The crypto landscape has come under intense scrutiny from all angles—from regulators to skeptics to users. With the FTX collapse, this scrutiny has intensified, with ever-increasing calls for centralized exchanges to publish regularly updated proof of reserves. When you think about it, these calls make sense. If you live in a community where one bank is robbed per quarter—or where workers elope with the banks’ customers’ assets very often, you would be hard-pressed to either: 1) pull out your assets, or 2) get assurances that the bank can cover any losses from robberies or internal theft. 

This is the financial basis behind proof of reserves. 

Through proof of reserves, centralized exchanges provide customers with the facilities to verify the security of the assets held on their platform. Through the published proof of reserves, customers are able to ascertain that the exchange truly holds these assets with an equal or more valuable reserve to back the deposits, ensuring that customers will always be able to withdraw their holdings. 

But that barely scratches the surface. If you’re looking to learn the complete workings of a proof of reserves document, read on to find out what exactly proof of reserves is and how it works in crypto.

What Is Proof of Reserves (PoR)?

Proof of reserves is a statement outlining the holdings of a custodial financial institution, such as centralized exchanges.

Proof of reserves demonstrates an exchange’s ability to honor customer withdrawals from its platform at all times when this inability to process withdrawals is not due to a technical problem. Lately, as we have seen, financial malpractices see exchanges unable to process withdrawals at one point or the other, often leading to the ultimate demise of such an exchange. 

Broadly, a proof of reserves publication consists of two parts: a current record of customers’ token deposits (known as liabilities), and a pool of tokens held within a set of exchange addresses (also known as assets). As a custodial financial institution, centralized exchanges are not supposed to divert customer assets for other uses, and as a going concern, their assets should match or exceed their liabilities. 

We are proud to announce that our second Proof-Of-Reserves has been released!

This POR certifies that there are 1:1 on-chain reserves for all user assets, and users can also conduct independent verifications by visiting the link below 👇

— KUCOIN (@kucoincom) January 5, 2023

While there are multiple ways that proof of reserves can be published, the crypto ecosystem has devised an on-chain, trust-minimized way to record such proofs on-chain, verifiable by anyone. In effect, a centralized exchange can present a report of assets in its custody, map these assets to individual wallets, and store part of this information on-chain. This way, individual customers or interested third parties can verify that the exchange actually holds the specific assets that match specific account balances without revealing the identity of the users.

Contemporary proof of reserves facilities simplifies the user or third party custody verification process through a one-click function that enables users to access the audit records and obtain proof that the exchange holds the required amount of assets. Exchanges like Kraken already have this function enabled for its users.

Why Is Proof of Reserves Published?

Recent events in crypto have necessitated stricter transparency and trust measures, more so for centralized exchanges. On November 6, 2022, Binance CEO, Changpeng Zhao, raised suspicions of financial foul play in FTX, a Binance competitor and the then second-largest exchange. As events have revealed, there was long-running mismanagement of funds in the exchange's custody. While millions of users’ account balances showed records of their assets, these assets were non-existent as the exchange had diverted users’ funds, resulting in a loss of users’ funds. Read more about those events here and here.

Proof of reserves offers certain benefits to custodial platforms and their users. 

For users, it:

1. Provides a way to verify that exchanges are in financial health for continued custody of assets

The primary goal of a proof of reserves publication is to enable customers of an exchange (or any interested party) to verify the assets held by the exchanges. For investors and regulators, proof of reserves is an opportunity to track the overall health of the exchange, and how this impacts their holdings. This is done to get a better view of how their funds are handled over time and, if need be, demand clarity of any untoward action(s) from the exchange.

2. Allows interested parties to conduct due diligence on custodial platforms

Before setting up an account on a centralized exchange, it is generally advised to carry out preliminary research on the institution (i.e. a subset of Do Your Own Research). This research includes its financial dealings and overall integrity. Proofs of reserves are a great way to start your research. With more and more people demanding proof of reserves, intending users are provided with the tools to obtain relevant data on how specific exchanges custody their client assets, and do their own research before committing assets to such exchanges.

Doing this helps reduce the chances of users losing their assets to unfortunate events resulting from poor management of users’ funds by an exchange. Users can also modify or withdraw their investments to minimize losses, in the event that they feel that the platform’s custody practices have become too risky over time.

For custodial institutions, it:

1. Provides a means to regain and/or maintain users' trust

Crypto users and startup investors are fast losing trust in centralized exchanges, and this loss of trust had been coming for these exchanges. The shadiness that has pervaded the crypto ecosystem in recent months has raised doubts amongst crypto users about centralized exchanges. As usual, too, the ‘not your keys, not your coins’ evangelists have sprung up as they do every time the ecosystem suffers misfortune. These factors have led to palpable apprehension and mistrust of exchanges amongst crypto users. 

With investors, the tale is not much different. Although crypto still has the attention of institutional investors, venture capital into crypto is drying up fast, as investor confidence continues to plummet. With proof of reserves, exchanges can maintain trust and, in some cases, regain lost trust. 

2. Serves as a source of truth

Regardless of how much effort an exchange puts into ensuring the accuracy of its internal record-keeping systems, it is still possible for errors to occur (as Bankman-Fried claimed in interviews), or even worse, loopholes that may be exploited by malicious actors.  However, if these were recorded and verifiable on-chain, the hope is that more scrutinizing eyes would be on the lookout. After all, these days, no one can be too careful in crypto. 

We will move a small amount of #BTC and $LTC later today as part of our Proof of Reserves operations.

Please note due to Bitcoin's UTXO model, these transactions may be flagged by chain analysis bots. Funds are SAFU.

— Binance (@binance) January 3, 2023

How Does a Proof of Reserves Audit Work?

Centralized exchanges, being custodial institutions, hold the assets of their customers in a hot wallet from which they serve withdrawal requests from these users. Exchanges also set apart a cold wallet for the safe storage of a portion of users' deposits. Upon registration on a centralized exchange platform, users are assigned wallet addresses with which to transact. When deposits are made, they are moved between the exchange’s hot and cold wallets. 

Details of assets held by any exchange to be audited can be partly obtained by tracing information about transactions involving their hot and cold wallets. 

However, this only presents an aggregated view of the total assets in the exchange’s custody but does not give a hint of which users own what portion of the total assets in the exchange’s custody. A proof of reserves audit makes it possible to carry out a deeper study to collate the total assets held by the institution and prove that the users own a portion of these assets.

To do this, an auditor would make use of a Merkle Tree, which we’ll take a closer look at in the second and final installment of this series on Friday.

This article is written by Chidera Anushiem as a part of enter.blog's bounty program and is a part of a two-part series. Do you have an interesting topic, series or subject you think would be fitting for enter.blog? 

You can now submit your articles to enter.blog and get paid for your contributions!
Read more and submit your article here.