As the fundamental notion of crypto takes a caning in the wake of FTX, the importance of Proof of Reserves has never been clearer, writes Kraken boss Jonathon Miller.

‘It’s only when the tide goes out that you learn who has been swimming naked.’ This quote from Warren Buffet has been getting a lot of use these past few weeks as the FTX fallout continues.

My issue with the statement is that, whilst true, it comes purely from an investor’s perspective. Thousands of customers around the world, at time of writing, are looking at huge losses (or getting ‘rekt’ in industry parlance) because they chose to trade through FTX.

The reason why seems to boil down to greed. Like Lehman Brothers before it, FTX lent more than it allegedly had in reserve. A change in the market conditions and the collapse of other institutions like Voyager, eventually led to it not having enough cash to cover its customers’ investments.

This is supposed to be a flaw of ‘TradFi,’ but here we see it happening in crypto. One of the central ethos’ underpinning blockchain technology and cryptocurrency is transparency. We shouldn’t have to wait for the tide to go out. The water should always be crystal clear.

The good news is that there are a few things exchanges and customers can do to minimise their odds of being impacted by an FTX-like bankruptcy. The first measure is to look for a Proof of Reserves (PoR) report.

Proof of Reserves

A PoR is an independent report conducted by a third party which seeks to confirm that a custodian holds the assets it claims to on behalf of its clients.

This report takes an anonymised snapshot of all balances held and aggregates them into a Merkle tree — a privacy-friendly data structure that encapsulates all client balances. It’s much like a family tree, except with the purpose of showing you what money is stored where, without giving away who owns what.

From there you can decide if the exchange you’re dealing with actually has the assets on hand to handle a ‘bank run’ type situation, as was the case with FTX.

This isn’t, however, de-facto proof. It’s important to find out how the report was conducted and by whom. If the third party reporter is biassed towards or linked in some way to the exchange (e.g. a shared founder or business interest beyond performing the audit), or in a jurisdiction without a strong legal framework, this should give some pause for thought.

That said, the names involved in a report shouldn’t be your only point of reference. Some of the biggest venture capital funds in the world had invested in FTX. In a perfect world they should have seen PoR reports as expected tools for due diligence.

It goes to show that there is still far too much ‘trust’ and not enough ‘verify’.

It’s also important to check that the PoR report verifies not just reserves but also liabilities. There are no formally accepted rules or procedures that define a “Proof of Reserves” report in the industry at this time so this can be inconsistent between exchanges.

Cryptographically proven

For its part, Kraken’s Proof of Reserve reports cryptographically prove that it holds the assets it claims to hold on customers behalf (verifying both reserves and liabilities) on the date of the audit. We hired an independent accounting firm to produce two reports over the past year alone, and have produced PoR reports for several years.

However, consumers should be aware that other exchanges and custodians across the industry are defining Proof of Reserves differently, sometimes with superficial requirements, such as self-attestation and excluding the more rigorous element of matching proof of assets with proof of liabilities.

Outside of PoR reports, there are other signs customers can look for:

  • How long has the person or organisation you are assessing been successfully operating in the industry?
  • Are they known to have a focus on security and have mature customer service operations?
  • Are they a member of relevant associations or other regulatory bodies?

Taking an hour to do this due diligence can save a lot of headaches in the future. However the individual investor can only do so much – the community itself has a role to play here. Calling out scammers as relentlessly as they sell get-rich-quick schemes is step one. Showing others how to secure their assets, and how to properly research those assets in the first place, is the next important step

Ultimately, if you believe in the mission of crypto then you also have a responsibility to protect it.  We can do that by being good crypto citizens. We can also work to self-regulate while attacking the bad actors among us. We need to lead by example. The future of finance is something worth fighting for.

This article was developed in collaboration with Kraken, a Stockhead advertiser at the time of publishing.

This article does not constitute financial product advice. You should consider obtaining independent advice before making any financial decisions.