Original title: What is CEX’s Merkle Tree Proof of Reserve? What are its potential problems?
Since FTX collapsed after being insolvent due to misappropriation of user funds, major exchanges have stated that they will launch their own 100% Merkle tree reserve proof to prove that their asset reserves are 100% sufficient, will not be misappropriated, and similar incidents will not occur.
So, what is the Merkle Tree Proof of Reserves, why can it prove 100% reserves, and what are its potential problems?
First, let's understand what a Merkle Tree is. A Merkle Tree is a data structure. As shown in the figure, we have 4 pieces of data, each piece of data is a user's ID and balance. Hashing the 4 pieces of data separately constitutes the leaves of the Merkle Tree, and then merging the hash values of the two leaves and hashing them again. In this way, we will get a complete Merkle Tree by iterating. The top node is called the root of the tree. Due to the characteristics of the hash algorithm, any change in any data node will cause the hash value of the root of the tree to change.
When we need to prove that a certain user is indeed on the tree, such as proving User1 and its balance, we only need to provide the value of the blue node in the figure. User1 only needs to know his user ID and balance, as well as Hash2 and Hash34 (these two hashes are provided by the exchange) to verify whether he is at the root of the tree. Obviously, only giving these few nodes is enough to hash all the way to the root of the tree, and we only need to verify whether the value of the root of the tree matches. We call [User1, Hash2, Hash34] the Merkle proof or path that proves User1.
There are many ways to implement Merkle Reserve Proof. Let’s take a look at Gate.io’s solution. The implementation idea is:
1. Make the Merkle tree root public.
2. Ability to prove to any user that their balance and UID are in the tree.
3. A third-party audit company will review the total balance of all users on the tree.
4. A third-party audit company will review the total balance of all wallet addresses on the exchange.
1 and 2 are a kind of dynamic deterrence from mathematics and society. Neither users nor audit companies can be sure whether the Merkle root corresponds to all users of Gate. But since everyone can verify whether they are in the tree (obviously, ordinary users cannot verify other users due to privacy issues), once someone provides evidence that I am not in the tree, then Gate is undoubtedly fraudulent. When no one claims that Gate is fraudulent, we all assume that the root is correct, and audit companies can also audit each node in the tree based on this and add up the user's balance.
3 and 4 are based on the trust of a third party. This may be criticized, but it is almost impossible for CEX to find a trustless method. We just need to pay attention to the possible problems here.
Potential problems are:
The issue of the update frequency of the tree root. CEX has a large number of transactions per second, and it is unrealistic to update the tree root for every transaction. There is a high probability that the tree root you see will not be the latest, which means that the situation you understand is not the latest. The update frequency is a key parameter to ensure the effectiveness of this system.
Front-end fraud problem. Users basically open the front-end page of the exchange to verify whether they are on the tree. This page can return false results, and some third-party open source software may be needed to solve this trust problem.
The credibility issue of third-party audits. Many companies that have gone bankrupt in traditional finance have also gone through layers of audits, but having an audit does not mean that there is no risk of error.
Whistleblower usability problem. Even if a user finds that the tree root is fake, can he realize what he should do, can he effectively prove that what he said is right, and spread this fact?
While we have listed a number of issues, increasing transparency is generally a better trend for CEX users.
It is hoped that all exchanges will be able to implement similar or better 100% margin reserve proof systems in the future to provide a more open and transparent environment.