XRP
Layer 1

Check XRP Wallet Risk Instantly (XRP Ledger Address Analysis Tool)

To check an XRP wallet:

  1. Paste the XRP address (r-prefix Base58, e.g. r...)
  2. Review XRP transfer history, with destination tags where present
  3. See active trust lines and issued-currency (IOU) holdings
  4. Screen counterparties for suspicious activity
  5. Evaluate the wallet risk score

Tools like OnChainRisk let you review any r-prefix XRP account, look at destination-tag-aware transfer history and trust-line visibility, and get a wallet risk score.

The XRP Ledger (XRPL) is one of the oldest production blockchains and uses an account-based design where every account must hold a minimum reserve of XRP. Exchanges typically route deposits to internal customers using destination tags, which turns a single exchange address into many distinct customer endpoints.

Before sending XRP or interacting with an unknown r-prefix account, you can review it using a risk checker or follow a structured investigation: see how to analyze a crypto wallet, how to investigate a crypto address, or how to check if a wallet is a scam.

What Makes XRP Ledger Wallet Analysis Different

The XRP Ledger has distinctive features that shape wallet review:

  • Account-based ledger with r-prefix Base58 addresses; every account holds a minimum XRP reserve to remain active
  • Destination tags route a payment to a specific sub-account behind a shared exchange address
  • Trust lines let accounts hold issued currencies (IOUs) from specific issuers — the IOU is only as good as the issuer's solvency
  • Native order book and AMM let XRP and IOUs trade directly on-ledger without an external DEX
  • Path payments can rebalance through trust-line graphs in a single transaction, creating multi-hop flows

Reviewing an XRPL wallet means reading both the r-address and the destination tag together where applicable — at exchange addresses especially, two payments with different tags are effectively two different customer endpoints. To understand investigation methodology in depth, see how to trace stolen crypto.

How to Check an XRP Wallet

1. Paste the XRP account

Enter the r-prefix XRP account (25-35 characters, Base58 encoded). OnChainRisk validates the checksum and resolves whether the address is an exchange master account, an individual wallet, or a known service.

2. Review XRP transfers, tag-aware

Walk the transfer history. Where destination tags are present (typical for exchange accounts), group activity by tag. Treating two payments with different tags at a shared exchange address as the same counterparty is a common review error. For full methodology, see how to analyze a crypto wallet for risk.

3. See trust lines and IOU holdings

List the account's active trust lines and the issuers behind them. Exposure to obscure or flagged IOU issuers raises the risk profile. Native AMM positions are also visible at this step.

4. Screen counterparties for suspicious activity

Review counterparty history and overall activity shape. Learn how scam wallets behave: how to check if a wallet is a scam.

5. Evaluate the risk score

Get a wallet risk score based on XRP transfer history, trust-line exposure, counterparty history, and known entity database matches. Learn how risk scoring works: what is a crypto risk score.

XRP Wallet Risk Signals

High risk

  • Trust lines to flagged IOU issuers
  • Receipts from sanctioned r-accounts
  • Direct exposure to flagged endpoints

Medium risk

  • Unverified issuer trust lines
  • Activity bursts that look automated
  • Many small payments with rotating tags

Low risk

  • Direct exchange deposits with consistent tags
  • Long holding history
  • Mainstream issuer trust lines

Real-World Example

A common pattern on XRPL involves payments to an exchange master account with the wrong destination tag:

  1. An attacker publishes deposit instructions that match the legitimate exchange master r-address but use a tag the attacker controls
  2. The victim sends XRP to the right master address but to the attacker's tag
  3. The exchange credits the wrong sub-account based on the tag the victim used
  4. Funds are withdrawn from the attacker-controlled sub-account before the mistake is noticed

Reading payment instructions as the address + tag pair, and reviewing the receiving account's tag and counterparty history, is the practical way to avoid this. Compare how enterprise tools handle this: OnChainRisk vs Chainalysis.

Check Any XRP Wallet Now

Free tier available. No credit card required. Analyze any r-prefix XRP account in seconds.

Start Free Analysis

Check Wallets on Other Networks

Eth
Ethereum
Bit
Bitcoin
Sol
Solana
Car
Cardano
Lit
Litecoin
Tro
Tron

XRP Wallet FAQ

How to check an XRP wallet?

To check an XRP wallet, decode the r-prefix Base58 account, review XRP transfer history (tag-aware where applicable), see active trust lines and issued-currency holdings, and screen counterparties. Tools like OnChainRisk return a wallet risk score in seconds.

Why do XRP transactions require destination tags?

Destination tags are not strictly required at the protocol level, but most exchanges and custodial services rely on them. A single exchange master r-account may serve many customers; the destination tag is how the exchange splits the incoming payment to the right customer balance. Sending XRP without the correct tag to an exchange address usually means the funds are credited to the wrong account or held for manual review.

How do destination tags affect address analysis?

Address-only review is insufficient for exchange r-accounts on XRPL. Two payments to the same r-address with different tags are effectively two different customer endpoints. A useful XRP wallet review treats the address + tag pair as the unit of attribution where tags are present; otherwise unrelated user balances at a shared exchange address get conflated.

Can XRP transactions be traced?

Yes. The XRP Ledger is fully public; every transaction is visible on-chain along with any destination tag, source tag, and trust-line changes. Use a wallet risk score to quickly review any r-prefix account.

What makes an XRP wallet risky?

An XRP wallet may be risky if it holds trust lines to flagged or unverified IOU issuers, receives inflows from sanctioned r-accounts, has direct exposure to flagged endpoints, or shows activity patterns inconsistent with normal user behavior.