What is Proof of Reserves and Why Is It Important?

TABLE OF CONTENTS
User profile photo
By Max
Estimated reading: 6mins
Proof of Reserves

Have you ever wondered what a centralized exchange does with your coins? You deposit crypto, withdraw fiat, and trust your balance will always be there. Until one day it’s not.

Maybe your money is working for someone else. Lent out for interest, used for fake trading volume, who knows. No one does until there’s a bank run in a bear market.

That’s where Proof Of Reserves comes into play. To prove 1:1 deposit backing. And if you think that’s enough to protect your balance, this article will be an eye opener for you.

Quick Takes:

  • Proof of Reserves are a procedure used by audit agencies to verify exchange balances in a way that doesn’t reveal sensitive data. It involves Merkle-tree verification, zk-SNARKs, or asymmetric encryption.
  • Institutions have positive PoR when on-chain assets are equal to or greater than customer deposits. Negative or no POR means that the company cannot pay back all customers at once. It has probably lent out client funds without consent to profit from interest.
  • While better than nothing, PoR cannot replace the inherent risks of CeFi. Trust isn’t removed but rather shifted from the exchange to audit authority. PoR results aren’t final, and exchanges should update them regularly.

What Is Proof Of Reserves (PoR)?

Proof of reserves (PoR) works as the centralized equivalent to crypto audits for blockchain projects. There’s a third party running tests to find out how protected the platform is against different threats. In the case of crypto institutions— namely custodial exchanges— financial management is the greatest risk, not code.

Crypto platforms aren’t like traditional brokers. Because most cryptocurrencies use public networks, transparency isn’t an option. Client or not, anyone can see company balances on every wallet and network.But do those balances match with depositors’ ones? That’s what proves the Merkle Tree technique. Merkle Tree PoR involves grouping customer “hashes” (Merkle Leaves) in pairs over and over until there’s only one hash left— the Merkle root

Merkle Tree Proof of Reserves

A hash is an unreadable string of letters and numbers that results from applying an algorithm to other data— such as wallet balances. Hashing is irreversible, but entering the same data should result in the same string. It’s a compact and useful way to prove balances without revealing them.

On centralized exchanges, each balance is hashed then paired to another one and hashed again until there’s a single balance and hash. So with 1,000 balances, 1,000 hashes will pair and convert to 500 hashes, then 250, and again until the last. This way, exchanges can prove total deposits without revealing individual balances.

The problem is, exchanges can still manipulate data. They can borrow tokens from DeFi apps, include wallets that they don’t own, exclude depositor wallets, or switch balances from fiat. Even with third-party agencies, all of the above can still happen.

Doing PoR once would be like auditing Ethereum in 2015 and expecting it not to have bugs with the 2023 version. It’d be ideal to show PoR in real-time, or at least bimonthly. Many exchanges still haven’t passed the first PoR.

Merkle Tree Proof: How To Verify Your Funds

If you’re only comparing on-chain assets vs deposits, there’s a lot you still don’t know. You don’t know how many of those assets are borrowed to pretend there’s 1:1 backing. You neither know which depositors were fabricated or excluded. 

But at least, you can prove whether or not your balance was included in the last PoR:

  • After the first PoR, the exchange should have a tool to self-verify your balance within the Merkle Tree. The exact path and tool should appear on the Help page. 
  • On the verification page, you’ll find all PoR audits and your Merkle Leaf hash.
  • The latest Merkle Tree should be public on the exchange with a search tool. If you paste your Merkle Leaf and it finds it, then the last PoR did include your deposits.

If it can’t find your Merkle leaf, it might mean:

  • PoR is pending or outdated
  • You didn’t have a balance or it was too low for consideration
  • The exchange doesn’t have the liquidity to back your balance
Merkle Leaf Proof of Reserves

Proof Of Reserves vs Crypto Audits

It’s not uncommon for crypto audit agencies to also offer PoR services. That’s because both require blockchain data to be verified. Both transactions and the code that makes them possible are public in blockchains like Ethereum, Pulsechain, or BNB Chain.

PoRs and crypto audits have major differences in:

  • Goals: PoR tries to verify the responsible management of user funds. But the goal of crypto audits is limited to code analysis and ensuring its protection against external attacks. Auditors might warn about centralization, but their goal is to analyze the tool, not the ones managing it.
  • Entities: Because of different goals, PoR and audits are meant for CeFi and DeFi platforms respectively. We assume that CeFi apps have secure code, and that DeFi isn’t centrally managed. But there are exceptions that use both— e.g. Binance PoRs and BNB Chain audits.
  • Interpretation: Compared to code evaluation, PoR is quite black and white. Assuming there’s complete information, either you have the deposited tokens or you don’t. With code, however, there are endless ways to misuse the platform— some of which the experts will miss. 
  • Scope: While PoR gives clearer results than crypto audits, their verification is more complex. Crypto auditors just look at the code in front of them, whereas in PoR, there can be data kept off-chain, omitted wallets, or undisclosed liabilities. Thus, PoR should be real-time or as frequent as possible. But audits can be done once every year or after big platform updates.

Does Proof-of-Reserves Actually Protect Users?

What is PoR? Verified crypto assets minus deposits. If it’s positive, everyone can cash out without hassle. Liquidity.

Solvency? Different story. Then you need to disclose liabilities like lender debt and operational costs. If the exchange can’t offset those liabilities long-term, eventually those “reserves” run out.

PoR is a secure and simple way to aggregate millions of balances and contrast with the exchange’s claims— but it’s not difficult to trick. Especially when you have a one-month window between each update. Hypothetically, an FTX with PoR would seem safer but still collapse due to undisclosed liabilities.

Whether you want to trust the exchange or the PoR agency, this choice is an illusion. The most accurate PoR should be decentralized and real-time. Chainlink seems to provide just that for brands like Gemini and Paxos.

The Bottom Line

At the end of the day, businesses run by humans are susceptible to malpractice.

Even with a system such as Proof of Reserves, we need blockchain solutions which remove the humans.

Liquid Loans is one such protocol which maintains full system-state solvency using immutable and admin key free software.

The system maintains a total collateral ratio over 1.10/1 by an instant liquidation method.

Join The Leading Crypto Channel

JOIN

Disclaimer:Please note that nothing on this website constitutes financial advice. Whilst every effort has been made to ensure that the information provided on this website is accurate, individuals must not rely on this information to make a financial or investment decision. Before making any decision, we strongly recommend you consult a qualified professional who should take into account your specific investment objectives, financial situation and individual needs.

User Avatar

Max

Max is a European based crypto specialist, marketer, and all-around writer. He brings an original and practical approach for timeless blockchain knowledge such as: in-depth guides on crypto 101, blockchain analysis, dApp reviews, and DeFi risk management. Max also wrote for news outlets, saas entrepreneurs, crypto exchanges, fintech B2B agencies, Metaverse game studios, trading coaches, and Web3 leaders like Enjin.

Search The Blog
Latest Video
Latest Youtube Video
Latest Podcast
Latest Podcast
Newsletter Subscribe
Share This Article
The LL Librarian

Your Genius Liquid Loans Knowledge Assistant