Proof of Reserve (PoR) has gone from buzzword to roar in recent weeks because the crypto world tries to recuperate from the shock and losses of the present crypto winter. After intense discussion and work, the standards and rankings for an appropriate PoR are starting to emerge, but the problems of how you can conduct proof of reserves, and even who should achieve this, remain open.
The difference between proof of assets and proof of reserves was quickly identified, together with their deficiencies. Traditional attempts by auditors to offer PoR soon failed, and huge corporations stepped up and backed out quickly.
I’m sorry but no. This isn’t PoR. This is either ignorance or deliberate misrepresentation.
A merkle tree is just hand-made crap with no auditor to ensure you have not included accounts with a negative balance. Without liabilities, an asset statement is unnecessary. https://t.co/b5KSr2XKLB
— Jesse Powell (@jespow) November 25, 2022
Auditors may never provide the peace of mind users expect from PoRs, Doug Schwenk, CEO of Digital Asset Research (DAR), told Cointelegraph. Audits are carried out periodically, while cryptocurrency trading takes place across the clock.
DAR provides information and verification services to major traditional finance firms and creates the FTSE Russell Index in partnership with the London Stock Exchange. “We wish to see evidence of reserve. […] It’s not enough for us to say we’re satisfied, but it surely’s definitely higher than nothing.” He added:
“In the world we’re navigating now, higher than nothing is usually a great place to begin.”
To further complicate matters, centralized (CeFi) and decentralized (DeFi) platforms present radically different challenges. Thanks to its transparency, “Proof of Reserve is commendable [itself] proof of reserve” in DeFi, in accordance with Amit Chaurhary, head of DeFi research for Polygon, a scalable blockchain ecosystem compatible with Ethereum.
Related: Proof-of-reserves: Can reserve audits avoid one other FTX-like moment?
Chaudhary told Cointelegraph that the corporate’s zero-knowledge Ethereum Virtual Machine (zkEVM) provides “tested security” in PoR. This software uses Merkle trees to see each positive (assets) and negative (liabilities) balances and allows the user to confirm their accounts while maintaining a high level of privacy. In addition, zero-knowledge protocols can offer dual security checks for safer billing and anti-money laundering and customer knowledge checks while maintaining anonymity.
The immutable nature of the blockchain record would allow the audit process to be verified. Chaudhary added:
“You can implement an accounting system in your zkEVM. You can design your individual accounting system.”
CeFi poses much greater challenges. “Since liabilities may be made off-chain, there is no such thing as a method to point out proof of liabilities and that an organization can honor all customer deposits,” Aleph Zero Blockchain founder Matthew Niemerg said in a press release to Cointelegraph.
Centralized cryptocurrency exchanges take various steps to offer PoR that meets the needs of users. Exchange OKX, which recently committed to providing fresh PoR every month, uses PoR based on the open source Merkle tree protocol together with the Nansen Dashboard. Nansen provides third party real-time transaction tracking.
#OKX published a second report confirming the reserves, the monthly publication Promises
— Satoshi Club (@esatoshiclub) December 23, 2022
OKX told Cointelegraph in a press release that the exchange verifies the holdings of its three largest assets, BTC, ETH and USDT, using a Merkle Tree, which allows users to confirm their holdings, see if their balance is included within the exchange’s total liabilities, and compare OKX’s assets and liabilities.
“OKX discloses its wallet addresses through the Nansen Dashboard,” OKX further explained. This allows users to ascertain OKX resources in real time “to make sure that OKX has enough reserves within the chain for users to opt out.”
Despite efforts by OKX and other exchanges to make sure transparency, “no amount of math or cryptography can solve the human problem of fraud and deception, even when the books are audited by respectable, independent third parties. Garbage in, garbage out!” Niemer said.
Part of the challenge of providing transparent services is cultural. Traditional finance has “the advantage of living in 2022 where now we have nearly 100 years of highly regulated capital markets,” Schwenk said.
The DAR seeks to “apply the identical rigors as regulators” to “firms which might be used to a high degree of trust of their counterparty.” Nevertheless, “it’s unimaginable to get perfect information on any of those counterparties today as lots of them still struggle with some maturity questions and struggle to be as buttoned up as seen in traditional finance,” Schwenk said.