Summary

Cryptocurrency custodians use Proof of Reserves (PoR) audits to demonstrate that they hold all user funds. Binance conducts and publishes internal audits, and then external auditors help verify them with cryptographic techniques to verify that user funds are safe in the company's reserves. Binance users can also independently verify that their account balances are included in these audits.

Introduction

Cryptographic proofs enabled by blockchain technology facilitate the transparency of financial transactions of cryptocurrency exchanges. Proof of Reserves (PoR) verification further increases this transparency by creating an authoritative framework for auditing cryptocurrency custodians.

However, although it is a step forward, PoR still needs improvements to make the ecosystem more transparent and trustworthy.

What is Proof of Reserves (PoR)?

A PoR audit is a verification that aims to ensure that custodians hold all of the client's funds. Cryptocurrency custody companies use PoR audits to demonstrate to depositors and the general public that their deposits match their balance sheets. These audits are carried out by independent third parties to eliminate the possibility of falsification of reservation data.

PoR is essential for several reasons. Firstly, it allows users to verify that the balances they have on an exchange, for example, cryptocurrency, have absolute asset backing. Second, it pushes companies to comply with transparency standards, making it difficult for them to engage in questionable or illegal financial activities.

Ideally, PoR should benefit both users and businesses. On the one hand, it protects users by minimizing security risks and safeguarding them against malicious actors. At the same time, it helps companies retain users by increasing their trust.

The ability to audit cryptocurrency exchanges creates a more transparent crypto ecosystem. For example, PoR prevents exchanges from acting as banks that lend deposited assets to third parties.

Similarly, exchanges cannot use deposits to invest in other protocols or companies. In other words, PoR eliminates the risk of companies maximizing yields and other potential returns from clients' asset holdings.

With PoR, an entity can demonstrate that a cryptocurrency exchange keeps all of its users' deposits in reserve. Therefore, exchanges are encouraged not to mismanage their balances, as this would affect the user's trust in the exchange and their continuity with the platform.

What is PoR verification?

In PoR verification, the auditor checks the inclusion of each account balance using cryptography. This works through a few key steps.

First, the auditor takes a snapshot of the balance of all accounts. It then converts the fund data into a Merkle tree, which is used to structure large amounts of data for more optimized processing.

User balance data is hashed to form a “leaf”; a group of these "leaves" are hashed to form a "branch"; and a group of "branches" are hashed to form a "root".

The auditor can then apply various methods to verify ownership of the user's address. At Binance, for example, an auditor has three ways to identify ownership. When the exchange runs the process of extracting this information, this is also verified by the auditors.

  • Signing cryptographic messages: An auditor provides the exchange with a unique message to cryptographically sign with its associated private keys.

  • Indication Fund Movement – ​​The exchange is tasked with performing a “indication fund movement”, where the management will move a specific amount of a public key/address at a given time and obtain the transactional hash to verify the transaction. indicated in the corresponding blockchain.

  • Address lookup in a blockchain explorer: The auditor can also look up ETH and BSC addresses (in the case of Binance) in Etherscan and BscScan, respectively, to ensure that the addresses have been tagged as belonging to the exchange.

If the balances match these forms of verification, the exchange performed a PoR verification and demonstrated that it has all of the assets deposited in reserve.

PoR: limitations and possible improvements

The balances of a cryptocurrency exchange change as users move their assets on and off the exchange. The problem with PoR is that it verifies the accuracy of reserve balances only at a certain point in the audit. This can be problematic because problems can arise too late and the custodian could even take this opportunity to hide facts.

It is also important to consider that those who carry out the audits are external companies, which means that the results of the audits may depend on the capacity of each auditor or whether external interests influence these audits.

How can a cryptocurrency exchange improve its PoR audits to build and maintain user trust? You can start by shortening the intervals between audits to ensure there is no suspicious financial activity between cycles. Additionally, the exchange may choose a reputable third-party company that has no financial interest in it or its associated organizations.

Cryptocurrency exchanges use PoR verification to offer more transparency, which is a must during financial turmoil. Because it relies on mathematics and cryptography rather than just trust and communication like the traditional banking system does, blockchain technology may even offer a better way to audit the financial market.

How to see if your account was audited

You can check if your Binance account is included in the latest PoR audit. You just have to follow these steps:

  1. Log in to your Binance account and click the Profile icon > Wallet. Next, select the "Audit" option.

  1. You will see all recent audits in which your account balance has been verified through the PoR process.

  1. Select a specific audit you want to learn more about. There you can also download the Merkle tree.

Conclusions

You can access the PoR audit to see if a cryptocurrency custodian has all reserves of your funds and those of other users. The audits should deter cryptocurrency exchanges from mishandling user funds, as well as help improve transparency in the crypto sector.

PoR is the first step in regaining and maintaining the trust of cryptocurrency users. Additionally, it sets more requirements for exchanges, which is expected to prioritize user funds and make the sector safer and more transparent for everyone.

Further reading

  • What is fractional reserve?

  • Beginner's Guide to Security Tokens

  • What is quantitative easing (QE)?

  • The psychology of market cycles

  • Beginner's Guide to Cryptocurrency Trading Strategies