Proof-of-Reserves Audits Guide 2023 – All You Need To Know

As institutional and retail investors show more interest in digital assets, the options of getting custody of the assets are also growing simultaneously. Therefore, as the market is changing, several options for possession are evolving.

In addition, the developers are working continuously to provide control and create such structures in the market that prove to be successful for specific markets and holdings.

Users are provided multiple options to protect their crypto holdings, such as exchange wallets, third-party custodians, self-custody, etc. In the digital space, custodians have the same role as that in the traditional market, as they protect the assets of their customers and take care of them.

These custodians do not allow everyone to access the holdings and have control of the asset by holding their private keys.

Cypher Mind HQ

However, certain shocking events in history, such as the liquidation of Three Arrows Capital and the collapse of the crypto exchange named FTX, marked a big question on the authenticity and reliability of these crypto custodians. This introduced the concept of Proof-of-reserves audit.

The Proof-of-reserves audit confirms that the on-chain holdings of a company are similar to the assets of the client enlisted on the balance sheet initially, thus ensuring the financial authenticity of the crypto custodians.

Moreover, it also builds confidence among the customers that the business has enough liquidity and solvency that they can continue trading with it.

This guide article will elaborate on proof-of-reserve audits and their importance in crypto. Moreover, it will also explain to the readers how they can access and verify the Proof-of-reserves audits.

What is a Proof-of-Reserves Audit?

The profit earned by any business or enterprise in traditional finance that can be utilized during unfortunate circumstances is known as reserves.

However, Proof of reserves in the crypto space refers to the audit conducted independently by any third entity. It makes sure that the balance of the depositors can be supported by the reserves stored by the entity being audited.

Proof of reserves audit is considered a critical regulatory step by experienced and reputable developers dealing with digital assets.

Cypher Mind HQ

The liquidity and solvency of the custodian are ensured by using the Proof of reserves audit, thus building customer confidence. Moreover, it provides transparency to the system allowing the customers to withdraw their funds any time they want.

In addition, the crypto companies that act as custodians have also benefited from the Proof of reserves audits. This ensures the absolute backing of assets, thus retaining the customers and increasing their trust in the trading procedure.

Moreover, the centralized exchanges cannot invest the funds of depositors in any other exchange while going through a Proof of reserves audit.

This decreases the risk that companies will maximize returns from the assets of the customers. In addition, the probability of occurrence of unfortunate events such as the great financial crisis of 2007-08 can also be minimized using such audits.

Why is Proof-of-Reserves Audit Required in Crypto?

The collapse of a significant cryptocurrency exchange in 2014 posed a major threat to the security and solvency of centralized digital platforms. After this unfortunate event, several exchanges sat down together and released a joint statement about improving the safety and transparency of their systems.

In 2019, again, this problem arose when another central exchange platform became insolvent due to mismanagement of the funds of their clients.

The most unfortunate event happened in 2022 when a centralized FTX exchange went insolvent. It created a sense of fear and restlessness among the customers as they knew that FTX did not have enough reserves to recover their losses.

People started losing their confidence in centralized exchanges and platforms, which led to the bankruptcy of the majority of exchanges, making people lose billions of dollars and, thus, the crypto market crash.

Therefore, the developers came out with a Proof of reserves audit that helps the customers and institutions have their hands on the digital assets they own, thus providing stability and transparency to the crypto market.

Working of Proof-of-Reserves Audit

The readers need to understand the overall auditing process before elaborating on the concept of Proof of reserves auditing. The audit is used to check the solvency of an exchange. If the assets exceed the liabilities or obligations of an exchange, it is considered solvent or otherwise insolvent in any other situation except it.

However, there might be situations, such as the demonstration of fractional reserves by the exchange, where these two conditions mentioned above cannot predict anything. While using fractional reserves, a part of the deposits placed on the exchange is reserved and can be quickly withdrawn in addition to the balance lent to some other entity.

The complete auditing procedure can be classified into three steps.

  • Proof of Liabilities

The liabilities of an exchange are referred to as the balance in cryptocurrency maintained due to the customers. The total liabilities of an exchange can be calculated by summing up the account balance of all its customers. This estimated amount is then compared with the reserves of the exchange to compute solvency.

The hash of the fraction factor and the root of a Merkle tree can also be calculated using this Proof of liabilities. A Merkle tree is constructed using the account information of the user. A leaf of the tree is generated using the cryptographic hash of the customer’s identity and the amount it owes to the customer.

Then by pairing these leaves together and hashing them, the nodes in the tier of the tree can be created. These nodes are then hashed and merged to construct the roots of the tree.

  • Proof of Reserves

Reserves are the assets stored over the blockchain by an exchange in the form of cryptocurrency. If the exchange possesses the private keys of the crypto addresses, they sum up the balances of those addresses and compute the total assets.

In addition, the exchange can also prove itself as the rightful owner of the crypto address by linking a public key to the address of the cryptocurrency and signing a private key at the end.

Moreover, the exchange should also sign a nonce to provide additional security to the customers. The hash of the recently added block to the blockchain may be counted as nonce that is then used to validate a signature. The sum and the hash of the address balances make the outputs of the Proof of reserves audit.

It is not necessary to parse the complete blockchain for the audit program to calculate the balances that should be added. However, it uses the deterministic aggregate of the data accessible to the public, known as a preprocessor, to do that. A deterministic function will produce identical results if the input values are similar.

This is the basic principle used to operate all blockchains, as reaching a final consensus becomes difficult at times if the result of the transaction is not identical, independent of the person who initiates it and where it is created.

  • Proof of Solvency

The two components of Proof of Solvency of a crypto exchange are the outputs of the audit and the attestation required to make sure that auditing is being carried out in a safe environment.

The final result of the audit is a binary number that is either true or false. If the reserves exceed the liabilities, it will be true and false in any other condition except it.

The signature for the hashes of the programs being executed and the measurement of the platform fall under the attestation process. Moreover, by using the Merkle tree roots, it can be verified by the user that his account balance is taken into consideration while making calculations.

Method of Conducting Proof of Reserves Audits

Usually, a third-party auditor carries out the Proof of reserves auditing to make sure that the holdings of the customer are balanced by the assets present on the balance sheet of the custodian. The steps involved in the procedure are mentioned below.

  • Initially, an anonymous snapshot of the balances of the institution is taken by the auditing firm or the external auditor. These balances are then organized in the form of a Merkle tree by the auditor. This tree contains several branches and custodial data, which is then verified by using hash codes.
  • Then by utilizing the distinct signatures of all the account holders, the auditor collects the contributions of all users individually.
  • After that, it is to be verified whether the assets of the customers are kept on a complete reserve basis or not. It is done by comparing the balances reported by the individual contributors with that of the Merkle tree and calculating if they are approximately equal. This can be done by comparing Merkle tree records and the digital signatures.

Users can verify their transactions after the Proof of reserves audit. If any user has owned any crypto asset on Binance, he can log into the official website of Binance to find their Merkle tree and the record ID. This can be done by clicking the “Wallet” option on the website and then “Audit”.

Then the user must choose the audit type by confirming the audit date. Moreover, the assets that he needs, the user’s record ID, and the assets’ balances can also be chosen by using Binance’s Proof of reserves audit through its attestation report.

The Makeup of a Merkle Tree

When a particular data set is hashed repeatedly, it creates a data structure known as Merkle Tree. The number of data pieces, known as Merkle leaves, is reduced whenever the hashing is carried out. It continues till, in the end, only one hash is left, known as Merkle root. It is located at the top of a Merkle tree.

The transformation of one value to another that cannot be obtained again through reverse engineering is known as hashing. This can be understood as if one looks at a specific value and can easily calculate the hash, but the original value cannot be determined by looking at the hash.

Therefore, one can utilize hashing power as a unidirectional function that covers the value of its underlying data, making it difficult to recover.

The auditors can collect data regarding the account balances of all the consumers during the Proof of reserves audit by applying the Merkle tree. It helps preserve the customer’s privacy by not exposing any customer’s account balance openly.

Merkle trees based on Proof of reserves audit may be published in the form of snapshots by different crypto exchanges at specific intervals, whether daily, weekly, monthly, or yearly. Moreover, real-time attestations may also be provided by the companies that can be accessed through their websites.

Chainlink and Proof of Reserves Audit

The prominent firm behind the launch of the decentralized oracle network is Chainlink Labs. The company has launched its version of the Proof of reserves protocol in order to prove asset reserves across Web2 and Web3 using automatic verification.

Using its blockchain network, one can determine how much data is borrowed, staked, or reserved using any particular protocol at a specific time.

Moreover, the exchange can also use proof or reserves protocol to provide security and set a limit to the system, as the number of tokens issued cannot exceed the assets that are kept in the reserves.

Exchanges Using Proof of Reserves Audit

Before the failure of the FTX company, there were several exchanges that shifted their trading protocol to Proof of reserves, including, BitMEX, Nexo, Kraken, etc.

However, by the end of 2022, many other platforms also shifted to Proof of reserves, such as Binance,, and ByBit, which then laid the foundation for utilizing Merkle tree in Proof of reserves audits.

Advantages of Proof-of-Reserves Audits

There are several benefits that users can get by using Proof of reserves audits. It shows the users the direct correspondence between the on-chain crypto holdings of an exchange platform and the balances of the user.

Moreover, it can also be checked whether certain coins, such as Wrapped Bitcoin, are backed up by Bitcoin or not by using a Proof of reserves audit.

By using a network of Chainlink oracles, the decentralized applications receive information about the wrapped coins that need to be audited. These oracles collect the data by checking the Bitcoin balance of the custodian every ten minutes on the Bitcoin blockchain.

Moreover, the regulatory bodies consider Proof of reserves audits as a self-sufficient technique that fulfills their industry strategy requirements.

In addition, it can also help increase the adoption of any product by focusing on the issue where it becomes difficult for the exchange to meet the consumer deposit demands with their current assets, thus causing a lack of confidence among them.

Users can also use the Merkle tree hash for the direct verification of Proof of reserves audit transparency.

Moreover, a Proof of reserves audit provides a helpful tool to investors where they can keep a check on the minimization of the probability of losing funds and collection of data regarding the asset management practices of clients of a specific institution.

Lastly, it helps retain the customers with the platform by building their trust in the custodians.

Drawbacks of Proof-of-Reserve Audits

Although Proof of reserves audit provides several benefits to its users, at the same time, there are certain flaws integrated with it.

Firstly, the authenticity of the Proof of reserves audit depends on the competence of the auditor performing the activity. In addition, by collaborating with the custodian, any third party may also produce false audit results to trap the users.

The correctness level of the audit is only valid when it is carried out; therefore, the facts can also be manipulated by the crypto exchange platform to befool the customers.

Moreover, if the consumer loses his funds or the private keys, it may also affect the legitimacy of the Proof of reserves audit results. Lastly, it cannot be determined by using a Proof of reserves audit whether someone borrowed the funds to pass the audit or for another purpose.

Ways of Improving Proof of Reserves Audit

First, the user should ensure that the interval between the two audits is minimal so that no illicit financial activity occurs between them. Moreover, it is essential to choose a third party with no interests of its own in the trade and works for the betterment of the user.

The Proof of reserves audit involves cryptographic and mathematical calculations instead of mere communication and trust as in traditional banking systems; therefore, it is usually used by crypto exchanges to help during financial turbulence in the market.

Moreover, blockchain technology adds to the betterment of auditing procedures in the crypto market.


Proof of reserves audit is paving the way for the standardization of the crypto industry. It promotes transparency and improves the security of the digital assets owned by users.

It builds confidence and trust among the customers. Proof of reserves audit has compelled the exchanges to make the funds of the users a priority providing them with an engaging platform for securing funds.

Author: Isacco Genovesi

Isacco writes news articles, reviews and guides about cryptocurrencies including technical analysis, blockchain events, coin prices marketcap and detailed reviews on crypto exchanges and trading platforms.

Leave a Reply

Your email address will not be published. Required fields are marked *