Proof of reserves: The FTX fiasco continues as more bizarre revelations emerge by the day, not to mention a growing casualty list. While the full extent of the havoc remains unknown for the time being, the crypto industry has, for better or worse, been forced to contemplate a positive path forward.
With users withdrawing their crypto from centralised exchanges (CEXs) at increasing levels, one of the key questions that industry players are grappling with is how to earn users’ trust in a historically low-trust environment? And perhaps just as importantly: what can we learn from this crypto train wreck?
Many say proof of reserves (PoR) is one way to earn trust, increase transparency and eliminate bad actors from the scene.
In this piece we’ll aim to outline what PoR means, how it works, what some of the complications are and how Aussie exchanges are approaching the matter.
Why proof of reserves emerged as a potential solution to FTX mess
FTX shattered user confidence in CEXs after it shamelessly used customer deposits to fund its own trading activities. This led to calls from all corners of the industry for proof of reserves to become the standard for CEXs.
Which gets us to the key question: why has PoR been heralded as a potential partial solution to earning back customer trust of CEXs? Let’s dig in.
Prior to its collapse, FTX offered a range of services to its customers including a yield product where users could earn interest on their crypto. However in all instances, FTX was the custodian of the crypto, not the customer. Since the digital assets (and their private keys) were held by FTX, it was regarded as an asset on its balance sheet, and in turn, FTX would have an equal liability to the owners of such digital assets, which in principle ought to have been redeemable on notice.
Without getting too technical, the gist of it is this – if you don’t custody your own crypto, you technically don’t own it. Instead you only have a claim to it. It then goes without saying that if a crypto exchange is engaged in honest practices, all customers should be able to withdraw their crypto at any time – not necessarily at once – but within a reasonable period on demand.
Another way of putting it is that honest crypto exchanges through PoR should be able to demonstrate a ratio of 1:1 between assets and liabilities– number of assets (deposits) must be equal to customer liabilities (user balances). And in the case of FTX, that was found to be woefully untrue.
How PoR works
PoR seeks to introduce transparency to CEXs reserves through a verifiable auditing process using cryptographic proofs, public wallet addresses and periodic third party audits to public attest that a CEX holds sufficient assets to match users deposits.
In plain language – PoR is a blockchain-based audit to prove that customer assets (deposits) are equal to on-chain liabilities (user balances), and this in turn is verified by a trusted third party from time to time.
It’s easy to prove the asset side. All you need to do is publish the wallet addresses of all assets held. The more challenging part is proving the outstanding liabilities. To do that, the CEX would tally up user deposits, anonymise them and publish the data in a blockchain-native format known as a Merkle tree.
From there, the external auditor obtains what is known as a Merkle root, which according to Kraken is a “cryptographic fingerprint that uniquely identifies the combination of these balances at the time when the snapshot was created”. The key word here is ‘snapshot’, as it only represents the status at a specific point in time.
Limitations of PoR
While PoR can go a long way towards earning and maintaining user trust in an exchange’s solvency – namely that the crypto held equals user balances – it is in no way a perfect solution. Properly understood, it has several significant limitations that ought to be considered.
As Nic Carter argues, a point-in-time asset snapshot without the supervision of an auditor or a cash-flow analysis proves very little. Instead, he argues that complete, ongoing and frequent attestations, ideally supervised by an auditor, are needed to provide stronger assurances.
Adding colour to his view, Carter suggests that:
“Proving that you control some funds on chain is trivial, but you could always borrow those funds on a short term basis. This is why point-in-time attestations mean relatively little. And additionally, exchanges can have hidden liabilities or have creditors claim seniority to depositors, especially if they don’t legally segregate client assets on the platform”.
To illustrate the point, Crypto.com recently sent US$400 million to another exchange Gate.io “by accident” shortly after a PoR attestation. Needless to say, Crypto Twitter was having none of it.
Carter further asserts that proving liabilities is difficult and “generally requires an auditor to engage in a full assessment”. He notes that exchanges “can omit certain liabilities to ‘cheat’ a PoR attestation” which is why he recommends “both a user-facing PoR protocol, allowing users to obtain ‘herd immunity’ by collectively verifying their individual balances, and an auditor-facing PoR protocol, to prove that the claimed liabilities are faithful to reality”.
Proof of Reserves: Off-Chain
The other issue is that PoR doesn’t necessarily capture off-chain liabilities. This refers to a situation where an exchange goes belly-up and it has other liabilities on its books that could take precedence over user deposits in the hierarchy of claims in the event of a bankruptcy. This is often highlighted in the hardly-ever-read terms of service, which typically (although not always), relegates the user deposits to the back of the queue in assessing who get paid first from what’s left in the kitty. Sometimes, in the case of lenders, you won’t have a claim at all since the terms of service make it clear that once deposited, the digital assets belong to them.
Importantly, many CEXs are private companies and under no obligation to publicly disclose their financial position. To further complicate the situation, some companies publish their assets, and others don’t. Some separate their assets from user deposits, while some may not. In virtually all jurisdictions, stock brokers are legally compelled to separate investor funds from their own, but this is not necessarily always true with crypto exchanges.
The key takeaway from this is that PoR is no silver bullet and more so, that there is no trustless way to truly authenticate an exchange’s solvency. As highlighted above, a snapshot in time says little about an exchange’s financial health. For the strongest assurances, trusted third parties necessarily need to be involved, to a lesser or greater degree.
Proof of Reserves isn’t perfect but it is still valuable
While PoR has some deficiencies, Nic Carter and others have argued that there are numerous reasons why it is still a valuable exercise for exchanges to undertake.
From an exchange perspective, PoR is a signal to users that you have your house in order and that you’ve taken solvency seriously, at least to some extent. Furthermore, it demonstrates a degree of good faith and transparency, factors that surely curry favour with regulators. And lastly, but perhaps most importantly, if it becomes the industry standard it has the potential to weed out bad actors and make fractional reserves impossible to hide.
The argument then is that while imperfect, PoR can function as a proactive tool that at the very least, has the potential to eliminate malevolent actors from the ecosystem.
Aussie exchanges and their response
In the wake of the FTX disaster that appears to get worse by the day, The Chainsaw reached out to Australian exchanges for their stance on PoR and commitment to transparency going forward.
Binance Australia
Binance Australia’s CEO Leigh Travers responded to The Chainsaw’s request for comment on PoR, saying:
“Binance Australia is encouraged by the government’s plans to introduce custodial and exchange legislation to protect Australian users. We contributed to the Treasury consultation earlier this year and we are firmly advocating for the government to take action and introduce clear digital asset regulatory frameworks. We look forward to working with policymakers to bring this to fruition.”
The statement was supplemented with a blog post by founder Changpeng Zhao known as “CZ”. In the post, the exchange highlighted six commitments for healthy CEXs to include:
- Be risk averse with user funds, “user funds must never be traded or invested”.
- Never use native tokens as collateral.
- Share live proof of assets where Binance said that, “As part of Binance’s ongoing commitment to transparency and fostering trust in the ecosystem, we have begun sharing details of key hot and cold wallet addresses. This is a starting point while we work to create a Merkle tree proof of funds that we will share with the community in the next few weeks.”
- Keep strong reserves, “We established the SAFU fund to cover extreme circumstances. Today, there is about $1b in the fund. Others across the industry should commit to doing something similar”.
- Avoid excessive leverage, “It is unwise to take on debt to fund growth.There is simply too much volatility in crypto – that’s why Binance’s capital structure is debt free. We call on our industry partners to be equally fiscally conservative”.
- Strengthen and enforce security protocols, “Due to the fast evolving nature of industry and project protocols, there is a need for industry to form a better coalition to agree on standards for the quality of security measures for exchanges and projects. Strong partnership with law enforcement is required to support investigations and recovery of stolen funds. All exchanges should have strict KYC and AML measures in place”.
eToro
Responding to The Chainsaw, eToro noted that it was “not a crypto exchange”, but rather, “a multi-asset investment platform”. Continuing, it added that, “We are regulated across the globe and our underlying business remains healthy and our balance sheet is strong”.
“The liquidity concerns which have impacted select industry players, have no direct impact on eToro. eToro has never issued its own token and does not engage in crypto lending. Customer funds and assets are reconciled on a daily basis to ensure safety and liquidity”.
When asked about PoR or evidence of daily reconciliation of assets, the company responded, “We do not currently share proof of reserves. Our users’ funds and assets (including crypto) are segregated and reconciled on a daily basis to ensure safety and liquidity”.
CoinSpot
In correspondence with The Chainsaw on the topic of PoR, CoinSpot’s Head of Marketing Ray Brown said:
“CoinSpot’s top priority will always be the security of our customers’ assets. We understand, adhere to, and welcome national regulation and transparency. CoinSpot operates at the highest level of compliance, and is a certified member of Blockchain Australia, Australian Digital Commerce Association, and AUSTRAC. We are also the first Australian Crypto Exchange to complete an external statutory financial audit, achieving the highest possible level of assurance under Australian Auditing Standards. This means market fluctuations don’t impact CoinSpot’s ability to enable customers access to their crypto”.
Brown commented further that all assets are “kept one-to-one”, adding, “CoinSpot does not utilise a native token and does not lend customer assets”.
Kraken
Kraken CEO Jonathan Miller told The Chainsaw that the company’s top priority is, “the security and safety of [its] clients’ assets”.
On the topic of FTX and PoR, he said:
“Firstly, it is important to note that Kraken is not affected by the recent FTX news in any material way. Secondly, we are committed to holding full reserves and have already completed two Proof of Reserves audits in 2022, enabling our clients to self-verify that their balances are held in Kraken’s wallet. We were the first exchange to commit to undergoing Proof of Reserves audits and are committed to undergoing these on a semi-annual basis”.
Going further, Miller elaborated saying, “With our current Proof of Reserves audit process, the external accounting firm matches our wallet balances to company liabilities and confirms that they match liabilities (client deposits) in supported assets, which currently comprises approximately 65% of total exchange balances”.
For those interested in how the audit process works, Miller said that more information could be found on the company’s proof of reserves blog, which also provides a step-by-step explanation on how clients can verify their account balance themselves.
Miller concluded by saying:
“The FTX crisis has been a major setback for the crypto industry and Proof of Reserves is just the starting point for rebuilding trust in the industry. We believe this transparency is absolutely vital to the health of the crypto ecosystem overall.”
Swyftx
Following questions from The Chainsaw on the company’s commitment to PoR, it responded saying:
“To the question will we provide proof of reserves, the short answer is yes. Swyftx is looking at various options, as a priority, to quickly give Australian and New Zealand crypto-users appropriate and accessible information so they can trade with total confidence. Security of customer assets is, and always has been, our priority and our intention is provide levels of transparency above and beyond Merkle tree proof of reserves, which are well intentioned but limited in what they can tell you.”
Bybit
The Chainsaw reached out to Bybit for comment, but did not receive a response prior to publication.
Proof of Reserves: Bringing it together
PoR has been thrust into the spotlight following the FTX mess and from the perspective of users, that could well turn out to be a good thing. However, as illustrated here, it is not a panacea to cure all ills relating to crypto exchange fraud and deception. But arguably, it is a very good place to start.