FTX’s recent implosion sent shockwaves throughout the crypto world as retail and institutional investors saw billions of dollars of investments wiped out. Many investors became aware of the issue at once, triggering a widespread withdrawal that led to FTX’s insolvency. Industry-wide discussions regarding exchange reserves came to the forefront in the aftermath, leading many exchanges to only just now start announcing commitments to proving reserves.
But is proof-of-reserve enough? How can an investor know whether an exchange is actually safeguarding user assets and operating with transparency?
Introducing Gate.io’s 100% transparent proof of reserves solution
Gate.io is the crypto industry’s first exchange to successfully produce a user-verifiable 100% proof of reserves (PoR) audit that has been prepared by a reputable auditor, with its first audit done in 2020. It completed its second audit in October 2022. At the time of assessment, Gate.io’s audit partner, Armanino observed the exchange held in custody bitcoin and ether assets in excess of 100% of BTC and ETH platform liabilities.
Gate.io complemented the October proof of reserve audit with blockchain analytics firm Nansen, publicly disclosing key wallet addresses of tokens that Nansen audited amounting to over $1.6 Billion. Nansen’s dashboard also displays Gate.io asset holdings with their allocation and various other analytics transparently.
Performing PoR audits according to this model has now become a best practice for exchanges to verify asset security and Gate.io played a big part in setting the standard. It also serves as an example for the elements every investor should look at when selecting an exchange that prioritizes asset security by focusing on proof of reserves, third party auditors and Merkle tree verification of funds by users.
You can find out more about Gate.io’s unique PoR model here.
Security on exchange best practice #1: 100% proof of reserves
The first indicator that an exchange is serious about safeguarding assets is whether it provides 100% proof of reserves.
Previously, assets held by a centralized exchange couldn’t be monitored by the users directly, therefore some exchanges could misuse users' assets without their knowledge, like FTX. This issue could be totally avoided with PoR.
Proof of reserves is an auditing process by which an exchange proves that real assets back its users' deposits. When reserves are proven, the total amount of the cryptocurrency held by the exchange is greater than or equal to the total number of user deposits. PoR makes it possible for individual users to verify that an exchange holds all of their crypto, guaranteeing the ability to withdraw in the event of mass withdrawals.
There is no standard process for PoR, but the model pioneered by Gate.io uses cryptographic proofs and public wallet address ownership verification combined with periodic third-party audits to publicly attest to its reserves. Had FTX used Gate.io’s PoR method, the run that led to its eventual demise could have been avoided.
Security on exchange best practice #2: Credible third party auditor
The second indicator that an exchange is leveling up its asset security strategy is that it’s working with a credible third-party auditor.
Since at least the 19th century, a cornerstone of trust in the corporate and finance worlds has been the regular use of third-party audits conducted by reputable experts. In PoR auditing, the third-party auditor obtains proof of reserves by taking an anonymized snapshot of user balances.
Gate.io submits its proof of reserves to Armanino LLP, one of the top accountancy and auditing firms in the United States. Armanino conducts a conventional audit and produces an independent report in line with the standards set by the American Institute of Certified Public Accountants.
However, what makes the auditing relationship between Gate.io and Armanino truly groundbreaking is the transparent, public and immutable Merkle tree technology the two firms use to verify the exchange’s PoR.
Security on exchange best practice #3: Merkle tree verification of funds accessible to all users
The third indicator of asset security is whether an exchange enables users to verify their assets via a third party-generated Merkle tree. One of the key architectural features of all blockchains, Merkle trees provide the transparency and verifiability that has made so many millions of people around the world embrace crypto, which is also the central mechanism of Gate.io’s proof of reserves.
Gate.io submits all its users’ balances in tokenized form to Armanino, which then generates the Merkle tree. The auditor next verifies the total user balance before publishing the tree and its root hash on GitHub. Gate.io’s users are then able to verify their balance in the tree by entering their own hashed user ID and token balance easily.
An alternative approach to asset security: Self-custody with Gate Web3 Wallet
However, with the recent concerns on centralized exchanges, more people are looking at ways to keep their assets by their side. For these users, self-custody is the right move.
Self-custody means users can have more control over the security of their digital assets. Under this approach, only the user has possession of their private key – it's your keys, your crypto.
This is in contrast to an external organization which controls the private keys to a user’s crypto holdings and can move crypto without any user input, which is exactly what happened in the case of FTX. Approximately $10 billion of investor money was siphoned off to Alameda Research without investor knowledge or consent.
For investors interested in self-custody, Gate.io recently launched a brand new option: Gate Web3 Wallet. It offers an advanced, cross-chain and secure one-stop solution for safeguarding and trading crypto assets.
Users can access the Gate Web3 Wallet in the Gate.io app directly and smoothly connect to countless dapps built on various chains. Users can also be worry-free about losing or forgetting a seed phrase or private key, as they are secured behind high-intensity encryption using a withdrawal password, which cannot be accessed by Gate.io and is hidden from hackers behind strong cryptography.
For users that want additional security, the Gate Web3 Wallet also supports connection to cold storage, which allows users to store their self-custodied crypto and private keys offline. Users can also securely access a Gate Web3 Wallet through their cold wallets with fingerprints unlock, trade and transact in one stop.
Now is the time for exchanges to prioritize asset security
The implosion of FTX is a wake-up call for all crypto stakeholders, especially exchanges. If exchanges are serious about surviving, they need to put transparency and user-first risk management at the heart of their business models. Gate.io also recently made their PoR model open source to encourage the industry to follow suit.
CEO Dr. Lin Han told CoinDesk that “Enabling trust and transparency with users is of the utmost importance for market stability and the future of cryptocurrency. Providing 100% proof of reserves is a part of Gate.io’s commitment and diverse approach to user asset security and the long-term health of the crypto industry”. At the forefront of Gate.io’s success is its commitment to prioritizing the safety of its users and their assets, making it a great choice for international asset investors to use for trading.