Key takeaways
- PoR audits are cryptographic verifications used by cryptocurrency exchanges to prove they hold sufficient assets to cover customer deposits.
- Using methods like Merkle trees and zero-knowledge proofs, PoR ensures transparency, similar to how capital reserves are mandated in traditional finance for stability.
- Coinbase’s cbBTC uses PoR to verify that for every wrapped Bitcoin, an equivalent amount is securely held in Coinbase’s custody.
- PoR audits can verify asset holdings but do not account for liabilities, which can mislead users about an exchange’s solvency.
Proof-of-reserves (PoR) audits have become a vital tool in the cryptocurrency industry to promote transparency and security, especially in the wake of high-profile exchange collapses like FTX.
While similar in concept to traditional banking capital adequacy requirements, PoR audits come with certain limitations, especially in their inability to verify liabilities and their reliance on periodic reports.
This article explores PoR audits, their role in crypto and their evolution into more robust models for ensuring exchange solvency.
What are proof-of-reserves audits?
Cryptocurrency exchanges are increasingly adopting proof-of-reserves (PoR) audits to verify they hold sufficient assets to cover user deposits. These cryptographic audits, using Merkle trees and onchain verifications, serve as a transparency mechanism in crypto, much like capital adequacy requirements do for traditional finance.
But does the PoR concept draw inspiration from TradFi?
In traditional banking, regulators have long mandated that financial institutions maintain a certain level of capital reserves to safeguard against potential risks. This framework ensures that banks can absorb unexpected losses and continue to operate during economic downturns. A pivotal moment highlighting the importance of such regulations was the 2008 financial crisis.
During this crisis, many banks faced significant losses due to high-risk exposures, leading to a global economic downturn. In response, international regulatory bodies introduced more stringent measures to bolster the resilience of financial institutions.
One such measure is the Basel III framework, established by the Basel Committee on Banking Supervision. Basel III set forth comprehensive reforms to improve the regulation, supervision and risk management within the banking sector.
- Common equity tier 1 (CET1) capital requirements mandate financial services firms to hold a minimum amount of common equity relative to their risk-weighted assets, ensuring they have a solid capital base to cover potential losses.
- Leverage ratio serves as a backstop to the risk-based capital requirements, limiting the extent to which a bank can leverage its capital base.
- Liquidity coverage ratio (LCR) ensures that banks have sufficient high-quality liquid assets to withstand a 30-day stressed funding scenario.
- Net stable funding ratio (NSFR) promotes resilience over a longer time horizon by requiring banks to fund their activities with stable sources of funding.
These measures aim to enhance the banking sector’s ability to absorb shocks arising from financial and economic stress, thereby reducing the risk of systemic crises.
A parallel concept known as proof-of-reserves (PoR) audits has emerged in the world of cryptocurrencies to promote transparency and trust within digital asset platforms. PoR audits are cryptographic verifications that confirm whether a cryptocurrency exchange or custodian holds the assets it claims on behalf of its users.
These cryptographic audits, using Merkle trees and onchain verifications, serve as a transparency mechanism in crypto. The primary goal is to provide assurance that these platforms are solvent and can meet customer withdrawal demands. Some audits provide the dollar equivalent of the reserves, whereas others report in major cryptocurrencies like Bitcoin (BTC) and Ether (ETH).
How do proof-of-reserves audits work?
PoR audits use cryptographic methods like Merkle trees to verify that exchanges hold sufficient assets to cover user deposits, but they don’t prove solvency, as they don’t account for hidden liabilities.
These audits are designed to verify that cryptocurrency exchanges and custodians actually hold the assets they claim on behalf of their users. The process typically begins with asset verification, where platforms disclose wallet addresses or use cryptographic proofs, such as Merkle trees, to confirm holdings without revealing sensitive account details.
A Merkle tree allows user balances to be hashed and aggregated into a single “Merkle root,” which auditors and users can verify independently. Additionally, a third-party auditor may be involved to assess whether the exchange’s reserves match its reported holdings. Alongside this, customer liability verification ensures that total deposits do not exceed available reserves, strengthening the credibility of the exchange’s financial standing.
