Proof of Reserves (PoR) is a way for cryptocurrency exchanges to publicly account for their digital assets, ensuring users’ deposits are secure and available for withdrawal.
Proof of Reserves (PoR) is a way for cryptocurrency exchanges to publicly account for their digital assets, ensuring users’ deposits are secure and available for withdrawal.
PoR is a method of cryptographically auditing a crypto exchange. Many traditional finance (TradFi) institutions periodically undergo financial audits by third parties, or auditors. These auditors confirm that the financial state of a company is presented accurately and honestly.
PoR follows a similar model: a third party reviews the necessary information to verify that an exchange is holding enough digital assets to cover user deposits. However, in TradFi, most institutions do not share information about their financial assets with the public in a detailed, verifiable way. With PoR the public can see and should be able to verify the digital assets held by the institutions.
The failure of the FTX cryptocurrency exchange in November 2022 jumpstarted a wider effort by the industry to assure their users that their funds are safe via PoR initiatives.
The cryptographic, public, and immutable nature of blockchain technology allows for particularly transparent and privacy-preserving methods for conducting an audit. In most cases, a data structure called a Merkle tree is used to securely enumerate user deposits and compare them against an exchange’s confirmed holdings.
Why is Proof of Reserves good for crypto?
In 2014, the collapse of the Mr. Gox cryptocurrency exchange was the first to demonstrate that insolvency was a threat to centralized digital asset platforms. After its collapse, several exchanges—including Bitstamp—released a joint statement promising to “reassure customers and the general public that all funds continue to be held in a safe and secure manner.”
The 2019 failure of QuadrigaCX also highlighted the issue of crypto exchange insolvency due to the exchange mismanaging client funds. An auditor who undertook a review of the company noted that it had no accounting system nor bank accounts.
However, November 2022 saw the most remarkable example of centralized exchange insolvency. Sam Bankman-Fried’s FTX cryptocurrency exchange famously crumbled after Alameda Research’s (FTX’s sister trading firm) balance sheet was leaked to the media. This revealed a strong indication that their accounts were so closely intermingled with those of FTX that if Alameda Research faltered, FTX would likely falter too. People feared that FTX did not have the assets on hand to cover all customer withdrawals. This event triggered an ensuing wave of customer withdrawals that led to a bank run-like effect, ending with the bankruptcy of FTX, likely permanent loss of billions of dollars in user funds, and crash of the crypto market.
Proof of Reserves allows centralized exchanges to provide users and fellow institutions visibility into the state of digital assets on hand, helping assure stability within digital asset markets.
How does Proof of Reserves work?
Proof of Reserves is simply a partial audit of a firm’s funds by a third party. During the process of PoR, an exchange provides information to demonstrate its ability to cover user withdrawals with assets held in its reserves. The auditor then publishes its findings for the public, and users can confirm their deposits were included in the audit. PoR is typically performed in specific ways to ensure standardization and trust in the system.
Terminology
Although Proof of Reserves is the most commonly used label to describe this important concept, there are varying interpretations of what the term means.
Some argue that because “PoR” implies only accounting for assets in reserve, it does not account for an exchange’s liabilities—specifically, user deposits. Specifically, providing a Proof of Assets without a Proof of Liabilities may only reveal part of the picture. There are still merits to publishing PoA alone, but detailing liabilities can provide a more well-rounded assessment of an exchange’s financial status. Still, some institutions only provide PoA and call it PoR.
If an exchange can show it owns a specific wallet, this would provide the requisite Proof of Assets (PoA). If it can also attest to the sum of user deposits, this would fulfill a Proof of Liabilities (PoL). Together, these confirm what the community really hopes to ensure: Proof of Solvency (PoS), a more holistic term for PoR.
Thus, PoS = PoA + PoL.
Proof of Assets (PoA)
The simplest form of proving asset ownership is for an exchange to claim a wallet, and then make a transaction with the crypto inside of it. By digitally signing a transaction, the exchange proves it controls the private keys and thus owns the wallet.
However, this has some limitations when it comes to exchanges’ fiat holdings (which cannot participate in blockchain-powered public transactions like crypto) and assets held in cold storage (offline).
Proof of Liabilities (PoL) and Merkle Trees
Proof of Liabilities is a bit more challenging because it requires an account for the size of funds a company owes its customers. This carries a significant privacy risk associated with simply publishing users’ names and their deposits. Even if this information were encrypted, there might be risk of a hack that breaks the encryption and makes individual user data public.
Therefore, a cryptographic data structure called the Merkle tree (or hash tree) is employed to protect user information. In a Merkle tree, data about each individual depositor (name + balance of deposits) is recorded as “leaves.” Usernames are cryptographically converted into data called hashes to provide a layer of protection.
Then, each of those leaves is added to exactly one other leaf. This creates a “branch”, which is the sum of the two users’ hashes + sums of their balances. On the next level, two branches are combined—their hashes and balances again added together—to create another branch. This process repeats until all balances are added up.
Image of a Merkle tree from Vitalik Buterin’s article: “Having a safe CEX: proof of solvency and beyond”
When the penultimate two nodes are summed, it creates a final node in the tree called the Merkle root. The Merkle root represents the sums of all users and balances, used to verify a large data set with just one piece of information. An auditor takes the summed balance in the Merkle root and compares it against the exchange’s proven holdings.
What are the limitations of Proof of Reserves?
Ideally, users can be assured that exchanges safely hold their assets through verification of PoR. However, there are some important limitations that are worth mentioning.
First, PoR only provides a snapshot in time of current holdings. This does not prevent institutions from moving assets around before and after the PoR audit. In fact, in the aftermath of FTX’s demise, some exchanges were observed to be sending/receiving large amounts of crypto around the times of their PoR, leaving some to question the integrity of that exchange
Another limitation of PoR is scope since PoR only assures a company's holdings and liabilities (if done right) at a moment in time, and not other risks. Companies can still be vulnerable to other factors such as bad economic environment, poor internal management, or even hacks.
Finally, audits do rely on a third party to verify that everything is in order. That means that, in a space where decentralization and trustlessness are prized, a little trust in third parties is necessary when conducting PoR.
Proof of Reserves essentials
Proof of Reserves (PoR) is a process for centralized exchanges to prove they have enough assets to cover user deposits—in other words, to prove they are solvent.
The argument for PoR has been strengthened by the failures of multiple centralized exchanges including Mt. Gox (2014), QuadrigaCX (2019), and FTX (2022), providing a way for the crypto community to have greater confidence that their funds are safe.
PoR is generally performed by a third-party auditor who compares proven exchange holdings (assets) with user funds (liabilities), employing a cryptographic method called Merkle trees to ensure user privacy.