Liabilities refer to the total sum of customer balances in Bitso. Therefore, the Proof of Liabilities is a method to provide transparency on the total amount of user deposits in the custodian.
This can be achieved by generating a Merkle Tree Root Hash assembled by combining individual “leaf” hashes representing each balance. Although a Merkle Tree is a more complex method to generate Proof of Liabilities, it is more reliable in terms of the privacy of user's data.
Through this method, clients are able to confirm that their exact balance actually exists within the calculation of combined balances contained in the Merkle Tree.
Most Proof of Liability reports today provide trust by engaging an independent third party, such as an auditor, to recreate the Merkle Root hash by replicating all individual “leaves” based on user deposits and balances shared with them. Another way to add trust to the Proof of Liabilities, however, is by using a cryptographic technology known as Zero-Knowledge.
Learn more about the Zero-Knowledge technology here:
Is it enough?
Although it seems appropriate, relying on a trusted third party to validate that all data contained in the Merkle Tree is correct has a shortfall. Here's why:
- Proof of Liabilities is only valid for the specific point in time in which the audit was undertaken. Unless the organization undergoes an audit recurrently, its customers can’t verify that it has an up-to-date version of their liabilities at all times.
- Proof of Liabilities is only one side of the coin. Without proving reserves and the control of the keys to move funds, in case the custodian has them in crypto, there is no proof of solvency.
The Proof that Matters:
For informational purposes only, this is not investment advice. When buying, selling, trading or using cryptocurrencies you are subject to certain risks including price volatility and loss of capital, for more information please visit the following link.