With the rising interest in digital assets from institutional and retail investors, custody options have also experienced parallel growth. As a result
With the rising interest in digital assets from institutional and retail investors, custody options have also experienced parallel growth. As a result, different kinds of custody choices have evolved as the market changes, and new providers are working to establish the structures and controls that are most effective for particular markets and offerings.
Self-custody, exchange wallets and third-party custodians are the various choices available for users to safeguard their cryptocurrencies. Custodians in the world of digital assets function similarly to traditional financial markets in that their primary duty is to take care of and protect their clients’ assets by holding the private key on behalf of the asset holder, preventing unauthorized access.
However, despite such efforts, events such as the collapse of FTX (a cryptocurrency exchange and crypto hedge fund) and the liquidation of Three Arrows Capital (a cryptocurrency hedge fund) shocked the cryptocurrency industry. They made people question the reliability and integrity of crypto custodians.
To ensure the financial soundness of custodians, a proof-of-reserves (PoR) audit confirms that the company’s on-chain holdings are identical to the client assets listed on the balance sheet, reassuring customers that the business is solvent and liquid enough to continue business with them.
This article will discuss what is a proof-of-reserves audit, why proofs of reserves are important, how to access the proof of reserves, and how to verify proofs of reserves.
What is a proof-of-reserves?
In traditional finance, reserves are a company’s profits kept aside to utilize in unforeseen circumstances. In contrast, in the crypto space, a proof of reserves refers to an independent audit conducted by a third party to confirm that the entity being audited has sufficient reserves to support all of its depositors’ balances.
For trustworthy and experienced digital asset service providers, undergoing a proof-of-reserves audit is a critical step in the regulatory process. The PoR audit ensures customers and the public that the custodian is sufficiently liquid and solvent, and they can withdraw funds anytime, providing transparency on the availability of their funds.
A proof-of-reserves audit also benefits crypto companies acting as custodians, as by ensuring absolute asset backing, they can retain customers and enhance trust in their operations. Moreover, through PoR, centralized exchanges are prohibited from investing depositors’ money in other companies, minimizing the risk that businesses will maximize the returns from their consumer assets. Additionally, such an audit also helps prevent the likelihood of events such as the great financial crisis of 2007–2008.
How does a proof-of-reserves audit work?
Before understanding how a proof of reserves works, let’s get familiarized with the overall auditing process. In general, the audit should assess an exchange’s solvency, which produces only two outcomes: either the exchange is solvent if its assets exceed its obligations or liabilities or insolvent in all other cases. However, it is conceivable that there are instances where this binary result is insufficient, such as when an exchange has to demonstrate fractional reserves.
In the case of fractional reserves, a portion of an exchange’s deposits is maintained in reserve and made instantly accessible for withdrawal (as cash and other highly liquid assets), with the remaining balance of the funds being lent to borrowers.
The auditing procedure can be divided into three distinct steps:
Proof of liabilities
The exchange’s liabilities are the outstanding cryptocurrency balances due to its clients. The sum of all customer account balances is used to compute the exchange’s total liabilities. To determine solvency, the computed amount is later contrasted with the total reserves. The proof of liabilities component also calculates the hash of the fraction factor and the root of a Merkle tree.
The user account information is used to construct a Merkle tree using the cryptographic hash of the customer’s identity, and the amount owing to the customer would be used to generate a leaf of the tree. The nodes in the following tier of the tree are created by pairing the leaves together and hashing them; to build the tree’s root, nodes are merged and hashed.
Proof of reserves
The assets that the exchange has stored on the blockchain as cryptocurrencies are called reserves. The total assets are computed by summing up the balances of crypto addresses if the exchange possesses the private keys of those addresses.
By providing the public key linked to a cryptocurrency’s address and signing it with the private key, the exchange may prove that they are the rightful owner of the crypto address. For additional security, the exchange should also sign a nonce (such as the hash of the most recent block that was added to the blockchain), a value that may be used to validate the signature. The…
cointelegraph.com