Proof of reserve (PoR) has gone from buzzword to buzzword in recent weeks as the crypto world tries to recover from the shock and losses of the current crypto season. After much discussion and hard work, the criteria and rankings for an adequate PoR are starting to emerge, but the fine points of how to do backup evidence, or who should do it, remain open questions.
The difference between proof of assets and proof of reserves is quickly demonstrated, along with their own shortcomings. Traditional auditors’ efforts to provide PoR are short-lived, as large companies rise and quickly retreat.
I apologize but no. This is not a PoR. This is either ignorance or deliberate misrepresentation.
A merkle tree is just nonsense without an auditor to make sure you don’t include accounts with negative balances. A statement of assets is worthless without liabilities. https://t.co/b5KSr2XKLB
– Jesse Powell (@jespow) November 25, 2022
Auditors will not be able to provide the assurances they want from PoR, Doug Schwenk, CEO of Digital Asset Research (DAR) told Cointelegraph. Audits are done periodically, when crypto trades around the clock “Ideally you will have a way to measure liabilities and assets in some kind of real time,” he said.
DAR provides information and vetting services for major companies in traditional finance and produces the FTSE Russell index together with the London Stock Exchange. “We like to see backup evidence. […] It’s not enough to say that we feel satisfied, but it’s definitely better than nothing. He added:
“In the world we’re in today, better than nothing is sometimes a good starting place.”
To further complicate things, centralized (CeFi) and decentralized (DeFi) platforms present very different challenges. Thanks for the transparency, “backup evidence that deserves to be called [itself] evidence of backup” in DeFi, according to Amit Chaurhary, head of DeFi research for Polygon, a scalable blockchain ecosystem compatible with Ethereum.
Related: Proof-of-reserve: Can you audit the backup so that the other FTX-like moment?
Chaudhary told Cointelegraph that the knowledge-free Ethereum Virtual Machine (zkEVM) developed by the company brings “tested security” to PoR. The software uses a Merkle tree to view positive (asset) and negative (liability) balances and allows users to verify accounts while maintaining a high level of privacy. In addition, the zero knowledge protocol can offer dual collateral control for safer settlements and Anti-Money Laundering control and Know Your Customer while maintaining anonymity.
The immutable nature of the blockchain record will allow verification of the audit process. Chaudhary added:
“You can install an accounting system on your zkEVM. You can design your own accounting system.
CeFi presents a greater challenge. “Since accountability can be done off-chain, there is no way to show proof of accountability and the company can honor all customer deposits,” Aleph Zero blockchain founder Matthew Niemerg told Cointelegraph in a statement.
Centralized cryptocurrency exchanges take various steps to provide PoRs that meet the needs of users. The OKX exchange, which recently committed to providing fresh PoR every month, uses PoR based on the open source Merkle tree protocol together with the Nansen dashboard. Nansen provides real-time third-party transaction tracking.
#OKX released 2. Proof-of-Reserves Report, Promised Monthly Publication
Reserve ratio: #BTC 101%, #ETH 103%, #USDT 101% pic.twitter.com/spcLT6M1VF
— Satoshi Club (@esatoshiclub) December 23, 2022
OKX told Cointelegraph in a statement that the exchange verifies ownership of the top three assets, BTC, ETH and USDT, using a Merkle tree, which allows users to verify ownership, check that the balance is included in the exchange’s total liabilities and compare Assets and liabilities OKX.
“OKX announces the wallet address through the Nansen dashboard,” OKX explained further. This allows users to check their OKX holdings in real time “to ensure that OKX has enough reserves for users to withdraw.”
Despite the efforts of OKX and other exchanges to provide transparency, “no amount of mathematics or cryptography can solve the human problem of fraud and deception, even if the ledger is audited by a respected independent third party. Garbage in, garbage out!” Niemerg said.
Part of the challenge of providing transparent services is culture. Traditional finance has “the benefit of being alive in 2022, where we’re almost 100 years into highly regulated capital markets,” Schwenk said.
The DAR seeks to “apply the same rigor as a regulator” to “the type of company that habitually has a high level of trust in its partners.” However, “It’s impossible to get perfect information about anything from these partners today, because many of them still have some questions about their maturity and they struggle to be the button as you see in traditional finance,” says Schwenk.