Proof of Solvency: a Potential Path Forward for Centralized Exchanges

Decentralized Finance (DeFi) was meant to be trustless and decentralized. And a lot of it is. When compared with their TradFi counterparts, protocols like Uniswap, MakerDAO, and Aave operate with a relative skeleton crew of marketers and developers, and have little direct contact with the transactions flickering through their smart contracts.

But DeFi has always been difficult for a novice to use, and the majority of crypto transactions still take place on centralized exchanges (CEXs) like Binance, Coinbase, or until a few weeks ago, FTX.

At their worst, CEXs are monstrous hybrids, combining DeFi’s lack of regulatory guardrails with TradFi’s secrecy and top-down control. Although DeFi is certainly no stranger to enormous hacks and exploits, Mt. Gox, Coincheck, Bitmark, and FTX have lost hundreds of millions of dollars. Even publicly traded stalwarts like Coinbase have suffered from insider trading.

The sudden bankruptcy of FTX, once the world’s third-largest cryptocurrency exchange, has left the crypto market in shambles. But CEXs are easy to use and have brought millions of users into the fold. Can they be redeemed?

Proof of Solvency could allow CEXes to become a permanent part of web3

Having a safe CEX: proof of solvency and beyond, a provocatively titled essay from Vitalik Buterin, which cites conversations with Balaji Srinivasan, and staff at major CEXs Binance, Kraken, and Coinbase, suggests that these entities might not be beyond redemption.

“Potentially, we could explore the entire spectrum between the "don't be evil" aspiring-good-guy CEX and the "can't be evil", but for-now inefficient and privacy-leaking, on-chain decentralized exchange (DEX),” writes Vitalik Buterin.

He sees two classes of exchanges, custodial and non-custodial (i.e. CEXs and DEXes) but anticipates a third class emerging, “cryptographically ‘constrained’” CEXes where user funds are held in something like a Validium smart contract” or even “half-custodial exchanges where we trust them with fiat but not cryptocurrency.” These would demonstrate their solvency using a cryptographic proof of solvency system.

“[This] is an auditing system used to confirm assets on hand,” Coindesk’s Fredrick Munawa writes. “Stablecoin issues like Paxos use it to prove they have sufficient assets backing their tokens, while exchanges like BitMEX use it to prove customer deposits correspond to assets in custody.”

Proof of Reserves can be generated off-chain, such as by an audit from a trusted third party, which didn’t help in FTX’s case, or on-chain, using an oracle network like Chainlink or, given the transparency of on-chain data, generating their own mathematical proof.

On-Chain Proof of Solvency with Merkle Trees and ZK-SNARKs

Vitalik Buterin points to 2011 as an early example of a CEX cryptographically proving their on-chain reserves by simply moving a set number of Bitcoin (424242 BTC!) to a prearranged address. Later, in 2013, “discussions started on how to solve the other side of the problem: proving the total size of customers’ deposits. If you prove that customers’ deposits equal X (“proof of liabilities”), and prove ownership of the private keys of X coins (“proof of assets”) then you have a proof of solvency.”

The easiest way of doing this is with a list of pseudononymous addresses and balances, which allows a user to verify their assets exist and tally the entire sheet to make sure the exchange has the funds it says. To preserve privacy, this can be executed as a Merkle Tree.

The exchange would place a table of customer balances into a Merkle Sum Tree, and customers would receive proof of their balance. The Merkle Sum Tree gives the total contained within the exchange, and breaks the balance down into verifiable subbranches. The Merkle Sum Proof a customer receives would have verifiable pieces of the puzzle as well as their own proof of assets embedded within. The system isn’t infallible, however, and can still leak data.

Zero-Knowledge Proofs (in the form of ZK-SNARKs) offer even more robust security. The basic premise of a zero-knowledge proof is that it allows you to prove a statement without revealing anything about the underlying equations, allowing a user to have complete privacy from other prying eyes, and an accurate accounting of their finances.

How the MACRO Score could Index Risk on CEXes

Spectral Finance’s MACRO Score gives a breakdown of an individual or combined wallet’s risk of default. CEXs could offer to use the MACRO Score, including a detailed breakdown of their finances provided by the Spectral App to demonstrate their reserves and create a Non-Fungible Credit (NFC) containing an easily interpretable score.

Are you interested in learning how Spectral is building a transparent, auditable credit risk assessment infrastructure? Subscribe to our monthly newsletter.