Learn to read the Merkle tree and don’t let CEX embezzle our hard-earned money

CZ vs. SBF, the market is wailing, faith is collapsing. Traditional centralized exchanges CEX are often widely questioned because of their opaque operations and poor credibility. In order to prove their innocence, major CEXs announced that they would use Merkle trees for reserve proof. So this article is trying to help you figure out what Merkle trees are and how to trust CEX to clear their name?
As a small investor, I only know my account name and how much money is in my account. How the hell do I know if CEX has misappropriated my funds? Please prove it to me.
1. What is a Merkle Tree?
A Merkle tree, also called a hash tree, is a tree data structure in cryptography and computer science. A hash tree can efficiently and securely verify the contents of a large data structure.
The concept of hash tree was patented by Ralph Merkle in 1979, so it is also called Merkle tree.
2. How to verify
Verification Demonstration
Suppose there are N users in an exchange, and each user has a different amount of ETH in their wallet, X. Each user knows his or her ID and the amount of money in his or her wallet, but does not know the amount of money in other people's wallets, let alone how many shares the exchange has. So how can I believe that the exchange has not misappropriated a penny of our hard-earned money?
We can see that this Merkle tree has a total of four layers. The bottom layer is the user, which has two data, representing the user User (N) and the Xn ETH in the wallet, for example, User2 has 8.8 ETH in the wallet; the two data of each user constitute a hash value, for example, user1 and user2 correspond to Hash1 and Hash2 respectively, and Hash1 and Hash2 are iterated upward to become Hash (1,2), and finally a node of Hash (1,2,3...N-1,N) will be formed, which is called the hash tree root. The hash tree root contains all the users and balance information of the exchange;
As we mentioned earlier, User1 only needs to know his user ID and balance, as well as Hash2 and Hash(N-1,N) (these two hashes are provided by the exchange) to verify whether he is at the root of the tree. [User1, Hash2, Hash(N-1,N)] is called the Merkle tree proof or Merkle path. The user can verify whether the value of the root of the tree matches.
3. Conditions for Proving 100% Reserves
Above we know how a user can verify whether his account information and account balance are included in the root hash. When the exchange publishes the Merkle tree root, any user can verify whether his wallet balance and user account information UID are in the root.
At the same time, the exchange can also hire a third-party audit company:
1. Total the balances of all users on the audit tree;
2. Review the total balance of all wallet addresses on the exchange.
4 Conclusion
If the above methods prove that the balance of the exchange is consistent with the sum of the balances of all users or addresses, and any user has verified his or her account information, balance, and hash value information on the root of the tree, then the conclusion is that at the time when the Merkle root value was announced, the exchange did have 100% reserves.
If the exchange keeps updating the Merkle root of the reserve proof at a high frequency, we can frequently check dynamically to ensure that our hard-earned money is not misappropriated. It’s that simple!