Proof-of-Reserve will not prevent exchanges from committing new frauds

The fall of FTX has become a potential tipping point for user confidence in centralized trading platforms. Many of the exchanges left standing are looking for effective ways to prevent users from withdrawing funds from their custodied wallets. One of them is the aforementioned Proof-of-Reserve or PoR, which consists of third-party audits of companies’ liquidity capacity.

In this way, the audits would be a tool for people to know where their funds are. With this, in theory, users will be aware of what exchanges do and do not do with their hoarded funds. Thus, the centralized companies will be able to demonstrate that they have sufficient funds to cover the withdrawal of all those who have accounts with money in them.

Although many centralized firms do regular audits, this is not enough, as these audits could be manipulable. In that sense, when a third party is ready to do the fund checks, the platform simply takes care to place the necessary amount in the right place to pass the supervision. Then, it would seamlessly continue to use people’s money in high-risk practices. Hence the need for a new way of proving creditworthiness.

PoR with Merkle Trees as an alternative for exchanges

The most powerful exchanges are calling for a more transparent form of auditing to strengthen trust. The Reserve Test is a highly effective cryptographic method. It demonstrates a company’s liquidity capacity and users’ full knowledge of the status of their funds.

One of the ways to apply it is by means of so-called Merkle Trees. In simple terms, Merkle Trees are fundamental components of blockchain technology. Their operation allows for highly accurate and efficient data verification, as well as strong transparency. It is a hash-based training. Basically, the hash tree allows verifying the movement of client funds in the manner of a map, Coindesk expresses. They also “work even when reserves get complicated.

Consequently, with the publication of a reserve certificate, the information on the movement and amount of cryptocurrencies of an exchange is completely transparent. This tool allows clients of a centralized platform to take immediate action when funds move suspiciously. The liquidity secrecy that FTX and many others used to work with would become history.

This secrecy allowed exchanges to lend users’ money to high-risk companies without major payment guarantees. After the fall of Sam Bankman-Fried’s empire, Binance announced a PoR of its funds to stimulate trust and transparency in the management of its users’ money. However, all the advantages offered at first glance by the PoR for the Merkle Tree could be useless if a platform decides to commit fraud.

Proof-of-Reserve will not prevent fraudulent activities

Despite the good reception of PoR, it is a method that is by no means foolproof. For example, it simply allows you to passively see where the funds are and how they move. However, it does not give the ability to intervene or freeze movements that might be suspicious. As such, if a platform decides to do fraud, it does it and that’s it.

“While PoR is a powerful tool that encourages transparency of centralized platforms, it is not foolproof when it comes to preventing fraud.”

In other words, if exchange X decides to lend its users’ funds to a high-risk fund Y, customers, with the help of PoR, will see those funds move from X to Y without being able to do anything about it. Although this form of verification resembles centralized platforms to DeFi protocols in terms of matching funds in portfolios through on-chain analysis, it is not a shield. It has little to do with the government reserve insurance that banks theoretically have.

Simply put, it is like setting up a camera to monitor a property in a place where there are no police. If criminals enter and steal, they will be able to see the time, how much and how they stole and case closed, there is no possibility of recovering the lost goods.

Although this is a simplistic comparison, in reality it could serve as an example of how exchanges can commit fraud. In fairness , it can be said that some platforms enjoy a high level of trust and prestige and the willingness to apply PoR can speak volumes about their good intentions. Certainly, they are not all bad guys.

“Not your keys, not your coins”

is there any 100% sure way for funds on a centralized platform to be risk-free? Both the short and long answer are negative. There is a Chinese wall that clearly demarcates the huge difference between the safety and risk of cryptocurrency funds.

On one side of that boundary is the field of self-custodial or non-custodial wallets, i.e., total security. At the other end, there is the risk field represented by custodied or centralized platform portfolios. In the latter field there are different territories, some of which are more reliable than others, but in all of them risk is omnipresent. This paper explains the differences between one form and the other.

Among the orthodox of decentralization there is a maxim: “Not your keys, not your coins”. According to this, the holder of the private keys is the true owner of the cryptocurrencies. In that sense, self-custody wallets allow the user to own his own keys (between 12 or 24 words). When people store their coins in exchanges, the keys are held by the platform and not by the individual. This implies that the decision-making power over the use of the coins is with the exchange.

The latter leads the most knowledgeable people in the field to recommend users to withdraw their cryptocurrencies from the platforms and store them in wallets in their own custody. In such a way, if an exchange goes bankrupt due to fraud, its users will lose the money saved in their wallets. If a self-custody wallet disappears, the user will be able to use their private keys in another compatible wallet to recover their funds.

This article is for informational purposes only and should not be assumed to be fund management advice.