Author

Topic: Binance Users Can Now Verify The Bitcoin They Own Via Merkle Tree (Read 452 times)

legendary
Activity: 2268
Merit: 18748
Feel free to at least try and keep the discussion civil. Roll Eyes

users can download the entire tree..

and guess what. it does not just have the hashes. it has the clear data balance
That's not what their website says, but as I said above, I am more than willing to admit that I am wrong. Nothing in the link you have provided makes it clear that you can see other user balances in plain text, only that you can see each user's Merkle leaf, which as per the code I linked to above, contains a hashed representation of their balances. If someone with a Binance account could download and then share the Merkle tree, that would be very helpful.

But regardless, even in such a case the Merkle root does not prove solvency. Binance could quite easily look for every account which hasn't been active in (for example) 6 months, and set their balance to zero or just exclude them entirely, being relatively sure that these inactive users are not going to check and expose their fraud. And given that Binance already show on their screenshots that accounts can have a negative balance due to things like leverage, margins, loans, etc., then again nothing stopping Binance from padding the books with several thousand negative balance accounts which don't really exist.

One way or the other, the only thing the Merkle tree proves is that you have an entry on their spreadsheet. It does not prove they are solvent.
legendary
Activity: 4410
Merit: 4788
OMG

you realy need to read.

one more time just for the idiot

users can download the entire tree..

and guess what. it does not just have the hashes. it has the clear data balance

and yes you can do kindergarden based maths to ass up the balances to get a total

THATS THE WHOLE POINT

how is it that every time you come out with some silly narrative not backed up by fact. i have to repeat myselg X times over to correct you

i even tell you the link to look and read that shows you examples and also where you are wrong
you say you read it.. then you go 100% opposite to what you have read and go back to your sily mis-understanding

seriously

please just take a break from  your ill conceived brain of social drama filled drivel. and instead use some time to research and learn from actual sources. not the idea's passed to you from social media

please. understand this. and really take your time..
sit back and have a coffee while you think about it and let it settle in

1. the merkle tree file that can be downloaded..

2. users merkle hash is not just hashes. its hash+clear text balance

EG
not just
46dc2ebaa7cf3d253dedd10084399efce7b1ac8db9b6b5edf55f0c1ae7dec483
but instead
46dc2ebaa7cf3d253dedd10084399efce7b1ac8db9b6b5edf55f0c1ae7dec483,BTC:1.0,D.BTC:0.0,N.BTC:1.0

got it ?

3. the tree is a large file which take a program upto 20 minutes to read through probably 26m entries that are merkled to a root

4. the program to read the file is standard node.js open source tool

5. the script to tell node.js how to read is standard open source javascript

6. each user can find their own leaf on the tree

7. all leafs dont reveal other users names but have a balance that can be counted and there are 3rd party auditors that can count. better then a todler

..
now tell me which point confuses you or you do not understand

a few years ago i thought you were a doctor in real life. someone that maybe knew how to do research and investigate and diagnose.. now you are sounding more like badecker
legendary
Activity: 2268
Merit: 18748
actually do the research of whats included and excluded from the hash+ clear text. and how merkles work. and then form your opinion on the technique.
Yup, done all that. Here's the page I've read directly from Binance which explains their process: https://www.binance.com/en/proof-of-reserves#proof-of-reserves

Each user uses their unique account code, a salt, and the audit ID, concatenates all this, and then SHA256s it to create their "record ID". The record ID is then concatenated with all their balances, hashed again, and the first 16 characters (8 bytes) taken as that user's individual Merkle leaf.

Great. So I can verify that my balances are accurately hashed in to my Merkle leaf, and I can verify that my Merkle leaf is contained with the Merkle tree. Now, here is the bit you seem to be missing, I can verify absolutely nothing about any one else's balances or leaves. I have no idea if your balances are accurately reflected in your leaf. I don't even know if your leaf is even included. I don't know if CZ has included a fake account with -10,000 BTC to balance the books. The screenshot on the page I linked above even shows "Balance" and "Debt" at the time of the audit with a final negative equity in the account in question, so the process to have negative accounts already exists.

Here's an example to illustrate. I'll take you as an example customer with 50 BTC on your account. Your hash input will be "franky1,BTC:50". For the sake of simplicity of this example, everything is single hashed as simple text.
User 1 - 828ab4dea3944c2aae12c2e4faa3cc7d7c79d2f1903323c0d1110cc233d02855
franky1 - bdf65086e0f247c9fd0a14368833b65530750fcb79128a5e7186de313589c25c
User 3 - dccf02131c89244750fffc1bc647c5e1cd8bb536b98700d6f002066497e73893
User 4 - ad3d8ae71b24929d1eb84fd10f25c1ea2e159dc1ddf453d3832c78899a08b419

User 1 + franky1 = 38fd94e48ec804a3616fe20a4c2bc4f9a3d9c0b0812d5c421bc49ce9784a4b95
User 3 + User 4 = 6a712e021ef304ae0c8226602ffe934e1ea8868771ef429d43d73029e3205b5d

Merkle root = fa45368d13a36054cca1db862adfde5ae1c6f0bf6c479ad54c799fee47e3fdd1

Now, you have this Merkle tree, and you see Binance have posted a wallet with 200 BTC in it. Are they backed up 1:1? You have absolutely no idea. Is that 4 users with 50 BTC each? Or are there 2 users with 100 BTC and one fake account with -50 BTC? Who knows. Only Binance. You have verified that your balances are within the Merkle tree, but the Merkle tree itself tells you absolutely nothing about whether or not Binance are solvent. The whole thing is a sham.
legendary
Activity: 4410
Merit: 4788
im not a binance user either

..
point is you should be more worried if
a. your leaf was not in the tree
b. the tree total exceeded reserve total

obviously if everyone can find their leaf. they they all know individually that they are in the tree..

if their individual totals dont exceed the reserves. then..

one last time
the company has enough reserves to match the tree total
and users can see their balance is part of the tree total

.. anyway. i think its time i say the usual
stop forming an opinion first, then looking for confirmation bias..

actually do the research of whats included and excluded from the hash+ clear text. and how merkles work. and then form your opinion on the technique. not the social drama echos you read else where

now to draw a line in the sand while you go do some research away from social media quotes
screw it ill push you in the right direction
https://www.binance.com/en/support/faq/how-to-verify-merkle-tree-819fadc1c16b499d85bc3a3d0fab76bc

they can download the tree and then find your leaf in the tree..
(i and you personally are not binance customers.. but it clearly says they can)

oh and before you say anything. the tree file can be read anf the program used to verify it is open source


now.. moving on..
nothing stops CZ from just taking the 575k coins to some exotic island and sip cocktails while pressing a bankruptcy button
legendary
Activity: 2268
Merit: 18748
merkle_hash = "46dc2ebaa7cf3d253dedd10084399efce7b1ac8db9b6b5edf55f0c1ae7dec483 BTC:1.0,D.BTC:0.0,N.BTC:1.0"
red =hash   blue= balance in clear text
that user has 1btc
Well, maybe I'm massively mistaken since I don't own a Binance account to check, but everything I have read on their website, blog, Twitter, etc., says that you can only see that data for yourself and not for the several million other Binance users (and the screenshots they have shared seems to confirm that too). It would be a massive privacy breach for Binance to start sharing the account balance of every user with every other user. Yes, I can check that my balance is correctly included in the Merkle tree, but I cannot verify that anyone else's balance is included correctly or indeed included at all.

because you see your transaction hash is included in the merkle tree which totals up and matches the merkle root of the blockheader
And knowing the Merkle root or indeed the entire Merkle tree tells me exactly nothing about the value of the other transactions in that Merkle tree. All I know is that my transaction is included in it.
hero member
Activity: 1666
Merit: 709
Playbet.io - Crypto Casino and Sportsbook

This is cool. Other exchanges I think will like to also open thier balances to all so that people will see thru which one is insolvent and we be aware of what might happen and prevent another SBF in this industry.

CZ is quick to have this transparency. Because he was already criticized for taking the step for the POR by the guys who promoted FTX particularly MeetKevin and his friends such as Stephan Graham.
In my own opinion Exchanges such as Binance understand that they are on a backlash for being centralized, yes they have patronage but are mostly vendors who are business minded and don’t really care about centralization or decentralization.

I think what binance is trying to do it so win people over although I don’t think Binance are completely transparent, some people has lost their funds on Binance for some privacy issue of low implications. I don’t know the future of Binance yet but I am really not moved with story by this.
legendary
Activity: 2576
Merit: 1252
Leading Crypto Sports Betting & Casino Platform
As long as the exchange is centralized there won't be a sure short way to find out if the exchange does hold the coins we have in our wallets.
They can always tweak the numbers since they are the central authority of the exchange.
So their Proof of Reserve system is just another way of convincing people to hold their money on the exchanges.
Also, verification would only matter if you are planning to hold a token for years. Wherein most of the people in Binance are not even storing their assets in it for a long period of time 'coz most of the people in that exchanger are also traders. Holding tokens in the first place should be done on wallets so I guess there's no need for verification especially if you are not planning to keep your assets in a 'box'. All of these are because of what happened right? People are asking for adjustments from exchanges because their assets might be lost. This technology is decentralized so what's with this 'ID'. People should just practice self-discipline. If assets were lost then check for transaction history.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
As long as the exchange is centralized there won't be a sure short way to find out if the exchange does hold the coins we have in our wallets.
They can always tweak the numbers since they are the central authority of the exchange.
So their Proof of Reserve system is just another way of convincing people to hold their money on the exchanges.
legendary
Activity: 4410
Merit: 4788
then for the clear text balance they can see all balances add up to the total. and that total matches the known bitcoin reserve addresses total
Except they can't see all the balances which add up to the total. They can see the hashes in the Merkle tree, and the balance on their own individual leaf. That's it.

but the balances are not just inside the hash..
but also outside the hash. and its the outside cleartext balance thats totalled up

people can see they are part of the merkle and all outside balances mach the hashed balance and their balance is totalled up

here is an example

merkle_hash = "46dc2ebaa7cf3d253dedd10084399efce7b1ac8db9b6b5edf55f0c1ae7dec483 BTC:1.0,D.BTC:0.0,N.BTC:1.0"
red =hash   blue= balance in clear text
that user has 1btc

each person has their own leaf that looks like that.
cleartext balance matches the balance inside their account.
so they can verify they are part of the tree that totals to the total.

as long as they are included. and the totals tally they know there is enough coins

lets say there were user accounts of average 0.02 per leaf for 26m users
(520k merkle tally) and reserves addresses total was 575k then great more coins than needed to make all them 26m leafs whole

however
lets say there were user accounts of average 0.03 per leaf for 26m users
(780k merkle tally) and reserves addresses total was 575k then problem

also if users cant find themselves in the merkle.. problem

simple example... if you stil not sure about things
how do you convince yourself that your bitcoin network transaction is indeed confirmed..
because you see your transaction hash is included in the merkle tree which totals up and matches the merkle root of the blockheader
legendary
Activity: 2268
Merit: 18748
then for the clear text balance they can see all balances add up to the total. and that total matches the known bitcoin reserve addresses total
Except they can't see all the balances which add up to the total. They can see the hashes in the Merkle tree, and the balance on their own individual leaf. That's it. They don't know if the 100 other hashes they are looking at represent 1 BTC each, or if 99 of the hashes represent 2 BTC each and 1 represents negative 98 BTC. In one case the exchange is solvent; in the other they aren't.

Jesse Powell of Kraken at least understands this: https://nitter.it/jespow/status/1596227031637045248#m

if you want to go opposite and say "imagine if CZ made an account and put 10k coin and added that to the merkle
Except CZ could just leave that account out of the Merkle tree entirely and no one would know. He's not exactly about to expose himself, and you as a user have absolutely no way to verify that all accounts are included in the Merkle tree.

problems only arise when the merkle total does not tally with the reserves total. .. and thats the point. showing they do tally shows .. wait for it.. proof of reserves
And no exchange will ever release data which shows the Merkle tree does not tally with their claimed liabilities. They will just fudge the numbers until it shows you what they want it to show you (which as we've just discussed is trivially done), rendering the entire thing meaningless.
legendary
Activity: 4410
Merit: 4788
But they can't see who else is or is not accounted for within that total. If an exchange publishes proof of reserves of 10,000 BTC, and no customer has more than 10 BTC, then they will all be falsely reassured. But turns out the exchange is hiding the fact they have 100,000 customers all with 1 BTC and are massively fractional reserve.

ok lets delve into this more

ok binance has ~26m customers and a publicly viewable address list of reserve totalling ~575k btc

lets call it an average of 0.02211538 a user

what you are trying to say is that "what we dont know" is that they might have PoR of only 57k reserves. and only 1000 customers listed in the merkle with ~57btc average, which doesnt tally to the true customer holdings..

sorry but no.. just no

each person can see they are part of the merkle. and the merkle totals up to the same amount as the reserves

the merkel hash of a users leaf is their account details and balance hashed.. and outside the hash is a clear text of the balance aswell

users can check the balance(clear) matches their balance thats hashed to confirm nothing shoddy happening with their leaf(no miscount of their balance)

then for the clear text balance they can see all balances add up to the total. and that total matches the known bitcoin reserve addresses total

knowing they are included in the total. meaning knowing the reserve owner has enough coins to meet all of those clear text balances, no matter who they are. it shows they are included and not forgotten

there is no "negative " balance as that will be easy to spot

.
if you want to go opposite and say "imagine if CZ made an account and put 10k coin and added that to the merkle

then the clear text balances would total 585k coins instead of 575k coins.
which as long as the new 585k coins match the public bitcoin address reserves of 585k coins. then it simply means there are enough coins in binance control at that time to not only pay all users that can be seen and self verify they are part of the merkle total. but cz too
.
problems only arise when the merkle total does not tally with the reserves total. .. and thats the point. showing they do tally shows .. wait for it.. proof of reserves

if people have a hash. but cant find their hash in the merkle.. that too is a problem because then CZ is not tallying all users meaning there are more users balances not accounted for compared to the reserves addresses.
but if every user is found in the merkle. then it tallies

...
now with all that said
even with things tallying up

there is not much to stop a business from just one day moving funds out. disabling account access running off to an island and shouting "i been hacked" while sipping a cocktail on a beach holding all reserves to himself, while pressing a bankruptcy announcement button on his phone with an evil laugh

legendary
Activity: 2268
Merit: 18748
because you watch the reserves. you see when their main hoard entered the address.. if it was in the last month.. then its suspect.
Except people don't do this. Case in point: Binance flooded the mempool last week moving a ton of funds in to their proof of reserve addresses, and also moved $2.7 billion worth of crypto out of their proof of reserves addresses the day after publishing them. And yet we see this forum/Reddit/Twitter flooded with people thinking that Binance are somehow now safe. Roll Eyes

but dont go into ignorance with "but we just dont know"
That's exactly the point I'm making. You don't know, not can you verify. By using any centralized exchange, you are trusting.

and within that amount all account holders can see that  they are accounted for within that total. then they know they are accounted for.
But they can't see who else is or is not accounted for within that total. If an exchange publishes proof of reserves of 10,000 BTC, and no customer has more than 10 BTC, then they will all be falsely reassured. But turns out the exchange is hiding the fact they have 100,000 customers all with 1 BTC and are massively fractional reserve.
legendary
Activity: 4410
Merit: 4788
Customers/users shouldn’t be willing to accept anything less than full transparency in provable fashion.
It cannot be done. You will always be left trusting the exchange, and as I said above, an exchange will never release information or data which shows they are insolvent or shows you anything other than exactly what they want you to see.

They can sign messages from addresses holding coins to prove they own these coins. Great. How do we know those coins aren't a loan? How do we know those coins aren't some outstanding investment they've pulled back in just for the sake of proof of reserves and will immediately be moved out again? How do we know that those coins aren't going to be moved tomorrow to some other address? (Binance have already done this.)
because you watch the reserves. you see when their main hoard entered the address.. if it was in the last month.. then its suspect.
if its a progressive gathering slowly over years, less suspect(normal behaviour)

if it all moves out tomorrow.. then you really keep an eye on its movements

You can't even be sure Binance didn't just bribe someone to sign a message saying their coins belong to Binance. CZ could be doing this with his own personal stash. Impossible to verify.
if someone has a personal stash of 100k+ coins. bribery wont do it. .. maybe favours or blackmail would. just saying

as for assuming its exchange owners personal stash.. yes assume all exchanges treat coins as their own. stay risk aware. but dont go into ignorance with "but we just dont know"

Even putting all that aside, and assuming you trust this unverifiable proof of reserves, once again, it means nothing without a proof of liabilities, which cannot be provided in a trustless manner. How do you verify the data they used to create the Merkle tree?
its more about if there is a total amount.
and within that amount all account holders can see that  they are accounted for within that total. then they know they are accounted for.

You want full transparency? Run a full node and keep your coins in your own wallet. That's the only solution.
agreed
legendary
Activity: 2268
Merit: 18748
Customers/users shouldn’t be willing to accept anything less than full transparency in provable fashion.
It cannot be done. You will always be left trusting the exchange, and as I said above, an exchange will never release information or data which shows they are insolvent or shows you anything other than exactly what they want you to see.

They can sign messages from addresses holding coins to prove they own these coins. Great. How do we know those coins aren't a loan? How do we know those coins aren't some outstanding investment they've pulled back in just for the sake of proof of reserves and will immediately be moved out again? How do we know that those coins aren't going to be moved tomorrow to some other address? (Binance have already done this.) You can't even be sure Binance didn't just bribe someone to sign a message saying their coins belong to Binance. CZ could be doing this with his own personal stash. Impossible to verify.

Even putting all that aside, and assuming you trust this unverifiable proof of reserves, once again, it means nothing without a proof of liabilities, which cannot be provided in a trustless manner. How do you verify the data they used to create the Merkle tree? How do you know they haven't created a fake account with a balance of negative ten thousand bitcoin in order to balance the books? If they ever actually involve a third party auditor, how do you know Binance aren't hiding some information from them. How do you verify the work of this auditor?

Trust upon trust upon trust. You cannot verify anything, with or without this "proof of reserves" illusion.

You want full transparency? Run a full node and keep your coins in your own wallet. That's the only solution.
legendary
Activity: 4410
Merit: 4788
apparently these are the wallets that total the binances 575k btc customer funds

34xp4vRoCGJym3xR7yCVPFHoCNxv4Twseo           252,597 BTC
3M219KR5vEneNb47ewrPfWyb5jQ2DjxRP6            127,351 BTC
bc1qm34lsc65zpw79lxes69zkqmk6ee3ewf0j77s3h 102,610 BTC
bc1qazcm763858nkj2dj986etajv6wquslv8uxwczt   94,643 BTC
                                                                 total  577201 BTC

quick google search shown 3 or the 4 are tagged on bitcoinrichlist as being binances too. but could be wrong
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
It’s crazy that it has taken so long for crypto companies leading the industry to actually start using the properties of crypto for the benefit of their customers instead of just to fleece them. I really like this development and hope it forces other crypto companies to be completely transparent about their activities. Customers/users shouldn’t be willing to accept anything less than full transparency in provable fashion. We deserve it.
legendary
Activity: 2968
Merit: 3684
Join the world-leading crypto sportsbook NOW!
Funny how every CEX is now doing Spiderman pointing.

ok, they hold 0.5M of users BTC, but how do I know that this include mine bitcoins? How do I know if their liability is not 10x bigger (5M bitcoins) and this POR (proof of reserve) is not only a 10% fractional reserve?

Yeah, I think this was brought up many months back too, I could be owing 100 guys BTC and how all of them the same proof of reserve (very common tactic by regular scammers anyway, to show the same proof of bank statement to multiple creditors and the very same way banks borrow money from each other using the same depositors' funds).

Not possible for now unless it's all smart contract tied but at least a third-party has to audit.
legendary
Activity: 4410
Merit: 4788
that is a good risk adverse way of thinking

it also applies to sidechains and subnets that have a main currency lock plus a currency converion mechanism too
ones that require conversions/rounding of the payment to the lock spend tx. where you dont have access to the underlying raw TX view(not part of wallets GUI) to know what is being signed and only a other network token valuation visible while on the sidechain/subnet. which you only know the conversions are correct when you try to get back to the main net and realise your side/subnet wallet didnt do as promised

be risk adverse and not just trust the social cycle of utopian hype

there is hope for you yet
legendary
Activity: 2268
Merit: 18748
while people are targetting binance heavily. i find it funny no one is targtting the businesses of DCG which are sisters of FTX
I don't doubt what you say, but honestly, I don't see the difference between any centralized exchange right now. The events of the past several months have shown us that every single one lies somewhere on the scale of "untrustworthy/shady" to "outright scam". They are all fractional reserve, they all gamble user funds, they all cook the books, they all exist solely to enrich themselves, they all don't give a damn about any of their users, and they are all interconnected in this massive web of lies they have woven, since the collapse of one can cause a domino effect which results in the collapse of several more. Some, such as Binance, know what to say on Twitter (fUnDs ArE sAfU!) to make people believe they are somehow different, but the bottom line is that leaving coins on any exchange is a massive risk. I don't care if it is Binance or Coinbase or Grayscale or some local exchange ran by someone you knew in high school. If your coins are not in your own wallet, then you actually own zero bitcoin and you might as well work on this assumption because before long your centralized exchange of choice will have scammed you for whatever you "thought" you once owned.
legendary
Activity: 4410
Merit: 4788
here is the thing though

while people are targetting binance heavily. i find it funny no one is targetting the businesses of DCG which are sisters of FTX

and lost hundreds of millions in the FTC fiacso.. where as from whats reported binance broke even when it escaped via selling FT and then whistle blowing

i would still like to see binances liabilities though. im not a user so no risk for me either way. but just for informative gaze at how crypto businesses are performing/operating

anyway, with DCG:greyscale
in the "everything about greyscale but afraid to ask" topic

myself and others have been looking into things about them

for instance in the TOS user agreement.
grey scale have some nasty terms where it can literally stop access to the entire site at its sole discretion without reason or notice

where as binance terms even in a suspension allows user access to withdraw funds it just deactivates the tabs for doing things like market orders.
..
grey scale says that it does not hold the trust collateral and that coinbase does. and that coinbase cannot tell greyscale the totals, nor tell greyscales customers.

thats a big warning/double red flag

if grey scale cant even see its own books.. they are not going to be able to do good business
legendary
Activity: 2268
Merit: 18748
however if they have not set up some process to separate out those coins as "not exchange property but exchange customers property", in a solid unbreakable contract..  then that 575btc = $9,487,500,000 (@$16.5k/btc) could be considered part of an exchanges overall holdings to share between all creditors.
This is it exactly. We've seen multiple examples of large exchanges going down over the last few months (Celsius, Voyager, FTX) in which their customers are treated as unsecured creditors, which essentially means they are the lowest of the low and the absolute last on the list to receive anything back from the pot of funds. We've also seen official filings from the likes of Coinbase saying the exact same thing, that in the event of insolvency proceedings then their customers would also be treated as unsecured creditors.

So proof of reserves, in summary:
  • Does not prove they can 100% cover their user deposits.
  • Even if it did, does not prove they can 100% cover all outstanding liabilities such as loans and business debts.
  • Even if it did, does not provide any reassurance that customers are anything other than unsecured creditors and wouldn't get all their money back anyway

As with pretty much everything CZ says, he will lie through his teeth if it makes him more profit, and you are a fool if you believe him.
legendary
Activity: 4410
Merit: 4788
oeleo is correct that without also looking at a exchanges liabilities-business debts of other things. then it does not prove an exchange is VIABILITY of being sustainable.

if it has 575k btc that it can show set aside to back user accounts
and it can show total of user accounts also total 575k btc, then that is atleast a relief for customers that the funds are not fractional reserve in some other exchanges holdings being traded behind the scenes. nor treated as the main exchanges own property it can draw on to pay debts

however if they have not set up some process to separate out those coins as "not exchange property but exchange customers property", in a solid unbreakable contract..  then that 575btc = $9,487,500,000 (@$16.5k/btc) could be considered part of an exchanges overall holdings to share between all creditors.

EG if binance had private business debt of say $3.16bill (a 3rd)
then if it had to shut business today.
customers dont get 1:1 they would get 1:0.66 because the business would consolidate its creditors/liabilities and then balance out repayments to all creditors equally.

so although customers can be relieved that the 575k coins are not in some other boiler room exchange being abused in some investment off the binance books.
without liabilities listed to see how much risk of bankruptcy a business is at.. or  that a exchange can honour all customers and creditors guaranteed by legally separating business assets from customer assets. . that number of the "customer collateral" does not mean a guarantee of 100% payout should a exchange have to close down.

it would require that the 575k coins be separated from a businesses ownership/collateral. which is hard to do. to earmark X funds to only go to certain creditors(customers) and not others(business bad deals).  because most liquidations just throw everything into one total then divide it out after equally
legendary
Activity: 2268
Merit: 18748
This is one good move for Binance to at least restore the trust of people to exchanges after the FTX fiasco.
This is a very good move for transparency
Looks like the move has achieved exactly what it was meant to: Convinced people that somehow this shows that Binance are transparent and trustworthy, because they don't understand that it in fact proves absolutely nothing at all.

Proof of reserves without proof of liabilities is meaningless. Let's say I start running an escrow service on the forum, and want to provide "proof of escrow". I sign a message from an address with 1 BTC in it. What does that prove? Absolutely nothing. How many open trades am I dealing with? What is the combined value of all those trades? What if I'm supposed to have 10 BTC in escrow and I only show you 1? How would you even know.

The Merkle tree is trivially manipulated, and there have been no independent third party audits (which could also be manipulated). The bottom line is that Binance will only ever release information that shows you exactly what they want it to show you. If it turns out they are insolvent, then they simply won't release that information until such a time that they can temporarily fix the problem by taking out a loan or something similar. And of course lets not even mention the billions of dollars worth of crypto that left their "proof of reserves" address the day after they published their proof of reserves. Not suspicious at all, I'm sure. Roll Eyes
hero member
Activity: 1134
Merit: 643
BTC, a coin of today and tomorrow.

Personally, I think CZ/Binance Is doing all they can to bring transparency and trust to centralized exchanges again, but in all, this still does not change the fact that decentralization is needed at this stage, though the effort is really commendable, but by now, decentralization ought to be on everyones mind.

Let's discuss.

CZ has proven several times that he is not in business just to answer a business man or a CEO. He is always ontop of his game and ahead of his competitors. This is a very good move for transparency, if other exchanges can do this, we rate of bankruptcy and losses would have been limited.
Even though exchanges cannot be trusted, I trust Binance to an extent looking at their security level and even the Insurance fund and lots more. CZ needs to be commended.
legendary
Activity: 2954
Merit: 1153
This is one good move for Binance to at least restore the trust of people to exchanges after the FTX fiasco.  It is also another step towards adoption and government acknowledgment since fraud and scam of exchanges may be exposed via this method.  This is one way of filtering and kicking out exchanges that have no capability to operate since their reserve fund will be exposed and people will see if they are being robbed or not.

CZ even though many frowns on him always got a good idea in promoting and making his exchange popular by introducing new things that can possibly boost the trust of people to cryptocurrency and of course to his exchange.  No matter what is the intention of CZ in this so-called PoR (Proof of Reserve), I'll take that as another step towards filtering incompetent exchange in the market.



Quote
I don't think this new feature is any thing new and should not be celebrated in any form, however, we still have some exchange balance tracking sites so this is nothing new and the automate questions should be.

Whether it is new or old, it is a good thing that Binance emphasize on implementing Proof of Reserve, which may possibly make other exchanges to follow. Or CZ made it known to public that it is essential for an exchange to prove their fund reserves to the public.

Quote
1: How true is the volume shown on the wallet to represent the actual funds in exchange possession?
I think volume or trading volume in the market is different with funds of client in an exchange.  AS I read it, the platform client can verify if their holdings have an equivalent reserve on the exchange via this method:
Quote
Log in to the Binance Website
-> Click on “Wallet”
-> Click on “Audit”
You will be able to find your Merkle Leaf and Record ID within the page.
Select the audit date you want to verify. You will then find confirmation of the audit type, your Record ID (specific to your account and this particular audit), the assets that were covered, and your asset balances at the time of the audit.
The Record ID enables you to independently verify that your account balance was included by the third-party auditor and would be available shortly.

Quote
2: what are the institutions that will audit this balance to assure it accuracy and total control if anything goes wrong with the Exchange.

It was stated that the audit will be done by third-party auditors, and of course, the auditing team must be acknowledged by the authority, possibly the team behind the BUSD audit.  Or any legit auditing company.

The explanation is further detailed on the link given by @OP

legendary
Activity: 2184
Merit: 1024
Vave.com - Crypto Casino

CZ too is very good any PR since his twitter account is followed by almost crypto user while user that he didn’t follow can’t make a comment on his post that makes it a media manipulation.

Have you ever read comments on twitter under most viewed tweets? Its 99% a spam of "send me 1 BTC i'll send you 2 BTC back". Its not media manipulation. Its the only way to avoid spam and scams.

I’m aware on this but choosing only who will reply on his topic is a form of media manipulation too as far as I know. That spam post is just a minimal reason to turn the comment off from his post for those he didn’t choose to comment.

The way I view it, He only wants to see positive response on all the opinion he is trying to post on his social media account. CZ is not an ordinary crypto influencers and newbie that reads his post same as the reply will easily believes since no one giving a criticism on his post that he limits through censorship that I mention above.

Vitalik Twitter and other influential person in crypto doesn’t have this feature on the comment section of there post because they are often to criticism.

I don't think it's media manipulation, today's information is not only concentrated on twitter, twitter is not the only or most popular social network. Nowadays market issues are discussed everywhere and as soon as there is a question people quickly find out and spread it on all social media channels. I don't know what the exact reason is but I think it's not media manipulation. I don't follow CZ and Elon on twitter but I've been using reddit a lot lately and their tweets are often discussed on reddit and I haven't seen any hypothetical as you say.
hero member
Activity: 1008
Merit: 520
Leading Crypto Sports Betting & Casino Platform
This is somehow good and somehow bad, since it makes everything more secure but at the other hand it will make people trust exchanges to store coins which is fundamentally wrong. There will definitely an exchange in the future that will anyway steal the coins. Since even if I can see that the exchange holds my BTC no Indy stops them from stealing them and run away with them. (See MT Gox, BTC-E or FTX) It gives a proof of something that is basically pointless.
I don't think this new feature is any thing new and should not be celebrated in any form, however, we still have some exchange balance tracking sites so this is nothing new and the automate questions should be.
1: How true is the volume shown on the wallet to represent the actual funds in exchange possession?
2: what are the institutions that will audit this balance to assure it accuracy and total control if anything goes wrong with the Exchange.
I made a post about this development some couple of days back you may take a look.
CoinMarketCap, a leading market researcher and tracker in the crypto industry, announced the launch of a new feature on its platform that gives users updated financial insights on exchanges.

The proof of reserves (PoR) tracker audits active cryptocurrency exchanges in the industry for transparency on liquidity at a given moment. According to the announcement, the tracker details the total assets of the company, and its affiliated public wallet addresses, along with the balances, current price and values of the wallets.

CoinMarketCap reports the PoR trackers will update data every five minutes. On Nov. 22, the company tweeted a guide for users on how to navigate the tool.
As recent unfavorable events in the cryptocurrency market in the past few days-weeks get more tough, with cryptocurrency businesses crashing and funds getting locked up on exchanges, coin market capitalization one of the leading cryptocurrency researchers and databases watch have introduced a new feature on the site, we're cryptocurrency users can see exchanges reserve and public wallet balance.
This development was announced on the platform tweeter handle.

this development from the coin market cap is a welcome development since recent events show that the CEO of exchanges is taking funds that are available for the running of the exchanges and putting it into other ventures or financing their personal lifestyle. E.G FTX exchange situation.
With this feature, the current financial conditions of exchanges are made public even though this can not solve the problem of exchange crashes and hacks in totality it will help to monitor their current balance to see what their reserve hold.
hero member
Activity: 1022
Merit: 642
Magic
This proves nothing. We all know Binance own some bitcoin. What we don't know is if Binance own enough bitcoin to complete cover all their liabilities. And without proof of liabilities (which is not being provided nor will be forthcoming), then this whole thing is smoke and mirrors designed to trick newbies who don't understand any better. Just like most of what Binance do (such as their centralized scamcoins masquerading as bitcoin).


And even if they did show their liability’s it is still like they own the keys to your house, that you yourself don’t have the keys to. They can come at any time and steal or loose your coins. Because not your keys not your coins.
legendary
Activity: 2268
Merit: 18748
This proves nothing. We all know Binance own some bitcoin. What we don't know is if Binance own enough bitcoin to complete cover all their liabilities. And without proof of liabilities (which is not being provided nor will be forthcoming), then this whole thing is smoke and mirrors designed to trick newbies who don't understand any better. Just like most of what Binance do (such as their centralized scamcoins masquerading as bitcoin).

CMC lauched a proof of reserve badge next to exchanges that done POW.
Oh look. Binance owned CMC rates Binance as the best. There's a surprise! Roll Eyes

Of course we have to believe that all customers (probably with a non-cero balance, I’m not sure here) are actually included within the data structure that ties the CustomerId hash to its balance for the asset, and that none are left out. But since each customer can verify his inclusion in the data structure, any left out customers could call the whole thing a bluff were it to happen.
So they release one Merkle tree which includes 50% of customers, and a second Merkle tree which includes the other 50% of customers. Every customer can check they are included and see that their balances are "fully backed up", even though they are actually running at a 50% deficit. Or even more trivially than that, they simply create a fake account on Binance and credit it with negative 500,000 BTC. Include that in the Merkle tree and oh look! Everything checks out just fine. Not only is it completely trivial for them to do this, but it is also impossible to prove they are not doing this and impossible for anyone to verify anything at all.

This proves nothing. If you leave coins on any centralized exchange after the events of the past few months, then you absolutely have no one to blame but yourself when you lose everything.
legendary
Activity: 3948
Merit: 3191
Leave no FUD unchallenged
If a kidnapper sent out a ransom note and included proof of life, would you applaud them on their efforts and say it made them more trustworthy?

Of course not.  The kidnapper could still act against your wishes because they hold hostage what you hold dear.  You are powerless.

Use that mentality when it comes to your BTC.
hero member
Activity: 2800
Merit: 595
https://www.betcoin.ag

Could this become a standard for all exchanges to implement?

It would kill the exchanges that have nothing in thier balance but thier own token. It's not really an issue of whether exchanges have tons of coins but just the trust to open it for the public to see. This is a game for CZ to look thru the balances of every competitor he has and I think he is really up to see who is losing the game.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
As far as I’m aware, Besides Binance, OKX and Phemex are using the same Merkle Tree method; it may become somewhat widespread. We’ll see.

They don’t currently allow people to trace all their assets though: Binance has implemented it only for bitcoin so far, OKX has it for bitcoin, ethereum and usdt, and Phemex does it for bitcoin, ethereum, usd, usdt and usdc.

They do differ is the actual verification process, some requiring downloading CSV with the whole snapshot of , others requiring executing some python code, some list a set of addresses that hold the coins, others additionally provide a files with a signed message to prove those addresses are theirs. Formal audits-to-be mentioned here and there too.

The overall idea is that the sum of all balances for a given asset, of all customer account hashed ids, is to be less than or equal to the balance for that asset in the published list of addresses for that asset in control of the given Exchange.

Of course we have to believe that all customers (probably with a non-cero balance, I’m not sure here) are actually included within the data structure that ties the CustomerId hash to its balance for the asset, and that none are left out. But since each customer can verify his inclusion in the data structure, any left out customers could call the whole thing a bluff were it to happen.

Note: Proof of reserves is not proof of unhackable reserves.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
People, don't be naive and don't believe the fairy tales presented to you by various CEOs who have never done anything for Bitcoin, nor will they ever do it. In the fear that people will start massively withdrawing their funds from CEX, they invented that POR and now they are competing to show the bigger numbers as if that means that those who have the most BTC in their possession deserve people to trust them more than some others.

Well, Binance is very poor compared to what Coinbase supposedly has - and when everything is added up, let them make sure that the total amount does not exceed 19 million BTC Roll Eyes

In a series of tweets, Coinbase CEO Brian Armstrong says the largest US-based crypto exchange platform holds about 2 million BTC, which translates to $33.12 billion at Bitcoin’s current price of $16,561.
newbie
Activity: 22
Merit: 8
Trust when lost is generally difficult to get back, even between nations, marriages and mere friendship. The POR initiative is commendable for sure but it's actually not enough to savage the situation. Binance had a clear chance to remedy the whole outburst initially by going on to acquire FTX but backing out of the deal and letting them down suggests they actually cared more about their prominence in the domain than whatever.
hero member
Activity: 3038
Merit: 617

This is cool. Other exchanges I think will like to also open thier balances to all so that people will see thru which one is insolvent and we be aware of what might happen and prevent another SBF in this industry.

CZ is quick to have this transparency. Because he was already criticized for taking the step for the POR by the guys who promoted FTX particularly MeetKevin and his friends such as Stephan Graham.
hero member
Activity: 1022
Merit: 642
Magic
This is somehow good and somehow bad, since it makes everything more secure but at the other hand it will make people trust exchanges to store coins which is fundamentally wrong. There will definitely an exchange in the future that will anyway steal the coins. Since even if I can see that the exchange holds my BTC no Indy stops them from stealing them and run away with them. (See MT Gox, BTC-E or FTX) It gives a proof of something that is basically pointless.

Well, we need somebody to store their coins on exchanges to provide liquidity for the markets. Bitcoin network has less than a million transactions per day, while a single exchange has more trades than that for BTC/USD, not even considering other pairs. If no one held their coins on exchanges, trade volumes would shrink and BTC would be more volatile in short term. And the overall price could be lower as the result.

Maybe in the future, when LN is well integrated by exchanges, traders would move BTC instantly between their wallets and exchange with negligible fee, but right now it's not happening, sadly.

That is actually a very good idea. An exchange where your coins are sent directly to the wallet of the buyer. Maybe there could be a model where there is a refund issued by the exchange if the coins are not recived within an hour. Still there is the problem with fees and also that people may not send the coins at all if they see the price went up in the timeframe they have.
legendary
Activity: 3024
Merit: 2148
This is somehow good and somehow bad, since it makes everything more secure but at the other hand it will make people trust exchanges to store coins which is fundamentally wrong. There will definitely an exchange in the future that will anyway steal the coins. Since even if I can see that the exchange holds my BTC no Indy stops them from stealing them and run away with them. (See MT Gox, BTC-E or FTX) It gives a proof of something that is basically pointless.

Well, we need somebody to store their coins on exchanges to provide liquidity for the markets. Bitcoin network has less than a million transactions per day, while a single exchange has more trades than that for BTC/USD, not even considering other pairs. If no one held their coins on exchanges, trade volumes would shrink and BTC would be more volatile in short term. And the overall price could be lower as the result.

Maybe in the future, when LN is well integrated by exchanges, traders would move BTC instantly between their wallets and exchange with negligible fee, but right now it's not happening, sadly.
hero member
Activity: 1022
Merit: 642
Magic
This is somehow good and somehow bad, since it makes everything more secure but at the other hand it will make people trust exchanges to store coins which is fundamentally wrong. There will definitely an exchange in the future that will anyway steal the coins. Since even if I can see that the exchange holds my BTC no Indy stops them from stealing them and run away with them. (See MT Gox, BTC-E or FTX) It gives a proof of something that is basically pointless.
legendary
Activity: 4410
Merit: 4788
From the root Merkle tree, it is shown that the exchange currently has BTC582,485.9302 BTC in its on-chain reserve while BTC575,742.4228 BTC belongs to customers of the exchange.

ok, they hold 0.5M of users BTC, but how do I know that this include mine bitcoins? How do I know if their liability is not 10x bigger (5M bitcoins) and this POR (proof of reserve) is not only a 10% fractional reserve?

because your balance is part of the account which totals the same as the blockchain holding

EG - i  really simplifying it down to most basics to show how merkles can be used

imagine 2 pages of excel
page one is all the coins on blockchain held by a service. which totals 575k btc

and page 2 is customer balances which total 575m
where your name (hashed for privacy) is on page 2.
where other users are not revealed due to hashes to others knowing real names .. but they too can find their own reference hash in that page 2 list

EG
page 1                             page 2
deposits                          user accounts(not in order)
1legacyuserA 10btc          da42dab49777512b8f425b43a493816c -4btc
1legacyuserB 4btc            01880749a3a55a34659994ef23dcf0c3  -10btc
1legacyuserC 15btc          9db3b3f7b608880d0a7d19a5cc611fb8 -11btc
1legacyuserD 11btc          e8836d7e6bcf77e6e9454b5c1f6ebbdf -15btc

                                       then take the first 2 da42+0188. hash them
                                       =95f309a30aac743c459b24afe8c9e51f -14btc
                                       then take the second 2 9db3+e88. hash them
                                       =d0569e38584ec9ff272270ebf9b37d7d  -26btc

                                        then take those two 95f3+d056 hash them
                                        39cc18deff1270d8436687dc5a458e54 -40btc
total 40btc in custody        

imagine you are first depositor userA of page1
and are the 0188 prefix hash of page 2

for demo i MD5 "Tytanowy Janusz - 10btc"
and for instance MD5 "userC - 15btc" is the 9db3 prefix hash

you can see your allotment hash is part of a accounting process which totals the same as page 1 total

as long as a users allotment is in that total the user is seen as being counted/included. thus "safe"

ofcourse its not 100% proof because a exchange can simply one day shout "we been hacked" and take all coins. but atleast being seen and counted is a better standing than having no count not included in any count
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
The question will go back again on how will user trust the data provided on the merkle tree. Yes it’s displaying my balance but who can authenticate that data provided is valid without any legal audit by 3rd party on Binance reserves. Personally as non techy, I don’t know exactly how can I guarantee the data I’m viewing will help me to trust my money on holding on exchange despite this proofs using the charts provided by them.
Well, if you go through their announcement article which I believe I also shared in the OP,  if you read it all through, you will discover that they have plans for third party audit in the works, and also some other implementations which they believe will give users the assurance that POR data is authentic, you can see the part in the screenshot below.
Like I said in the OP, I personally believe in decentralization and it will take something much more than POR for me to ever fully trust a centralized system the same way I trust a decentralized system, but then, the POR thing I think is a good implementation, atleast better than nothing, soon, investors and traders will start avoiding exchanges that does not show their POR..


jr. member
Activity: 91
Merit: 5
The question will go back again on how will user trust the data provided on the merkle tree. Yes it’s displaying my balance but who can authenticate that data provided is valid without any legal audit by 3rd party on Binance reserves. Personally as non techy, I don’t know exactly how can I guarantee the data I’m viewing will help me to trust my money on holding on exchange despite this proofs using the charts provided by them.

I just remember too the Kraken CEO made a comment about this few hours ago.

According to Powell, a complete proof-of-reserve audit must include the sum of client liabilities, user-verifiable cryptographic proof that each account was included in the sum and signatures proving the custodian’s control over the wallets.[1]

I know Binance want there users to trust them but they are doing all audit part on there own and telling people to just believe them. CZ too is very good any PR since his twitter account is followed by almost crypto user while user that he didn’t follow can’t make a comment on his post that makes it a media manipulation.

[1]https://cointelegraph.com/news/binance-proof-of-reserves-is-pointless-without-liabilities-kraken-ceo

What are you talking about? You can always verify actual balances on any block chain using any 3rd party to lookup any address, etc.

That is the point of blockchain and its value, everything is public data. It is self audit system.

You could never prove to the whole world you have x amount of gold in a vault. You can with crypto though. Smiley
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
What do you guys think about this?
Do you think that if all other centralized platforms launch their POR, trust can really return to the centralized system of cryptocurrencies?

At very least, people can verify they hold more coin than coin belongs to the customer. People still need to trust the exchange to give them their money when they request withdraw.
legendary
Activity: 2156
Merit: 1622
From the root Merkle tree, it is shown that the exchange currently has BTC582,485.9302 BTC in its on-chain reserve while BTC575,742.4228 BTC belongs to customers of the exchange.

ok, they hold 0.5M of users BTC, but how do I know that this include mine bitcoins? How do I know if their liability is not 10x bigger (5M bitcoins) and this POR (proof of reserve) is not only a 10% fractional reserve?

________________________

CMC lauched a proof of reserve badge next to exchanges that done POW.
https://coinmarketcap.com/rankings/exchanges/

Everyone can go and check how much founds exchanges have. So far data is available for binance, kucoin, bitfinex, bybit, okx, crypto.com, huobi

CZ too is very good any PR since his twitter account is followed by almost crypto user while user that he didn’t follow can’t make a comment on his post that makes it a media manipulation.

Have you ever read comments on twitter under most viewed tweets? Its 99% a spam of "send me 1 BTC i'll send you 2 BTC back". Its not media manipulation. Its the only way to avoid spam and scams.
hero member
Activity: 3150
Merit: 636
DGbet.fun - Crypto Sportsbook
For every system that's been made, there will always be a loophole for it. We may not see it for now since it's just new but wait until several months or years and we'll see another fiasco.

Maybe it will be made by other competitor of Binance or it will be Binance itself.

CZ is stepping up the game for the exchanges and asking to follow him by doing such through merkle tree. On the otherhand, those that want to see their reserve funds, it's a good thing.
legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
Binance have opened their Proof Of Reserve(POR) system to the general public, and users of the exchange can now verify their amount of Bitcoins they hold in the exchange via a Merkle Tree.

Since the FTX fiasco, alot of cryptocurrency investors have lost confidence and trust in the centralized system of holding and trading coins, many now calling for a quick adoption of decentralization since its the only way investors can truly own their crypto assets..

CZ, being the CEO of the (supposedly) world largest centralized crypto currency exchange, in the place of Binance, has been doing all he possibly can to see that trust returns to the centralized crypto holding/trading firms, he as been on the forefront advocating for a new system where centralized platforms can proof the the public that customers funds are indeed, in their custody, to give users the assurance that anytime they request for their money, they would get it.. This system is termed Proof Of Reserve(POR).

Binance, on the 25th of November, 2022 announced the launch of their proof of reserve system where users can now be able to verify the amount of Bitcoins they hold on binance via a Merkle tree.

From the root Merkle tree, it is shown that the exchange currently has BTC582,485.9302 BTC in its on-chain reserve while BTC575,742.4228 BTC belongs to customers of the exchange.

What do you guys think about this?
Do you think that if all other centralized platforms launch their POR, trust can really return to the centralized system of cryptocurrencies?

Personally, I think CZ/Binance Is doing all they can to bring transparency and trust to centralized exchanges again, but in all, this still does not change the fact that decentralization is needed at this stage, though the effort is really commendable, but by now, decentralization ought to be on everyones mind.

Let's discuss.
Jump to: