Despite bitcoin’s peer-to-peer nature and the ability to trade the asset without the need for third parties or custodial escrow, the irony is a majority of bitcoin transactions happen on custodial services such as cryptocurrency exchanges. These exchanges are the platforms where the tradeable bitcoin float resides and is exchanged between various investors settling on a price every minute of every day.
While cryptocurrency exchanges want to give you the impression that they are neo-banks, where you can buy, store, trade and transfer your bitcoin and take the place of a bitcoin wallet, they are not without risk. The issue with using these cryptocurrency exchanges is that you have no oversight on where the funds you send them are or who has a claim to those funds.
When you sign over the rights to your bitcoin and move it to an exchange wallet, or when you exchange fiat for bitcoin but don’t withdraw it from an exchange, all you have is a bitcoin IOU. If you don’t redeem it to an on-chain wallet which is how an exchange proves its solvency to you, the customer, you are taking a risk with that IOU.
You have to hope that you can redeem that IOU and rely on the solvency of that exchange. Now, this wouldn’t be too much of an issue if you could see that funds are held on-chain. However, crypto exchanges have traditionally been secretive about the blockchain addresses they use, holdings, and wallet management practices that control customer funds.
Fractional reserve and fraudulent reserve
When you hand over bitcoin to an exchange, you have no say in what they do with those UTXOs; they could be leant out to other users or entities. They could be lost due to hacks or poor key management, or exchanges could sell you bitcoin on a fractional reserve system, relying on the fact that you will not redeem the funds. As long as the exchange can balance its inflows and outflows, it can remain in operation without being insolvent with a host of claims built on rehypothecated bitcoin.
If customers need to withdraw funds outside the amount of capital available for redemptions, they can trigger a bank run and eventual bankruptcy.
The collapse of crypto exchanges is nothing new; from Mt Gox’s going bust in 2014 to FTX’s failure in 2022, exchanges are no safer than they were years ago. These massive public fallouts have ruined thousands of retail investors, with billions in potential funds lost, leaving these investors with a bitter taste in their mouths.
In response, surviving exchanges have thrown around the idea of “Proof of Reserve,” a new addition to cryptocurrency jargon and marketing talking point for these exchanges.
Plenty of exchanges realise their business model is under threat, and proof of reserves has become a rallying cry to put customers at ease. Exchanges worldwide now claim that they will start implementing proof-of-reserve as an industry standard.
So, what is proof-of-reserve, and why is it important for investors?
What is proof of reserves (PoR)?
A proof of reserve report is an audit that aims to ensure that custodians are holding their clients’ funds in full. Custodial businesses in cryptocurrency use PoR audits to prove to depositors, the media, investors and the general public that their deposits match their balances.
These audits are conducted by independent third parties to eliminate the possibility of falsifying reserve data.
What does proof of reserves achieve?
Proof of reserve reports, especially those available regularly or in real-time, enables users to verify that the balances they hold on a cryptocurrency exchange, for instance, have absolute asset backing.
Secondly, it drives businesses to meet transparency standards, making it difficult to engage in questionable or illegal financial activity. With PoR, any entity can prove that a crypto exchange holds the entirety of its users’ deposits. Therefore, exchanges are naturally encouraged not to mishandle these balances as it would break user trust in them and affect their continuity.
Reduces security risk
Ideally, PoR should benefit both users and businesses. It protects users by minimising security risks and safeguarding them against harmful players. At the same time, it helps businesses retain users by increasing their trustworthiness.
Reducing malinvestment risk
Similarly, exchanges can’t use deposits to invest in other protocols or businesses. In other words, PoR eliminates the risk of companies maximising the yield and other possible returns from customer asset holdings.
Is proof of reserve a lasting solution
Most experts have opined that PoR is a step forward in reducing grey market operations but not a lasting solution. People still have to trust the exchange’s security protocols, wallet addresses as well as the data they provide to these third-party auditors.
Data can always be faked, clever accounting practices can mask certain red flags, and proof of reserves does not absolve you of negligence or corruption. While certain customers of exchanges might feel that these reports are enough for them to trust the exchange with their money, there is no risk-free custodial service.
The only real way to prove reserves is still to withdraw funds into a wallet where you hold the keys, and once you have six confirmations, you can be sure those funds are real and in your possession.
What are the limitations of proof of reserves?
Ideally, users can be assured that exchanges safely hold their assets through verification of PoR. However, there are some important limitations that are worth mentioning.
Snapshots are a lagging and misleading indicator.
First, PoR only provides a snapshot in time of current holdings. This does not prevent institutions from moving assets around before and after the PoR audit. During mass deleveraging in the cryptocurrency market, we often exchange sending or receiving large amounts of crypto around the times of their PoR, leaving some to question the integrity of that exchange.
You don’t have the full picture.
Another limitation of PoR is scope since PoR only assures a company’s holdings. In certain reports, their liabilities might be left out, and it doesn’t protect against any operational risks. Companies can still be vulnerable to other factors, such as a bad economic environment, poor internal management, or even hacks.
A simple example would be an exchange that could lose the keys to a bitcoin wallet but still claim that they own the funds even though they cannot move them or sign for them.
Trusting third parties
Finally, audits do rely on a third party to verify that everything is in order. That means that in a space where decentralisation and trustlessness are prized, trust in third parties is the only way of conducting PoR.
Why ‘proof of reserve’ if you really mean ‘proof of solvency’?
Proof of Reserve is a lower bar to meet but provides a positive marketing spin on exchange operations. While proving solvency is a much higher bar to clear.
Ideally, a PoR would be paired with a full accounting of liabilities, known and hidden (off-balance sheet). Stronger solvency assurances could be obtained, but even then, there is always an element of trust because the exchange needs to disclose all this information to auditors.
Exchanges are not your friend.
Do you use centralised exchanges or altcoin casinos, or have you switched to a bitcoin-only service to acquire your satoshis? Do you find these multi-coin exchanges valuable in your neck of the woods and see them as a necessary evil? If you do use one of these casino exchanges, what would get you to switch to another service?
Let us know in the comments down below.