Recently, cryptocurrencies have been attracting a lot of attention in every wrong way possible. There are many reasons for this negative publicity; the collapse of the FTX exchange is the latest on the list, which led to a loss of billions of dollars of investors’ money.
These kinds of incidents spread fear among investors and shatter their confidence in the crypto market. Thus, there should be an independent audit or evaluation process to verify if a crypto exchange has enough assets to cover its customer’s balances. The term for this is Proof of Reserves (PoR).
In this article, we will explore the concept of Proof of Reserves and evaluate if it’s a permanent solution to ongoing solvency issues faced by crypto exchanges.
Proof of Reserves (PoR) – An Overview
Proof of Reserves (PoR) is a verifiable auditing procedure that checks if a crypto exchange has enough reserves to back its customer funds. Ideally, it is conducted by an independent third-party auditor.
This process helps the investors know the solvency and liquidity status of an exchange, thereby improving their confidence and trust.
PoR is highly applicable to centralized crypto exchanges as these exchanges act as the custodian of the assets. But, in the case of decentralized exchanges, users have full control over their assets.
How Does the Proof of Reserves Audit Work?
PoR verifies if the on-chain assets of an exchange match 100% with the customer assets they are holding at the time of audit. If the audit results are satisfactory, it reassures the customers that the exchange is solvent and liquid. The users could withdraw funds as and when needed.
To perform this audit, the PoR process goes through a few steps involving cryptography.
1. Adding customer account balance
As a first step, the auditor ensures all the customer balances (from individual customer accounts) are added to arrive at the total account balance. The final number will be later used for audit purposes. It involves taking a snapshot of all account balances and then converting this data to a ‘Merkle tree.’ It is a method to structure large amounts of data for performing more straightforward processing.
Before we dive in, it’s essential to know about a process called ‘Hashing.’ It serves as the base to form a Merkle tree.
Hashing is a mathematical function that converts an input into a unique output (or hash). It’s a one-way process; you can’t reverse-engineer the output to find the input. It is easy to compute the hash of an input value, but the opposite isn’t possible. Therefore, hashing is frequently used to protect the underlying data.
There are different types of hash functions. But in the context of cryptos, blockchain networks use a highly secure function called ‘SHA256.’ It was developed by the U.S. National Security Agency (NSA) in 2001.
Suppose you apply SHA256 over the input data:
Hello
It will generate the corresponding hash: 185f8db32271fe25f561a6fc938b2e264306ec304eda518007d1764826381969
Also, hashing helps check the integrity of the data sets. Let’s say you download a file and want to know if it’s original and not a malicious/duplicate. In this case, you can compare the hash code of the downloaded file with the publicly available hash shared by the developers. If it matches, the file is original.
Merkle Tree
Now we know how hashing works. Let’s see how Merkle Tree uses it. Each user account balance is hashed into a ‘leaf.’ A group of these ‘leaves’ is then hashed to form a ‘branch.’ With every layer of hashing, the number of leaves gets exponentially reduced as they get converted to ‘branches.’ The process continues until, eventually, a single hash remains. It is called the Merkle root, sitting at the top of the ‘tree-like’ structure.
The Merkle root uniquely identifies and sums up the balances of all the customer accounts. While performing, it doesn’t publicly expose the account balance of any individual customer.
2. Validating assets on the blockchain
The next step involves the auditing firm checking public blockchains where the assets are held by the exchange. It uses blockchain explorers (like Etherscan) to check the data points. The balances and the details of the assets on the public blockchains should be consistent with the total customer balance. If yes, the exchange has verified PoR and shown that it holds all deposited assets.
The customers can verify the audit results performed on the exchange. Any change to a customer’s account balance creates a cascading change, forming a new Merkle root.
Advantages of Proof of Reserve Audit
Below are some of the benefits of the PoR audit process.
1. Increase transparency and maintain privacy
Proof of Reserve improves the transparency of the exchange without compromising customer privacy.
2. Improves customer confidence
PoR increases customer confidence as they can check whether their assets are safe with the exchange.
3. Financial health assessment
Bankruptcy is not an unheard phenomenon in the financial world.
Traditional companies have government institutions bailing them out in case of bankruptcy. But it’s not the case for crypto exchanges. Thus, PoR could help identify an exchange’s financial health before it gets too late.
What are the limitations of PoR?
Proof of reserve does make the crypto world a better place. But it also has a few limitations.
1. Dynamic account balance
As PoR tries to match the crypto exchange’s balance against the public blockchains, the timing of the audit plays a considerable role. Users might constantly add or withdraw funds resulting in a dynamic account balance, which could make getting a 100% match difficult.
Also, stolen funds and loss of keys can create further inconsistencies during the audit.
2. Backdoor dealings
There is a possibility for collaboration between the auditing firm and the exchange. Such arrangements can influence the audit results.
3. Borrowed funds
PoR cannot confirm if an exchange borrowed external funds just to pass the audit.
Conclusion
PoR is definitely a progressive step to improve trust among crypto investors. Also, it sets stringent requirements for crypto exchanges. Hopefully, it will make the crypto exchanges responsibly handle user funds and make the industry safer and more transparent.
But many experts believe PoR is not a long-term solution. As long as a third party is involved, the investors need to trust them. There is always scope for collusion between the auditing firm and the exchange, which can lead to false results.
FAQs
1. What is Proof of Reserves in blockchain?
Proof of Reserves (PoR) is a verifiable auditing procedure that checks if a crypto exchange has enough reserves to back its customer funds. Ideally, it is conducted by an independent third-party auditor. This process helps the investors know the solvency and liquidity status of an exchange.
2. What assets are covered under Proof of Reserves?
Crypto assets held by exchanges are covered under the Proof of Reserves (PoR).
PoR verifies if the on-chain assets of an exchange match 100% with the customer assets they are holding at the time of audit. If the audit results are satisfactory, it reassures the customers that the exchange is solvent and liquid.
2. Is Proof Of Reserves a Long-Term Answer?
Many experts believe PoR is a step forward but not a long-term solution. As long as a third party is involved, the investors need to trust them. There is always scope for collusion between the auditing firm and the exchange, which can influence the audit results.