These past few weeks have been a roller coaster of unexpected and heartbreaking news from the ”most trusted” and popular centralized exchanges. A lot of investors and users have been left out in the cold. A lot of money is lost. Hopes have been dashed. What name do we call to the bankruptcies from centralized exchanges (CEXs)? Is it time to give up on CEXs? All these questions have been popping up in the minds of many CEX users and investors.
Recently, FTX exploited millions of people who held their money on the platform and trusted in it. As a result, renowned crypto hedge fund Three Arrows Capital (3AC) has filed for bankruptcy, an exchange that managed as much as $10 billion in assets. AAX as well halted withdrawals.
Due to these happenings, several crypto firms are experiencing liquidity issues. Investors are taking out their funds and moving them to DEXs many others have pulled out completely because they fear their “trusted” centralized exchange would be next.
The liquidity issue has spurred a necessary conversation about proof of reserves and the liabilities of a crypto exchange. As a result, exchanges like; Coinbase, Bitmex, Kraken, Binance, Bybit Nexo, Gate.io, and Crypto.com have had to publish proof of their reserves.
What is Proof of Reserve (PoR)?
Proof of reserve is a cryptographic method of showing transparency for crypto firms. It can as well be defined as an audit carried out by a third party (Auditor) with the aim of verifying /ascertaining that a crypto firm owns the assets it claims to have on behalf of its clients.
The essence of PoR?
- Proof of reserve is a way of showing transparency in the crypto ecosystem. It enables users to attest to their balances on an exchange. That way, it forces companies to adhere to transparency rules, making it challenging to engage in shady or unlawful financial behaviour.
- It serves as a verification mechanism that partially screens out fraudulent cryptocurrency exchanges.
- Being able to audit exchanges will bring a much more transparent crypto ecosystem.
- PoR minimizes the danger of businesses maximizing the yield and other potential returns from their assets or client assets. Additionally, it allows anyone to track funds on-chain at any time, bringing cryptocurrency exchanges closer to the treasuries of Defi protocols.
The PoR Process
PoR is performed by an external auditor to ensure a transparent and unbiased report of the firm’s assets in reserve. The auditor then takes a snapshot as ‘proof’ that the company has enough assets to satisfy its claim. With this proof, customers/investors of the crypto firm can feel secure knowing that they can withdraw their money whenever they choose and that the cryptocurrency company is not at risk of a liquidity crisis.
Snapshots of what?
The auditor takes snapshots of all the exchange balances and combines them into the Merkle Tree (also known as hash) to create a Merkle root. A Merkle root is a cryptographic fingerprint that specifically identifies the combination of these obtained by the auditor.
Merkle Tree is a cryptographic tool that encapsulates and encrypts data. It allows its users to verify some specific contents included within a set of confidential data.
Furthermore, after the snapshots, the auditor gathers all the digital signatures generated from the exchange to prove ownership of the on-chain addresses containing the assets.
Finally, the auditor examines and confirms that these balances exceed or match the exchange assets indicated in the Merkle tree, demonstrating that the client assets are retained on a full-reserve basis.
What assets can be regarded as Reserves?
In a general sense, Reserve assets are money or other easily transferable assets like gold used to maintain foreign trade, digital trades, and payments. A reserve asset must be real, easily transferred, and readily available. The U.S. dollar is a reserve currency, which is commonly regarded as a global reserve asset.
As for Cryptocurrencies, Bitcoin and Ethereum, as well as stablecoins like Tether, USDC, or BUSD are regarded as reserves. They are digital assets that offer high liquidity. These assets could be used to cover up for withdrawals or liabilities if necessary.
Limitations of proof-of-reserves
- PoR can be manipulated: Even though cryptographic proof cannot be falsified, it is believed that it can be distorted and framed to appear to be in an excellent way. Since PoR does not track where assets come from, it can be manipulated by taking loans to cover up for the audit to go smoothly and return the loans to the lender after the snapshots. Taking Crypto.com as an example, the exchange ‘mistakenly’ sent 320K ETH to a Gate.io account recently. Many people suggested that exchanges in debt can borrow in order to display a strong balance sheet, then repay it after the snapshot has been taken.
- PoR does not prevent embezzlement:Since cryptocurrency is not insured by the government. As a result, if crypto assets are mishandled, they can be lost. Merkle tree PoR wouldn’t totally stop customers’ assets from being misused. It merely keeps tabs on the money and provides data. It doesn’t give customers more control over their money. In addition, customers would be unable to get their assets back if the exchange gets sued because it would likely be involved in legal action.
- PoR is not wholly reliable: The audit procedure is not entirely reliable because there is a chance that the auditor might be bought off.
Final thoughts on PoR
PoR is a good starting approach for crypto firms considering the recent revelations from a lot of crypto companies as the bear market and the cascading effect of the FTX implosion. Still, it would be healthier to analyze both assets and liabilities, pay attention to the liabilities, and maintain transparency.
Even though PoR has its limitations, it is evident that the method would help exchanges regain the confidence their users and crypto community have lost in them if the audit is conducted truthfully. But there is the question of who is really trustworthy?