Wallet Forensics and XRPL Funds Tracking
Signing Key Forensics
Master-key, regular-key, and signing-authorization risk visibility.
Signing key forensics
- Master key disabled means the primary seed is not used for signing.
- A regular key can still authorize transactions.
- If you do not recognize the signing setup, treat as compromise or misconfiguration.
- Do not paste secret keys anywhere.
- Move remaining assets only with trusted wallet software and secure operational controls.
| Wallet | Master Key | Regular Key | Signing Key Seen | Risk Note |
|---|---|---|---|---|
| rpP12ND2K7ZRzXZBEUnQM2i18tMGytXnW1 | disabled | rpKmcC1PevAxTBRQgkYtakdGVup2K2Luqh | yes | Regular key set on 2026-02-25 before asfDisableMaster. If this key is not recognized, treat control path as suspicious. |
| rpP12ND2K7ZRzXZBEUnQM2i18tMGytXnW1 | disabled | rJpKvdn64acBnVGNQ873JpQKujA4TAVbfN | yes | Regular key rotated again on 2026-03-05 shortly before AMM withdrawals and the 81.417325 XRP ChangeNOW deposit. |
| rDEW3swAxG4iJcBSRBdKLim33TfTciKzxX | unknown | rK3SFG4BVWJyNjbMDeEJcEMoRG51ax2CGR | yes | Signer observed during failed AccountDelete path with tecHAS_OBLIGATIONS. If unrecognized, include in compromise investigation scope. |