Proof of Reserves Explained

Crypto exchanges can go bust when they do not have the funds to fulfill customer withdrawals. This is a significant problem if you are a customer of a crypto exchange and have entrusted the company with your coins, only to learn later that the exchange had squandered all the money ferried through its platform.

These companies appear to have a habit of hiding their reserves or outright lying about them. An exchange may have used your money to prop up its failing trading firm, as happened with FTX. They may have accidentally wired hundreds of millions of dollars worth of customer funds to another exchange, as befell Crypto.com, or lost it all in a hack, as happened with Mt. Gox.

See Also: Let’s Actually Commit to Proofs of Reserve This Time, Okay?

Even regular audits or attestations by third parties may not suffice. The companies may have tricked the auditors: Perhaps they only moved funds into the right wallets just in time for the third party to tick the box that claims the funds are in the right place, then invested money in risky funds.

Remember: Crypto exchanges are not the same as banks. For starters, crypto isn’t insured by government depositary schemes. Accordingly, customers must take due diligence matters into their own hands when choosing where to park their money. They need to check the exchange's terms of service and see what guarantees the exchange is making about holding their funds. Even then, they have to trust that the exchange will live up to the promise of those terms.

But what if customers could verifiably track the location of their funds in real-time?

Enter proof-of-reserves and Merkle trees

Several crypto exchanges are advocating for a form of transparency called proof-of-reserves. This is a cryptographic method of proving that an exchange is liquid enough to process all customer withdrawals, and otherwise allows customers of a cryptocurrency exchange to keep tabs on where their money really is.

One way of doing this involves using something called Merkle trees. These produce efficient data structures called “hash trees” that can be securely verified; these structures, kind of like a map of customers’ funds, work even when the reserves become complicated.

The idea is that, following the publication of a proof-of-reserves certificate, anyone could follow the money and work out how much crypto an exchange holds. In effect, it is a bona fide verification tool to prevent exchanges from surreptitiously running off with customer deposits.

Kraken’s proof-of-reserve report from August 2022, for instance, attested that “Kraken retained custody over a sufficient amount of the in-kind assets to cover the in-scope client liabilities as observed within the database related to Kraken’s spot exchange.” In other words, a third party said that Kraken has enough crypto to cover all current customer withdrawals.

Although proposals for proof-of-reserves often require the hiring of a third-party attestor to confirm that the on-chain funds actually match up with what the exchange claims to hold, the improvement on the current system would be on-demand, real-time tracking of exchange reserves.

In effect, proof-of-reserves brings crypto exchanges closer to the treasuries of decentralized finance protocols, where all funds are matched to cryptocurrency wallets that anyone can trace on-chain at any time.

The idea for proof-of-reserves based on Merkle trees became particularly popular after the collapse of FTX. Binance’s CEO, Changpeng Zhao, tweeted that his exchange would begin to implement proof-of-reserves.

According to a spokesperson, its reserves “would be audited by a third-party vendor with user verification available on third-party platforms to verify and audit our customer holdings.” The world’s largest crypto exchange will first verify BTC reserves.

After Binance announced its intentions, nine other exchanges, including KuCoin, OKX and Gate.io, announced similar plans. Some, like Gate.io, opted for auditor-assisted proof-of-reserve validation, while others, such as BitMEX, said they will attest to the reserves themselves.

To be clear, Merkle tree-based proof-of-reserve would not prevent the misappropriation of customer funds completely. It only tracks holdings and would not prevent an exchange from, say, lending money to dodgy borrowers who have no hope of repaying.

And proof-of-reserve does not provide customers with greater control over their funds; it just provides information.

Even if FTX had implemented proof-of-reserve (in addition to its audited financials), a customer would simply have been able to watch their crypto going for a quick walk off a cliff – but that customer wouldn’t have been able to prevent it from happening in the first place.

Ultimately, a proof-of-reserve is only as good as its verifier. A crypto exchange could lie outright, and a third-party attestor could still uphold the lie. If the attester is corrupt or incompetent, perhaps by overlooking missing wallets or failing to understand how an exchange had structured customer holdings, the whole purpose of proof of reserve would be undermined.

See Also: After FTX: Rebuilding Trust in Crypto’s Founding Mission