The Defects of Centralized Institution Reserve Proof and Improvement Solutions

After the collapse of FTX, the market's trust in centralized institutions suffered a severe blow. In order to rebuild confidence, several trading platforms have begun to adopt the Merkle Tree reserve proof method to prove the safety of funds to users. However, this method has some fundamental flaws and is difficult to completely prevent fund misappropriation. This article will analyze the shortcomings of existing reserve proof methods and propose improvement suggestions.

Overview of Existing Reserve Proof Methods

Current proof of reserves typically relies on third-party auditing firms to verify the safety of funds by comparing on-chain assets (proof of reserves) with user asset balances (proof of liabilities).

In terms of debt proof, the platform will generate a Merkle Tree containing user account information and asset balances, allowing users to independently verify whether their accounts are included. In terms of reserve proof, the platform needs to provide and verify its on-chain addresses, usually proving address ownership through digital signatures.

The auditing agency then compares the total assets on both the liability and reserve sides to determine if there is any misappropriation of funds.

Main Defects of Existing Methods

1. Avoiding audit with borrowed funds

Since audits are usually based on specific points in time and have long intervals, platforms still have the opportunity to misappropriate funds and fill the gaps through borrowing during the audit period.

2. Conspire with external parties through auditing

   Digital signatures alone cannot fully prove asset ownership. The platform may collude with external parties to use the same funds to provide asset proof for multiple institutions, and existing auditing methods struggle to identify such fraudulent activities.

Improvement Suggestions

An ideal proof of reserves system should support real-time checks, but this may incur high costs and pose risks of user information leakage. To enhance the reliability of the proof without sacrificing user privacy, the following suggestions are proposed:

1. Random Auditing by Sampling

Conduct random audits at unpredictable intervals to increase the difficulty of manipulation. The auditing agency can randomly send audit requests to the platform, requiring the generation of the user account balance Merkle Tree at a specific point in time (block height).

2. Accelerating Reserve Proofs Using the MPC-TSS Scheme

   Using Multi-Party Computation Threshold Signature (MPC-TSS) technology, the private key is split into multiple shards held by different parties. The auditing agency can hold one shard of the private key, while the platform holds the remaining shards. By setting an appropriate threshold, it ensures the platform's control over the assets while allowing the auditing agency to confirm the platform's on-chain address set and asset scale.

These improvements are expected to enhance the reliability and efficiency of reserve proofs, but further discussion and refinement are still needed. With the development of technology, it is believed that more完善的 reserve proof solutions will emerge in the future, providing users with more reliable financial security guarantees.