LearnIntermediate

Proof of Reserves Explained: How It Works

Understand Merkle tree Proof of Reserves, Chainlink PoR oracles, and the critical difference between proving assets vs. proving solvency. Explore post-FTX evolution and limitations of exchange transparency mechanisms.

Updated: April 11, 2026Reading time: 15 min

DegenSensei·Content Lead

Apr 10, 2026

Updated Apr 12, 2026

15 min read

What is Proof of Reserves?

Proof of Reserves (PoR) is a cryptographic verification showing that an exchange or custodian controls assets on-chain equal to or exceeding customer deposits. It answers: "Does this exchange have the Bitcoin/Ethereum it claims to hold?" But it does NOT answer: "Do customer liabilities match the reserves?"

💡Why This Matters

Understanding this concept is a prerequisite for making informed decisions in DeFi. Most losses in crypto come from misunderstanding the fundamentals.

Before FTX collapse (November 2022), PoR was the gold standard for exchange transparency. FTX famously published Merkle tree PoR while secretly misallocating customer funds to Alameda Research. This exposed PoR's fatal flaw: it only verifies assets, not liabilities.

Asset vs. Liability Problem

An exchange can have $1 billion in Bitcoin reserves but $1.5 billion in customer liabilities (customer deposit claims). PoR proves the Bitcoin exists but does not verify if it covers all customer deposits. This is analogous to a bank proving it has deposits in the vault without proving all depositors can withdraw.

Critical Distinction: PoR = Proof of Assets. Proof of Solvency = PoR + Proof of Liabilities. Only the latter proves exchange solvency.

Merkle Tree PoR Mechanism

Merkle tree PoR is the most common implementation. Here's how it works: Each customer balance is a leaf in a tree. Hashes are computed bottom-up until a single "root hash" is derived. The exchange publishes the root and proves it controls matching assets on-chain. Users can verify their balance is in the tree without revealing others' balances.

Step-by-Step Merkle Tree PoR

1. Exchange takes snapshot of all customer balances (user1: 1 BTC, user2: 0.5 BTC, etc.). 2. Each balance is hashed: hash(user1, 1 BTC), hash(user2, 0.5 BTC). 3. Adjacent hashes are combined: hash(hash(user1), hash(user2)). 4. Process repeats until one root hash exists. 5. Exchange publishes root hash and proves ownership of matching assets (multisig address contains 1.5 BTC).

Merkle Proof Privacy

A user with 1 BTC receives a "Merkle proof" (path from their leaf to root). They hash their balance, compare it against the provided proof, and verify it matches the published root. They confirm their balance is included without seeing other users' balances. This is privacy-preserving verification.

Binance & Kraken Implementation

In late 2022, Binance published Merkle tree PoR for Bitcoin, Ethereum, and stablecoins. Kraken followed. Users could verify their balances via Merkle proofs. This added transparency but was not comprehensive: it did not prove liabilities or show whether assets covered all deposits.

Merkle Benefit: Privacy-preserving, mathematically verifiable, requires no auditor. Weakness: only covers assets, not solvency.

Chainlink Proof of Reserves

Chainlink PoR is an oracle service that automates reserve verification. Chainlink nodes fetch reserve data from multiple sources (exchange APIs, on-chain queries, external databases) and publish aggregate reserve metrics on-chain. This enables real-time PoR and smart contract integration.

How Chainlink PoR Works

Chainlink nodes query an exchange's API: "What is your Bitcoin reserve balance?" They cross-reference with on-chain data (verify wallet balances on blockchain). If multiple nodes agree, Chainlink publishes the reserve data on-chain with timestamp. Smart contracts can query this data, enabling automated monitoring of reserves.

Chainlink PoR Use Cases

1. WBTC (wrapped Bitcoin): Chainlink PoR verifies that Alchemy custodian holds enough Bitcoin to back circulating WBTC. 2. Stablecoin reserves: USDC issuer publishes reserve data via Chainlink (cash, short-term securities backing USDC). 3. Exchange monitoring: Protocols can read Chainlink PoR feeds to check if exchange reserves are declining (early warning of insolvency).

Limitations

Chainlink PoR depends on oracle trust. If Chainlink nodes collude or are compromised, false reserve data is published. Additionally, Chainlink PoR still does not verify liabilities—it only confirms assets exist on-chain. The fundamental PoR limitation remains.

Automation Advantage: Real-time reserve monitoring. Disadvantage: Oracle dependency.

Binance, Kraken & Exchange PoR

Post-FTX collapse, major exchanges rushed to publish PoR as customer reassurance. Binance published Merkle tree PoR in November 2022 for Bitcoin, Ethereum, USDT, USDC. Kraken followed with similar Merkle proofs. Both included only assets, not liabilities.

Binance PoR Coverage

Binance publishes PoR for major assets (BTC, ETH, BNB, USDT, USDC) but not all tokens. The PoR is updated weekly. Binance claims all customer funds are fully reserved, but the Merkle tree does not prove this—it only proves that Binance holds those specific assets. Customer deposits could exceed reserves for other tokens.

Kraken PoR Initiative

Kraken published PoR for Bitcoin, Ethereum, and USD stablecoins. It also committed to publishing comprehensive "Proof of Liabilities" (customer balance sums) in future. However, as of 2026, comprehensive PoL is still not standard.

Current Status: PoR is standard but incomplete. Full Proof of Solvency remains rare.

PoR Limitations & FTX Lessons

FTX published Merkle tree PoR in 2022, showing it held sufficient Bitcoin and Ethereum reserves. Yet secretly, Alameda Research (FTX's trading firm) had misappropriated $10+ billion in customer funds. PoR failed because it only verified assets, not whether assets were legitimately held for customers vs. misused.

Key PoR Limitations

1. No liability verification: PoR does not prove customer deposits equal reserves. 2. Snapshot vulnerability: PoR is a snapshot; exchange could move funds after PoR is published. 3. Partial coverage: PoR covers only certain tokens, leaving blind spots. 4. No key custody proof: PoR proves assets exist but not that exchange controls private keys (could be borrowed). 5. No business model verification: PoR does not prove solvent operations (profitable vs. insolvent trading).

FTX Lesson: PoR alone is insufficient. Proof of Solvency (reserves minus liabilities) and continuous monitoring are necessary.

Mazars Audit & Trust Issues

In January 2023, Binance commissioned Mazars (a major audit firm) to audit PoR. The resulting report confirmed Binance held sufficient Bitcoin, Ethereum, and USDT to match customer deposits at that snapshot. However, Mazars later retracted the report, citing concerns about scope and limitations.

Mazars Retraction

The retraction highlighted several issues: 1. Mazars did not verify liabilities (customer deposits). 2. Mazars did not verify Binance's accounting (could balances be double-counted?). 3. Mazars did not continuously monitor reserves. 4. A one-time audit provides false confidence (reserves could decline next week). The retraction damaged trust in third-party PoR audits.

Regulatory Pushback

Regulators increasingly recognize PoR is insufficient for investor protection. SEC and FCA emphasize need for Proof of Solvency. Regulatory frameworks in development (Hong Kong, Singapore, UK) mandate exchanges maintain adequate capital and undergo comprehensive audits, not just PoR.

Trust Erosion: Mazars retraction undermined third-party PoR audits. Regulatory push toward mandatory Proof of Solvency.

Future: Full Proof of Solvency

Post-FTX, the industry recognizes PoR alone is insufficient. The goal: Proof of Solvency (PoS) combining asset verification with liability verification. But comprehensive PoS is hard: how do you prove customer balances without revealing individual balances?

Zero-Knowledge Proof of Solvency

Researchers at zkSync, StarkNet, and Scroll are developing zero-knowledge proofs (ZK) for solvency. A ZK PoS would allow exchanges to prove: "My reserves exceed my liabilities" without revealing individual customer balances or private keys. A cryptographic proof serves as proof of solvency without exposing sensitive data.

Challenges

1. Proof complexity: Generating ZK proofs for millions of user balances is computationally expensive. 2. Ongoing verification: Single ZK proof is insufficient; continuous PoS is needed. 3. Regulatory acceptance: Regulators still prefer traditional audits over cryptographic proofs. 4. Technical maturity: ZK PoS is still in research phase, not yet production-ready.

Future Standard: Continuous Proof of Solvency using zero-knowledge proofs and mandatory liability disclosure.

FAQ

What is Proof of Reserves?

Proof of Reserves (PoR) is a verification method showing that an exchange controls cryptographic assets equal to or greater than customer liabilities. It uses Merkle trees to aggregate customer balances and on-chain proofs of asset ownership. PoR proves assets exist but NOT that liabilities are covered (that requires Proof of Solvency).

How do Merkle tree PoR work?

Exchanges create a Merkle tree where each leaf is a customer balance (hashed for privacy). The tree is hashed upward to a single root. The exchange publishes the root and proves ownership of corresponding assets on-chain. Users can verify their balance is included without seeing others' balances. Binance and Kraken published PoR trees in late 2022.

What is Chainlink Proof of Reserves?

Chainlink PoR is an oracle service that automatically verifies and publishes reserve data on-chain. Chainlink nodes query exchange APIs and on-chain addresses to confirm reserve levels. This enables real-time monitoring and smart contract integration. Used for WBTC (Bitcoin bridge custody), stablecoins (USDC reserves), and exchange verification.

What are PoR limitations?

PoR only proves assets exist, not liabilities. An exchange can have $1B in Bitcoin reserves but $2B in customer deposits. Real solvency requires Proof of Liabilities (matching reserves to customer balance totals). Post-FTX, the industry recognizes PoR alone is insufficient; full Proof of Solvency is needed.

What happened with Mazars PoR audit?

Mazars audited Binance's PoR in 2023, confirming reserves, but the report was later retracted. The audit created false confidence: assets were liquid (good), but auditor did not verify liabilities comprehensively. FTX collapse exposed PoR's fundamental flaw: verifying ONE side (assets) without auditing the other (liabilities).

What is full Proof of Solvency?

Proof of Solvency combines Proof of Reserves (assets > threshold) with Proof of Liabilities (customer balances summed transparently). zkSync, StarkNet research explores zero-knowledge PoS where exchanges prove asset/liability ratio without revealing individual balances or secret keys. This is the post-FTX standard.

Disclaimer: This content is for informational purposes only. Proof of Reserves is one transparency mechanism but does not guarantee exchange solvency. Always use multiple data points (regulatory status, audit history, user reviews) when assessing exchange trustworthiness. FTX failure shows PoR can be misleading; conduct independent due diligence.

Educational disclaimer: This guide is for informational purposes only and does not constitute financial advice. Crypto involves significant risk — do your own research before making any decisions. Learn more about our team.