I’m not going to mince words. The fraud-driven collapse of FTX and Alameda Research is, in my estimation, the worst single event in the crypto industry since its inception.
Even though as a share of overall crypto market cap the impact may have been less in relative terms than Mt. Gox was, the fallout will be more significant. For one, no one really thought of Gox as a particularly credible institution. It wasn't “institutional” in any way.
Mark Karpeles, who was the CEO of Mt. Gox, didn’t go on a charm offensive in Washington, D.C., to win favor from politicians. Mt. Gox didn’t air Super Bowl ads. Celebrities didn’t line up to endorse the platform. And crucially, the number of users worldwide were much fewer.
CoinDesk columnist Nic Carter is partner at Castle Island Ventures, a public blockchain-focused venture fund based in Cambridge, Mass. He is also the co-founder of Coin Metrics, a blockchain analytics startup.
FTX, by contrast, served millions of users worldwide. It catered to numerous funds, institutions and startups. It was aggressive in promoting itself to mainstream users. Its enigmatic CEO, Sam Bankman-Fried, known as SBF, practically lived in Washington, charming members of Congress and financial regulators. The exchange was widely considered one of the most trusted and credible institutions in the industry. The apparent fraud and collapse was therefore particularly catastrophic, because it happened so quickly and took almost everyone by surprise.
Few silver linings
The fallout will linger for years. Silver linings are few. I will admit to having breathed a sigh of relief at SBF’s discrediting. His agenda was fundamentally hostile to DeFi (decentralized finance); his interests seemed to extend only to obtaining a regulatory baptism for his firm and no one else. He was an unrepresentative and non-aligned ambassador in Washington, and I’m glad he will no longer be representing us in policy conversations.
The other considerable bright spot to emerge from this mess is the renewed industry interest in proofs of reserve. The more serious among us have been contemplating how we can win back trust among end users and regulators. Some in Washington will naturally call for exchanges to be more heavily regulated, under the guise of consumer protection. Some crypto natives are redoubling their efforts on DeFi and DEXs (decentralized exchanges), considering CeFi (centralized finance) to be a lost cause. And Bitcoin maxis are bleating to no one in particular about how all centralized institutions are frauds.
None of those three approaches makes sense to me. Bitcoin preachers will never convince everyone to adopt a rigorous self-custodial setup. There are no indications whatsoever of their imminent glorious hyper-bitcoinized, non-intermediated future. Centralized custodians, lenders and exchanges have existed for over a decade and will continue to be useful and necessary. This is not out of step with a core Bitcoin ethos either – software developer Hal Finney famously advocated for a “free banking” approach to Bitcoin.
Listen: NLW – Why Proof-of-Reserves Now
The pro-regulatory crowd would throw the baby out with the bathwater. A crypto industry that replicates the legacy banking sector would achieve little. It’s critical we do everything to preserve the interoperability of the crypto sector and eliminate barriers to entry and regulatory capture. Elevating a handful of centralized exchanges and raising barriers to entry for competitors, as SBF sought to do, would make it far easier for regulators to capture the entire industry by tightly managing a few choke points.
And lastly the DeFi- and DEXs-only crowd misses the mark. Pure DeFi isn’t without reproach – Terra/LUNA could, for instance, be called DeFi. Hacks and rugpulls are plentiful. And, of course, DeFi users need to hold their assets in self-custody, which, while being the premise of DeFi, is a nonstarter for the vast majority of people.
The fact is, while the average user should have the ability to withdraw funds and transact with them outside of an intermediated system, most users won't choose to do that. We can admit the reality that many users will always prefer intermediation, while pushing to improve the quality of these intermediaries.
Time for proofs of reserve
That’s where proof of reserve comes in. Proofs of reserve harmonize the innate transparency of blockchains with the convenience of centralized custodians. The procedure generally refers to a demonstration undertaken by exchanges proving that they possess client assets to match outstanding liabilities.
There was a minor wave of proof of reserve enthusiasm post-Gox, which immediately fizzled out, and a slight renaissance starting summer 2021 with BitMEX’s proof of reserves and liabilities, followed by Kraken’s effort this past February. Things didn’t move very fast thereafter, despite my ardent lobbying. Reform must wait for a crisis, it appears.
Post-FTX, a new enthusiasm for proofs of reserve has emerged. A number of exchanges – at a minimum Binance, Gate.io, KuCoin, Poloniex, Bitget, Huobi, OKX, Deribit and Bybit – have indicated their attention to publish proofs of reserve. A few such as Crypto.com, Bitfinex and Binance have taken the intermediate step of releasing wallet addresses as a crude proof of assets. But this is incomplete without corresponding liabilities.
The asset side is trivial: It can involve publishing wallet addresses or signing a transaction. The tricky part is matching the assets with the outstanding liabilities. To achieve that, an exchange adds up all user balances, anonymizes them and publishes the data in Merkelized format. From there, depositors can verify that they are included in the liability set. If enough do this, they can have strong confidence that the exchange isn’t cheating by omitting liabilities. And if the process happens under the eye of an auditor, users can gain additional assurance that no liabilities are being excluded.
Cynics and Bitcoin maxis tend to protest that proofs of reserve aren’t perfectly trustless. Of course, there aren't – nothing is – but critics would sacrifice the perfect at the altar of the good. There has been a brouhaha in recent days about major exchanges engaging in asset snapshots with purportedly borrowed funds, and many are using this to write off proofs of reserve entirely. (Some of these accusations were later shown to be unfounded.) Writing off proofs of reserve because some weak implementations weren’t credible is the equivalent of ordering Little Caesars pizza and assuming all Italian food is garbage.
A stronger system
A point-in-time asset snapshot without the supervision of an auditor or a cash-flow analysis proves very little. The proofs of reserve I and others talk about involves ongoing, frequent attestations, ideally supervised by an auditor. In its more complete form, it provides very strong assurances.
Recalcitrant exchanges have few excuses left. Compared with the first rush for proofs of reserve in 2014/15, there are far more resources available today. The 2021 practitioner’s guide to proof of reserve, published by myself and a few other collaborators by the Digital Chamber, offers a full picture.
The BitMEX proofs of reserve open-source code and a guide to replicating the procedure is available. And to the critics who bemoan the lack of accounting firms with expertise in facilitating the process – that is no longer true. Top 20 audit firm Armanino has been undertaking these engagements for years, and it isn't the only one.
During a bull market, I can understand why exchanges wouldn't bother competing based on credibility. But in a time of consolidation, retaining user trust is absolutely vital. This procedure allows exchanges to be far more transparent than their TradFi counterparts that cannot independently verify user assets held.
Regulators, I expect, will come to demand it. Already proofs of reserve received a mention in Wyoming’s SPDI (special purpose depository institution) rules, and I imagine it will appear in more legislation soon.
Read more: David Z. Morris – Nic Carter vs. The Bitcoin Maximalists
Now with so many exchanges – including market leader Binance – embracing the procedure, the few not participating will raise eyebrows. When pressed, Coinbase’s Emilie Choi protested that the exchange is already audited and that this should be a sufficient substitute. But if Coinbase cares about the integrity of the industry, it will undertake the procedure anyway. I would much rather depositors have the option to choose between a variety of public and non-public exchanges, all doing PoR, rather than being limited to a handful of public exchanges doing quarterly disclosures through the Securities and Exchange Commission.
Let’s be clear. A proof of reserve wouldn’t have “stopped” FTX, Quadriga or Mt. Gox. All three were insolvent for long periods of time because of either fraud or hacks. But in a world where proofs of reserve become the norm, their refusal or inability to perform a proof of reserve would have stuck out like a sore thumb and alerted users that something was likely awry. So proofs of reserve, at the industry scale, works via negativa – it’s most telling if you don’t do it.
In the next few months and years, as proofs of reserve become more common throughout the industry, I hope and expect that we will apply the same scrutiny to the remaining holdouts.