Proof of Reserves

Proof of Reserves (PoR) is a verification practice in which a custodial platform demonstrates that it actually holds enough assets to cover what it owes its customers. The goal is transparency into a centralized exchange's solvency, addressing the core risk of custodial crypto: that an operator might lend out, lose, or never have held the coins users believe are theirs. A complete PoR has two halves: proof of assets (what the platform holds on-chain) and proof of liabilities (what it owes users).

How the Merkle-tree method works

The common technique anchors the liability side in a Merkle tree. The exchange snapshots all user balances, hashes them into a tree, and publishes the single root hash that represents total liabilities. On the asset side, it proves control of on-chain wallets holding at least that much. Any individual user can then verify that their own balance is included in the tree without seeing anyone else's data. Because changing even one balance cascades up and alters the published root, hidden tampering is mathematically detectable.

Limits worth knowing

PoR is a snapshot, not a continuous guarantee, and a naive implementation proves assets without proving the full liability set, or ignores off-chain debts and borrowed coins staged just for the audit. A trustworthy attestation pairs the cryptographic proof with an independent third-party audit. Still, the deeper lesson for sovereign users is simple: proof of reserves is a patch for a problem self-custody avoids entirely.

This entry is educational. See also self-hosted wallet (regulatory view) for the alternative to trusting any custodian.