Ecosystem Idea: XSTRP - Wallet-Layer Intent Safety Protocol

[iamfurydammit]

This discussion is intended to gather feedback on a proposed non-consensus, wallet- and transaction-preparation-layer safety protocol prior to any formal XLS draft.

Hello,
I’m sharing a completed protocol specification that may be relevant to
irreversible transfer safety at the wallet layer on XRPL.
This is not a feature request, product pitch, or integration proposal.
I’m posting for technical awareness and feedback only.

Summary

XSTRP (XRP Safe Transfer & Recovery Protocol) is a non-custodial,
intent-based safety protocol designed to ensure that funds are never
released without explicit receiver participation and that all transfers
deterministically complete or refund.
The protocol operates above wallets, not inside the ledger, and
preserves XRPL finality and trust assumptions.

Project Context (High Level)

XSTRP is a non-custodial, intent-based safety protocol designed to prevent
irreversible transfer mistakes by requiring explicit recipient
participation before any wallet can sign or broadcast a transaction.
The protocol guarantees that funds are never stranded, never released
without authorization, and that all transfers deterministically complete
or refund, without introducing custody, trust, or discretionary
intervention.
XSTRP does not hold funds, keys, or signing authority. Wallets (including
hardware wallets) remain fully sovereign, and all actions are explicitly
initiated by users.
The work is motivated by real-world scenarios where irreversible errors
are common and costly (e.g., high-value or in-person transfers), and
where warnings alone are insufficient.
Protocol semantics are frozen, the state machine is fully specified and
tested, and safety properties have been formally verified. No XRPL ledger
changes are proposed or required.

The protocol is intended to be enforced at the wallet and
transaction-preparation layer, prior to signing, rather than at the
ledger or consensus layer.

Key Properties

No custody, no signing, no transaction broadcast
Explicit two-party intent lifecycle
Deterministic termination (complete or refund)
Ledger-agnostic by design
Wallet adoption is optional and non-authoritative

Rigor & Status

Core protocol specification is frozen (RFC-style)
Explicit state machine with immutable terminal states
Abstract proof semantics
Formally verified using TLA+ / TLC
Reference Rust implementation exists for correctness validation only
Wallet & UX governance defined, authorized, and closed
No XRPL binding or cryptography implemented

Repository

All artifacts are public and auditable:

https://github.com/iamfurydammit/xstrp-reference

Suggested entry points:

README.md - overview
RFC-XSTRP-0001.md - frozen specification
formal/ - formal verification results
phase-c6/PHASE-C6-B-CHARTER.md - wallet & UX governance (closed)

Intent of This Post

This is shared for:
Technical awareness
Adversarial or constructive feedback
Ecosystem discussion

No endorsement, adoption, or action is requested.

Thank you for taking a look. ☺
R. Payne (@iamfurydammit)