In response to FTX’s recent collapse, cryptocurrency exchanges are taking steps to reassure investors that their funds are safe by publishing proof of reserves.
Related: How to protect crypto in 2023, CZ Binance suggests after FTX hack
What has the crypto industry experienced recently?
On November 11, the abrupt collapse of the cryptocurrency exchange FTX caught many off-guard. The catastrophe has prevented hundreds of thousands of users from accessing their funds, and the fallout has erased billions of dollars from the market while raising questions about other cryptocurrency companies’ reliability.
As a result of FTX’s extensive involvement in the cryptosphere, many firms, including crypto lenders Genesis and BlockFi, have spent the past week hastily assessing their financial exposure to the collapse out of concern that they would be carried down in the wave. However, other people have seen an opportunity in the situation and are preparing strategies to stop the spread of the catastrophe. During a Twitter Spaces Q&A earlier this week, Changpeng Zhao, CEO of Binance, stated, “We think this is a very wonderful cleansing phase. The sector is substantially healthier and the weak projects are no longer there.”
The CZ Binance Plan to Navigate Fallout
To deal with the effects of the FTX saga’s repercussions and restore trust, CZ Binance has a plan. Since one of Binance’s primary rivals is no longer in business, the company’s voice as the biggest cryptocurrency exchange in the world has gained even more clout. Since November 8, CZ has tweeted several announcements about Binance, including launching a recovery fund and publishing a transparent “proof of reserves” to show that the company has enough cash to cover withdrawals.
Numerous other cryptocurrency exchanges have imitated this during the past week. Proof of reserves has been made available by Bitfinex, Crypto.com, Huobi, OKX, and Kucoin, among others. Some, including Kraken and Coinbase, tried to draw attention to the fact that they had been releasing accounts for some time. Almost all of them agreed to contribute to CZ’s recovery fund or continue investing in cryptocurrency businesses.
The idea of “proof of reserve” has become a well-liked strategy in this regard. However, how does it truly operate, and can it maintain custodial platforms as a competitive option to Defi?
What is Proof of reserves?
Proof of Reserves (POR) aims to increase public transparency about centralized cryptocurrency reserves through a verifiable auditing procedure. To publicly verify that a centralized platform retains enough assets to match user deposits, it uses cryptographic proofs, public wallet address ownership verification, and recurring third-party audits. Individual users can confirm that their account balance is included in the attestation using this cryptographic method.
Merkle Tree Proof of Reserves
CZ advocated for exchanges to perform “Merkle-tree proof of reserves”—a data structure that encrypts blockchain data—in his initial tweet on transparency. While centralized exchanges like Binance, FTX, and Coinbase do not provide the same level of transparency as blockchains, which are publicly verifiable. If they made a Merkle tree public, it would serve as a kind of road plan for their current customer assets.
All crypto exchanges should do merkle-tree proof-of-reserves.— CZ 🔶 Binance (@cz_binance) November 8, 2022
Banks run on fractional reserves.
Crypto exchanges should not.@Binance will start to do proof-of-reserves soon. Full transparency.
The Merkle trees would group pertinent data—such as transactions between accounts or with smart contracts—into hashes, which would then be arranged into a succession of parent and child nodes that resemble a Christmas tree. Theoretically, a third-party auditor might confirm the holdings due to a complex cryptographic notion.
Although the solution uses some aspects of blockchain technology, it still depends on the accuracy of the accounting procedures and the valuation of any off-chain assets.
How does Proof of Reserves work?
An organization can demonstrate its asset reserves in several ways, including through “Merkle tree proofs” and conventional third-party audits conducted by companies like Armanino (cryptographic verification via data structures called Merkle trees).
And last, there are the techniques used by blockchain analytics companies. For instance, Chainlink divides the two methods of implementing proof of reserves into off-chain and on-chain.
In the off-chain option, a third-party provider, such as Chainlink, is granted API (application programming interface) access by an exchange, its custodian, or its auditor to independently check the exchange’s holdings.
The on-chain method entails a proof of reserves smart contract on a network (often Ethereum) that receives data feeds (on a block-by-block basis) from Chainlink’s oracle network regarding a provider’s on-chain wallet balances on a different network (e.g., Bitcoin).
In any case, customers can confirm if a company genuinely owns the assets, it says it does.
Why is Proof of Reserves necessary?
Custodial exchanges serve a crucial market function by giving institutional and individual investors access to their assets when they are unable or unable to take the necessary steps to self-custody their holdings. Even while it is obvious that proof of reserves cannot provide the same level of transparency as non-custodial, blockchain-based systems, their proponents contend that any level of transparency is preferable to none.
Users can read proof-of-reserve attestations to confirm on-chain that the custodian has enough assets to support a third-party audit of deposits when accompanied by a public and legally enforceable disclosure of liabilities. Additionally, customers can quickly learn if assets are being rehypothecated, are not backed by a strong portfolio of assets, or are being used for other high-risk activities that might endanger their availability.
How are audits conducted in Proof of Reserves?
An anonymous snapshot of customer balances is taken by the third-party auditor during an audit to prove reserves. Usually, they are determined by hashing a user’s account balance with their ID. The auditor then combines them to create a cryptographic Merkle tree, which results in a Merkle root, a cryptographic hash that specifically reflects a combination of all user balances.
With the Merkle tree, it is possible to cross-examine a small number of anonymous balances with the verified ones to check the accuracy of all balances. For instance, each user can check to see if the tree contains their actual account balance. They’d have to:
- Hash their unique ID and account balance,
- then look for it in the Merkle tree.
The accuracy of the entire tree may then be demonstrated using a series of these verifications without having to look at each one separately.
The custodian must provide digital signatures demonstrating their authority over the on-chain addresses housing the assets as the last stage. The auditor can confirm that the platform has a reserve of all client assets if the balance on the accompanying digital signatures matches those discovered through the Merkle tree.
Exchanges that require evidence of reserves would be able to provide users with access to their holdings while also providing more information about the assets listed on the exchange and the type of liquidity buffers, they possess.
Trust but don’t vouch for
Although confirmation of reserves is a fine place to start, according to industry experts, they contend it is not enough. Circle’s chief strategy officer and worldwide policy leader, Dante Disparte, expressed his encouragement at the newfound dedication of crypto companies to openness. However, he cautioned that it is insufficient for a business like Binance to merely give proof of reserves in the absence of an impartial audit.
He told Fortune that the value of proof of reserves “is about as much as you could have in the entity giving the evidence of reserves.” Taken at face value, promissory notes on Twitter are insufficient.
Blockchain data does provide information that is accessible to the public, but the FTX empire case—a tangled web of numerous companies—shows how much further transparency efforts need to go.
Disparte stated that while proof of reserves is an intriguing answer, it is not nearly enough for exchanges and other businesses that are growing in size and potential systemic impact. I think it’s problematic to tell the market, “Now, millions of users around the world, trust me, but don’t verify beyond what the chain tells you.”
Vinny Lingham, an investor, and businessman, said on Saturday that presenting proof of reserves was a distraction. He contended that proof of liabilities, or an accounting of how much a platform owes, was what was required.
Exchanges publishing Proof-of-Reserves is just a distraction. We also need Proof-of-Liabilities to go with it.— Vinny Lingham (@VinnyLingham) November 12, 2022
E.g. I could have proof that I have $1bn in deposits but if I owe depositors $2bn, then that’s meaningless.
Let’s not make the same mistake again.
Regulation is necessary
Many participants in the sector think that proof of reserves is an improvement despite its drawbacks.
Nic Carter, the general partner of Castle Island, said he has long supported proof of reserves, even though there hadn’t been much interest in it before last week’s events, in a Twitter Spaces held by Fortune on Thursday.
The ongoing issue is that traditional finance’s regulation still does not apply to the cryptocurrency market, which encourages the risky behavior of businesses like FTX. Proof of reserves proponents like Carter think the industry may function as a self-regulatory mechanism rather than waiting for top-down federal regulation as lawmakers and enforcement bodies contemplate actual regulations for cryptocurrencies.
According to Yadav, a Vanderbilt law professor, the declaration from Binance may have been made in response to looming regulations.
Thinking a little more cynically, this is also a method to avoid potentially extremely strict regulation, she added. Yadav also issued a warning that transparent reserves would have the opposite effect of what was intended.
Transparency initiatives in traditional finance are typically carried out by regulators rather than the general public. She continued, “Maybe you’re in trouble if someone sees maybe you’re selling a lot of Treasuries and you’re selling a huge part of assets. It might cause the issue you’re attempting to fix.
Proof of Reserves is not a panacea.— Jameson Lopp (@lopp) November 9, 2022
You're still trusting the auditor's attestation.
You're still hoping reserves exceed liabilities.
But it's better to have PoR than to not have it.
If custodians communicate the hazards of this kind of self-regulation to their consumers, the cryptocurrency industry might greatly benefit from their adoption of proof-of-reserves rules. The adoption of global accountability norms by the industry, if successful, could avert the setbacks that frequently follow the collapse of centralized platforms like Mt. Gox, Cryptopia, QuadrigaCX, and FTX.
Users will choose products that provide the highest level of fund safety in a world where exchanges and stablecoin issuers are required to demonstrate their reserves regularly. A more secure ecosystem would eventually draw more investors and serve as a launchpad for greater institutional capital to enter the cryptocurrency market.
More to read:
Follow Crypto Stoshi: Twitter, Telegram
Disclaimer: This blog is for educational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.