1. Where can I find the Merkle tree Proof of Reserves page?
To access that page, click here Merkle tree Proof of Reserves.
2. Is there a Step by Step guide on how to use that page?
Yes, you can find this guide in this article: Step-by-step guide: How to verify your funds on Bake
3. What are Proof of Reserves and Proof of Liabilities?
Unlike full nodes, centralized exchanges (CEXs) do not provide unequivocal proof of funds. In most of these cases, cryptocurrencies are simply sent into a black box, leaving users with little choice but to cross their fingers and trust that their money isn't being misused.
To combat this, CEXs are increasingly creating cryptographic proofs to demonstrate that their on-chain funds are sufficient to cover their users' liabilities, rather than solely relying on government-issued licenses and audits. This attempt to provide public transparency to centralized cryptocurrency reserves through a verifiable auditing practice is called Proof of Reserves.
Proof of Reserves is a means of demonstrating that institutions or exchanges are capable of honoring withdrawals on their platforms at all times. In general, it consists of two parts: a current record of customers' coin deposits (known as Proof of Liabilities), and the pool of coins held within a set of exchange addresses (also known as Proof of Assets). If Proof of Assets > Proof of Liabilities, then the exchange is solvent and can always honor withdrawal requests (Proof of Reserves).
4. What is a Merkle tree?
A Merkle tree is a data structure that is created by combining the customer balance and the username hash into a tree structure where each node represents a (hash, balance) pair. Leaf nodes at the bottom of the tree represent individual customer balances and the hashed username. Nodes higher up in the hierarchy have a balance equal to the sum of the two balances below, and the hash is the hash of the two nodes below.
All transactions in a Merkle tree are related and grouped together to obtain a root hash or "root address" (yellow box). This root hash is related to all the other hashes of the tree. The Merkle tree Proof of Liability saves a great deal of time since it is not necessary to verify every transaction in a network. Instead, this method relies only on a subset of data to verify funds, which is why it’s considered the industry gold standard for user fund verification.
How does it work? Based on the Merkle tree above, let's assume that Charlie wants to verify his funds. For this purpose, he does not need to know all Merkle tree entries, just the ones highlighted in blue. As long as Charlie receives the hashed information from David, as well as the hashes of the other two blue blocks, he will be able to verify that his funds indeed are on the exchange –– without the need of any other information.
It is also worth noting that if a hash in a Merkle tree is changed, all the others will also change (root hash). As a result, the authenticity of the information for the entire tree will be invalidated. This feature allows Merkel trees to provide the high level of safety they are known for.
A very important proposition is the non-negativity allowance for leaves. For some reason, if a malicious node with a negative balance were added to the tree, then the neighboring nodes and all nodes above would fail the proof verification. Such a malicious attack can only succeed if no one on the entire side of the tree where the malicious node is checks and verifies their balances.
5. What is the advantage of a Merkle tree?
There are several advantages to using a Merkle tree Proof of Liabilities. One of the key advantages is that it provides a high level of transparency and assurance to users. By providing a Proof of Liabilities, an exchange is demonstrating that it has the assets that it claims to have, which helps to build trust with users and ensure the solvency of the exchange.
Another advantage is that it is efficient and secure. The use of a Merkle tree allows for efficient verification of the entire list of assets, without requiring the disclosure of the full list. This protects the privacy of the exchange and its users, while still allowing for the verification of the exchange's reserves.
Moreover, the accuracy of the whole tree can be verified without examining each node individually.Hence, Merkle proof of liabilities can be viewed as crowdsourced proofs of user-conducted checks.
In addition, Merkle proofs are resistant to tampering. Since the hashes in the tree are linked together in a specific order, any attempt to alter the list of assets would result in a different hash being produced. This makes it difficult for an attacker to alter the proof of reserves without being detected.
Overall, a Merkle tree Proof of Liabilities is a useful tool for cryptocurrency exchanges to demonstrate the solvency and transparency of their operations. By providing Proof of Liabilities, an exchange or custodian can build trust with its users and ensure the security of their funds.