The $10B collapse of FTX is not just an institutional failure
It's a failure of crypto as a whole
We've been through such frauds before and YET we trusted a megalomaniac with our funds
This needs to change NOW!
The only way forward is for CEXs to provide PROOF OF SOLVENCYπ§΅
It's a failure of crypto as a whole
We've been through such frauds before and YET we trusted a megalomaniac with our funds
This needs to change NOW!
The only way forward is for CEXs to provide PROOF OF SOLVENCYπ§΅
First, here's a fantastic thread on how FTX lost $10B of customer funds
So how do we make sure this never happens again?
A lot of people are suggesting that the exchanges provide Proof of Reserves
@cz_binance even mentioned that Binance would soon be providing their Merkle tree proof
A lot of people are suggesting that the exchanges provide Proof of Reserves
@cz_binance even mentioned that Binance would soon be providing their Merkle tree proof
But proof of reserves is only one part of the equation
For an exchange to be 'solvent', its reserves (assets) also need to be higher than its liabilities
What are the liabilities for an exchange?
All the deposited funds that it owes back to the customers
For an exchange to be 'solvent', its reserves (assets) also need to be higher than its liabilities
What are the liabilities for an exchange?
All the deposited funds that it owes back to the customers
Solvency means:
Assets - Liabilities >= 0
Thus, we need CEXs to provide "Proof of Solvency" to make sure they never lose customer funds again
And as we know by now, relying on 3rd party auditors to verify solvency is not enough
Assets - Liabilities >= 0
Thus, we need CEXs to provide "Proof of Solvency" to make sure they never lose customer funds again
And as we know by now, relying on 3rd party auditors to verify solvency is not enough
What we CAN rely on instead, is a cryptographic proof of solvency
Here's how it works:
Here's how it works:
i) The exchange encrypts all the data that proves solvency to each customer using a secret key
This data includes all the assets & liabilities controlled by the exchange
This data includes all the assets & liabilities controlled by the exchange
ii) The exchange posts the encrypted data onto a blockchain, like Ethereum
This can be done using a zero-knowledge proof like zkSNARKs or zkSTARKs to hide the data efficiently from malicious entities
This can be done using a zero-knowledge proof like zkSNARKs or zkSTARKs to hide the data efficiently from malicious entities
iii) Finally, the exchange shares a "part" of the secret key with each customer
This partial key reveals 2 things about the data:
- a single bit signalling whether the exchange is solvent or not
- another bit proving that customer's own balance is a part of the reserves
This partial key reveals 2 things about the data:
- a single bit signalling whether the exchange is solvent or not
- another bit proving that customer's own balance is a part of the reserves
The privacy-preserving part of zk proofs means that no malicious entity gets access to private data, yet each customer can be assured of the security of their assets
When zkps are used to prove off-chain data, they are called Validiums
When zkps are used to prove off-chain data, they are called Validiums
zk proofs can efficiently remove these trust assumptions and reliance on auditors
@GuthL and @StarkWareLtd have been actively developing StarkEx to power this type of a solution for around 3 years now
@GuthL and @StarkWareLtd have been actively developing StarkEx to power this type of a solution for around 3 years now
Caveat: While efficient, the reliance on off-chain data still exposes validiums to data availability hacks
StarkEx mitigates this by introducing a 8-member Data Availability Committee (DAC)
The DAC must acknowledge it has received the data by signing every update to the state
StarkEx mitigates this by introducing a 8-member Data Availability Committee (DAC)
The DAC must acknowledge it has received the data by signing every update to the state
Going forward, let's make sure we're either using only DEXs or asking every CEX to provide cryptographic proof of solvency!
Like/Retweet the first tweet below to spread the word and help strengthen this industry:
Like/Retweet the first tweet below to spread the word and help strengthen this industry:
Loading suggestions...