Proof of Reserves (PoR) is an independent audit conducted by a third party to confirm that a custodian or entity holds sufficient reserves for all its depositors’ balances. This audit is an important step in the regulatory process and helps ensure customers and the public have transparency on fund availability.
Although Proof-of-Reserves has been around for years, it only became popular in the crypto space following the collapse of the former world’s second-largest crypto exchange, FTX. Binance founder Changpeng Zhao announced that his company would use Proof-of-Reserves to facilitate complete transparency. Soon, numerous crypto platforms like CryptoCom and Coinbase followed suit.
PoR helps minimize risks associated with centralized exchanges investing customer funds into other companies and provides assurance against financial crises.
How PoR audits works with crypto companies
Proof-of-Reserves (PoR) audits verify that the custodian has sufficient assets to cover its depositors’ balances. The independent audit is conducted by a third-party auditor, who will take a snapshot of all account balances and convert them into a Merkle tree structure for more straightforward processing.
The auditor will then use various methods, such as cryptographic message signing and instructed movement of funds, to verify ownership of the user address. If the balances match those forms of discovery, PoR is verified, and the exchange has proven that it holds all deposited assets in totality.
Some top exchanges that use PoR are:
7. Huobi Global
Methods of PoR verification
Cryptographic Message Signing (CMS) is a form of PoR verification in which an auditor provides the exchange a unique message to sign using their associated private key(s) cryptographically. This process involves the auditor providing the exchange with an encrypted message containing information about each account’s balance and its associated public key. The exchange must then sign this message using its private key, which can be verified against the public key provided.
The “instructed movement of funds” method is another form of PoR verification in which the exchange performs a transaction where it moves a specific amount from a public key/address at a specific time and obtains the transactional hash to verify the instructed transaction on the respective blockchain.
Search addresses on block explorer for PoR verification
Search addresses on a block explorer are an important and effective way to verify proof of reserves (PoR) for any crypto company. A block explorer is an online tool that allows users to search the blockchain and view detailed information about transactions, addresses, blocks, and more.
By searching an address on a block explorer, users can get information like the total amount of crypto held in that address and the number of incoming and outgoing transactions associated with it. This information can be used to verify the PoR status of an exchange or custodian, as it allows users to see if the amounts of assets being held align with what is reported on their balance sheet.
What is Merkle Tree?
Merkle tree, also known as a hash tree, is a type of data structure used for efficient and secure verification of large sets of digital data. This data structure is commonly used in cryptocurrency, allowing users to quickly and securely verify that a large set of transactions or blocks are valid.
Merkle trees are composed of a root node, which is the sum total of all transactions in the set, and a number of leaf nodes. Leaf nodes are individual transactions or blocks, each with its own identifier, allowing for efficient verification. To verify that a particular transaction or block is part of the set, users must follow the path from the root node to the leaf node and compare the identifiers. If they match, then the transaction or block is valid.
Verifying that your account has been audited
Verifying that your account has been audited with Proof of Reserves (PoR) requires several steps. Here is an overview of the process:
1. Obtain a cryptographic message from the auditor. The auditor will provide a unique encrypted message containing information about each account’s balance and associated public key. This message should be securely stored.
2. Have the custodian sign this message using their associated private keys cryptographically. This must be done to prove they have ownership of the user address.
3. Use a block explorer to search for the addresses associated with each account and verify that the balance matches what is reported on the encrypted message.
4. Once the address balances match what is reported in the encrypted message, you can be sure that your funds are safe.
Why knowing Proof-of-Reserves is important
As a crypto user and investor, you need to know the exchange’s proof-of-reserves for five reasons:
1. PoR gives you transparency – Knowing an exchange’s proof-of-reserves lets you see how much money they have and if they can keep their promises.
2. PoR helps with security – By verifying that the assets in the exchange’s custody match up with what is reported on its balance sheet, it means no one can take your funds without the proper private keys.
3. PoR builds trust – When you know that an exchange has enough funds to back up its claims, you are more likely to trust them with its assets. And trust is important when it comes to money.
4. PoR keeps your funds safe – PoR verification helps ensure that your money isn’t stolen or mishandled by checking if everything matches up correctly.
5. You can verify balances easily by using a block explorer, you can search for addresses associated with each account and check whether or not the balance matches what is reported in the encrypted message from the auditor.
Knowing about proof-of-reserves is important to ensure that your funds are safe and secure when dealing with crypto companies. This process helps protect customers from fraudsters who may try to take advantage of unsuspecting investors by falsely claiming they have more money in reserve than they actually do. With PoR audits being implemented at some of the top exchanges worldwide, it’s clear that this practice is becoming increasingly popular as a way to keep customer accounts safe and secure.