Bitcoin
$63,628.47+3.48%
Ethereum
$3,076.41+2.73%
Binance Coin
$551.80+2.62%
Solana
$143.62+7.80%
XRP
$0.50365503+1.58%
Toncoin
$6.52+6.47%
Dogecoin
$0.15276116+3.04%
Cardano
$0.45920753+3.19%
Shiba Inu
$0.00002288+3.39%
Avalanche
$35.10+3.87%
Wrapped Bitcoin
$63,700.78+5.42%
Tron
$0.10954270-0.81%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Consensus 2024Price Increase Extension Ends In
01
DAY
20
HR
36
MIN
56
SEC
Markets

How To Prove That Exchanges Really Have Your Money

How do you prove that an exchange has enough bitcoins to pay you out? Developers may have the answer.

By Danny Bradbury
AccessTimeIconFeb 27, 2014 at 5:19 a.m. UTC
Updated Sep 11, 2021 at 10:24 a.m. UTC
shutterstock_145855904
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

From all the news surrounding Gox's demise, it seems pretty certain at this point that it was operating with a fractional reserve, trading with only a small proportion of the money that it was supposed to have. The question now is, how can we be sure that others aren't doing it, too?

Whether you're a straightforward bitcoin wallet or an exchange, the hope is that you'll have enough bitcoins to cover everyone's accounts, should they all decide to empty their funds at once. This week, large bitcoin companies seemed eager to persuade people that they did.

In their joint statement condemning Gox, five major exchanges explained that they would be "coordinating efforts over the coming days to publicly reassure customers and the general public that all funds continue to be held in a safe and secure manner". How do they do that, exactly?

"I imagine that would be handled by the MTL regulators as they require permissible funds and when they come onsite to do the audit it would be apparent," said Megan Burton, the CEO of exchange CoinX, which is taking a state-by-state approach to getting its money transmission license in the US.

"Most companies will perform self-audits in the near term and potentially hire an outside auditing firm when appropriate," said Jaron Lukasiewicz, the founder of New York-based exchange Coinsetter. "We are also discussing creative ways we can give customers greater transparency, and we will announce them once those plans are finalized."

Neither Coinsetter or CoinX were cosignatories of the joint statement released this week. Coinbase came closer to an audit than anyone. It blogged, already discussed here, in which Andreas Antonopoulos, the CSO at Blockchain.info, visited the office to check things over.

He published a short, six-paragraph report describing how he checked the firm's cold storage addresses in the block chain. He also made Coinbase conduct a transaction on a random address in its block chain to ensure ownership.

Is this enough?

Financial audits can be extensive affairs, in which beancounters nose their way through reams of paperwork relating to accounting practices and financial controls. There is generally an audit committee which oversees the whole process. By the time that the audit is done, the likes of EY and PwC have gone over things with a fine toothcomb.

Barry Silbert, the head of the Bitcoin Investment Trust, who is now said to be preparing an exchange. Silbert has said that many auditors aren't well-equipped to deal with bitcoin, not least because bitcoin addresses are anonymous.

“Access does not equal ownership, so you cannot prove title,” he told CoinDesk late last year. Nevertheless, he has enlisted one, so it can be done, apparently.

Blockchain transparency

Coinkite is doing its best to provide customer accountability. The Canadian company, which operates wallets for its users, released a link to what it calls an audit, although this isn't verified by a third party. Instead, it's a listing of the individual inputs and outputs contained within the user's own wallet, and it's drawn from the block chain.

Rodolfo Novak, co-founder of the firm, says that it's able to do that because it relies on the block chain for its data. All transactions are conducted on the block chain, he explains, which makes it easy for users to see what's going on. "We don’t have any off-chain transactions. Even the fees you pay to us are block chain transactions."

Novak wonders why anyone would want to resort to a centralized audit at all. After all, his argument goes, wasn't bitcoin supposed to be about decentralized trust?

"We decided to do this in a way that there is no need for an old system," Novak says. "You are the owner of your money, and you can check it. I could call PwC or whatever, and they could sign off that they saw it. But we don’t need that."

CoinDesk asked Coinbase about the access and ownership question, but it directed us to its blog post and refused further comment. Neither Payward (the owner of Kraken - which recently suspended USD deposits) nor Bitstamp commented.

Coinkite's block chain-based transparency is one of the things that sets it apart from the co-signatories to the joint statement. These companies don't seem to run their operations in the same way.

In particular, it can be difficult for exchanges to achieve block chain transparency. "The main thing is that the order book can’t be block chained. It needs to be fast. The actual settlement of that order book could be block chained, but it takes a phenomenal amount of technology to be written and to achieve that," Novak muses.

Decentralized audits

Is there a way, then, to create decentralized means of proving a non-fractional reserve? The brouhaha around Gox has rekindled interest in a proposal by Gregory Maxwell, one of the core developers.

In a traditional exchange, it may be difficult to publicly state how much the exchange should have, and then publicly prove that they have it, without listing all of the account balances for proof. That's a privacy nightmare, of course.

Maxwell's proposal uses a node - think of it as a leaf on a tree - with two things in it: a hash indicating the specific account, and a value of bitcoins in that account. All the nodes connect back to a central node (call it the trunk of the tree, which knows about all of the leaves).

The exchange or wallet publishes the central node, which gives the entire value of all the nodes in the exchange, and then it gives the owner of a 'leaf' its value, while also confirming that it has also checked all of the leaves between it and the trunk.

The user wouldn't know anything about the other accounts, but it could compare its own value with the exchange's total reserves, to make sure that it had enough to cover at least that account's value.

As Maxwell says: "It doesn't prevent fractional reserve --- but if used well, it prevents dishonest fractional reserve."

Bitcoinity, which monitors various exchanges, likes the idea so much that it wants to promote the first exchange to use it, on its site.

Any takers?

Piggy bank image via Shutterstock

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.