Table of Contents
- What is Proof of Reserves?
- Why is Proof of Reserves Important?
- How Does a Proof of Reserves Audit Work?
- How a Proof of Reserves Audit is Conducted
- Profiling Custodial Institutions using Proof of Reserves Tools
- Proof of Reserves vs. Proof of Liability
Proof of Reserves (PoR) lets you verify that your exchange or any other custodial financial platform is truly in the custody of the assets you deposit.
Proof of Reserves was introduced as a response to the widespread mismanagement of user funds by centralized exchanges and derivatives trading platforms.
One way of verifying Proof of Reserves involves using the Merkle tree technology to collate the institution’s holdings and match them to user accounts to enable account owners to get a view of the account history.
CoinGecko has rolled out a Proof of Reserves feature to enable users to view available exchange reserves data in one place.
Centralized exchanges are providing customers with facilities to verify the state of the assets held on their platform. Through this, customers are able to ascertain that the institution truly holds these assets with an equal or excess reserve to back the deposits, ensuring that customers will always be able to withdraw their holdings. This process is made possible through the Proof of Reserves (PoR) system.
Also, did you know that CoinGecko now has Reserve Data on Centralized Crypto Exchanges?
You can jump straight into our guide, or read on to find out what exactly is Proof of Reserves and how it works.
What is Proof of Reserves (PoR)?
Proof of Reserves is a statement outlining the holdings of a custodial financial platform, such as centralized exchanges. It presents a report of assets in the institution’s custody and maps these assets to individual accounts. The aim of this exercise is to verify that the institution not only keeps a good record of user deposits, withdrawals, and trades but also holds the assets and not just their records.
A custodial institution will employ the services of a neutral auditing party to take a critical look into their asset store and provide an earnest report on the published data.
The auditing party can act independently (without being contracted by the institution). Their job is to confirm that the institution truly holds the number of assets it claims to hold or has a reserve reserve that is equal to the reported assets in custody.
Contemporary Proof of Reserves facilities simplifies the custody verification process through a one-click process that enables users to access the audit records and obtain proof that their institution holds the correct amount of assets. Exchanges like Kraken have already made this facility available to their users.
Why is Proof of Reserves Important?
Binance exchange’s CEO Changpeng Zhao, on November 6, 2022, raised an issue on the state of the second largest cryptocurrency trading platform – FTX. Events trailing this revealed long-running mismanagement of funds under the exchange’s custody. While users’ account balances show records of their assets, these assets were non-existent as the exchange had engaged in certain activities that resulted in a loss of users’ funds.
In an event that turned tragic, users’ withdrawal requests stalled as the exchange was unable to honor asset withdrawal requests, resulting in an estimated $10 billion in losses. Further investigation revealed similar practices by other custodial exchanges.
Proof of Reserves was introduced in response to this. Prior to this event and other things that came with it, cryptocurrency investors have always entrusted custodial institutions with the safety of their assets without the need to verify if this is actually maintained.
Implementing Proof of Reserves will offer certain benefits to custodial platforms and their users.
For users, it will:
Provide a means to verify asset management
The primary goal of Proof of Reserves is to enable customers to verify the assets held by their institutions and also get a good view of how the institution manages these assets. Some Proof of Reserves applications, like Nansen’s, are real-time. Investors can use these applications to track changes made to their individual accounts and that of the institution as a whole to get a better view of how their funds are handled over time and demand clarity of each action from their institution.
Due diligence on custodial platforms
Before setting up an account on a trading platform or any cryptocurrency institution, it is advised to carry out preliminary research on the institution, including its financial dealings and overall integrity. Proof of Reserves tools are a great way to start. With this concept developing fast, investors will be provided with simple tools to obtain relevant data on institutions and do their personal research before committing their funds to an institution.
Doing this will reduce the chances of investors losing their funds to unfortunate events resulting from poor management of users’ funds by a custodial institution. Investors can also modify or withdraw their investments to minimize losses, in the event that the platform becomes too risky over time.
Present hands-on transaction records
As already explained, Proof of Reserves applications present an institution’s finances in a transparent manner. When done well, platform users can track their personal dealings just like the exchanges’ dealings. Users can view their own activities and make informed decisions using the data obtained through these applications. Away from asset safety, users can utilize PoR tools in variable ways and obtain pleasant results in their investment journey.
For custodial institutions, it will:
Provides a means to regain and maintain users’ trust
Investors are fast losing trust in custodial institutions. The shadiness discovered in recent events is increasing the fear index for investors using custodial institutions for trading or other financial activities.
Reputable institutions can regain this lost trust by developing good Proof of Reserves facilities and making them available to their customers.
Serves as a source of truth
Regardless of how much effort is being put into the financial record system, it is still possible to leave some loopholes or omit certain activities. However, if these were performed on-chain, the decentralized ledger will hold accurate records of these transactions and can be consulted when the need to obtain them arises. Proof of Reserves applications is a good way to obtain these records in aggregated form. Institutions can then perform a comparison of the records and check whether they are valid.
The Impact of Calls for Proof of Reserves
Proof of Reserves is demanding more accountability from custodial institutions.
Exchanges are quick to show that they are really safeguarding their customer’s assets and are not using their funds for other purposes. A remarkable development from this is the Crypto.com exchange’s reserves report. An in-depth look into their reserves revealed that a good percentage of the exchange’s reserves is in the meme coin – Shiba Inu (SHIB). Considering the volatility and reputation of meme coins, users were quick to point out how unreliable this practice was.
However, an even more disturbing development was the detection of a 320,000 Ether (ETH) transfer from the exchange to another centralized exchange (Gate Exchange) and reimbursement of 285,000ETH. Questions raised in this regard concern the legitimacy of such transactions, why the returned amount was less, and what this means to the solvency of the exchanges.
This event has led to tangible losses in the concerned institution’s native token and further fear of lack of integrity and insolvency for other cryptocurrency exchanges.
How Does a Proof of Reserves Audit Work?
Custodial institutions in the cryptocurrency space hold the assets of their customers in a hot wallet from which they serve withdrawal requests from users. Institutions then set apart a cold wallet for safe storage of a portion of users’ deposits. Users obtain a wallet address to make deposits. When deposits are made, they are moved between the hot and cold wallets. Customers of custodial financial platforms are not in total custody of their assets, as the institutions keep the private keys to these addresses.
Details of assets held by the institution can be partly obtained by tracing details of transactions involving their hot and cold wallets.
However, this only presents a rough estimate of the total assets in custody but doesn’t give a hint of which users own what portion of the total assets in custody. A Proof of Reserves audit makes a deeper study to collate the total assets held by the institution and prove that the users a portion of these assets. This process utilizes the Merkle Tree.
What is a Merkle Tree?
The Merkle Tree is an approach to data structuring that upholds the verifiability of stored data and simplifies attempts to access these data and utilize them as desired. The Merkle tree is designed to partition related data in such a way that they can be accessed individually without going through each individual branch of data. As rightly named, the Merkle tree contains distinct data grouped into autonomous branches but connected to a single root; this is known as the Merkle root.
The Merkle root is the single point of connection for the data branches and ensures that the right information is stored in each of the data branches. It provides a single point of verification for the whole data tree. It also provides a uniform protection system for stored data, it ensures that data stored in the branches cannot be manipulated or damaged.
The Merkle Tree is applied to blockchain technology and constitutes the main data management technology of the decentralized ledger system. This makes it one of the core of blockchain technology. A blockchain network is in constant growth as data is generated by users of the network. Learn more about the blockchain and how it manages data
Systems like this would usually need a complete synchronization of the whole data stored in order to verify any information on the chain, regardless of the block and when the block was added to the queue. This will be demanding on the computing resources.
The Merkle tree cuts the need for complete blockchain synchronization and saves computing resources. As each block added to the chain is identified with a hash, the Merkle tree provides a storage and identification system that stores the data according to their hash, instead of a whole chain. Data in the block can hence be verified using the block’s hash and eliminates the need to compute the whole blocks in the network.
To perform a Proof of Reserves audit, the auditor starts by taking a periodic record of an institution’s asset in custody and arranging the individual data in the record using a Merkle Tree.
Here’s how an auditor creates the Proof of Reserves for a custodial institution.
How a Proof of Reserves Audit is Conducted
First, the auditor or auditing firm takes a snapshot of balances held by the institution and arranges these balances using the Merkle tree system. The pieces of custodial data for the institution are organized into a unified tree of data, branched into partitions, and identified using hash codes.
The auditor obtains the Merkle Root of the data tree; the single point of connection between data in the tree. The individual account that contributed these assets can be identified through their unique signatures.
To verify these individual contributors, the auditor matches the digital signatures to the records on the Merkle tree and verifies that the reported balances of the individual are at least equal to that obtained from the Merkle tree.
Changes to the individual balances are easily detected on the Merkle tree and it creates a sharp shift in the data structure. By this, institutions will be unable to tamper with users’ balances, when this eventually happens, the action can be easily detected by the asset owner.
The auditor or the institution can proceed to develop an interface for users to verify the custody of their assets using their digital signatures which can be their exchange IDs.
Limitations of the Merkle Tree System
The Merkle tree only matches the snapshot at that specific point in time, and as the reserve balance changes, it will require a newly updated Merkle tree to reflect the change.
Profiling Custodial Institutions using Proof of Reserves Tools
Proof of Reserves tools are fast emerging, each one offering cryptocurrency investors a way to track the assets or the financial activities of their institutions where it concerns collective funds owned by their different users.
CoinGecko’s Reserve Data
You can go to CoinGecko’s Crypto Exchanges page, and look for the column titled Reserve Data. In this column,you’ll see exchanges labeled as Available or Unavailable.
Available means that certain reserve information is available for users to perform due diligence.
Unavailable means that reserve information is not available on CoinGecko.
If you want to view Binance’s reserve data, click Binance to enter the exchange’s page, where you’ll see the option to look into their Exchange Reserves.
Once you’re inside, you’ll be able to see the exchange reserve data sourced by the CoinGecko team. This data is aggregated from sources including Nansen and DeFiLlama, as well as the exchanges themselves if it has been published.
Do note that while CoinGecko recognizes Proof of Reserves as an important data point for transparency, it is not currently linked to the Trust Score as it is a fairly new priority item for many exchanges, and subsequently penalizing exchanges for not having one at this stage could be an unfair methodology.
However, CoinGecko’s plan is to find a good representation where Proof of Reserves can be applied to the exchange’s Trust Score, so that only exchanges that have made attempts to prove solvency will have a good score.
Nansen’s Asset/Net Worth Dashboard
Here’s how to obtain and track your exchange’s finances using Nansen’s Asset/Net worth dashboard.
Nansen’s Asset/Net worth application tracks wallet activities in real-time. Using its technology, you can view institutional and individual wallet balances across selected chains and explore certain other analytical data that can help estimate the effect of your institutions’ activities on your finances.
Visit the Nansen Asset tracking application. You can connect your wallet to track your individual wallet and access the Analytics page for your wallet.
On the homepage are listed certain popular custodial cryptocurrency exchanges. Click on the desired institution to view wallet balances across over 40 blockchain networks.
The launch page shows the total amount contained in the exchange’s wallet and how they are rationed into selected assets. In this instance, we used Kucoin Exchange. A recorded $2.6 billion worth of customers’ crypto assets is held by the exchange at the time of this writing. Subsequent information shows how these holdings are distributed.
Click the desired network to view assets held on the network. We selected the Tron blockchain, in the image above. About 62% of the assets in the custody of the exchange on the Tron blockchain are held in USDT. You can obtain this data for other chains by clicking the chain.
Explore other data by Clicking Analytics from the or by clicking View full Analytics. Data from the analytics page shows how the exchanges’ assets and asset values have increased over time. You can also obtain the exchange’s wallet addresses and track activities using the chain’s explorer. Here’s a detailed guide on how to use Ethereum’s explorer – Etherscan.
For institutions not listed, you can attempt to track their portfolio by obtaining the cold wallet address and searching through the Nansen application for their records. Enter the address on the input box at the top corner of the platform
Proof of Reserves vs. Proof of Liability
Currently, most Proof of Reserves applications are only able to show crypto assets held on an institution’s verified wallet. Unverified wallets aren’t tracked and assets held in banks and offshore accounts aren’t presented as well. Users are also unable to prove their balances to satisfactory extents.
In addition, these records don’t show an institution’s liabilities. Assets in the reserves could be borrowed. PoR facilities, especially ones developed by the institution, don’t show their loan records.
While the reserves might show strong financial viability through Assets in Custody, they don’t show which portion of these assets are borrowed and from whom they were borrowed.
This gives rise to valid concerns that current provisions of Proof of Reserves are not sufficient, as accusations have been leveled at exchanges for loaning funds to meet calls for Proof of Reserves.
Conclusion: What’s next?
The recent wave of misappropriation of funds by custodial financial platforms puts the crypto space in a pitiable state. But notwithstanding, the introduction of Proof of Reserves is a silver lining, a key positive development from the tragic events. Exchanges will work on their transparency while users, prompted by past experiences will be pushed to demand even more transparency from their institutions.
Industry players can also utilize provided media to ensure the safety and availability of the funds, establishing a process that could help make the crypto space safer for investors. On the part of the users, this is important. Even as you conduct your personal research and invest in your favorite cryptocurrency projects, also endeavor to demand more transparency from your institutions and verify the safety of your funds, especially if you’re a user of a centralized financial system.
A better way to keep your funds safe is to retain full custody of your assets. This is achievable by keeping your funds in your personal wallets instead of exchanges. Cold wallets are safer alternatives for the safety of your funds, where you can consider storing funds not used for active trading.
For custodial institutions, the importance of handling users’ funds with integrity and high-level carefulness cannot be overemphasized. But now, more than ever, there is a need to also show users how care is being applied and allow them to verify claims about how their funds are being managed.
There is also increased conversation around the need for regulation to prevent future bank runs by institutions like what occurred in November 2022.
As a standard, always apply caution while interacting with high-level computing protocols and do your own research before investing.