Edit on GitHub Proof of Reserves Foundation

The Proof Of Reserves Foundation

Mission

To create a transparent home for bar-raising industry members to collaborate on best practices, tooling, language, resources, guidance and voluntary standards surrounding running proof of reserves.

Why?

If a set of private companies attempt to declare that "they do proof of reserves" and they all do it differently, or worse some claim to do it sufficiently to their customers when they actually don't, this adds inefficiency and risk to the entire industry. This will slow the pace of an entire industry and cost everybody more. There are valid reasons why custody is necessary, especially for institutions.

Every business shouldn't have to invent proof of reserves. There should be open source technology and service providers ready to help do it right and quickly.
Every business shouldn't have to teach their customers how to validate their balances and review financial statements. There should be crowd-sourced documentation to help this along.
A single company or organization shouldn't become the defacto record keeper of who does PoR "correctly". An open forum should track progress and short-comings transparently to compete against the outcome of a corruptible or biased institution.

Tactics

Community Driven

Everything about this foundation is community driven. To contribute to this page, please send pull-requests or file issues here.

Glossary

The industry needs a glossary, a place where words matter, and translations can be made into other languages, so that industry participants can speak a common language when comparing approaches and technique. This helps avoid problems when somebody invents their own definitions.

Real-Time Proof of Reserves

The idea that reserves are up to date as of the last block and published concurrently.

Convenient Proof

When an organization selectively chooses when to do any form of proof of balances, or proof of reserves. This is better than nothing, however there is risk that it may be gamed.

Periodic Proof

When a company adheres to a predictable, or increasing, periodicity of reporting their proof of reserves to stakeholders.

Proof of Balances

Also known as self-attested proof-of-reserve, or proof of assets. In this technique the platform discloses their addresses and provides proof (such as a signed message) that they have access to the associated private key.

Proof of Liabilities

An area of ongoing research. There are no known technical ways to proove liabilities encumbering on-chain assets.

Attestation of Liabilities

Some form of qualified statement asserting a comprehensive review of the full picture.

List of Addresses

A list of public keys containing balances that have not been signed...

Community Proof of Reserves

An attempt by external actors to analyze blockchain data in order to reverse-engineer a proof of reserve.

Negative Balance

An account with a negative balance can be included to alter the total sum and compromise the validity of associated proof of reserves. This forces certain techniques.

Coverage Ratio

When proof of reserves are coupled with an audit of aggregate off-chain assets & liabilities, this ratio can be calculated to indicate a firm's solvency as well as degree of leverage for firms that choose the additional risks of a fractional reserve model.

Loan Loss Reserves

Proof of non-client assets to absorb first loss on loan write downs.

Counterparty Concentration

An anonymized ratio that allows lenders to attest to the diversification of their counterparty risk.

On-Chain Asset Encumberances

There are many ways in which a digital currency can be unspendable. Some examples include lost private keys, time-locks, smart-contract features, and multi-sig.

Tracking the Qualified

A crowd-sourced tracker for the strengths and weaknesses companies involved in the conversation.

Tracking the Unqualified

A crowd-sourced list of recommendations for companies which could be more transparent than they currently are. This process is TBD.

Guidance & Resources for Custodians

Material to help custodians meet the expectations of the industry.

Guidance & Resources for Consumers

Educational resources intended for you to raise expectations from the institutions you rely on for custody.

Guidance & Resources for Technologists

Material to help with developers building related technical solutions, eg. Data Engineering, Customer UX, surrounding admin tooling.

Governance & Process

How should this foundation make decisions, cover costs, and measure it's impact? How should it frame inadequacies and adapt?

Inspiration & References

Note that links are not endorsements. For instance, the CoinMarketCap related links, are provided to illustrate why this foundation is needed. CoinMarketCap is a biased agent slanting the competition, endorsing Binance, Bitfinex unfairly at the expense of Kraken and others. Cer.Live is not up to date, nor can it be given that they have an opaque process for submissions.

Conversation

Our latest Proof of Reserves attestation has been issued - What does this mean? --> A 🧵👇

— Ledn (@hodlwithLedn) August 19, 2021

What I posted in June 2015 still stands true today - Didn’t we learn anything? https://t.co/VXYavveXIT

MtGox failure had exchange publish proof of funds/etc for a few months, but people stopped caring and everything went back to what it was.

Are we going to do that again?

— Mark Karpelès (@MagicalTux) November 13, 2022

1. Publish proof of reserves
2. Assert+Audit that you don't deal with anybody who doesn't
3. Make the above regulation via peer pressure.

Industry can self-regulate.

This is simple open source software to maintain.

— Jeff (@jmclarty) November 13, 2022

[NEW TODAY] Due to recent events, investors are understandably inquiring deeper into their crypto investments. In this thread we’ve compiled additional information about the safety and security of the assets held by our digital asset products. https://t.co/MvTfUoK4o6 🧵

— Grayscale (@Grayscale) November 18, 2022

Grayscale GBTC Trust, the largest legal holder of BTC, refuses to provide any Proof of Reserve.

To begin a community lead effort at transparency for the GBTC holdings, we have taken steps to ID likely GBTC addresses and balances based on public info and blockchain forensics. pic.twitter.com/WFtOyoCEay

— 🏴∴Ergo∴🏴 (@ErgoBTC) November 20, 2022

I've spent the last 2 months recapping my thoughts on 2022 & suggestions going forward for intermediaries in the digital asset space. The report builds upon prior transparency concerns & how to mitigate some of WTF happened in 2022 with my team at Hoseki

Here's what we found
🧵

— Jeremy (@NegentropyorDie) November 21, 2022

2/2 #ProofOfReserves audit must have:
1. sum of client liabilities (auditor must exclude negative balances)
2. user-verifiable cryptographic proof that each account was included in the sum
3. signatures proving that the custodian has control of the walletshttps://t.co/QEZo0DzJfw

— Jesse Powell (@jespow) November 22, 2022

Words matter.

This needs to become the norm... https://t.co/JRi5uKnTX2

— Jeff (@jmclarty) November 23, 2022

We're excited to see how far we can go as an industry with on-chain accounting and are exploring new ways to prove reserves.

We're also announcing a $500k developer grant program to encourage others.https://t.co/ptzMDfwQCX

— Coinbase (@coinbase) November 25, 2022

Here’s how I think about it: if no auditor, then follow the BitMEX PoL scheme (anyone can verify no negative liabilities). If auditor oversight present (as with Kraken) then standards for aggregate PoL verification can be looser https://t.co/XbmELINWTX

— punished nic (@nic__carter) November 25, 2022

To address questions posed by Jesse P,

In the report 👇, "Upcoming Plans: Involve third-party auditors to audit PoR results", for this PoR result.

I said multiple times publicly, the bottleneck was the auditors has a few weeks wait. We move forward in incremental steps. 1/2 https://t.co/BTNa2rl3XB

— CZ 🔶 Binance (@cz_binance) November 26, 2022

Agree with this post on PoR - benefits and shortcomings - from @coinbase. Excited to see them propose a grant to push forward PoL tech. IMO we need to move towards ZK solutions for liability side - merkle leaks too much data. https://t.co/tZvFGcftxq

— punished nic (@nic__carter) November 26, 2022

no one asked for it, but here it is anyway: my 2022 Proof of Reserve year in review https://t.co/x6UjmHTrms

— happy nic year (@nic__carter) December 29, 2022

I just published @Binance Has a Major Pegging Problem with @DataFinnovation and @chainargos https://t.co/gY5PHm2FrE

— Patrick Tan (@patrick_novum) January 17, 2023

This week for @OnTheBrinkCIV I sat down with Deribit Chief Commercial Officer Luuk Strijers to cover their new Proof of Reserve implementationhttps://t.co/PXLB2ho6hL

— nic carter (@nic__carter) January 17, 2023

Anti-Tactics