I’m not going to mince words. The fraud-driven collapse of FTX and Alameda is, in my estimation, the worst single event in the crypto industry since its inception. Even though as a share of overall crypto market cap the impact may have been less in relative terms than Mt Gox, the fallout will be more significant. For one, no one really thought of Gox as a particularly credible institution. They were not “institutional” in any way. Karpeles didn’t go on a charm offensive in DC to win favor from politicians. Mt Gox didn’t air Superbowl ads. Celebrities didn’t line up to endorse the platform. And crucially, the number of users worldwide was much fewer.
CoinDesk columnist Nic Carter is partner at Castle Island Ventures, a public blockchain-focused venture fund based in Cambridge, Mass. He is also the co-founder of Coin Metrics, a blockchain analytics startup.
FTX by contrast served millions of users worldwide. They catered to numerous funds, institutions, and startups. They were aggressive in promoting themselves to mainstream users. Their enigmatic CEO Sam Bankman-Fried (SBF) practically lived in Washington, charming members of Congress and financial regulators. They were widely considered one of the most trusted and credible institutions in the industry. The apparent fraud and collapse was therefore particularly catastrophic, as it happened so quickly and took almost everyone by surprise.
The fallout will linger for years. Silver linings are few. I will admit to having breathed a sigh of relief at SBF’s discrediting. His agenda was fundamentally hostile to DeFi; his interests seemed to extend only to obtaining a regulatory baptism for his firm, and no one else. He was an unrepresentative and non-aligned ambassador in Washington, and I’m glad he will no longer be representing us in policy conversations.
The other considerable bright spot to emerge from this mess is the renewed industry interest in Proofs of Reserve. The more serious among us have been contemplating how we can win back trust among end users and regulators. Some in Washington will naturally call for exchanges to be more heavily regulated, under the guise of consumer protection. Some crypto-natives are redoubling their efforts on DeFi and DEXes, considering CeFi to be a lost cause. And Bitcoin maxis are bleating to no one in particular about how all centralized institutions are frauds.
None of those three approaches makes sense to me. Bitcoin preachers will never convince everyone to adopt a rigorous self-custodial setup. There are no indications whatsoever of their imminent glorious hyperbitcoinized, non-intermediated future. Centralized custodians, lenders, and exchanges have existed for over a decade and will continue to be useful and necessary. This is not out of step with a core Bitcoin ethos either – Hal Finney famously advocated for a “free banking” approach to Bitcoin.
Listen: NLW – Why Proof-of-Reserves Now
The pro-regulatory crowd would throw the baby out with the bathwater. A crypto industry that replicates the legacy banking sector would achieve little. It’s critical we do everything to preserve the interoperability of the crypto space, and eliminate barriers to entry and regulatory capture. Elevating a handful of centralized exchanges and raising barriers to entry for competitors, as SBF sought to do, would make it far easier for regulators to capture the entire industry by tightly managing a few choke points.
And lastly the “DeFi and DEXes”only crowd misses the mark. Pure DeFi isn’t without reproach – Terra/Luna could for instance be called DeFi. Hacks and rugpulls are plentiful. And of course DeFi users need to hold their assets in self custody, which, while being the premise of DeFi, is a nonstarter for the vast majority of people. Fact is, while the average user should have the ability to withdraw funds and transact with them outside of an intermediated system, most users will not choose to do this. We can admit the reality that many users will always prefer intermediation, while pushing to improve the quality of these intermediaries.
Time for PoR
That’s where Proof of Reserve comes in. Proofs of Reserve harmonize the innate transparency of blockchains with the convenience of centralized custodians. The procedure generally refers to a demonstration undertaken by exchanges proving that they possess client assets to match outstanding liabilities. There was a minor wave of PoR enthusiasm post-Gox, which immediately fizzled out, and a slight renaissance starting summer 2021 with BitMEX’s proof of reserves and liabilities, followed by Kraken’s effort in Feb. 2022. Things didn’t move very fast thereafter, despite my ardent lobbying. Reform must wait for a crisis, it appears.
Post-FTX, a new enthusiasm for PoR emerged. A number of exchanges – at a minimum Binance, Gate.io, KuCoin, Poloniex, Bitget, Huobi, OKX, Deribit and Bybit – have indicated their attention to publish Proofs of Reserve. A few, like Crypto.com, Bitfinex, and Binance, have taken the intermediate step of releasing wallet addresses as a crude proof of assets. But this is incomplete without corresponding liabilities.
The asset side is trivial: it can involve publishing wallet addresses or signing a transaction. The tricky part is matching the assets with the outstanding liabilities. To achieve this, an exchange adds up all user balances, anonymizes them, and publishes the data in Merkelized format. From there, depositors can verify that they are included in the liability set. If enough do this, they can have strong confidence that the exchange isn’t cheating by omitting liabilities. And if the process happens under the eye of an auditor, users can gain additional assurance that no liabilities are being excluded.
Read more: George Kaloudis – All Custodial Crypto Exchanges Should Adopt Proof-of-Reserve Programs, but Even That Isn’t Enough
Cynics and Bitcoin maxis tend to protest that PoR isn’t perfectly trustless. Of course it isn’t – nothing is – but they would sacrifice the perfect at the altar of the good. There has been a brouhaha in recent days about major exchanges engaging in asset snapshots with purportedly borrowed funds, and many are using this to write off PoR entirely. (Some of these accusations were later shown to be unfounded). Writing off PoR because some weak implementations weren’t credible is the equivalent of ordering Little Caesars and assuming all Italian food is garbage. A point-in-time asset snapshot without the supervision of an auditor or a cash flow analysis proves very little. The Proof of Reserve I and others talk about involves ongoing, frequent attestations, ideally supervised by an auditor. In its more complete form, it provides very strong assurances.
Recalcitrant exchanges have few excuses left. Compared with the first rush for PoR in 2014/15, there are far more resources available today. The 2021 practitioner’s guide to PoR, published by myself and a few other collaborators by the Digital Chamber, offers a full picture. The BitMEX PoR open source code and a guide to replicating the procedure is available. And to the critics who bemoan the lack of accounting firms with expertise in facilitating the process – this is no longer true. Top-20 audit firm Armanino has been undertaking these engagements for years, and they aren’t the only ones.
During a bull market, I can understand why exchanges would not bother competing based on credibility. But in a time of consolidation, retaining user trust is absolutely vital. This procedure allows exchanges to be far more transparent than their tradfi counterparts, who cannot independently verify user assets held. Regulators, I expect, will come to demand it. Already PoR received a mention in Wyoming’s SPDI rules, and I imagine it will appear in more legislation soon.
Read more: David Z. Morris – Nic Carter vs. The Bitcoin Maximalists
Now with so many exchanges – including market leader Binance – embracing the procedure, the few not participating will raise eyebrows. When pressed, Coinbase’s Emilie Choi protested that they are already audited, and that this should be a sufficient substitute. But if Coinbase cares about the integrity of the industry, they will undertake the procedure anyway. I would much rather depositors have the option to choose
Let’s be clear. A PoR wouldn’t have “stopped” FTX, Quadriga, or Mt Gox. All three were insolvent for long periods of time, due to either fraud or hacks. But in a world where PoR is normalized, their refusal or inability to perform a PoR would have stuck out like a sore thumb, and alerted users that something was likely awry. So PoR, at the industry scale, works via negativa – it’s most telling if you don’t do it.
In the next few months and years, as PoR is normalized throughout the industry, I hope and expect that we will apply the same scrutiny to the remaining holdouts.