In the wake of the FTX collapse that came about as a result of the now-bankrupt cryptocurrency exchange funneling user funds to mitigate its own risks
In the wake of the FTX collapse that came about as a result of the now-bankrupt cryptocurrency exchange funneling user funds to mitigate its own risks, crypto exchanges came up with a transparency solution called proof-of-reserves.
A practice, which was recently endorsed by Binance CEO Changpeng Zhao, offers a way for exchanges to show provide transparency to users in the absence of clear regulations.
All crypto exchanges should do merkle-tree proof-of-reserves.
Banks run on fractional reserves.
Crypto exchanges should not.@Binance will start to do proof-of-reserves soon. Full transparency.— CZ Binance (@cz_binance) November 8, 2022
Proof of reserves (PoR) is an independent audit conducted by a third party that seeks to ensure that a custodian holds the assets it claims to own on behalf of its clients.
This auditor takes an anonymized snapshot of all balances held and aggregates them into a Merkle tree.
A Merkle is a cryptographic commitment scheme in which each “leaf,” or node, is labeled with a data block’s cryptographic hash. Their chief use to is to verify data that has been handled, sent or stored between computers. While invented in 1979, the concept has found extensive use in blockchain peer-to-peer networks.
After taking the snapshot, the auditor obtains a Merkle root: a cryptographic fingerprint that uniquely identifies the combination of these balances at the time when the snapshot was created.
The auditor then collects digital signatures produced by the crypto exchange, which prove ownership over the on-chain addresses with publicly verifiable balances. Lastly, the auditor compares and verifies that these balances exceed or match the client balances represented in the Merkle tree so that the client assets are held on a full-reserve basis.
A total of five centralized exchanges (CEXs) including Kraken, Bitmex, Coinfloor, Gate.io and HBTC have completed their proof-of-reserve audits while the likes of Binance, OKX, KuCoin, Huobi, Poloniex, Crypto.com, Deribit and Bitfinex have announced their plans to do the same.
Recent: Banks still show interest in digital assets and DeFi amid market chaos
The PoR practice made sense and was lauded by many in the crypto community as it seemed like a step toward a more transparent crypto ecosystem. Centralized exchanges can note the liabilities of each account on a public ledger with specific assets held. They would have to publish with a tag that only account owners can know, thereby retaining public anonymity.
Hassan Sheikh, co-founder at decentralized venture capital firm DAO Maker, told Cointelegraph that PoR provides a clear summation of due liabilities that can be matched against assets. He added that good PoR practice could make it very difficult for exchanges to fake liabilities, explaining:
“If liabilities are ever faked, users can publicly raise a red flag. Even if 1% of users ever bother to verify, it’d be impossible for any CEX to which users would fall in that cautious 1%. The larger accounts would almost always verify, and the CEX could at best get away with skipping only a small fraction of small accounts before being detected.”
He added that with publicly released liabilities that retail investors can easily verify, “the asset disclosures which exchanges are making would finally make sense,” adding that the balances presented in these audits only “hold weight under the assumption liabilities are properly presented.”
Ben Sharon, the co-founder at digital asset management firm Illumishare SRG, told Cointelegraph that scammers will try to fake any audit, no matter how reliable proof of reserves are. He added that a proof-of-reserves audit is still a viable step to keep a check on crypto exchanges, but it’s not enough and suggested other measures, such as:
“Having a separate cash reserve, an asset-backed token, or better yet, having both, in addition to a proof-of-reserves certificate would offer investors a far better solution. At the end of the day, the only solution is complete transparency. When a crypto exchange is fully transparent, users should not be afraid to trust it with their assets.”
Showing proof of reserves without the liabilities means nothing
While the practice of PoR is becoming accepted by centralized exchanges with many starting to release PoR audit data, there is still the issue of crypto platforms moving their funds right after the snapshot for the audit was taken.
Crypto.com recently transferred 280,000 Ether (ETH) to Gate.io address after it released its PoR audit, fueling rumors about crypto exchanges potentially faking their reserve audits. Many in the crypto community claimed exchanges were borrowing assets to show a healthy financial book, only to return them back right after the snapshot.
Crypto.com CEO Kris Marszalek came out to clarify that the $400 million ETH transfer was a mistake and was meant to be sent to another cold wallet, raising even more suspicion.
It was supposed to be a move to a new…
cointelegraph.com