After the FTX crisis, users began to search more frequently for a clear answer to the question of how to verify the reserves of a crypto exchange: access to assets depends on whether the platform stores client funds in full, rather than just recording the balance in the interface. In November 2022, FTX received about $6 billion in withdrawals in 72 hours — a classic liquidity stress test that quickly reveals gaps between assets and liabilities.

Proof of Reserves (PoR) emerged as a practical transparency tool for custodial crypto services: exchanges, brokers, exchange platforms, and wallet operators. It helps to show that the declared reserves are based on verifiable data, not promises.

What is Proof of Reserves

PoR is a method of confirming that a platform holds crypto assets commensurate with total user balances within a fixed "snapshot" of data. In advanced implementations, an independent party is involved in the verification, and users are given a way to verify that their balance is accounted for in the total liabilities.

In essence, PoR answers the question of what a reserve confirmation system is: verification is based on two sets of figures — assets (usually on-chain addresses/wallets) and liabilities (the sum of customer balances at the time of the snapshot).

Why crypto platforms need to confirm reserves

For users, PoR reduces the information gap: instead of taking someone's word for it, there is verifiable mathematics. For the platform, it is a way to get through periods of increased withdrawals more quickly and maintain turnover through reputational stability.

The practical effect is especially noticeable during periods of "bank runs" on the crypto market: when withdrawal speeds are measured in hours, the market evaluates liquidity and the completeness of reserves, rather than marketing statements.

How the Proof of Reserves system works

The basic process is built in steps:

1. An instant snapshot of user balances (liabilities) is formed and aggregated into a cryptographically verifiable structure.
2. The addresses/wallets where the assets are held and their on-chain volume at that moment in time are published.
3. An independent auditor or certifying party verifies that the assets cover the liabilities on the snapshot date.

This is how the Proof of Reserves system usually works: verification is based on public blockchain data and cryptography, and the result is a comparison of "assets ≥ liabilities" for a specific date.

The role of Merkle Tree in Proof of Reserves

To combine millions of user balances into a single verifiable result, a Merkle Tree (hash tree) is used. It "packs" a large array of data into a single root hash (Merkle Root), which acts as a cryptographic "seal" for the entire set.

Verifying the inclusion of a specific balance in the tree requires recalculating the hash chain, the complexity of which grows proportionally to log2(N), where N is the number of leaves. In practice, this means that for 1,048,576 accounts, about 20 hashing steps are sufficient to prove inclusion (since 2^20 = 1,048,576).

At its core is a cryptographic hash: for example, SHA-256 generates a final digest with a length of 256 bits, which makes data substitution computationally impractical when implemented correctly.

Verification of obligations to users

The key point of PoR is the correct accounting of liabilities. The scheme of "showing wallets with assets" without the exact amount of customer balances gives a weak signal to the market because it leaves the amount of debt to users unknown.

At a strict level, PoR works as follows: liabilities are recorded in a snapshot, each balance is entered into a Merkle Tree, users receive Merkle proof of inclusion, and an independent party confirms that the on-chain assets cover the total liabilities on the date of the snapshot.

What PoR shows and what questions remain unanswered

PoR does a good job of covering user balances at a specific point in time. When users understand how PoR works, they see the strength of the method: the provability of including a balance in the overall calculation of liabilities and the reconciliation of assets through a public blockchain.

Credit risks outside the snapshot, the quality of internal risk management, and dynamics after the reporting date are usually left outside the scope of PoR. Therefore, PoR is perceived as an element of the transparency system along with risk management, control reporting, and rules for storing client assets.

Proof of Reserves and regulation

Regulation is gradually shaping basic expectations for custodial providers: separate storage of client assets and company assets, transparent custody policies, and regular position reports to clients.

In the EU, MiCA explicitly requires the segregation of client crypto assets from the provider's own assets and specifies that client assets must be stored separately at the distributed ledger level; it also requires position statements to be issued at least once every three months.

In practice, PoR fits well with these requirements: segregation reduces the operational risk of commingling, and PoR adds cryptographic verifiability of coverage.

How users can verify Proof of Reserves

To understand how Proof of Reserves works on a particular platform, a simple checklist is useful:

1. Find the PoR page and the snapshot date (time reference is important).
2. Check whether the service publishes liabilities, not just a list of wallets with assets.
3. Use self-verification: many platforms provide a Merkle Leaf/Record ID and instructions on how to verify that the balance is included in the liability tree.
4. Verify on-chain addresses: assets in wallets can always be read in blockchain explorers, and the amount should match the logic of the report on the snapshot date.
5. Review the format of independent verification: audit/certification, methodology, coverage of assets and liabilities, frequency of publications.

Conclusion

PoR is a practical cryptographic procedure that increases the transparency of custodial crypto services through two things: verifiable liability accounting via Merkle Tree and verifiable on-chain assets. For the user, the value of PoR is maximised when the platform publishes its methodology, includes liabilities, provides self-verification, and confirms the results through independent verification.

The information presented in this article is for informational purposes only and does not constitute a guide to action, financial advice or investment advice. Cryptocurrency investments involve a high level of risk, and each investor should conduct their own analysis, assess their financial capabilities and consult with professional financial advisors before making investment decisions.