Proof-of-Reserves: A Standard for Enhanced Transparency

Matt ฿
ChainRift Research
Published in
3 min readFeb 8, 2019

It’s a bitter pill for the self-sovereignty maximalists to swallow, but third party custodians will always exist: it’s more convenient for traders, the technophobic and the lazy to simply have their magic internet money held on their behalf.

Entrusting an exchange with your cryptocurrency, however, carries with it a significant amount of counterparty risk. Not only are you hoping that the service’s security is ironclad enough to defend from cyberattacks (easier said than done, by the looks of things), but you’re also working on the assumption that the company behind the exchange isn’t misleading you.

One of the trade-offs you make when you relinquish control over your coins (aside from control itself, that is) is the loss of your ability to verify the existence and ownership of those UTXOs.

Where a functioning node provides you with unequivocal proof of funds, you do not have such assurances when fund management is passed off to an exchange – cryptocurrency is simply sent into a black box, and the original holder is left to cross their fingers and pray that the service isn’t playing fiat banking by operating on a fractional reserve system.

If an exchange could, on the other hand, transparently prove to customers that they held full reserves, it would go a long way in strengthening the trust (and, of course, complying with regulators). This is precisely what Blockstream aims to facilitate with its Proof-of-Reserves tool.

In a blog post on Monday, Blockstream announced that it was open-sourcing a mechanism that it had been working on for exchanges to publicly reveal the funds in their possession.

Though the post acknowledges that certain services have their own processes for proving ownership, the lack of standardisation means that users need to acquaint themselves with each exchange’s methodology. What’s more, simply moving all funds from one set of addresses to another poses some major security threats (you don’t want $100m lost to clipboard malware or because you typed in an ‘l’ instead of a ‘1’).

The proposal for a proof-of-reserve scheme was submitted as a BIP, and detailed on the bitcoin-dev mailing list late in January. It would allow any given party to publicly prove that their UTXOs were spendable, as could be demonstrated by moving them to another wallet.

In order to mitigate the introduction of any of the aforementioned attack surfaces, a transaction can be crafted that ‘spends’ all of the UTXOs held by the exchange. However, an additional (invalid) input is also added in, in such a way that the transaction is automatically rejected when pushed to the network, therefore foregoing the need to move them at all.

In spite of being invalid, the transaction can still be showcased as proof that the addresses involved do, in fact, have the funds – it’s trivial for interested parties to verify the authenticity of this data.

The Proof-of-Reserves tool by Blockstream was initially being explored as a means for exchanges holding L-BTC on the Liquid sidechain to provide auditors with proofs, but its value at large was quickly recognised. It’s already compatible with both Bitcoin Core and the Trezor hardware wallet.

The Liquid sidechain is considerably more private than the Bitcoin chain (by virtue of its Confidential Transactions integration), so it remains to be seen how the tool can be leveraged without exposing too much information on the exchange using the tool. At the moment, its intended use is in proving ownership to auditors, but future efforts are geared at providing services with the option to prove reserves to individual users.

Proof-of-Reserves is a valuable addition to the growing cryptocurrency ecosystem – it’s clear that self-sovereignty isn’t for everyone. Alongside solutions that put private keys in the hands of individuals, it’s equally important that work is done to increase transparency between customers seeking custodial options and the services that can provide them.

Cover image by the author.

--

--