Proofs of Reserve are Basically Useless
Binance recently released a “proof of reserves” which quickly stirred up controversy. Other folks including the TrueCurrency family of stablecoins provide something similar. The general idea here is to show “evidence and proof that Binance has funds that cover all of our users assets 1:1, as well as some reserves” with respect “to those assets that we hold in custody for users.”
At first glance this is odd. Why should there be extra reserves? Custodians – Binance uses the word custodian in the docs – are a big thing in finance. This list includes many well-known names and pegs BNY Mellon’s assets under custody at just over US$25 trillion. And yet nobody is clamoring for the Bank of New York to demonstrate it has what would surely be at least billions in surplus “reserve” funds. This is not a thing in traditional finance. And for good reason.
Binance wants to assure its users that it is solvent and can service all user withdrawals in the face of industry questions and concerns from all quarters. What they have done, per their own documents, is to show that they have control over more assets than their claimed liabilities to exchange customers. In short: they have more crypto in their wallets than clients have as balances on their many exchanges. Let’s take them at their word this is true. It is still pointless.
Read more: CZ Relishes “Stress Test” as Binance Sees US$1B Outflows in 24H
There are two related problems here both of which connect strongly to famous incidents in financial history.
We Cannot See Client Deposits
The first, milder, problem is that we need to take Binance at their word regarding total client deposits. There is no way we can see this on any blockchain or similar because Binance is an off-chain entity. Kraken founder Jesse Powell provides one clear way of seeing this here when he tweeted “The Merkle tree is just hand wavey bullshit without an auditor to make sure you didn’t include accounts with negative balances.”
We do not need to get in to how a Merkle tree works in detail. Suffice it to say the process does not show everyone’s balance in public and, for related reasons, no individual can be sure there are no negative balances included in the report. You may be thinking, “What is the problem with negative balances?” Well, consider an exchange with two clients. One deposits 100 units and has a positive 100 balance. The other has a negative 50 balance.
If this exchange holds 50 tokens it is “solvent” but it still cannot return the 100 until the negative balance account tops up. We need to trust Binance that they are not extending credit to anyone in a manner reminiscent of the FTX/Alameda stuff. This is almost exactly what happened at a large well-known broker called Refco in 2005. Refco had a few large insolvent clients that owed it roughly US$430 million dollars. These negative balance accounts were hidden and when they finally came out, the firm collapsed.
The story is in fact quite long and colorful involving an Austrian businessman, once married to President Eisenhower’s daughter, who was sentenced to prison in Austria (later overturned) and entangled in all manner of political and financial intrigue involving labor unions, far-right politicians, bankrupt financial institutions and even a famous missing Van Gogh painting where the French-government-owned copy at the Musee d’Orsay may be a fake or copy. Do not let anyone tell you traditional finance is boring when compared with crypto.
Anyway, the key takeaway here is that hidden negative client balances are a real problem and if your proposed solution does not address them, it is not a solution.
We Cannot See Other Liabilities
Jesse Powell’s comment quoted above also mentions liabilities. He is surely correct and was not the only person to call this out. CZ responed to Willy Woo with “liabilities are harder. We don’t owe any loans to anyone. You can ask around.” Nobody is going to accept that as authoritative.
Identifying liabilities is indeed challenging. If you are an officer of a company and sign a contract you may well have just created a liability for that company. This is why auditors exist, why they focus so much on process, and frankly why an awful lot of financial stuff feels slow and expensive. It is hard to catch intentionally-dishonest folks when they can create liabilities out of thin air.
And of course this, too, has a clear parallel in the history of financial scandals. The Enron scandal famously involved “African barges.” The SEC complaint gives good detail quoting an Enron internal email:
“As we have discussed, should a strategic buyer not materialize by June 30, 2000, [ENRON] will have to take out ML and the investment in the barges will be placed on balance sheet. This will not only have income implications but require a level of damage control with AA [Arthur Andersen]. As you know, ML’s decision to purchase the equity was based solely on personal assurances by Enron senior management to ML’s Vice Chairman [Dan Bayly] that the transaction would not go beyond June 30, 2000.”
What you see there is Enron is creating a liability by promising to “take out” Merrill Lynch (ML). Everyone was aware this would cause trouble with their auditor Arthur Andersen and in the end AA blew up and no longer exists. We do not know precisely what happened as they destroyed “a significant but undetermined number of documents.” Yes you read that correctly.
All this is not to say that audits are pointless or the situation is hopeless. But if you do not even try to get a proper audit the exercise serves little purpose. Enron tried hard – criminally hard, as it were – to massage their liabilities and hide all of this bad behaviour. The system moved slowly and the fraud lasted for a long time. But even they did not simply say “Trust me, bro” because they knew, rightly, that nobody would.
What’s Next
The solution here is pretty clearly proper audits. This is going to be a problem for a while as both Armanino and Mazars have stopped offering audits in the crypto space. Prager Metis has not announced their departure yet but they are being sued for complicity in the FTX debacle. Suffice it to say getting an audit may be difficult.
But it is essential if this industry is going to grow up. There is a pattern here of naming things “proof of xyz” as a way of avoiding owning up to the fact that your thing does not properly do xyz.
Proof of reserves is but the latest instalment in this long-running saga. There are three resolutions here. First, exchange and stablecoin operators can publicly face the challenge of getting real audits and somehow get them done. Most users will then migrate to those services and the outlaw portion of the space will likely whither away. Second everyone can move off centralized services and operate entirely on-chain. This does not look likely as users remain active, even now, on shockingly sketchy centralized services. Third – in an outcome that will please nobody – we can keep muddling through with periodic explosions until some government body forces folks to change.
That last one is looking more and more likely every day.