David Schwartz, the former Chief Technology Officer (CTO) of Ripple, has addressed recent concerns over DeFi bridge security, reassuring XRP Ledger (XRPL) users that the network is not exposed to attacks like those linked to the Kelp DAO exploit. He emphasized that vulnerability in cross-chain bridge systems largely depends on how they are designed and implemented, as well as on the level of reliance on external bridge infrastructure.
How XRP Users Remain Protected From Kelp DAO-Related Exploits
In an X post on April 20, Schwartz provided context on how users in the XRP Ledger (XRPL) ecosystem are positioned differently from those exposed to cross-chain risks in Kelp DAO exploits. The discussion follows concerns in the DeFi space after Kelp DAO suffered a major security breach tied to vulnerabilities in its bridging infrastructure. This hack resulted in approximately $292 million in rsETH tokens being stolen from the protocol and immediately used as debt collateral on Aave , a lending protocol.
Schwartz noted that his past evaluations of DeFi bridging systems, including those considered for Ripple’s stablecoin RLUSD , were heavily focused on security design. According to his assessment, many of these systems already had strong mechanisms to prevent the type of fraudulent cross-chain message manipulation observed during the Kelp DAO attack. However, he noted that actual protection depends on whether projects fully activate those safeguards.
The ex-Ripple CTO also pointed to a recurring issue in DeFi infrastructures, where security features exist but are often practiced optionally. He noted that most bridge providers tend to promote their systems as “super safe,” while also emphasizing ease of use and fast deployment across different blockchains. In reality, some of these stronger security settings are left optional or disabled. As a result, Schwartz noted that many developers sometimes choose simpler configurations instead of fully enabling the full set of available security options.
He added that, due to the trade-off between convenience and the costs of operational complexity, some teams avoid more robust setups. In his view, this creates a serious gap and can leave systems exposed to attacks that the underlying design was intended to prevent.
For XRP Ledger users , Schwartz noted that the blockchain’s reliance on bridge security systems is significantly reduced. As a result, exposure to vulnerabilities similar to the Kelp DAO incident is structurally limited.
How XRP Ledger Design Reduces Reliance On Bridge Systems
Schwartz has noted a structural difference in how the XRP Ledger operates compared to many DeFi ecosystems that depend on external bridges. In systems like Kelp DAO’s rsETH setup, assets move across chains through third-party bridge protocols, which introduce additional points of failure if verification rules are not strictly enforced.
In contrast, the XRP Ledger is designed with built-in transaction finality and does not rely on the same type of external cross-chain messaging infrastructure for its core functions. This significantly reduces the ledger’s exposure to security breaches and exploits that target tricking bridge validators or falsifying cross-chain instructions.
