Transparency in the Post FTX World: What is Proof of Reserve?

Transparency in the Post FTX World What is Proof of Reserve

Is PoR a snapshot or the complete picture of a company’s financial record? Let’s find out!

In November this year, two big league crypto businesses, FTX and BlockFi, filed for bankruptcy. FTX had a death spiral after news broke out that the Sam Bankman-Fried-owned exchange had used customer funds to make risky bets through his hedge fund Alameda Research. On the other hand, FTX was closely associated with BlockFi, with them having signed a loan agreement with each other and BlockFi holding US$355 million in digital assets on FTX. Thus, the crash of one brought down the other along with it. 

The fall of these two businesses brought down the public’s confidence in cryptocurrencies,  sending the crypto market into a nosedive. So much so that after the bankruptcy filings, the collective crypto market capitalization fell to US$781 billion, which was the lowest it had ever dropped to since December 2020. To avoid similar crises from happening in the future, leading crypto exchange Binance has pledged to implement a concept called Proof-of-Reserve (PoR)—wherein third-party auditing is used to verify whether customer funds are present with the crypto exchange. 

Here is a closer look at the PoR system and whether it is actually capable of restoring customer confidence. 

How is a PoR audit conducted?

How is a PoR audit conducted
Image courtesy of Wikimedia Commons

The main idea behind the PoR system is to provide customers with the ability to verify the assets held by the company. To make this verification possible, third-party auditors take an anonymized snapshot of the total funds present in all customer accounts of a crypto exchange. This data is then converted into a Merkle Tree (as pictured above). A Merkle Tree is a data structure where the hashes (generated during the transaction authentication process) and the transactions conducted are visualized in the shape of a tree. The hashes on the lowest rung of this tree are called leaves, and the hash at the top is called the Merkle root, which represents the unique combination of all user balances at the time the snapshot was created. 

The auditor then confirms that these balances are actually held by the crypto exchange by obtaining the corresponding digital signatures (used to show that the exchange knows the private key of a crypto wallet without revealing the key itself) from them. If an account associated with a digital signature has the same balance as an account in the snapshot, it verifies that the company is indeed safely holding customer funds. 

Keeping crypto exchanges accountable

The result of the audit tells customers whether the crypto exchange has enough funds for each and every customer to successfully withdraw their entire balance. After the recent FTX liquidity crash crisis, many crypto exchanges, such as Huobi,, Deribit, KuCoin, OkxKraken and BitMEX, have now begun conducting PoR audits as a way to restore customer confidence. However, that doesn’t mean PoR is a foolproof way to know your funds are secure with a crypto exchange. 

Leaving out liabilities 

PoR audits only tell you what the financial condition of an exchange is at the time the initial snapshot is taken. It doesn’t reveal where the funds came from or even the liabilities of the exchange at a given time. This leaves investors worrying that companies may borrow funds to show that they are well-off only to promptly return them afterward. Some even suggest that a crypto exchange that has a lot of assets could very well have used them as collateral for a loan. This would again make it difficult for customers to get their funds back if the exchange is unable to pay back its loans.  

These concerns aren’t stemming out of thin air. On November 12, it was revealed that had sent 320,000 ETH to the corporate account of fellow crypto exchange The company claimed that it was a mistake and that the funds were actually supposed to be transferred to’s cold storage instead. This “mistaken transfer of funds” happened after published its PoR audit, which has naturally worried people that it was a fabricated audit.  

Another concern is that the audit frequency is decided upon by the business itself, which again leaves room for foul play. It is because of these shortcomings that Dante Disparte, Chief Strategy Officer and Head of Global Policy at Circle, says that PoR “is worth about as much trust as you might have in the entity providing the proof of reserves.” 

So what should be done?

Instead of assuming PoR as the be-all and end-all of transparency, companies need to use it in combination with other measures to ensure reliability. This can include revealing information about how the business is structured, its sources of revenue and what its balance sheet looks like. 

Besides, there is also a pressing need for regulation so that the reckless financial management that FTX displayed will not happen again. The Chairman of the U.S. Securities and Exchange Commission (SEC) Gary Gensler even made a statement last year saying, “I think it’s worthwhile to have an investor-protection regime placed around this [cryptocurrency]”. 

While there is still room for improvement, PoR is a great first step in the direction of self-regulation and should be celebrated as such. Crises, like the ones with FTX and BlockFi, are making investors more attuned to the ins and outs of the crypto world. As people continue to learn more about the space, hopefully, companies will take more and more steps toward ensuring the safety of the crypto ecosystem. 

Also read:

Header image courtesy of Envato.


Share on facebook
Share on twitter
Share on linkedin
Share on email


Sophos Unveils Scam Tactics Costing Users Thousands of Dollars

Beware of Fake ChatGPT Apps: Sophos Unveils Scam Tactics Costing Users Thousands of Dollars

Sophos, a global cybersecurity company, has uncovered several apps pretending to be legitimate ChatGPT-based chatbots. These apps overcharge users, generating thousands of dollars each month. According to Sophos X-Ops’ latest report titled “FleeceGPT’ Mobile Apps Target AI-Curious to Rake in Cash”, these deceptive apps have appeared on both Google Play and the Apple App Store.

Essential Privacy Tools to Safeguard Your Devices

Essential Privacy Tools to Safeguard Your Devices

In the ever-expanding digital era, protecting sensitive information and ensuring data security has become paramount. According to a recent study conducted by MAGNA’s Media Trials unit and data governance platform Ketch, a staggering 74 percent of individuals say that data privacy is one of their top concerns.

4 Reasons Why India's EV Industry is Poised for Rapid Growth

4 Reasons Why India’s EV Industry is Poised for Rapid Growth

Hold on to your seats, because India’s electric vehicle (EV) industry is not just gaining speed—it’s shifting gears faster than a Tesla Roadster on Ludicrous mode. EVs are no longer just futuristic fantasies; they’re already ruling the roads of Delhi and zooming past their counterparts fueled by fossil fuels on the highways of Mumbai.

Microsoft-backed Secures Over US$250 Million in Series D Funding

Microsoft-backed Secures Over US$250 Million in Series D Funding

London-based artificial intelligence (AI)-powered composable software platform has raised a significant investment of over US$250 million in Series D funding. Led by Qatar Investment Authority (QIA), the funding round brings the total amount raised by the company to over US$450 million, resulting in a valuation increase of up to 1.8x.

Essential Gaming Slang Terms for True Gamers

Essential Gaming Slang Terms for True Gamers

Gaming is not just a hobby; it’s a culture with its own unique language. Understanding slang and jargon is crucial for having an immersive experience and connecting with fellow gamers. From the acronyms that define player roles to the phrases that capture epic moments, mastering these slang terms is a must for every true gamer.