standard private key compromise or bridge exploit. Someone was able to create new token supply at will, which raises fundamental questions about the protocol’s smart contract architecture and access control design that the team has not yet answered. The Team Confirms a Private Key Compromise We're aware of a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation. The safety of our community is our top priority, and we want to be fully transparent about what we know. As a precaution, please do NOT interact with the… — Humanity (@Humanityprot) June 9, 2026 Humanity Protocol’s official account posted a statement acknowledging the incident. The team confirmed they are aware of a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation. They urged the community to stop interacting with the bridge or any liquidity pools immediately, stating it is the single most important step users can take to protect their funds right now. The statement said the team is working with leading security experts and exchange partners to assess the scope of the incident and secure all affected systems. They apologised directly, “we’re deeply sorry that this has happened”, and committed to sharing only verified updates rather than speculating before facts are confirmed. Official updates, they stressed, will come only from the main account or co-founder Terence Kwok’s personal account. The acknowledgment of a private key compromise is significant. It suggests this was not purely a smart contract vulnerability but rather a situation where someone with privileged access, either a team member or someone who gained access to their credentials, was able to execute the minting and draining operations. That distinction matters for how the community and exchanges respond going forward. ZachXBT Fires At The Project’s Credibility While the team was issuing damage control statements, ZachXBT arrived with a different kind of message. The on-chain investigator was not interested in sympathy for the project. His post was blunt: the team chose to pump their token for weeks with zero fundamentals and now expects Crypto Twitter to blindly trust their story. He demanded the team disclose their active market maker agreements with a Hong Kong entity before asking for community trust. You choose to crime pump your token for weeks with zero fundamentals and think CT will blindly trust your story? Disclose your active MM agreements with the HK entity first…. — ZachXBT (@zachxbt) June 9, 2026 The accusation is serious and lands hard in the context of what just happened. If the token was being artificially pumped through coordinated market making activity with no fundamental backing, then the exploit did not just destroy a legitimate project, it destroyed a project that was already operating in questionable territory. That changes the moral calculus of community sympathy significantly and explains why ZachXBT is not treating this purely as a victim story. What the Humanity Protocol Collapse Means for Identity Tokens The broader lesson here cuts across the entire identity narrative space in crypto. Humanity Protocol had all the surface ingredients that attract attention, biometric verification, a compelling vision for on-chain identity, partnerships, and a price chart that suggested momentum. None of that survived contact with a compromised private key and an attacker who knew exactly how to monetise unlimited minting access. When a token loses trust in its supply integrity, the road back is significantly harder than recovering from a bear market or a bad news cycle. Markets can forgive price crashes. They struggle to forgive the revelation that someone was able to create unlimited tokens at will and drain tens of millions of dollars out the door before anyone could stop them. Until Humanity Protocol publishes a full post-mortem, discloses the scope of the minting exploit, and addresses ZachXBT’s market maker allegations directly, the community has no reliable foundation on which to rebuild confidence, and the attacker still has $14 million in tokens ready to sell. Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services. Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news !
9 Jun 2026, 07:45
Why is H’s price down today? Inside Humanity Protocol’s $32M exploit

Humanity's exploit triggered an 80% collapse as the attacker drained assets and liquidity drained across markets.
9 Jun 2026, 07:30
New XRP Lending Protocol Gets Formal Verification In Push For Safer DeFi

RippleX Developers said formal verification work on the XRP Ledger is moving from the long-running Payment Engine to newer native DeFi protocols, including Single Asset Vault and the upcoming Lending Protocol, marking a shift toward proving protocol correctness before high-stakes features are shipped. In a June 8 post , Vito Tumas, writing for RippleX Developers, said the new focus follows an exploratory phase earlier this year with Common Prefix, which helped define the technical scope and strategy for applying formal methods to XRPL’s next generation of native financial primitives. “This pivot represents a change in how we approach protocol-native feature development,” Tumas wrote. “Rather than a safety net, we will embed formal verification practices from day one, specifying and verifying complex new features . We are making provable protocol correctness a design property.” Why This Matters For The XRP Ledger The distinction matters because XRPL’s approach to DeFi differs from networks where lending, vaults and other financial logic typically live in separate smart contracts. According to RippleX, the XRP Ledger embeds its DeFi primitives directly into its core C++ architecture. That design can bring performance and integration benefits, but it also raises the cost of failure. As the post framed it, a bug in an external smart contract may be isolated or replaced. A vulnerability in core Layer-1 C++ code can have ledger-wide implications. That is the security backdrop for the formal verification push around Single Asset Vault and the Lending Protocol, both of which introduce more complex native economic logic to XRPL. RippleX said the complexity is not mainly about the volume of code. Instead, the central challenge lies in preserving numerical precision across multiple sequential operations, where small rounding issues must not be allowed to compound into larger accounting errors. In lending markets and vault systems, that kind of precision is not a secondary detail; it is part of the economic design. “Formal verification is the natural tool for this class of problem,” Tumas wrote, describing it as a way to mathematically prove the correctness of these mechanisms and establish a standard for native DeFi primitives that follow. The post contrasted formal verification with conventional testing. Unit tests, integration tests and system tests can validate specific scenarios that engineers anticipate, including expected user flows and adversarial interactions. The limitation, RippleX argued, is that engineers can only test the cases they think to write. “For a DeFi protocol with near-infinite state space, that ceiling is low,” Tumas wrote. “Testing confirms the system behaves correctly in the scenarios it was asked about; it cannot speak to the ones it wasn’t.” Formal verification changes the question. Rather than asking whether a given input produces the right output, the process builds an abstract model of intended protocol behavior in a precise language that computers can analyze. The key question becomes whether the model can behave incorrectly under any expressible condition. RippleX also outlined how that model can connect back to the production implementation. An “oracle” derived from the proven model can serve as a source of truth against which the xrpld implementation is continuously checked. The same inputs are fed into both the oracle and the C++ implementation, and any deviation in output is flagged. “In collaboration with Common Prefix, we are applying this methodology to the Single Asset Vault and the Lending Protocol, ” Tumas wrote. “The modelling phase has already surfaced edge cases that standard tests missed, not as a sign of weakness, but as evidence that formal verification is working exactly as intended. These are early results, but they reflect a methodology with decades of proof behind it, now within reach of mainstream engineering.” At press time, XRP traded at $1.17.









































