The cryptocurrency ecosystem is witnessing tremendous adoption. The rise in usage of blockchain applications and their native cryptographic coins and tokens is making the ecosystem mainstream and, more importantly, valuable. The values of some cryptocurrencies have skyrocketed since their inception and, ergo, are attracting several users. Whether the purpose of their use is for transacting or storing value – crypto assets are gaining the confidence of large scores of users.
The increased adoption of these assets is leading to the growth of centralized cryptocurrency-related businesses too. A business that has existed since the dawn of cryptocurrency is the custodial service. Ideally, crypto-custodians are third-party institutions that are entrusted by users for safekeeping of their crypto assets in a safe and secure environment. Apart from dedicated, standalone crypto custody services, centralized exchanges and trading platforms also act as custodians of funds parked by users in their respective accounts on their platform.
In the case of exchanges and trading platforms, each user’s assets aren’t stored separately but maintained in a common pool along with platform’s operational liquidity and reserve holdings. In recent days, a combination of mismanagement and volatile market conditions have led to few platforms finding their reserves falling short, barely covering the value of user assets in their custody. These developments have not only adversely impacted the crypto businesses, but also hurt the crypto-adoption rate with many users losing faith in the existing system. To alleviate the fears and regain their users’ trust, several custodians have started to present Proof of Reserves as an indicator of their platform’s health, assuring the community that their funds are safe.
What Is Proof of Reserves?
Proof Of Reserves (PoR) is a cryptographic measure to check if a cryptocurrency custodian holds the assets they are obliged to possess. Essentially, PoR audits attest to whether a cryptocurrency platform storing user assets is solvent or not. It is achieved by checking the liabilities of the custodian platform and comparing it against the assets held in the reserves.
The liabilities often refer to the cryptocurrency deposited by the platform’s users that are owed back to them upon request. Unlike banks and other institutions in the traditional finance world, cryptocurrency custodians are prohibited from lending or reinvesting the assets entrusted to them by their users.
Ideally, a custodian must possess assets in a 1:1 ratio with their liabilities. It indicates they are solvent and can honor every user’s withdrawal at any point. If their liabilities are larger than their assets, the custodian is insolvent. Such instances occur mainly because of the mismanagement of user-deposited funds. That is obviously a red flag considering that custodians are not allowed to use user-deposited funds to profit. The idea is to avoid any risks which can jeopardize user funds.
PoR helps identify whether platforms are indulging in risky activities. PoR audits are conducted by third-party firms mostly using cryptographic methods.
Proof of Reserves Audit, how is it Conducted?
A custodian’s reserve audit is ideally administered by reputed third-party firms, preventing deliberate falsification of results by the custodian. The audit firms mostly use the cryptographic Merkle tree approach to obtain details of the custodian’s liabilities. Merkle trees are cryptographic structures that allow storing large data sets while maintaining their integrity. The data in this structure is cryptographically hashed, thereby preventing any manipulation.
Using Merkle trees is an ideal way to audit each user’s account alongside the assets held by the custodian. To form a Merkle tree for a PoR audit, the audit firm takes snapshots of all user account balances that reflect their deposits. The data from the snapshots get hashed and added to the tree as its leaves. Each leaf represents the hash of each user account’s deposit data. The leaves are then combined in sequence to form branches which are hashed leaf bundles. The branches, further, are combined to form the root. The root represents the combined hash of every account data.
The cryptography involved in Merkle tree technology prevents the manipulation of any hashed entry in the tree – any change gets identified immediately as the root hash varies. It prevents anybody from falsifying user balances in the audit once performed and the Merkle tree gets formed. More importantly, all users can verify the state of their deposits on the custody platform and if the funds are held safely by the custodian.
While the custodian’s financial obligations get represented on the Merkle tree, the auditing firm further audits the assets held by the custodian to verify its solvency. The custodian must possess assets in its blockchain wallets mirroring the total deposits of its customers. The sum of all the wallets the custodian uses to store user deposits gets calculated. Furthermore, the custodian needs to prove the wallets are, in fact, held by them. That gets achieved by moving a specific amount of funds at a certain time as specified by the auditor.
Successful transactions from all the wallets claimed by the custodian prove that the custodian is solvent – provided that their sum equals the totality of user deposits. Wallet balances and the transactions initiated from the wallets for PoR purposes can be verified on blockchain explorers. The transparency facilitated by the blockchain combined with that achieved by PoR audits makes it possible to gauge the trustworthiness of cryptocurrency custodians.
How Proof of Reserves Help the Cryptocurrency Ecosystem
The increased transparency with which platforms can now operate will bring back trust. Users can confidently deposit cryptocurrency with platforms that frequently release PoR reports to the public. Logically, it will attract more users to use such services because of the increased safety. Additionally, because releasing PoR reports is becoming the norm, custodians should behave appropriately with user funds. The lack of the right amount of funds in custody or refusal to release PoR reports can result in users collectively abandoning those platforms.
The state of cryptocurrency platforms after the FTX meltdown is such, PoR audits will make storing crypto assets with third parties less worrisome and bring back trust in the larger cryptocurrency ecosystem. Centralized custodians and exchanges are still the first points of entry for most individuals wanting to use cryptocurrency. Their transparency is needed for the mass adoption of cryptocurrency.
Why Proof of Reserves Cannot Solve Trust Issues Alone
As PoR brings additional layers of trust to the cryptocurrency ecosystem, it is not the be-all and end-all. PoR audits, for one, cannot completely rid platforms of irresponsible behavior. The audits are, essentially, a snapshot of the assets held by custodians in contrast with their liabilities at that given point. They can still choose to behave how they want to once the audit is released.
Moreover, auditing firms must be competent enough to carry out such tasks. The audits are heavily reliant on the competence of the auditor. Custodians need to hire competent auditors to make sure the results are respected by their users and the cryptocurrency community.
However, the fact that custodians choose the auditors can bring other complications into play. What if the auditor conspires with the custodian to provide fake reports? The auditor can get paid off or might be financially invested in the custodian’s growth.
So, PoR audits cannot be treated as the ultimate solution to prevent custody platforms from indulging in shady behavior.
Proof of Reserves Can Be the Start of Making Cryptocurrency Usage Safer
PoR is becoming a growing measure for centralized cryptocurrency platforms to prove their solvency. In the wake of the infamous FTX collapse, preceded by many other platforms going insolvent, users want to know if the platforms they leave their funds on can be trusted.
PoR is an appropriate beginning to bring some order into the space. Although it is not adequate by itself, a combination of PoR with other safety and control measures enforced by regulators can become the perfect antidote. Together, they can counteract the consequences left behind by bad actors and bring trust to the centralized parts of the cryptocurrency ecosystem.