This article presents a responsible, evidence-focused verdict on claims about “proof-of-reserves” offered by cryptocurrency exchanges. We treat the subject as a claim: that a given exchange’s published proof-of-reserves demonstrates solvency or full, provable backing of customer liabilities. We summarize what is documented in public reports and audits, where the evidence is incomplete or disputed, and what cannot be proven from available material.
Verdict: what we know, what we can’t prove
What is strongly documented
Multiple exchanges and third-party firms have published cryptographic “proof-of-reserves” reports or attestations demonstrating that an exchange controls certain on-chain wallets or that a snapshot of customer balances was included in a Merkle-root calculation. For example, Kraken has repeatedly published PoR attestations and explains how users can verify inclusion (Merkle leaf -> root) in their reports.
Industry reporting and commentary after high-profile exchange failures (notably FTX) show that PoR has been proposed and adopted more widely as a transparency measure intended to reduce the risk of hidden commingling or misappropriation of client assets.
What is plausible but unproven
It is plausible that widely published PoR schemes (Merkle proofs, snapshot attestations, on-chain wallet lists) make it harder for an exchange to hide the absence of some on-chain assets at a point in time. However, PoR reports often do not—and by themselves cannot—demonstrate complete solvency because they may omit or fail to verify off-chain liabilities, cross-ledger mismatches, rehypothecated assets, or subsequent transfers that deplete reserves after a snapshot. Multiple industry observers and analysts have warned that PoR alone “isn’t good enough” to show full solvency.
What is contradicted or unsupported
Some public narratives imply that any published proof-of-reserves report is equivalent to a full audit of assets and liabilities. That implication is contradicted by the content and scope of most PoR reports, which typically focus on proving custody or inclusion of reported balances rather than providing a full forensic reconciliation of liabilities or demonstrating legal ownership of every on-chain asset. In short, the claim that a PoR attestation alone proves exchange solvency is not supported by the documentation we reviewed.
Evidence score (and what it means)
Evidence score is not probability:
The score reflects how strong the documentation is, not how likely the claim is to be true.
- Evidence score: 45 / 100.
- Driver 1 — Direct primary documentation exists (exchange PoR reports and third-party attestations), which supports the existence of on-chain snapshots and Merkle-inclusion proofs.
- Driver 2 — Independent expert critiques and reporting identify systematic gaps (liabilities not shown, timing/window issues), reducing the confidence that PoR equals solvency.
- Driver 3 — Technical limits in commonly used cryptographic structures (Merkle trees, snapshot attestations) are documented in academic and security analyses; these show potential avenues for falsification or incompleteness if not carefully designed and audited.
- Driver 4 — Some exchanges have iterated their PoR designs (e.g., adding zero-knowledge proofs or wider attestations), which improves documentation quality but does not eliminate all evidentiary gaps.
- Driver 5 — Conflicting practices and reporting standards across exchanges mean evidence comparability is low, limiting cross-platform inferences.
Practical takeaway: how to read future claims
When you encounter a claim that an exchange’s published proof-of-reserves “proves” solvency, read the report and ask for specific items before accepting that inference:
- Scope: what assets (which chains/tokens and what addresses) were included? Are stablecoins and off-chain custodial arrangements covered? Check the exchange’s report for an explicit asset list and scope.
- Liabilities: does the report reconcile total customer liabilities or only show inclusion of balances? A true solvency demonstration needs both assets and liabilities reconciled.
- Timing and freshness: when was the snapshot taken and when was the attestation issued? Short windows between snapshot and disclosure can hide subsequent outflows.
- Third-party role: who issued/attested the report, and what procedures did they perform? An attestation from a reputable and transparent auditor with clear procedures is stronger evidence than an unsigned exchange blog post.
- Cryptographic completeness: if the PoR uses Merkle proofs, does it provide a verifiable inclusion path and explain how users can independently verify leaves without revealing private data? Academic work shows Merkle trees are useful but have design and retrieval implications.
This article is for informational and analytical purposes and does not constitute legal, medical, investment, or purchasing advice.
FAQ
Q: Do proof-of-reserves claims prove an exchange is solvent?
A: No. A proof-of-reserves claim documents that certain assets were controlled by the exchange at a specific point or that specific customer balances were included in a Merkle root. It does not, by itself, prove full solvency because it typically does not reconcile all liabilities or legal ownership claims across custodial arrangements. Multiple industry commentators have made this limitation explicit.
Q: What technical limits exist in PoR methods like Merkle trees?
A: Merkle-tree–based PoR can allow per-user inclusion proofs without exposing other users’ balances, but academic analyses and security reviews note risk vectors: incomplete or manipulated input data, selective inclusion of assets, challenges in private retrieval of proofs, and how Merkle structure parameters affect falsification probabilities. These limits mean cryptographic proofs must be paired with strong procedural audits.
Q: Have exchanges improved PoR after criticisms and incidents?
A: Yes. Some exchanges expanded the asset sets they include, released more frequent attestations, and in some cases incorporated stronger cryptographic tools (for example, adding zero-knowledge proof elements to PoR) or engaged new auditors. But improvements vary by provider and do not eliminate the need to verify scope and methodology.
Q: How should regulators or auditors approach proof-of-reserves claims?
A: Regulators and standard-setting bodies have emphasized that PoR should be part of a broader transparency and custody framework that includes liabilities reconciliation, custody segregation, legal controls, and audited procedures. Reporting heterogeneity across exchanges means standardization is necessary for PoR to be reliably comparable. Reporting after major industry failures increased attention on this topic.
Q: What should a consumer look for when evaluating a PoR report?
A: Look for explicit asset lists, inclusion proofs with user-verification instructions, a clear liabilities reconciliation or statement explaining why liabilities were excluded, an identified and detailed auditor/attestor report, dates and timestamps for snapshots, and transparency about custodial arrangements. Absence of these items weakens the evidentiary value of the claim.
FAQ: Evidence conflicts and transparency
Where sources conflict — for example, an exchange’s public claims versus independent critiques — this article reports both and does not speculate beyond the documents. The exchange-level PoR reports are primary documentation of what the exchange published; independent analyses and academic work provide context and identify limitations. When those viewpoints disagree, the disagreement itself is documented and should inform the evidence score and readers’ interpretation.
Additional notes on source material
Key primary materials for this verdict include published PoR reports and exchange blog posts describing procedures, contemporary industry reporting on PoR adoption after the FTX collapse, independent security firm analyses of PoR implementations, and technical/academic work on Merkle-tree properties. Examples include Kraken’s published PoR attestations and user-verification procedures, industry reporting describing PoR’s rise after FTX, security firm write-ups about PoR implementations, and academic examinations of Merkle-tree security. Where the public record provides direct evidence, we cite it; where only commentary or critique exists, we label that material accordingly.
Concluding summary
Proof-of-reserves claims are a useful transparency tool when implemented and audited carefully, but the available documentation shows significant and recurring gaps between PoR attestations and the claim that an exchange is fully solvent. The evidence supports the narrower claim that exchanges can and do publish verifiable snapshots of on-chain assets and Merkle-inclusion data; it does not support the broader claim that those publications alone prove full reconciliation of assets and liabilities. Given the current state of documentation and critique, the evidence score for the stronger claim (PoR proves solvency) remains modest.
Further reading and sources
Selected sources referenced in this verdict include exchange PoR pages and blog posts, contemporaneous industry reporting about PoR adoption after FTX, security audits and write-ups on PoR implementations, and academic examinations of Merkle-tree properties and proof aggregation techniques. Readers should consult exchange reports directly for the precise scope and methodology used in any specific PoR claim.
Beginner-guide writer who builds the site’s toolkit: how to fact-check, spot scams, and read sources.