Author

Topic: [ANN] OKCoin Passes Proof of Solvency Audit (Read 9207 times)

sr. member
Activity: 320
Merit: 250
★YoBit.Net★ 100+ Coins Exchange & Dice
June 21, 2015, 05:54:48 PM
#9
are u guys crazy or just looking for posts ? this topic is 1 year old, right now okcoin is in big trouble



I know right lol
legendary
Activity: 1974
Merit: 1003
are u guys crazy or just looking for posts ? this topic is 1 year old, right now okcoin is in big trouble
legendary
Activity: 2072
Merit: 1049
┴puoʎǝq ʞool┴
Congratulations! Is there a figure that we can see regarding the BTC they hold or not?
hero member
Activity: 605
Merit: 500
Congrats to OKCoin for passing the audit
sr. member
Activity: 322
Merit: 252
Here I Am !!
Good news, I would like to see all exchanges to get audited as well. We could encourage exchanges to regularly pass a Proof of Reserve audit by only using exchanges that do.
full member
Activity: 123
Merit: 100
best-miner.com
Great news, as last few weeks there are rumors in China that some trading platform don't have engough bitcoin, that infect bitcoin price a bit i think. now we could see it as a great step to make bitcoin trade more transparent and health.
hero member
Activity: 714
Merit: 500
Okcoin acted so quickly to perform proof of solvency solvency audit after BitcoinChina annouced they would do similar audit on 25 Aug.
legendary
Activity: 1820
Merit: 1000
Congrats to OKCoin for passing the audit and thanks to Stefan for administering it.  Smiley
full member
Activity: 234
Merit: 100
AKA: Justmoon
Here is the final audit report for the OKCoin audit.

As always, an audit does not constitute an endorsement and it does not address any risks outside of present insolvency. It's also not infallible, exchanges can borrow money or ask others to sign their audit message. Finally, until we can implement fully zero-knowledge, cryptographically provable audits, you have to trust the auditor, i.e. me, to have done my job correctly.

Also same as always, I did not receive any compensation for the audit and I did it in my free time. I requested the exchange donate any fees they would have paid me to a charity of my choice: Ludvig von Mises Institute For Austrian Economics Inc. in Auburn, Alabama

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512


AUDITOR: Stefan Thomas
AUDITED ENTITY: OKCoin Inc., https://www.okcoin.cn
ROOT HASH: dbb26444331293a04b289ba632b8f942b550d6873fed1afd6c53fca52825d1c7
BLOCK HEIGHT: 316837
RESULT: >100% reserves


August 21, 2014
San Francisco

This post is to report on an audit I performed for the OKCoin Bitcoin exchange on August 21st, 2014 from my home office here in San Francisco. I've not received any payment for this audit - my personal goal with this is to help improve the stability of and confidence in the math-based currency industry overall.


Statement
=========

The audit process is designed to allow the auditor - in this case me, Stefan Thomas - to verify that the total amount of bitcoins held by OKCoin matches the amount required to cover an anonymized set of customer balances. I am attesting to the root hash of a merkle tree containing all balances that were considered in the audit. If you are a customer of OKCoin, you'll be able to verify using open-source tools that your balance at the time of the audit is part of this root hash. If it is and if you believe that I am trustworthy, then you can be confident that your balance was matched by an equivalent or greater amount of bitcoins in the block chain at the time of the audit.

The most difficult part of an audit is normally to verify that the exchange is not under-reporting the number and balances of account holders. With this approach each account holder can verify that they were considered in the audit. At the same time it maintains absolute privacy for customers, the auditor only sees anonymized balances and the general public only sees the overall level of reserves.

Note that there are limitations to this type of audit. It does not verify an exchange's fiat assets and liabilities or other aspects of their balance sheet. It is also difficult to prove definitively that the bitcoins in question are actually owned by the exchange versus being on loan for instance.

In order to reduce reliance on the auditor, the audit should be repeated using different auditors at different times.


Claims
======

Claim 1: OKCoin controls a certain amount of Bitcoins.

Proof: OKCoin provided a JSON file with a list of their Bitcoin addresses and balances. I used the `cryptoshi audit` command in libcoin to verify the JSON file against a copy of the block chain.

The version of libcoin used was commit 5424505e2fb5866be96e9af35874cf9c289e3ccd.

Here is the audit code used:

https://github.com/libcoin/libcoin/blob/5424505e2fb5866be96e9af35874cf9c289e3ccd/applications/cryptoshi/cryptoshi.cpp#L638-690


Claim 2: The amount from claim 1 is greater than the amount contained in the root hash of balances.

Proof: OKCoin provided a JSON file containing a set of anonymized user balances. I used my own tool "easy-audit" to calculate the reserve ratio and root hash.

The version of easy-audit used was commit 663c38be6767175764d13d249a6c18905ebae76f

Available at: https://github.com/justmoon/easy-audit

Here is the audit code used:

https://github.com/justmoon/easy-audit/blob/663c38be6767175764d13d249a6c18905ebae76f/lib/audit_reporter.js#L10-31

The tool's output was:

ASSET OWNER: okcoin.cn
BLOCK HEIGHT: 316837
ROOT HASH: dbb26444331293a04b289ba632b8f942b550d6873fed1afd6c53fca52825d1c7
RESERVE RATIO: 104.86%

The actual holdings were 4.86% higher than the required holdings, meaning OKCoin had greater than 100% reserves at the audit block height.

// Stefan Thomas

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJT94OBAAoJEMlHNwCksIvzYg8QAIyFbfRq2jRcb5WtL2EElcbS
z7lZr3/TJfKodOtfsjqX8yYM/iJ6laoMn03Y72+mC2+yUxXkSaRj6zYfcTbmlsAG
0SLzOK99XrIPbcBBtc/A6/MQL0t+O3QT2Ot/7Cs5xEu0vr6XVCfztThqCBHXduPx
QAQa59ZUaFbSA+/bxJrP3RM9oJiDRZOoGWBR6619Yuy2UkNfG56Rk10MsEUT6wqM
TXEF0s8+1G4tFGpC+8MT98ngxRkKr6igMzgh/pJiGTBD+RhYRDdQj/aqq4zvXDni
VOz3B+BSjeKEVbaMglnhPzlePly/JkJTakVzqLo8uCQjibb0cOJdZDh2OzwqLpm2
3erJcE0tJIpLXm7idbVz8nrRs9Z+265+HNqbqJFELFLUlGuJk3VoFeZEym51oIeM
ZLD8hAwk8HCqjltIvv/u7cLh49LDk57O0GIFgAnHotVXQ06qEZ7C68aW/2D3uCnE
gtfKnC3bwLmMU+ctxXgu9hP8mt7McerCI1g8Mk4H+8kNKVlKKfcjaqbRl2l3frAw
A+DhBaz8CYvG3iV+TXrPM2umYc3Ckc7F75o2TTIbYvIgHlFOgv6j1nIXh2JU855O
V1hMd83ULlgdJK20xKV/T4bEPV+jOcBlaxU+ZPq5E8/eE+ORGL9e6rYVcLXG0SXY
AByBvMz1Tn74v/EMlFLi
=x9FT
-----END PGP SIGNATURE-----
Jump to: