What Is Proof of Reserves?
Proof of Reserves (PoR) is a transparency mechanism used by cryptocurrency exchanges to demonstrate that they actually hold enough assets to cover all customer deposits. In simple terms, it's a way for an exchange to prove: "Yes, we really do have your money."
The concept gained urgent importance after the collapse of FTX in November 2022, one of the largest crypto exchanges at the time. FTX was secretly misappropriating billions of dollars in customer funds, lending them to its sister company Alameda Research for risky trades. When customers tried to withdraw, the money simply wasn't there — leading to a bankruptcy that wiped out an estimated $8 billion in customer funds.
This catastrophic failure exposed a fundamental problem: unlike traditional banks, which are subject to regulatory audits and deposit insurance (FDIC), crypto exchanges had operated largely on trust. Proof of Reserves emerged as the industry's primary solution to rebuild that trust.
How Does Proof of Reserves Work?
At its core, PoR involves two components: proving what the exchange holds (assets) and proving what customers are owed (liabilities). The most common method uses a cryptographic data structure called a Merkle Tree.
Merkle Tree Verification — Explained Simply
Imagine you have a spreadsheet listing every customer's account balance. A Merkle Tree takes all those individual balances and combines them step by step using cryptographic hashing:
- Step 1: Each customer's balance is converted into a unique hash (a long string of characters). Your balance of, say, 0.5 BTC becomes something like
a3f8b2c... - Step 2: Pairs of hashes are combined and hashed again, creating a new layer. Think of it like a tournament bracket — pairs keep combining upward.
- Step 3: This continues until you reach a single hash at the top — the Merkle Root. This root represents the total of all customer balances.
- Step 4: The exchange publishes the Merkle Root and provides each customer with a "path" through the tree to verify that their specific balance is included in the total.
The beauty of this system is that it allows individual verification without exposing anyone else's data. You can confirm your balance is included without seeing other customers' balances, and any tampering with even a single balance would change the Merkle Root entirely.
The On-Chain Component
The second part of PoR involves proving the exchange actually controls the crypto assets it claims to hold. This is done by publishing wallet addresses and signing cryptographic messages from those wallets, proving ownership. Since blockchain transactions are public, anyone can verify the balances in these wallets.
What Makes a Good PoR Audit vs. a Bad One
Not all Proof of Reserves implementations are created equal. Here's what separates a credible PoR from security theater:
Characteristics of a Strong PoR
- Third-party auditor: An independent firm (not the exchange itself) conducts the verification.
- Full liability inclusion: The audit accounts for ALL customer deposits, not just selected assets.
- Regular cadence: PoR is published monthly or quarterly, not just once as a PR exercise.
- User verification: Individual customers can verify their own balance is included in the Merkle Tree.
- Multiple asset coverage: All major assets held by the exchange are included, not just Bitcoin.
- Liability proof: The audit demonstrates that liabilities don't exceed assets (reserve ratio >= 100%).
Red Flags in a PoR
- Self-reported: The exchange publishes its own numbers without independent verification.
- Snapshot only: The audit covers a single moment in time — the exchange could move borrowed funds in for the snapshot and move them out after.
- No liability data: Proving assets without proving liabilities is meaningless. An exchange could hold $10 billion in assets but owe $15 billion.
- Selective assets: Only showing reserves for Bitcoin while ignoring other tokens that customers have deposited.
- No user verification: If individual customers cannot verify their own inclusion, the tree could be fabricated.
Which Exchanges Publish Proof of Reserves?
Here's a comparison of major exchanges and their PoR practices as of early 2026:
| Exchange | PoR Available | Third-Party Auditor | User Verification | Frequency | Assets Covered | Includes Liabilities |
|---|---|---|---|---|---|---|
| Binance | Yes | Yes (Mazars initially, now multiple firms) | Yes (Merkle Tree) | Monthly | 30+ assets | Partial |
| Bybit | Yes | Yes | Yes (Merkle Tree) | Monthly | 20+ assets | Partial |
| Kraken | Yes | Yes (Armanino, then CF Benchmarks) | Yes | Quarterly | Major assets | Yes |
| Coinbase | Indirect | SEC reporting (public company) | No Merkle Tree | Quarterly (10-K/10-Q) | All (via financial statements) | Yes (full audit) |
| OKX | Yes | Yes | Yes (Merkle Tree) | Monthly | 20+ assets | Partial |
| Bitget | Yes | Yes | Yes | Monthly | 15+ assets | Partial |
| Gate.io | Yes | Yes (Armanino) | Yes | Monthly | Major assets | Partial |
Note on Coinbase: As a publicly traded US company, Coinbase is subject to SEC reporting requirements and full financial audits — which in many ways is more comprehensive than Merkle Tree PoR. However, it doesn't offer the same kind of real-time, individual user verification that crypto-native PoR systems provide.
Limitations of Proof of Reserves
While PoR is a significant improvement over blind trust, it has important limitations that every user should understand:
1. The Liability Gap
The biggest limitation is that most PoR implementations don't fully account for liabilities. An exchange might prove it holds $10 billion in crypto, but if it has borrowed $5 billion against those assets or has other off-balance-sheet obligations, the reserves aren't as healthy as they appear. This was precisely the problem at FTX — the assets existed, but so did massive hidden liabilities.
2. Point-in-Time Snapshots
Most PoR audits capture a snapshot at a specific moment. An exchange could theoretically borrow funds for the audit date and return them afterward. While regular monthly PoR reduces this risk, it doesn't eliminate it entirely.
3. Doesn't Cover Operational Risks
PoR proves assets exist but doesn't address other risks: poor security practices, insider threats, regulatory problems, or bad business decisions. An exchange can have perfect reserves today and still fail tomorrow due to a hack. For tips on managing your own security, see our wallet security guide.
4. Auditor Independence Questions
The crypto industry has a limited pool of auditors willing to work with exchanges. Mazars Group, one of the early PoR auditors, famously paused its crypto audit work in 2022, raising questions about the reliability of the remaining firms.
What to Look for as a User
When evaluating whether your exchange's PoR is trustworthy, consider these practical steps:
- Verify your own balance: If the exchange offers Merkle Tree verification, use it. Log into your account, find the PoR section, and confirm your balance is included.
- Check the reserve ratio: Look for a reserve ratio of 100% or higher for each asset. Anything below 100% means the exchange doesn't fully back deposits.
- Look at the auditor: Is the PoR conducted by a reputable third party, or is it self-reported? Independent verification matters enormously.
- Check frequency: Monthly PoR is better than quarterly, which is better than a one-time report.
- Read the fine print: Does the PoR cover all assets or just selected ones? Does it address liabilities?
- Diversify custody: Don't keep all your crypto on one exchange, regardless of PoR. Consider self-custody for significant holdings using a hardware wallet like the Ledger Nano X.
The Future of On-Chain Transparency
Proof of Reserves as it exists today is likely just the beginning. Several innovations are pushing the industry toward even greater transparency:
Real-Time Proof of Reserves
Projects like Chainlink's Proof of Reserve are working toward continuous, real-time verification rather than periodic snapshots. This uses oracle networks to constantly monitor exchange wallets and flag any discrepancies immediately.
Zero-Knowledge Proofs
Zero-knowledge (ZK) technology could allow exchanges to prove their solvency without revealing any specific balance information — not even in hashed form. This would provide maximum privacy with maximum assurance.
Regulatory Integration
As crypto regulation matures globally, we may see PoR become a legal requirement rather than a voluntary practice. The EU's MiCA regulation and proposed US legislation both include provisions for exchange reserve requirements.
Full Proof of Solvency
The ultimate goal is "Proof of Solvency" — proving not just that reserves exist, but that they exceed all liabilities. This requires exchanges to open their entire balance sheets to verification, which remains challenging but is increasingly demanded by users and regulators alike.
Practical Example: How to Check Binance's Proof of Reserves
Here's a step-by-step walkthrough for verifying your own funds on Binance:
- Log into your Binance account.
- Navigate to "Proof of Reserves" (found under Wallet or Audit section).
- You'll see a list of assets with reserve ratios. Look for 100%+ on each asset.
- Click "Verify My Assets" to see your personal Merkle Tree verification.
- Your account balance hash and Merkle path will be displayed. You can use third-party tools to independently verify this against the published Merkle Root.
- Check the date of the latest audit — ideally it should be within the past 30 days.
Frequently Asked Questions
What is Proof of Reserves in simple terms?
Proof of Reserves is a way for a crypto exchange to prove that it actually holds all the cryptocurrency its customers have deposited. It's like a bank audit, but using blockchain technology and cryptography to make the verification transparent and independently verifiable.
Why did Proof of Reserves become important after FTX?
FTX collapsed because it was secretly using customer deposits for risky investments through its sister company Alameda Research. When customers tried to withdraw, the funds weren't there. This $8 billion loss proved that trust alone isn't sufficient — exchanges needed a way to prove they hold what they claim to hold.
Can I personally verify my exchange's Proof of Reserves?
Yes, on most major exchanges that offer PoR (Binance, Bybit, OKX, Kraken), you can log in and verify that your specific balance is included in the Merkle Tree. This is one of the most powerful aspects of PoR — individual users don't have to rely on third-party reports alone.
Does Proof of Reserves guarantee my funds are safe?
No. PoR proves that the exchange holds sufficient crypto assets, but it doesn't protect against hacks, regulatory seizures, operational failures, or hidden liabilities. It's one important piece of the safety puzzle, but not the complete picture. For comprehensive safety, consider diversifying across exchanges and using self-custody for significant holdings.
Why doesn't Coinbase use Merkle Tree Proof of Reserves?
Coinbase is a publicly traded company on the NASDAQ stock exchange, which means it's subject to SEC financial reporting requirements and regular full audits by major accounting firms. This provides a different but arguably more comprehensive form of verification than Merkle Tree PoR, as it covers all assets, liabilities, and operations.
What is the difference between Proof of Reserves and Proof of Solvency?
Proof of Reserves demonstrates that an exchange holds certain assets. Proof of Solvency goes further by proving that the exchange's assets exceed its total liabilities — meaning it could pay back all customers and still have funds remaining. True Proof of Solvency is the gold standard, but most exchanges currently only offer Proof of Reserves.
How often should exchanges publish Proof of Reserves?
The industry best practice as of 2026 is monthly publication. More frequent is better — and the long-term goal is real-time, continuous verification using oracle networks. Exchanges that only publish PoR annually or as a one-time event should be viewed with more skepticism.
Are there exchanges that don't offer Proof of Reserves at all?
Yes, many smaller exchanges still don't offer PoR. This doesn't necessarily mean they are insolvent, but it does mean users have less ability to verify the safety of their funds. As a general rule, prefer exchanges that offer transparent PoR, especially for holding significant balances. For help choosing a reliable exchange, explore our guide to buying crypto in 2026.