Debunking the US Treasury XRP Scam: Red Flags Uncovered

Rumors of the US Treasury’s alleged foray onto the XRP Ledger (XRPL) have been circulating, sparking buzz across the digital asset community.

A wallet address linked to “home.treasury.gov” surfaced on the XRP Ledger (XRPL) on January 21, creating trustlines with Bank of America, BlackRock, and JPMorgan and sparking rumors of the US Treasury's entry onto the XRPL. However, upon closer examination, several red flags indicate that the wallet is not authentic and is not affiliated with the US Treasury.

Community member Echo X (@echodatruth) debunked the rumor in a video, highlighting several suspicious aspects of the wallet.

“If you go XRP Scan and you put in the wallet address, you will notice that they have not only just all of these different tokens from Bank of America, BlackRock, and JP Morgan, which again, that's already a red flag, but you can notice they have 16,000 XRP that has been deposited into this wallet by people just sending it over to the Treasury. Or what they think is the [Treasury].”

According to Echo X, users can easily verify these discrepancies by exploring the wallet on XRPL scanners like XRPScan or Bithomp. He and other developers from BuildX and the ERS team identified an unusual pattern of newly issued “Bank of America,” “BlackRock,” and “JPMorgan” tokens, all minted by the same address, indicating that the tokens are not legitimate.

Public data from Bithomp shows that the suspect wallet was activated on January 21 at 3:17 UTC, setting its domain to the official US Treasury address, home.treasury.gov, seemingly to appear legitimate.

The wallet received 1 trillion units of each of the so-called “Bank of America,” “BlackRock,” and “JPMorgan” tokens, set multiple sell orders for tens of millions of these tokens in exchange for XRP, and used questionable domain references, including an apparently invalid “BRICS domain.”

Echo X highlighted that users who delve deeper into the origins of these tokens will uncover their suspicious nature. He noted:

“Now, if you actually click on it and you see what the Genesis wallets are … it leads you to a BRICS domain wallet. … That BRICS domain is not even a valid domain. Why would the BRICS be creating a wallet?”

Data shows the wallet's trustlines were created around newly issued tokens with no official backing. In one transaction, the address placed an order to trade 299 million JPMorgan tokens for 33.23 million XRP at an exchange rate of 0.11 XRP per token, further casting doubt on its authenticity.

The rumor gained traction as it appeared on XRPScan that the addresses in question had some form of verification tag, an aspect that usually indicates a wallet has completed a Know Your Customer (KYC) process. However, Wietse Wind, founder of Xaman (formerly Xumm), clarified that verification on XRPScan only shows if the account holders submitted personal data, not if they represent a specific entity on X.

“The domain field is a public field on an account on the blockchain, anyone can enter anything there. Issued tokens can be issued by anyone. KYC can be done by anyone. … XRPScan shows data that lives on the ledger. This data lives on the ledger. […] They are all in fact KYC'd. By different people, all from the Philippines. So there we have it. KYC helps, but it's still no guarantee.”

Wind's remarks highlight that the KYC process only verifies an individual's identity, not their affiliation with an organization like the US Treasury or any major bank. As a result, a user could label a wallet “Treasury,” mint tokens named after financial institutions, and set a domain to a high-profile website without actually representing those entities.

Echo X urged community members to remain vigilant and avoid sending XRP to questionable addresses based solely on domain labels or speculation in his video: “Again, shout out to the BuildX and ERS community and team and developers … because they're trying to save you. … Make sure you do your own research and know what you hold.”

At press time, XRP traded at