In the wake of the FTX debacle caused by the now-defunct cryptocurrency exchange pooling user funds to mitigate its own risk, the crypto exchange came up with a transparent solution called proof-of-reserve.

A practice recently endorsed by Binance CEO Changpeng Zhao offers a way for the exchange to demonstrate transparency to users without explicit regulations.

A Proof of Reserve (PoR) is an independent audit conducted by a third party to ensure that a custodian holds the assets it claims to own on behalf of its clients.

This auditor takes an anonymous snapshot of all held balances and aggregates them into a Merkle tree.

Merkle is a cryptographic commitment scheme where each “leaf” or node is signed with a cryptographic hash of a block of data. Their main purpose is to authenticate data that is processed, sent, or stored between computers. Although the concept was invented in 1979, it has found widespread use in blockchain peer-to-peer networks.

After the snapshot is taken, auditors obtain the Merkle root: a cryptographic fingerprint that uniquely identifies the combination of these balances at the time the snapshot was created.

Auditors then collect digital signatures generated by cryptocurrency exchanges that attest to ownership of on-chain addresses and publicly verifiable balances. Finally, auditors compare and verify that these balances exceed or match customer balances represented in the Merkle tree so that customer assets are held on a fully-reserved basis.

Five centralized exchanges (CEXs) including Kraken, Bitmex, Coinfloor, Gate.io, and HBTC have completed proof-of-reserve audits, while Binance, OKX, KuCoin, Huobi, Poloniex, Crypto.com, Deribit, and Bitfinex have announced their plan.

Lately: Banks Still Show Interest in Digital Assets and DeFi Amid Market Chaos

The PoR practice makes sense and has been praised by many in the crypto community as it appears to be a step towards a more transparent crypto ecosystem. Centralized exchanges can record the liabilities of each account on a public ledger that holds specific assets. They must be posted using a hashtag known only to the account owner, thus keeping the public anonymous.

Hassan Sheikh, co-founder of decentralized venture capital firm DAO Maker, told Cointelegraph that PoR provides an explicit sum of maturing liabilities that can be matched to assets. He added that good PoR practices could make it difficult for exchanges to forge liabilities, explaining:

“If liabilities are falsified, users can publicly issue a warning. Even if 1% of users bother to verify, it is unlikely that any CEX user will fall into that cautious 1%. Larger accounts will almost always be verified, and CEX most Only a small percentage of small accounts can be skipped before being discovered.”

Since publicly posted liabilities can be easily verified by retail investors, “the asset disclosures that exchanges are making are ultimately meaningful,” he added, adding that the balances presented in these audits are only “on the assumption that liabilities are properly presented.” Circumstances have weight”.

Ben Sharon, co-founder of digital asset management firm Illumishare SRG, told Cointelegraph that scammers will try to falsify any audit, no matter how reliable the reserve certificate is. He added that proof-of-reserve audits are still a viable step in checking cryptocurrency exchanges, but it is not enough, and suggested other steps, such as:

“Having a separate cash reserve, an asset-backed token, or better yet, both in addition to a proof-of-reserve certificate would provide a better solution for investors. At the end of the day, the only solution is Complete transparency. When a cryptocurrency exchange is fully transparent, users should not be afraid to entrust their assets to it.”

There’s no point in showing proof of reserves with no liabilities

While the PoR approach is being embraced by centralized exchanges, with many starting to publish PoR audit data, there is still the issue of crypto platforms moving funds immediately after audit snapshots are taken.

Crypto.com recently moved 280,000 ether (ETH) to a Gate.io address after publishing its PoR audit, sparking rumors that the crypto exchange may have faked a reserve audit. Many in the crypto community claim that the exchange borrowed assets to show a healthy financial book, only to return them immediately after the snapshot.

Crypto.com CEO Kris Marszalek came forward to clarify that the $400 million ETH transfer was a mistake and was supposed to go to another cold wallet, which raised more doubts.

And, while some exchanges provided detailed reserve breakdowns during PoR, others simply responded quickly, claiming they were profitable. Nexo simply provided a one-page snapshot saying they had assets in excess of roughly $3.2 billion in customer deposits.

Philipp Zimmerer, a core contributor to decentralized finance protocol Spool.fi, told Cointelegraph while reviewing some of the reserve audits published by the exchange, that the main problem is that there are no formal rules for what constitutes a proper PoR audit . This means that procedures will vary between exchanges. He explained:

“Even when implemented with the best of intentions, Proof of Reserves still cannot prove exclusive ownership of private keys or uncover any borrowed funds to manipulate audit results. Generally speaking, this practice is only as worth as exchanges and auditors to begin with Trust never constitutes 100% proof of anything.”

He further stated that showing assets without liabilities is worthless. The only people who can be “trusted to a certain extent are fully regulated onshore banking licensees who undergo regular, comprehensive audits by reputable independent firms.” He cited the example of Coinbase, which, as a public company, publicly information about its assets and liabilities.

Zimmerer also pointed out that another U.S.-registered exchange, Kraken, conducts regular audits and publishes the audit results and disseminates them to the public.

Stefan Rust, CEO of data infrastructure provider Truflation, told Cointelegraph that from the early implementation of PoR, it seems to be a good first step forward, but in order to gain more trust and better transparency, more The smart approach is to look at the overall balance sheet and monitor liabilities while maintaining transparency on capital reserves. It’s not just reserves, it’s the company’s exposure.

In the case of FTX, they divested the liabilities and revenues of over 130 companies. The same thing happened with WeWork and a few other failures in the corporate space. Rust says:

“Proof of Reserves is the first step. Proof of Liabilities would be great, and considering FTX, a must-have version. Finally, some kind of proof of a merger or merger between relevant companies. We need to educate the market and the community, not just how Use these tools, but also let them know the benefits of these tools.It is important for users to understand why decentralization is actually an important part of not only the crypto ecosystem, but the future of finance and Web3 .”

When asked about the most reliable way to keep tabs on cryptocurrency exchanges, Don Guillaume, Head of PR and Communications at Gate.io, told Cointelegraph, “Regulation. Active measures to ensure that cryptocurrency exchanges, and indeed any company operating in the cryptocurrency industry, are regulated and comply with the law.”

Most recently: Could Hong Kong Really Be China’s Proxy in Crypto?

Overall, the aftermath of the FTX debacle has led to calls for greater regulation of the cryptocurrency market. While major market players continue to provide some form of transparency to regain public trust, experts believe that proof of reserves cannot be relied upon alone.