Don’t Trust, Verify the Proof-of-Reserves
DEK: Proof-of-reserves technology has long been cited as a way to increase transparency in crypto. And yet, even today, very few exchanges provide a verifiable version of it, says Martin Monperrus, a professor at KTH Royal Institute of Technology, in Sweden.
Martin Monperrus
About the author: Martin Monperrus is professor at KTH Royal Institute of Technology (Sweden) and head of blockchain research at a stealth company.
Photograph: https://www.monperrus.net/martin/martin-monperrus-crypto.webp
Introduction
Two years ago, when FTX crashed, everybody asked what would have prevented such a massive catastrophe. The answer: Proof-of-reserves could have prevented the collapse of FTX by offering greater transparency to its balance sheet.
So, all exchanges now implement proper proof-of-reserves, right? Unfortunately not.
Now, two years later, we have ETF custodians. Their duty is to hold the crypto assets backing the ETF fund holders. Should these custodians provide proof-of-reserves, ETF holders would be able to ground their investment on cryptography, not on trust.
Proof-of-reserves is a method that can be used by cryptocurrency exchanges and custodians to prove that they hold the amount of cryptocurrency they claim to have. It is a fundamental financial innovation allowed by only cryptocurrencies. This is simply impossible in the traditional finance world.
Proof-of-reserves allows us to increase transparency and trust in the crypto industry. They are also known as “proofs of liabilities” of “proofs of solvency” and they solve several problems:
- Fraud: for example, exchanges claiming to have more assets than they
actually do (like FTX).
- Non-transparency: we have greater insight into the operations of the
exchange, both in terms of customer base and volume.
- Insolvency Risk: it helps to mitigate the risk of insolvency by ensuring that the exchange has sufficient reserves to cover customer funds.
Proof-of-reserves is a game-changer compared to traditional finance, because it uses advanced cryptography as a backbone. Proof-of-reserves is a beautiful and powerful application of crypto tech.
So why don’t all exchanges provide verifiable proof-of-reserves? The reality is that implementing them is a significant technical and operational challenge, even for well-intentioned companies. It requires sophisticated cryptographic procedures, careful management of private keys across both hot and cold storage, and the aggregation of vast amounts of data. For some, there are also privacy concerns about revealing the total extent of their liabilities. Furthermore, the lack of a single, universally accepted standard means that each exchange must invest resources to develop and maintain its own system.
Here we apply the old crypto motto “Don’t trust, verify” to proof-of-reserves. That is: Don’t trust the proof-of-reserves, verify them.
As a professor in computer science and a crypto researcher, I have gone over the code and data provided by crypto exchanges and I have done the actual verification, by following their documentation and running their code.
What I learned is shocking.
Which exchanges correctly support proof-of-reserves? A tiny minority. The biggest ones, including Coinbase and Binance, do not. On the other hand, per my tests, BitMEX and OKX provide satisfactory, verifiable proof-of-reserves.
For greater technical details, please see the link here.
The Good
OKX supports proof-of-reserves, with good documentation and open-source code available on Github. The proofs can be downloaded locally. I was able to run the code to verify the proof. The main limitation is that the private keys only sign a message “I am an OKX address.”, with no verifiable timing information. To prove that one holds a private key, one must sign a message to be signed contains a unique, time-based piece of information, such as a blockhash (or the Times headlines). Then, the signature actually proves that the account was in control of this key as of this particular point in time.
BitMEX supports proof-of-reserves with data and code but only for BTC. The algorithms used and the shared code are good and usable. Yet, its documentation is scarce, and most importantly, BitMEX should do proof-of-reserves for all the cryptocurrencies they offer.
The Bad
Kraken claims to provide a proof-of-reserves, and provides a user-facing page. However, one cannot download the full proof data and there is no code to verify the proofs. This is not satisfactory. Kraken should publish the full proof files on a publicly available website, and it should push and maintain the verification code, for example on a popular platform like Github.
Deribit also claims to support proof-of-reserves. But there is no code available to verify the proof of reserves and liabilities, only pen-and-paper algorithms that users have to implement themselves. Like Kraken, this is more a proof-of-reserves theater than a verifiable proof of reserves with data and code.
The Ugly
Many exchanges, including the biggest like Coinbase and Binance do not provide proof-of-reserves. This is a shame.
This is also a missed opportunity, because industry leaders could act as a role model for the whole industry.
Our industry is founded on cryptography so let’s embrace one of the most important innovations that crypto(graphy) allows: proof-of-reserves.
Why it matters
Proofs-of-reserves are not easy to implement, for a number of reasons. First, they require having access to the exchange’s private keys. With hot wallets, that’s reasonable, and consequently proofs of reserves can be made very regularly (biweekly for BitMEX). With cold wallets, signing the proof requires going to cold storage has a real cost , so it’s acceptable that exchanges do them less often. But it’s not a reason for not doing them.
Let’s imagine a country where regulators are crypto-aware. Proof-of-reserves is a wonderful opportunity: the regulator can enforce proof-of-reserves as part of regulation: exchanges would demonstrate compliance with regulatory requirements using proof-of-reserves.
The technology behind crypto enables sound, verifiable proof of reserves. This was not possible with gold. This was not possible with database fiat money in TradFi. It is possible with crypto. Yet, only a few crypto exchanges do it correctly. Let’s change this.
–Martin Monperrus
References
[1] Having a safe CEX: proof of solvency and beyond (2022), Vitalik
Buterin, https://vitalik.eth.limo/general/2022/11/19/proof_of_solvency.html
[2] Proof of reserves, Nic Carter, https://niccarter.info/proof-of-reserves/
[3] What Are Proof Of Reserves In Crypto? - Milkroad https://milkroad.com/exchanges/proof-of-reserves/
[4] Appendix, M. Monperrus https://www.monperrus.net/martin/verify-proof-of-reserves