What Is Merkle Tree Proof of Reserves?

Crypto is having a rough year. The FTX, Three Arrows Capital, and Celsius contagion have left many disaffected and ready to walk away from decentralized currencies for good. Yet, by demonstrating proof of reserves, centralized exchanges have the power to restore trust in the crypto ecosystem.

Proof of reserves promotes transparency of centralized exchanges and digital asset platforms. On-chain sleuths believe it can illuminate the counterparty risks of custodial services. But what is it? Well, where banks have mandated annual reports to guarantee solvency, centralized exchanges have proof of reserves.

What is a Merkle tree?

Proof of reserves is done with the help of Merkle trees.

To understand how proof of reserves works, you must first understand Merkle trees. Merkle trees are a type of data structure in computer science. They allow quick and secure content verification across large datasets, as well as ensure data consistency.

Merkle trees (also known as hash trees or binary hash trees) consist of hashes. These hashes are known as “leaf nodes.” Don’t worry, this will all make sense later on! Hash trees concatenate and pair leaf nodes together, resulting in a parent node or hash.

This process continues until there is a single node at the “top” of the tree; this node is known as the Merkle root. In other words:

  1. You have data (A, B, C, D)
  2. The data is a hash H(A), H(B), H(C), H(D)
  3. Next, the hashes pair H(A,B), H(C,D)
  4. Finally, the data summarizes as a Merkle root H(A,B,C,D)

The data (A,B,C,D in our example) in Merkle trees could be transactions, accounts, cryptocurrency balances, or even parent nodes themselves. This method for building a tree from four leaf nodes (e.g., transactions) can be used to build trees of any size.

Merkle trees are data structures uses for  verification and synchronization.
Visualization of leaf nodes in a Merkle tree.

Bitcoin has between several hundred to over a thousand transactions, all in a single block. All blocks “Merkelize” in the same way, producing just 32 bytes of data as a single Merkle root. The Merkle root summarizes all transactions into 32 bytes.

To verify the authenticity of a transaction, users need only to verify a hash (transaction ID/ leaf node). If a transaction is altered in any way, its resulting hash will change, as well as the parent node and Merkle root. Therefore, Merkle trees are tamper-proof, and excellent for verifying the authenticity of data.

What is proof of reserves?

Most centralized cryptocurrency exchanges keep their ledgers and balance sheets private — a practice that is antithetical to the ethos of crypto. Proof of reserves is the practice of custodial businesses holding cryptocurrencies and creating public attestations to their reserves. These match up with a proof of users’ balances. In sum, it is public transparency of centralized cryptocurrency reserves, through a verifiable auditing practice.

Most countries’ accounting principles do not address digital currencies. Furthermore, many auditing techniques are not adaptable to digital assets. This is where proof of reserves comes in.

Celsius, Three Arrows Capital, and FTX (among other defunct or bankrupt centralized exchanges) suffered from liquidity crises. Their lack of transparency caused many to lose a lot of money. This is true for both retail and institutional investors and creditors.

When centralized exchanges are unable to accommodate a bank run, it means that they are insolvent. If a company has proof of reserves, it is proof that they do actually hold your digital assets. Therefore, users can withdraw their balances at any time and without limitations.

Incidentally, proof of reserves often applies to “wrapped” tokens and stablecoins as well. In both cases, a company or service takes custody of your assets and mints a corresponding note or IOU, 1:1. Many of these companies are not transparent with how much they hold in users’ assets.

How does the Merkle tree proof of reserves work?

How PoR works

Merkle trees verify large datasets without having to re-compute the data. They also separate “proof” of the data from the data itself.

If the hashes in a Merkle tree maintain their mathematical properties, then they are tamper-proof. This holds true for the Merkle tree as well. Users can identify the authenticity of a dataset with only a piece of the data from it. The general idea of a proof of reserve is to prove to the public that their deposited cryptocurrency reflects their actual account balance.

Imagine that the leaf nodes are users’ actual account balances, and the Merkle root is a sum of all of the exchange’s users’ account balances, held in real-time. Provided the exchange attests to how much they hold in reserves, an independent auditor has a snapshot of how much is owed, versus how much the exchange claims to have. The Merkle tree proof of reserve is a way to verify this information.

With this method, users may verify their own balances. Ultimately, they can take their own unique ID and account balance, hash it, and search for it in the tree. Multiple rounds of verification ensure the authenticity of the entire tree structure, and that any third-party auditor is satisfied.

Benefits and limitations of proof of reserves

A proof of reserve audit is a strong show of faith to the public. It ensures companies commit to gaining trust through self-regulation. Proof of reserves audits also guarantee that a centralized company or service will not move your funds into the custody of a counterparty.

While a proof of reserves audit is a great way to build trust, they are not without limitations. What ultimately led to the downfall of FTX is its liabilities. A liability is an obligation, especially a debt, that a company must make to another party (e.g., a creditor).

In some cases, a liability is a user’s funds; in others, it may be a loan. In any case, a proof of reserve audit does not imply solvency. If a company has outstanding loans or insured investors, the latter receive the highest priority in the event of a bankruptcy.

This means that large investors may have first dibs on the company’s assets, and could recoup their losses first. Ideally, proof of reserves > proof of liabilities => solvency. Additionally, exchanges can move reserves.

Point-in-time attestations only guarantee reserves at a certain point in time. In other words, exchanges can move users’ funds after an audit has been conducted. This means that an exchange could borrow funds to prove its reserves, then return them, making them insolvent.

On-chain analysis is difficult because exchanges often own many wallets — some of which are undisclosed. On top of this, companies maintain outstanding accounts with each other. This makes it difficult for individuals to prove both reserves and liabilities.

Binance on chain proof of reserves.
Binance wallets on-chain.

How are audits conducted?

How are audits conducted? A step-by-by-step look.

A sound audit should maintain three properties:

  • The auditor receives the entire customer deposit records.
  • Ability to verify that the total amount of fiat and digital currencies on hand as of the test date and time is enough to cover client liabilities.
  • The company genuinely owns the money they claim to own.

Proof of reserves audits are relatively straightforward. The process of conducting a proof of reserves audit goes as follows:

  1. An independent third-party takes an anonymized snapshot of the user’s balances on an exchange.
  2. Secondly, they are calculated by hashing users’ unique IDs and account balances.
  3. The auditor collects these hashes into a Merkle tree and produces a Merkle root.
  4. Afterwards, the auditor collects the digital signatures of the company, which proves that they actually control the addresses holding the on-chain assets.
  5. The auditor can confirm that the platform has a reserve of all client assets if the balance on the accompanying digital signatures matches those discovered through the Merkle tree.

How to verify a company’s reserves?

Proof of reserves: how to verify rerseves,

While the practice is nascent, there are ways to verify a company’s proof of reserves. For individual users, platforms may provide instructions on how to verify their proof of reserves. Both Kraken and Gate.io provide resources on their websites to verify their reserves. This includes:

  • Instruction on attaining your unique User ID
  • Where to find the audit
  • How to compare your hashed User ID and balance to the snapshot of your account

If you have an account with a centralized exchange that offers proof of reserves, you should check to see if they offer instructions for individual users. If the company does not offer proof for individual users, then services like Nansen maintain a record of proof of reserves for multiple entities. “We are working with exchanges to display proof-of-reserves on @nansenportfolio for everyone to track their token holdings and transactions,” Nansen stated on their official Twitter page.

Nansen maintains an exhaustive list of renowned centralized exchanges, DeFi services, DAOs, and funds. The list includes high-profile entities, including Binance, Kucoin, Huobi, dYdX, Uniswap, and Aave.

Nansen portfolio
Nansen dashboard showing exchange holdings

Nic Carter — a notable name in crypto, who also sits on the board at Coin Metrics — also maintains a list of entities that have conducted proof of reserves attestations. The list is broken down by:

  • Exchanges
  • Lenders
  • Announced/ Planned
  • Partial Validation
  • Stablecoin/ Etp Issuers
  • Proof of Assets (no corresponding liabilities)

Do proof of reserves have a place in the future?

The future looks bright for transparency of custodial services in cryptocurrency. As we speak, projects like Chainlink offer proof of reserves feeds through their decentralized oracle networks (DON). These services are offered for both on-chain and off-chain reserves.

Furthermore, as it is a nascent practice, there is a significant potential for new practitioners to leverage auditing services. Many public accounting professionals will not touch exchanges or digital asset platforms with a 100-foot pole. This has created space for a niche industry to arise.

In the event of industry-wide regulation, proof of reserves may help prevent heavy-handed legislation. Self-regulation only furthers the ethos of decentralization. This could potentially lead to escape velocity for web3.

Frequently asked questions

What are proof of reserves?

Proof of reserves is the practice of custodial businesses holding cryptocurrencies, creating public attestations to their reserves, undeniably matching up with a proof of users’ balances.

How do I verify crypto holdings?

If you have an account with a centralized exchange that offers proof of reserves, you should check to see if they offer instructions for individual users. If the company does not offer proof for individual users, then services like Nansen maintain a record of proof of reserves for multiple entities.

Is Kraken audited?

Kraken is a centralized exchange. They have pledged regular audits on a semi-annual basis. The audits will be conducted by Armanino LLP.

Why are proven reserves important?

A proof of reserve audit ensures that centralized companies have enough reserves to support their users’ withdrawals. They also guarantee that a centralized company or service will not move your funds into the custody of a counterparty.

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk. At Learn, our priority is to provide high quality information. We take our time to identify, research and create educative content that is useful to our readers. To maintain this standard and to continue creating awesome content, our partners might reward us with a commission for placements in our articles. However, these commissions don't affect our processes for creating unbiased, honest and helpful content.