Proof-of-Reserve will not prevent the potential loss of your assets

Published 25.11.2022

CEO of Binance said that Proof-of-Reserves (PoR) can restore trust in the crypto industry. I'm not convinced. PoR may increase the transparency of centralized exchanges, but it certainly will not prevent further bankruptcies and problems associated with centralization. This is certainly a step in a good direction, but users should know that DeFi solves the problems associated with centralization completely while the options of Binance and other exchanges remain limited.


  • PoR sacrifices privacy for transparency.
  • PoR reports should also include information on third-party liabilities.
  • Instead of Proof-of-Reserve, we need Proof-of-Audit. The audited source code of DeFi services does not need regulation.
  • It is difficult to regulate the possession of a private key. So it is difficult to regulate DeFi.

What is Proof-of-Reserve

Proof-of-Reserve is a snapshot of the balances in the cold storage of an exchange at a specific time. These are crypto-assets that users have deposited on the exchange. The exchange should publish the reports regularly and an independent auditor should verify the reports. The goal of the PoR is to convince users that the exchange holds their funds and is liquid.

There are several ways to prove asset reserves. It can be done by traditional third-party audits that are performed by trusted companies or by a technology called Merkle tree proofs.

In accordance with its resolve to provide full transparency, Binance has published its Proof of Reserves, disclosing the cold wallet addresses and balances of the top six cryptos listed on the exchange. In November 2022, Binance held 475,000 BTC, 4.8 million ETH, 17.6 billion USDT, 601 million USDC, 58 million BNB, and approximately 21.7 billion of its own stablecoin, BUSD. The total reserves held by Binance stand at approximately worth of $69 billion.

Other cryptocurrency exchanges have joined the Binance initiative and their reports are publicly available in various forms.

Proof-of-Reserve does not prevent potential loss of assets

PoR may have a different quality based on the crypto exchange that publishes it. In most cases, reports are shown as of a specific date. Even if an exchange publishes the blockchain addresses on which crypto-assets are held, the exchange is not required to comment on every major move from address to address after the report has been issued.

Exchanges should provide not only blockchain addresses but also proof of private key ownership. Exchanges may use blockchain addresses in a report for which only the CEO or another whale somehow connected to the exchange holds private keys.

If exchanges only audit quarterly and with only a portion of their portfolio, they can always ensure they have enough crypto assets before the audit. They can borrow them temporarily from another exchange and return them after the audit. If the exchanges disclose the blockchain addresses, it would be more complicated for the exchange. However, as we said, the exchange is not obliged to explain asset transfers after the audit.

PoR is disadvantageous for the user in terms of privacy. If a user withdraws crypto-assets from an exchange and pays with them in a store, the merchant can look to see if the coins were on a particular exchange. If so, the merchant is assured that the user is using the exchange. When making payments, it should not be possible for anyone to learn this type of private information easily. PoR sacrifices privacy for transparency.

The biggest problem with PoR is that the exchange has full control over user deposits. The exchange can be robbed by an external attacker or it can be an insider job. Crypto exchanges may freeze the deposits of specific users at the request of the authority or may be ordered to close temporarily. Crypto exchanges can censor transactions, collect user data and link blockchain addresses to real identities.

The PoR report should be accompanied by an external audit that will disclose all liabilities of the exchange. An exchange can hold a large number of crypto assets, but if it owes someone, it can go bankrupt. This can happen, for example, if the exchange is forced to pay a large fine. Users can lose their assets despite regular PoR reports.

Not your keys, not your coins. If you hold coins on crypto exchanges, you can see PoR as a gesture of goodwill. You should know that you are sacrificing your privacy and can lose your coins at any time. If the CEO decides to do an exit scam, he can do it the day after the PoR report is issued.

Decentralized finance, not Proof-of-Reserve

DeFi services on Cardano do not require something like Proof-of-Reserve. The ideal DeFi service is self-custody and a third party should not be able to exploit users' assets.

I understand that the centralized exchanges want to prove that they are not in danger of a collapse like FTX. PoR may be seen as a positive move in the short term, but we shouldn't think that this will solve the problems associated with the ability to abuse the power of intermediaries.

Traditional banks only work because they are regulated and auditable. After the FTX collapse, it is likely that crypto exchanges will be even more regulated than they are today. This will bring them closer to TradFi. The introduction of PoR can be seen as an effort to increase transparency and delay heavy regulation.

DeFi is not CeFi. If a decentralised financial service allows self-custody, it should not be regulated at all, or minimally. Instead of regulation, we should implement quality source code audits in the Cardano ecosystem. This is what the IOG team wants to achieve. Instead of Proof-of-Reserve, we need Proof-of-Audit. If we can have reliable decentralized services, there is nothing to regulate.

It is dangerous to think that regulation can prevent financial companies from failing. We have not been able to do this in the traditional financial world and it is even more difficult in the case of blockchain technology. Those who call for tougher regulation and refuse to accept the potential of DeFi should realize that there are limits to regulating decentralized applications.

How can someone regulate the possession of a private key? Only by banning its use on pain of imprisonment. If someone is calling for tighter regulation of DeFi, thinking that PoR is the appropriate solution, they are essentially calling for a ban on the use of all blockchains, including Bitcoin. It would essentially block the ability to build DeFi in the Bitcoin ecosystem. LN could also have problems.

If the cryptocurrency world is to be consistent in its views and insist that Bitcoin can be better money, we cannot at the same time desire tougher regulation at the cost of sacrificing the basic principles of decentralization. Boundaries are hard to define and the less regulation the better. Regulating centralized exchanges is fine, requiring PoR is fine too. Our goal is to build a financial world in which we do not have to rely on regulation and PoR, but only on ourselves and well-audited decentralised services.


PoR reports are better than nothing, but it doesn't solve any fundamental problem that smart contract platforms like Cardano can solve. Increasing the capabilities of decentralized networks and services is essential, as people don't just want to hold cryptocurrencies on hardware wallets, but use them for other things. Trading crypto-assets is important because of making the market value, but it basically doesn't matter if it happens on centralized or decentralized exchanges. As long as people are forced to rely on large centralized exchanges, there will be bankruptcies.

Incredibly, the Binance and Coinbase exchanges together hold over 2.5M BTC. One reason may be that people are afraid of self-custody, but the very next reason is that people want to trade and swap coins. The common goal of the cryptocurrency community should be to replace large exchanges with decentralized alternatives.


Related articles

Did you enjoy this article? Other great articles by the same author