Proof of Reserves

Nic’s PoR ✨ Wall of Fame ✨

Entities which have conducted a PoR attestation within the last 12 months:
  • Coinfloor (self-assessment, user validation with merkle approach, ongoing)
  • Gate.io (auditor-assisted, user validation with merkle approach, point in time)
  • HBTC (self-assessment, user validation with merkle approach, point in time)
  • [Your exchange’s name here?]

Partial validation

  • Bitbuy (forensics firm assisted, no user validation, point in time)
  • Shakepay (forensics firm assisted, no user validation, point in time)
Optimally, providers would use a third party firm to attest to liabilities, would allow users to validate the PoR with the merkle approach, and would conduct an ongoing attestation.

Note: I am presenting these claims ‘as is’ with no endorsement or guarantee of their correctness


Proof of Reserve introduction

If there’s a single thing I could do to better this industry, it would be to convince every custodial service provider in the cryptocurrency space to adopt a routine Proof of Reserve program.

Proof of Reserves is the idea that custodial businesses holding cryptocurrency should create public facing attestations as to their reserves, matched up with a proof of user balances (liabilities). The equation is simple (in theory):

Proof of Reserves + Proof of Liability = Proof of Solvency

The idea is to prove to the general public, and in particular your depositors, that your cryptocurrency held on deposit matches up with user balances. Of course, in practice, this isn’t quite so simple. Proving that you control some funds on chain is trivial, but you could always borrow those funds on a short term basis. This is why point-in-time attestations mean relatively little. And additionally, exchanges can have hidden liabilities or have creditors claim seniority to depositors, especially if they don’t legally segregate client assets on the platform. This is why Wyoming’s SPDI law clarifying the legal status of depositors relative to custodial institutions is so important.

Proving liabilities is tricky, and generally requires an auditor to engage in a full assessment. For instance, exchanges can omit certain liabilities to ‘cheat’ a PoR attestation. This is why I recommend both a user-facing PoR protocol, allowing users to obtain ‘herd immunity’ by collectively verifying their individual balances, and an auditor-facing PoR protocol, to prove that the claimed liabilities are faithful to reality.

Another issue is that exchanges could have unaccounted-for liabilities that a mere cash flow analysis might not capture. For instance, given that many exchanges exist under muddy regulatory regimes and legal contexts, it’s not guaranteed that depositors would be senior to creditors in the case of bankruptcy. This means that it’s possible that large debts could consist of a hidden liability that would weaken depositor claims on reserves in a worst case scenario. This is why I recommend including an auditor in a PoR process, so these more complex liabilities (and an assessment of the seniority of depositors) can be understood. More generally, exchanges should adopt a legal policy in which depositors are absolutely privileged and senior to all creditors.

So a Proof of Reserve program isn’t entirely trustless. However, it’s still worth doing, for several reasons:

  • It’s good housekeeping. A periodic PoR attestation demonstrates to your end users that you have your house in order, and that you are being vigilant with regards to solvency
  • It’s a strong self-regulatory measure. If exchanges collectively adopted PoR, regulators might be more inclined to adopt a light touch approach. Much better to operate in relative freedom with voluntary self-regulatory measures rather than suffering onerous regulatory impositions later on
  • It helps safeguard against toxic operators by making fractional reserves virtually impossible to hide. These exchange failures reflect badly on the whole industry, so it’s in everyone’s interest to avoid them

To those who reject PoR because it’s not perfectly trustless in its current implementation, I would respond that the perfect is the enemy of the good. At present, the industry standard is virtually no transparency. Those exchanges that are more stringently regulated, under the NY Trust License for instance, can credibly claim to be fair stewards of user funds. Some exchanges conduct audits to obtain bank partners. But these audits are generally not consumer facing, and many exchanges are loosely regulated. A far more potent trust signal would entail allowing depositors to individually verify that their deposits genuinely exist under the control of the exchange. If we let a commitment to perfection stall the adoption of processes like PoR, we will likely end up with a much worse situation where onerous, top-down regulation is imposed on exchanges. I always prefer proactive industry-driven self-regulation to state regulation, and I think you should, too.


Proof of Reserve Resources

Articles:

Podcasts:

Papers:

Technical resources:


FAQ

Why ‘Proof of Reserve’ if you really mean ‘Proof of Solvency’?
Proof of Reserve sounds better, and Solvency is a much higher bar to clear. Ideally a PoR would be paired with a full accounting of liabilities, known and hidden, and stronger solvency assurances would be obtained.

What about exchange/user privacy?
As long as exchanges are ok with people knowing how the total value of assets on deposit, they don’t have to divulge any additional information. In practice, it’s trivial to determine how many coins an exchange has, and many third party providers actively publish this data. So trying to hide the number of coins on deposit is a lost cause anyway. Through the proof of liability tool, user information is anonymized and hashed. This allows only users with a knowledge of their account ID and their balance to verify that they are included in the merkle proof without spying on other users.

What about DEXes?
The growth of DEXes is exciting and great for the industry. However, cryptocurrency users have a revealed preference for custodial ownership, at least for a portion of their coins. Self-custody is hard and it isn’t for everyone. Approximately 20-25% of BTC and ETH is held in a custodial setting. By encouraging custodial exchanges to adopt PoR, I am hoping that user assurances at custodial exchanges can be bettered. However, it goes without saying – not your keys, not your coins. You are ALWAYS vulnerable if you choose to use a custodial exchange.

I want to adopt PoR. What do you recommend?

 1.   I recommend updating your legal ToS to clarify a) the segregation of client deposits and operating capital, b) the seniority of client deposits in liquidation, and c) the responsibilities you have towards depositors under your regulatory regime, if any.

 2.  As for adopting a PoR strategy, I suggest an ongoing, auditor-enhanced, user-verifiable proof of solvency using the merkle approach. Point in time attestations are not sufficient. I recommend using an auditor to assist and attest to the liabilities side. Currently Armanino and KPMG are audit/accounting firms known to be offering these services. I strongly recommend allowing depositors to verify that their balances are included in the proof of liabilities using the Maxwell/Todd merkle method.

Why do I need an auditor or external third party assistance?
The liabilities side of the equation is tricky, and for users to have confidence that the accounting is complete, it’s worth engaging a trusted auditor willing to contribute their professional reputation to an assessment of liabilities.


Want to include your exchange in my list of active PoR participants? Have feedback or want to suggest a resource for inclusion? To get in touch, DM me on Twitter.