Announcing a Return to our Roots: The All-New Bitcoin Magazine

Blockstream Open Sources Development of Its Proof of Reserves Tool

by

        Blockstream Open Sources Development of Its Proof of Reserves Tool
Blockstream Open Sources Development of Its Proof of Reserves Tool

On February 4, 2019, blockchain tech company Blockstream announced the development of a “proof of reserves” tool to standardize the authenticity of exchanges’ crypto reserves. The Bitcoin development company has submitted a Bitcoin Improvement Proposal (BIP) to the bitcoin-dev mailing list for consideration.

Blockstream stated that it is “open-sourcing the development of the tool for feedback from the industry.” Citing high-profile hacks as a reason why such services would be in demand, Blockstream is hoping to create a “best-practice standard Proof of Reserves for the industry, that offers broad compatibility with the way most Bitcoin exchanges are storing their users’ funds.”

Blockstream stated that it the original idea for the tool was to build a means for its Liquid functionaries to prove their Liquid bitcoin (L-BTC) reserves to third-party auditors. But it soon recognized that there were further applications that could reach beyond Liquid and be useful to cryptocurrency exchanges in general.

“Put in as simple terms as possible, Proof of Reserves allows an exchange to prove how many bitcoin they could spend, without needing to generate a ‘live’ transaction or exposing themselves to the risks of moving funds.”

Reducing Security Risks

As the technology is envisioned currently, the tool will be able to circumvent some of the typical problems associated with proving cash reserves, namely the security risks associated with current verification methods that exchanges typically employ. With the help of the tool, an exchange “first constructs a single transaction which spends all of an exchange’s [unspent bitcoin].”

Basically, this function aggregates all of the cryptocurrencies sitting in the exchanges wallets into a transaction, but instead of sending this transaction — and creating a potential attack vector — the tool deliberately “sabotages” it. The transaction still shows that the wallets in question have all of the assets, but none of the assets get moved around. In this way, none of the exchange’s actual assets are at risk of being spent or attacked, and the amount of currency is still verified.

“This transaction data can then be shared with anyone that needs to verify reserves. They simply import the data into their own Proof of Reserves client to confirm the exchange’s total holdings and the addresses associated with those holdings.”

Removing the Need for Trust

The other problem that the Proof of Reserves tool is intended to alleviate is the technical barrier that prevents users from checking on the reserves of an exchange they may want to transact on. In other words, it’s difficult for non-technical users to verify the reserves for themselves, forcing them to trust that the exchange is operating in good faith.

And there have been plenty of questions surrounding the veracity of reserve claims in the crypto space which could make customers uneasy about placing their trust in an exchange. On February 5, 2019, for example, a Canadian court granted cryptocurrency exchange QuadrigaCX bankruptcy protection and appointed Ernst & Young as monitors to help the exchange locate any funds it could use to reimburse its customers.

Following the death of QuadrigaCX’s co-founder and CEO Gerald Cotten, the exchange claims to have lost access to some $190 million in deposited funds, alleging that Cotten was the only one able to access his encrypted laptop where the keys and passwords are stored. This has caused many users to question whether or not the exchange actually has the stated funds in reserve.

Third-party verification of actual cash reserves could help potential users identify whether or not an exchange is operating in good faith and under acceptable standard practices.

Privacy Concerns

Thus far, however, Blockstream’s verification tool has at least one area of significant concern: it reveals the entire transaction history of the participating exchanges. If this problem were to persist, the tool could be used to unmask all of users’ transactions with the exchange in question. Although this glitch would obviously be completely impractical for confidentiality reasons, the underlying premise of the tool does work, and the blog post states that Blockstream hopes to create a fully confidential version with the help of the new open-source development process.

Recommended

Neutrino: A Privacy-Preserving Light Wallet Protocol

Jimmy Song explains Neutrino, a new protocol for light clients to get the data that they need while preserving privacy, without trusting a central server.

Jimmy Song

Blockchain Analysis Is About to Get Harder as P2EP Enters Testing Phase

“Privacy is essential for Bitcoin. Ideally we want to screw up [blockchain] analysis so badly, that they can't even make it.”

Aaron van Wirdum

Security Researchers Reveal Wallet Vulnerabilities On Stage at 35C3

The companies behind the hardware wallets claim not to have been given an opportunity to fix the vulnerabilities via responsible disclosure practices prior to the announcement.

Jimmy Aki

A Bug Making Ethereum Transactions on Exchanges Vulnerable Has Been Fixed

A bug centering around a new Ethereum token, GasToken, which was enabling abuse on cryptocurrency exchanges, appears to have been resolved.

Nick Marinoff