Mind Your Credit: Assessing the Health of the Ripple Credit Network
Pedro Moreno-Sanchez, Navin Modi, Raghuvir Songhela, Aniket Kate and Sonia Fahmy
Purdue University
email: {pmorenos, modin,rsonghel,aniket,fahmy}@purdue.edu
The Ripple credit network has emerged as a payment backbone with key advantages for financial institutions and the remittance industry. Its path-based IOweYou (IOU) settlements across different (crypto)currencies conceptually distinguishes the Ripple blockchain from cryptocurrencies (such as Bitcoin and altcoins), and makes it highly suitable to an orthogonal yet vast set of applications in the remittance world for cross-border transactions and beyond.
This work studies the structure and evolution of the Ripple network since its inception, and investigates its vulnerability to devilry attacks that affect the IOU credit of linnet users’ wallets. We find that about 13M USD are at risk in the current Ripple network due to inappropriate configuration of the rippling flag on credit links, facilitating undesired redistribution of credit across those links. Although the Ripple network has grown around a few highly connected hub (gateway) wallets that constitute the core of the network and provide high liquidity to users, such a credit link distribution results in a user base of around 112, 000 wallets that can be financially isolated by as few as 10 highly connected gateway wallets. Indeed, today about 4.9M USD cannot be withdrawn by their owners from the Ripple network due to PayRoutes, a gateway tagged as faulty by the Ripple community. Finally, we observe that stale exchange offers pose a real problem, and exchanges (market makers) have not always been vigilant about periodically updating their exchange offers according to current real-world exchange rates. For example, stale offers were used by 84 Ripple wallets to gain more than 4.5M USD from mid-July to mid-August 2017. Our findings should prompt the Ripple community to improve the health of the network by educating its users on increasing their connectivity, and by appropriately maintaining the credit limits, rippling flags, and exchange offers on their IOU credit links.
In this section, we provide the data and scripts required to reproduce the results shown in the paper.
Section | Experiment | Source |
---|---|---|
3 | Parse Ripple network graph data | scripts |
4 | Graph metrics of the Ripple network | scripts |
4 | Liquidity in the Ripple network | scripts |
6 | The effect of faulty gateways | scripts |
6 | Case study: DividendRippler | scripts |
more coming soon | … | … |