Come back home

Proof-of-Reserves and what it means for the crypto world

With the current news of FTX that has shaken up the crypto world, we thought it would be a good time to go over Proof-of-Reserves (“PoR”), especially when it comes to crypto exchanges. Of course, it goes without saying that everyone should do their due diligence and research the crypto wallet and exchange they choose and decide to use. However, it would be a good time to refresh on just what Proof-of-Reserves audit means.

A Proof of Reserves is an independent audit conducted by a third party which seeks to ensure that a custodian holds the assets it claims to on behalf of its clients. This auditor takes an anonymized snapshot of all balances held and aggregates them into a Merkle tree — a privacy-friendly data structure that encapsulates all client balances.

From there, the auditor obtains a Merkle root: a cryptographic fingerprint that uniquely identifies the combination of these balances at the time when the snapshot was created. The equation is simple (in theory):

Proof of Reserves + Proof of Liability = Proof of Solvency

The idea is to prove to the general public, and in particular your depositors, that your cryptocurrency held on deposit matches up with user balances. Of course, in practice, this isn’t quite so simple. Proving that you control some funds on chain is trivial, but you could always borrow those funds on a short term basis. This is why point-in-time attestations mean relatively little. And additionally, exchanges can have hidden liabilities or have creditors claim seniority to depositors, especially if they don’t legally segregate client assets on the platform. This is why policy like Wyoming’s SPDI law clarifying the legal status of depositors relative to custodial institutions is so important.

Proving liabilities is tricky, and generally requires an auditor to engage in a full assessment. For instance, exchanges can omit certain liabilities to ‘cheat’ a PoR attestation. This is why I recommend both a user-facing PoR protocol, allowing users to obtain ‘herd immunity’ by collectively verifying their individual balances, and an auditor-facing PoR protocol, to prove that the claimed liabilities are faithful to reality.

Another issue is that exchanges could have unaccounted-for liabilities that a mere cash flow analysis might not capture. For instance, given that many exchanges exist under muddy regulatory regimes and legal contexts, it’s not guaranteed that depositors would be senior to creditors in the case of bankruptcy. This means that it’s possible that large debts could consist of a hidden liability that would weaken depositor claims on reserves in a worst case scenario. This is why I recommend including an auditor in a PoR process, so these more complex liabilities (and an assessment of the seniority of depositors) can be understood. More generally, exchanges should adopt a legal policy in which depositors are absolutely privileged and senior to all creditors.

A number of crypto exchanges are rushing to publish proof-of-reserves in a seeming attempt to reassure investors their funds are safe as fellow exchange FTX melts down. FTX exploded this week following a CoinDesk report that showed a June 30 balance sheet of its affiliate trading firm, Alameda Research, was largely made up of FTX’s native token, FTT. This all could have been avoided with PoR, Sergey Nazarov, co-founder of Chainlink, said to TechCrunch. “There was a balance sheet issue and it became known to many depositors all at once,” Nazarov said. “And because it was a surprise, there was a bank run that led to insolvency.” But imagine if depositors knew what FTX and Alameda Research’s balance sheets were from the beginning.

Sources:

  • https://techcrunch.com/2022/11/11/can-proof-of-reserves-prevent-future-crypto-exchange-collapses/
  • https://www.kraken.com/proof-of-reserves
  • https://niccarter.info/proof-of-reserves/