What is LACRA?
LACRA (Ledger Anti-Crime Reporting Application) is a decentralized platform built on the XRPL that enables community-driven reporting of scammers and fraudulent addresses.
Decentralized Security
All reports are stored on-chain for transparency and immutability
Community Protection
Help protect fellow XRPL users from known scammers
Real-time Updates
Get instant access to the latest scam reports and warnings
Categorized Threats
Reports are organized by risk level for better awareness
Step-by-Step Reporting Guide
Follow these steps to submit a comprehensive scammer report and protect the XRPL community.
Navigate to Submit Report
Go to the main page and click on the "Submit Report" tab in the navigation area.
Tip: Make sure you have all relevant information ready before starting
Enter Scammer Address
Input the XRPL address of the scammer. Make sure to double-check the address for accuracy.
Important: XRPL addresses are case-sensitive and must be exact
Provide Evidence Links
Add links to evidence supporting your report. This could include screenshots, transaction hashes, social media posts, or other relevant documentation.
Evidence: Multiple sources strengthen your report's credibility
Select Risk Level
Choose the appropriate risk level based on the severity of the scam:
Write Detailed Description
Provide a comprehensive description of the scam, including how it occurred, what methods were used, and any other relevant details.
Detail: Include dates, amounts, communication methods, and any other relevant details
Submit & Confirm
Review your report for accuracy, then submit it to authenticate the report. This helps maintain the integrity of the reporting system.
Security: Your identity remains private, but the report is immutably stored on-chain
XRPL Scam Types to Watch For
Learn to recognize the latest scam patterns targeting XRPL users in 2025–2026.
Partial Payment Exploit
CRITICALPayment with tfPartialPayment flag — delivered amount is less than shown. Always verify delivered_amount.
NFT Offer Trap
HIGHBait NFT offers where accepting causes XRP to leave your wallet. Includes brokered flows and spam NFT mints.
Phishing / Malicious Sign Request
CRITICALFake support DMs, cloned sites, QR codes, or "security alert" pages tricking users into signing malicious transactions.
Spam TX / Memo Bait
MEDIUMUnsolicited transactions with scary text and phishing links in memos. Links lead to sign traps or credential theft.
Account Takeover (Key/Signer)
CRITICALTricks victim into signing SetRegularKey or SignerListSet, giving attacker control over the account.
Fake Reward / Claim Site
HIGHCloned XRPL-branded pages promising rewards or airdrops. "Connect wallet" or "enter secret" leads to credential theft.
Impersonation / Fake Giveaway
HIGHHijacked YouTube/social accounts claiming "send XRP get more back" or fake verification flows.
Airdrop Phishing
HIGHFake "snapshot / claim" narratives pushing malicious portals with wallet-connect traps and lookalike domains.
Supply Chain Compromise
CRITICALBackdoored libraries (e.g. xrpl.js) exfiltrating secret key material. Affected users must rotate keys immediately.
Direct Payment Drain
HIGHStraightforward theft via a signed Payment transaction the victim was tricked into approving.
Fake Exchange / DEX
HIGHFraudulent exchange platforms that steal deposits or manipulate trades.
Ponzi / Investment Scam
HIGHPromising unrealistic returns. Classic pyramid/Ponzi structure that collapses with investor funds.
General Rule: Any transaction that changes authorization or control (SetRegularKey, SignerListSet), moves XRP out when you expected nothing, or comes from an unsolicited link/memo should be treated as high-risk until proven otherwise.
Best Practices for Reporting
Always Provide Evidence
Double-check the scammer address before submitting
Be Accurate
Include screenshots, transaction hashes, or social media posts
Write Comprehensive Descriptions
Help others understand the scam method and avoid it
Don't Submit False Reports
Only report actual scam attempts with evidence
Don't Share Personal Information
Never share your own private keys or seed phrases
Don't Rush the Process
Take time to gather all relevant information
Frequently Asked Questions
Is my report anonymous?
Yes, your personal identity is not stored or revealed. However, the report itself becomes part of the permanent, immutable record on the XRPL blockchain.
What happens after I submit a report?
Your report is encrypted and stored on-chain. It becomes part of the permanent, immutable record. Other users can then view and reference this information when making transactions.
Can I edit or delete a report after submitting?
Due to the immutable nature of blockchain technology, reports cannot be edited or deleted once submitted. Please ensure all information is accurate before submitting.
What if I accidentally report a legitimate address?
This is why we emphasize the importance of providing evidence and being thorough in your investigation. Always double-check addresses and gather substantial evidence before reporting.
Ready to Help Protect the Community?
Now that you understand how to report scammers, you're ready to help protect the XRPL community. Every report makes the ecosystem safer for everyone.