The expansion of blockchain and cryptocurrency use cases develops promising innovations every day. The novel digital asset class is breeding several class of protocols that brings unique possibilities and improve existing financial and technological applications. However, their novelty is causing difficulties for the ecosystem’s users. A lack of user understanding is the working of the assets and the unclear regulations surrounding them, that are turning Institutional wallets traceability a headlining problem.
These hurdles are the reasons behind one of the crypto industry’s biggest catastrophes. Late 2022 saw the collapse of FTX, a massive crypto exchange liable to over a million customers at the time of its cessation. The firm reportedly misappropriated about $8 billion during its insolvency, taking advantage of weak transparency regulations and user inexperience with the asset class.
The contagion spread like wildfire, wreaking havoc over crypto markets already receding. FTX’s mishandling of user funds sent shivers down cryptocurrency holders’ spines, leading to mass withdrawals from several exchanges because of the collective distrust in centralized players. As a result, we saw several exchanges and custodians provide Proof-of-Reserves (PoR) attestations to show their solvency and regain trust. While some centralized crypto firms were known to submit PoR attestations before FTX’s fall from grace, the trend of releasing PoR has caught on tremendously ever since.
How Proof-of-Reserves Helps Build Trust?
PoR is a process that helps crypto firms to be transparent with users, whose assets they store and manage, and regulators. Offering transparency at this layer was crucial to large exchanges after the events of late 2022 to get the crypto community back on their side. If a regulated and well-reputed exchange like FTX could indulge in utter fraud, what prevents other mammoth exchanges from doing the same? PoR allows centralized crypto entities to prove to their users that all their assets are held within enterprise wallets, assuring them the platforms remain solvent and their withdrawal requests can be honored.
Since crypto assets fall under regulatory grey areas and crypto holders are not protected like fiat holders are by governments financial bodies, crypto enterprises cannot maintain fractional reserves. The implications are that they cannot invest or lend the crypto assets that users entrust them with. On the other hand, banks operate with fractional reserves as they can rely on central banks to bail them out during bank runs and cash crunches. Crypto exchanges and custodians do not have the same privilege. Naturally, those indulging in utilizing user deposits for their benefit are frowned upon by most users. Several jurisdictions also ban crypto enterprises from channeling user deposits to profit for the same reasons.
PoR is used to analyze if a protocols storage are enough to honor all its users’ withdrawal requests at any given time and prevent bank-run type situations. That means the platforms must maintain their storage wallet balances in a 1:1 ratio with the liabilities they owe their users. Such is only possible when user deposits remain unused in a dedicated and secured custodian’s storage. Regulators are asking crypto enterprises to publish PoR attestations frequently to maintain transparency and honesty in their operations. While most undertake PoR protocols monthly or quarterly, some release attestations daily to stay absolutely plausible.
Crypto enterprises carry out PoR with the help of independent, third-party auditors who analyze the deposits made by every user on the platforms and merge them cryptographically into an immutable Merkle Tree. The cryptographic root of the tree depicts the total deposits the enterprises are liable to their users for.
Simultaneously, the platforms must execute transactions from their storage wallets to prove they control them. Blockchain explorers show the transactions occurring from the wallets and their balances, proving they belong to the platforms. Now, the holdings on these wallets are analyzed to form an attestation. If they are equal to or larger than enterprise liabilities, the platforms are attested to be solvent and in the green. Those maintaining balances lesser than what they owe pose red flags and are considered insolvent.
Proof-of-Reserves May Enhance Transparency But Can Jeopardize User Assets
PoR is a necessity as cryptocurrency witnesses burgeoning utilization and increasing fraud. However, the process also publicizes exchanges custody wallets in the open, drawing the attention of many with destructive intentions. The rise in PoR undertakings can be linked to several exchange hot wallet attacks, with cybercriminals walking away with thousands of dollars worth of cryptocurrency.
Hot wallet attacks are one of the crypto industry’s biggest banes. Incidents from the distant and recent past still arouse fear in crypto firms and the community. For instance, the Mt Gox attack of 2011, the Binance attack of 2019, and the Kucoin attack of 2020 drained millions of dollars in digital assets from their hot wallets. Investigations revealed Mt Gox fallaciously stored all funds in its custody in hot wallets, resulting in an exploit of over $800 Million worth of Bitcoin and its closure. Crypto enterprises are presently more prudent, storing over 90% of the assets in their custody in secure cold wallets. The remaining find themselves in their hot wallets for instant withdrawal purposes.
That is not to say that minimal hot wallet funds are insignificant. They can still account in the hundreds of thousands and even the millions when user action is peaking. Exchanges and enterprises may find themselves insecure by frequently revealing their hot wallet addresses for PoR purposes. Liminal addresses those concerns with its industrial-grade secure storage solutions, preventing exploits on exchange wallets.
Safeguard Your Enterprise Wallet Addresses Revealed During Proof-of-Reserves
Liminal’s asset storage infrastructure provides exchanges with algorithm-enabled cold, warm, and hot wallet channels. The infrastructure ensures secure storage in offline cold wallets, and instant withdrawal capabilities in hot wallets. They are protected through multisig and MPC capabilities, fortifying them from attacks launched from sources external and internal to the enterprises. Moreover, their private keys are sharded and shared with Liminal alongside multiple enterprise personnel. Such checks make the more vulnerable hot wallets near-impossible to hack.
Additionally, its warm wallet offering, also known as the Smart Refill Wallet, ensures frequent replenishment of enterprise hot wallets based on policy protocols set by enterprise management. Factors like limits to the funds moved between platform wallets, transactional frequencies, and recipient whitelisting govern the automated movement of assets within the infrastructure.
Moreover, Liminal offers a consolidated storage approach, allowing enterprises to deal with over 1800+ digital assets on a single interface. Managing crypto assets for institutional and retail clients never got more secure and effortless than this. With Liminal’s storage solutions, crypto exchanges and enterprises can strive to offer the utmost transparency through PoR measures without worries of attacks on the assets under their management. If are concerned about your PoR address, get a security review done and start securing hot wallet address and continue being admissible for user asset holdings.
by Liminal
