Is PoR a snapshot or the complete picture of a company’s financial record? Let’s find out!
In November this year, two big league crypto businesses, FTX and BlockFi, filed for bankruptcy. FTX had a death spiral after news broke out that the Sam Bankman-Fried-owned exchange had used customer funds to make risky bets through his hedge fund Alameda Research. On the other hand, FTX was closely associated with BlockFi, with them having signed a loan agreement with each other and BlockFi holding US$355 million in digital assets on FTX. Thus, the crash of one brought down the other along with it.
The fall of these two businesses brought down the public’s confidence in cryptocurrencies, sending the crypto market into a nosedive. So much so that after the bankruptcy filings, the collective crypto market capitalization fell to US$781 billion, which was the lowest it had ever dropped to since December 2020. To avoid similar crises from happening in the future, leading crypto exchange Binance has pledged to implement a concept called Proof-of-Reserve (PoR)—wherein third-party auditing is used to verify whether customer funds are present with the crypto exchange.
Here is a closer look at the PoR system and whether it is actually capable of restoring customer confidence.
How is a PoR audit conducted?
The main idea behind the PoR system is to provide customers with the ability to verify the assets held by the company. To make this verification possible, third-party auditors take an anonymized snapshot of the total funds present in all customer accounts of a crypto exchange. This data is then converted into a Merkle Tree (as pictured above). A Merkle Tree is a data structure where the hashes (generated during the transaction authentication process) and the transactions conducted are visualized in the shape of a tree. The hashes on the lowest rung of this tree are called leaves, and the hash at the top is called the Merkle root, which represents the unique combination of all user balances at the time the snapshot was created.
The auditor then confirms that these balances are actually held by the crypto exchange by obtaining the corresponding digital signatures (used to show that the exchange knows the private key of a crypto wallet without revealing the key itself) from them. If an account associated with a digital signature has the same balance as an account in the snapshot, it verifies that the company is indeed safely holding customer funds.
Keeping crypto exchanges accountable
The result of the audit tells customers whether the crypto exchange has enough funds for each and every customer to successfully withdraw their entire balance. After the recent FTX liquidity crash crisis, many crypto exchanges, such as Huobi, Crypto.com, Deribit, KuCoin, OkxKraken and BitMEX, have now begun conducting PoR audits as a way to restore customer confidence. However, that doesn’t mean PoR is a foolproof way to know your funds are secure with a crypto exchange.
Leaving out liabilitiesÂ
PoR audits only tell you what the financial condition of an exchange is at the time the initial snapshot is taken. It doesn’t reveal where the funds came from or even the liabilities of the exchange at a given time. This leaves investors worrying that companies may borrow funds to show that they are well-off only to promptly return them afterward. Some even suggest that a crypto exchange that has a lot of assets could very well have used them as collateral for a loan. This would again make it difficult for customers to get their funds back if the exchange is unable to pay back its loans.
These concerns aren’t stemming out of thin air. On November 12, it was revealed that Crypto.com had sent 320,000 ETH to the corporate account of fellow crypto exchange Gate.io. The company claimed that it was a mistake and that the funds were actually supposed to be transferred to Crypto.com’s cold storage instead. This “mistaken transfer of funds” happened after Crypto.com published its PoR audit, which has naturally worried people that it was a fabricated audit.
Another concern is that the audit frequency is decided upon by the business itself, which again leaves room for foul play. It is because of these shortcomings that Dante Disparte, Chief Strategy Officer and Head of Global Policy at Circle, says that PoR “is worth about as much trust as you might have in the entity providing the proof of reserves.”
So what should be done?
Instead of assuming PoR as the be-all and end-all of transparency, companies need to use it in combination with other measures to ensure reliability. This can include revealing information about how the business is structured, its sources of revenue and what its balance sheet looks like.
Besides, there is also a pressing need for regulation so that the reckless financial management that FTX displayed will not happen again. The Chairman of the U.S. Securities and Exchange Commission (SEC) Gary Gensler even made a statement last year saying, “I think it’s worthwhile to have an investor-protection regime placed around this [cryptocurrency]”.
While there is still room for improvement, PoR is a great first step in the direction of self-regulation and should be celebrated as such. Crises, like the ones with FTX and BlockFi, are making investors more attuned to the ins and outs of the crypto world. As people continue to learn more about the space, hopefully, companies will take more and more steps toward ensuring the safety of the crypto ecosystem.
Also read:
- CEOs That Crashed and Burned in 2022
- SEC Compares Crypto to “The Wild West”
- Why Crypto Markets Crash and 5 Ways Investors Can Deal
Header image courtesy of Envato.
