Binance’s first proof of reserves (PoR) audit report reveals that the company had sufficient assets for mass customer withdrawals and that customers had put up enough margin to collateralize leveraged positions.
The PoR audit was conducted on Nov. 22, 2022, by the South African business unit of international audit, tax, and advisory firm Mazars. It employed several methods to verify that Binance had enough assets to honor customer withdrawals.
Binance Merkle Tree Audit
Firstly, the auditing firm independently matched asset balances from wallet addresses on BNB Chain, Bitcoin, Ethereum, and Binance Smart Chain, to an Asset Balance Report provided by Binance management. The company found a variance in assets of less than 1%.
Mazars instructed Binance management to move funds from a specific wallet address to ensure they owned the private key. The transactions were verified on Etherscan and BSCScan, where the auditing firm ensured that the addresses involved were marked as belonging to Binance.
Mazars then observed Binance’s management using custom internal code scripts to extract customer liability reports accurately. These reports showed money owed and receivable from customers. Customers who borrowed money for leveraged trading had a negative balance on the report. The firm then verified that the balances were correct.
The auditor then used a proprietary Merkle Tree generator to calculate the Merkle root hash of all client balances. The Merkle root hash is a cryptographically secure fingerprint an auditor can use to verify an exchange’s asset balance at a snapshot in time. The Merkle root allows verification while blocking direct access to customer information.
Binance customers can enter the Merkle root hash on Mazars’ website to find their unique Merkle leaf to verify that their balances exist on the exchange at the time of hash calculation. Some users have expressed difficulty while doing this.
Lastly, the auditor also found that Binance customers engaged in leveraged trading had overcollateralized their positions by 101%.
Audits a Step in the Right Direction, But More to Be Done
Crypto Twitter mainly responded positively to the Binance audit. However, there was criticism of Binance’s choice of Mazars, a relatively unknown firm, as the auditor.
While proof of reserve audits have critics who argue that an exchange can borrow assets to spoof their reserves or collude with auditing companies, they could become mandatory to protect user funds in the absence of Federal Deposit Insurance.
Furthermore, many crypto exchanges, including Binance, are not public companies. Hence, they do not need to comply with financial reporting rules in jurisdictions like the United States. Regularly published audits could lend the crypto industry an aura of legitimacy when investor confidence is at an all-time low following the collapse of several major crypto businesses in 2022.
FTX collapsed because it allegedly misused client funds, leaving it with insufficient liquidity to honor withdrawals at a crucial time.
Proof of reserve audits improve transparency but do not prevent mismanagement of funds between audits. Regulators would need to introduce other regulations to ensure exchanges hold minimum client balances like traditional Wall Street banks.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.