Coinmetrics Co-Founder Comments on Audit Firms and their Role in Overseeing Proof of Reserves for Crypto Companies

Nic Carter, Partner, Castle Island Ventures. Cofounder,, says that it’s undeniable that momentum around cryptographic Proofs of Reserve “is gathering.”

According to Nic Carter, this is “a genuine silver lining from the FTX debacle.”

He writes in a blog post:

“We may well yet emerge from this crisis with a major step forward in exchange credibility. But there remains a huge amount of confusion around Proofs of Reserve, and some of the exchanges taking their first steps towards the procedure have plenty of work to do.”

He adds that in the last two months, major exchanges Kraken, BitMEX, OKX, and Binance, among others, have “all published attestations they call Proof of Reserve, although these don’t all grant the same assurances.”

Coinbase also published a blog post “explaining their status as a public company with audited financials and quarterly disclosures.”

Nic Carter has attempted to address “some lingering questions around PoR and digs into some of these recent attestations, so users can better understand what these recent procedures actually mean.”

Carter noted that he has “mainly included procedures which give clients the ability to verify their inclusion in the liability set (with the exception of Luno, which just published an attestation and no corresponding cryptographic proof).”

He also mentioned that he is “tallying up custodial, centralized exchanges, with liabilities outstanding to their end users.”

He further noted that he found “that these exchanges in the aggregate underwent Proofs of Reserve covering $33b worth of assets (or 4% of total crypto market cap).”

Of course, these attestations “are of varying quality, but it’s still a good and growing level of coverage.”

This is not to say that “the other tens or hundreds of billions of custodial cryptoassets are not safe — many are with credible institutions like Coinbase, Fidelity Digital Assets, Gemini, etc.,” Carter claims.

He further revealed:

“Only BitMEX and Deribit are undertaking these procedures with a high frequency. This is doable because they don’t rely on auditors to oversee their process. Kraken has a slower cadence due to their usage of an auditor for oversight. For auditor-overseen PoRs, I don’t expect much faster than a monthly policy.”

He also claims:

“Only BitMEX and Deribit allow third parties to verify liabilities for themselves. Most of the exchanges covered allow their clients to individual verify whether their liabilities are included in the set (thus creating a kind of ‘herd immunity’ assuming that some clients actually did the verification and found it proper), but mostly these exchanges didn’t publish the full liability set. However, as a third party, I much prefer the model where anyone, whether a client or not, can undertake the verification for themselves.”

Armanino and Mazars “oversaw all of the PoR attestations where there was an auditor present, and they’re both out of the PoR market now.”

Carter also noted that this is “problematic for the sector.”

He added:

“I’m hoping a few audit firms dip their toes back into the water. In the short term I expect these exchanges will mostly be unable to persuade audit firms to oversee their PoRs, as the public backlash against these audit firms has been pretty fierce.”

He also noted:

“There’s still a lot of room for improvement. For a few exchanges, simply committing to running a PoR on an ongoing basis would help their score. For others, covering a larger share of assets or introducing an auditor would help. Generally, it is not too difficult for exchanges to improve their scores, should they want to.”

For more details, check here.

Register Now to Attend
Sponsored Links by DQ Promote



Send this to a friend