Armanino Blog
Article

Proof of Reserves: Elevating Standards of Trust and Transparency for Digital Asset Ecosystems

by Noah Buxton
May 11, 2020

Armanino's new Proof of Reserves service provides improved trust and transparency between a digital asset exchange and their users. Here's a look at how it works and why it was created.

Money and Trust

Money requires trust. And yes, bitcoin is money, although we'll call it and other cryptocurrencies "digital assets" in this article.

Given their infancy and complexity, digital assets, more so than traditional financial instruments, require user trust for continued adoption and use. Yet the trust and transparency mechanisms available to users of traditional financial instruments are largely unavailable to users of digital assets.

In a nutshell, the problem for users of centralized digital asset exchanges — as well as custodians, loan platforms and other "service providers" that custody digital assets on behalf of their users — is that they are required to place great trust in the exchange without formalized and available mechanisms of trust and transparency.

Back-of-the-napkin calculations for the top 10 cryptocurrencies by market cap, assuming that exchanges hold a conservative 10% of those assets, would mean that exchanges currently custody about $16B-$20B worth of crypto. Again, with little to no meaningful transparency.

The solution: give exchanges a way to provide independent validation and proof that they have adequate reserves of a given digital asset to meet the "IOUs" to their customers. We call it a "proof of reserves assessment."

Now exchanges and other custodians can provide proof of reserves under what we believe to be a model framework and methodology. Why is this the new model for proving digital asset reserves? Simple: because of the independence and reputation of the assessor, cryptographic proofs of user liabilities, and the ability for all users to verify that their balance was included while maintaining user privacy.

Background

Armanino LLP, a top 25 U.S. public accounting firm, has been conducting audits on cryptocurrency clients since 2014. As a necessary component of providing financial statement audit services for exchange clients, we encountered the challenges of auditing a bitcoin-heavy balance sheet. There were many lessons learned completing complex audit procedures to test ownership and existence of digital asset balances.

As a leader in digital asset assurance technology with a reputation for innovative solutions for the crypto space, we felt compelled to solve the "proof of reserves" problem.

In 2014, another leader in cryptocurrency, Greg Maxwell (now CTO at Blockstream), proposed a solution to proving an exchange's reserves against its customer liabilities. We have adopted some features of this approach but also solved some of the key problems we believe have prevented it from being more widely used by exchanges, demanded by customers and required by regulators as a condition of licensure.

In May 2020, Armanino partnered with Gate.io, a top 20 exchange by daily volume, to complete the first external proof of reserves assessment.

Problems

Auditability, Trust and Transparency Issues

Blockchains offer the promise of immutability, decentralized trust, and auditability. However, current centralized exchanges, custodians and loan providers create blind spots in the ecosystem because liabilities of users are centralized as proprietary database entries controlled by the service provider. Additionally, it is commonplace, if not universal, that the customer's digital assets are held in co-mingled wallets. Therefore, the promise of publicly available and auditable ledgers is impacted negatively.

Exchanges and other businesses that custody crypto assets in the U.S. are required to submit audited financial statements to state regulators in order to maintain state money transmission licenses. And while those audits provide a layer of trust and independent oversight, it is not necessarily true that audits provide needed transparency for end consumers. What's more, the majority of digital asset trading volume (through marketplaces and exchanges) takes place outside the U.S., where regulatory oversight is generally less stringent.

Bad Incentives

While we believe that many exchange and custody businesses operate with the best interests of their customers in mind, there are lucrative incentives to "cheat" by only partially reserving against customer liabilities, loaning customer assets, or otherwise encumbering customer assets without the customer knowing or consenting. Take the case of Quadriga, a Canadian crypto exchange service provider that made headlines after the untimely death of the founder and later realizations that he had misappropriated user funds for his own benefit.

There is also the simple truth that exchanges and custodians remain "honey pots" for hackers, and incentives to not disclose hacks resulting in the loss of customer assets are very high. In these cases, the exchange would continue business with fractional reserves in hopes of refilling the coffers and not losing customers in the short term.

Defining "Adequate" Reserves

So, what is an "adequate" level of reserves for the exchange to hold against customer liabilities? Retail banks in the U.S. hold about $0.20 for every $1.00 of customer deposits, loaning out the other $0.80. This is a question our industry has yet to answer.[1] It seems to be the case that there is an unwritten rule that the exchange must reserve 100% against customer liabilities. At this time, there is a dearth of data which would allow us to make conclusions regarding how well the world's exchanges and custodians are reserved.

It may be the case that customers, and even regulators, would deem a reserve of less than 100% to be acceptable. However, until providing proof of reserves becomes more commonplace, such a standard cannot emerge.

Non-Standard Approaches

As of May 2020, there are only a handful of examples of exchange providers completing a proof of reserves exercise. We are still in very early days. Of the exchanges that have performed a proof of reserves, there is a vast disparity in the methods and approaches utilized, the level of transparency provided for users to understand the methods used, the independence of the party performing the testing, etc. Furthermore, a proof of reserves assessment has not been performed by an independent third party, nor by an independent public accounting firm with a formal report on findings.

A lack of standards and independence in assessing reserves leads to confusion and bad outcomes for users.

The Solution: A New "Gold"Standard

Assets vs. Liabilities

Proof of reserves has two main components. First is validating that all the customer database entries are complete and accurate. We must obtain a reasonable level of assurance that (1) all accounts with non-zero balances are included (a measure of completeness), and (2) that the non-zero balance of bitcoins "held"or owed to that customer is correctly calculated by the exchange (a measure of accuracy).

Second, we must confirm with cryptographic certainty that the exchange has hot and cold wallets with enough bitcoins to meet all customer liabilities.

We have enumerated the specific procedures we performed for each of the two components outlined above in our formal report on the first proof of reserves assessment for Gate.io. (Watch this space for more thought leadership in this evolving area.)

Privacy-Preserving Proofs of User Liabilities

First, we provide a publicly accessible portal for users to "check balance" (the Verifier tool). This provides a very important check against the exchange under-reporting customer liabilities.

Here's how we do that. After obtaining reasonable assurance that the exchange has produced a complete and accurate listing of hashed user IDs and associated BTC balances, we use that raw file to generate a Merkle Tree (a cryptographic proof that hashes the user ID and balance together, then combines it with the hash of the next user ID and balance, continuing on until there is a tree or pyramid of hashes, with a single "root" hash at the top).

The Merkle Tree can be made available to anyone without compromising privacy, as it is just hashed data; only the user with the known inputs (hashed user ID and their balance) can validate that their information was included in the proof. To simplify the user experience, we built a more user-friendly tool on TrustExplorerTM; to allow users to interact with the Merkle Tree and Verifier tool.

Proving the Exchange's Control Over Assets

There are multiple important steps to proving ownership or control over digital assets (i.e., ability to exercise the private keys for a public address or wallet). First, we inquire with management and responsible individuals to obtain an understanding of the process for receiving customer bitcoins, safely storing customer bitcoins, and sending customer bitcoins outside the exchange when withdrawn by customers. We think of this generally as the process for custody and management of customer assets.

We also inquire with management and responsible individuals to obtain an understanding of the key technical components used in the custodial process. Important considerations here include, but are not limited to, the types of wallets used, and the hardware and software involved in hosting, maintaining, integrating and interacting with those wallets, as well as the signature schemes utilized (i.e. single-sig vs. multi-sig).

After gaining an understanding of the custody process and infrastructure, we collect a complete list of BTC addresses to test both balances and control over private keys.

For each of the hot and cold wallet addresses in scope, Armanino creates a custom message, including (1) a "nonce" or secret, and (2) the hash of the most recent bitcoin block. We then obtain a digital signature of that custom message from the exchange, and decrypt that signed message using the relevant public key/keys (wallet addresses) to determine that the exchange signed the message using the private keys for the wallets.

It is also possible to test ownership by movement of funds (signing a transaction with private keys), however, this approach is more open to the risk of cheating or colluding with a third party that actually controls the private keys. For this reason, our preferred methodology is to obtain signed messages simultaneously with the other procedures performed.

At the time we obtain signatures, we also pull balances from the bitcoin blockchain for each of the wallet addresses in scope.

The Frequency of Proof

Digital assets have more potential than non-natively digital assets as their existence and rights and obligations can be determined more readily. As discussed above, the standards for proof of reserves are just now emerging. There is room for flexibility in the frequency of proof of reserves assessments; exchanges and other custodians should choose a cadence of reporting that works best for their organization.

We are also very excited about the potential to provide proof of reserves in a real-time or near-real-time manner. More on that soon

Conclusion

Proof of reserves assessments using the methods outlined here, on TrustExplorer and in our final report on Gate.io's proof of reserve assessment provide a foundation for standardizing proof of reserves. We believe this is a large step forward for providing needed trust and transparency for customers of exchanges, as well as comfort for regulators across many jurisdictions. We are committed to working with our clients and the community to develop a best-and-only solution for trust and transparency over digital asset reserves. If you share the vision, please reach out!


[1] As one example, see Hong Kong's SFC outlining 100% reserve requirements (98% in cold storage, 2% in hot wallets).

Stay In Touch

Sign up to stay up-to-date with the latest accounting regulations, best practices, industry news and technology insights to run your business.

Authors
Noah Buxton - Director, Blockchain - San Francisco, CA | Armanino
Managing Director
Resources
Related News & Insights
General Contractor Trends to Consider in 2022 Webinar
Webinar
Hear from experts how you can better manage your subcontracts — and more.

December 16, 2021 | 10:00 AM - 11:00 AM PT
Women in Nonprofit Leadership Panel
Webinar
Aspiring nonprofit leaders should hear the insightful stories of these women industry leaders to empower their journeys.

December 14, 2021 | 10:00 AM - 11:00 AM PT
The Evolution of Gaming Companies
Webinar
From seed-funding to acquisition, position your gaming company for success.

December 9, 2021 | 01:00 PM - 02:00 PM PT