Author: Erik Aronesty 2021-07-06 16:39:36
Published on: 2021-07-06T16:39:36+00:00
A new approach to proof of reserves has been proposed by Billy Tetrud in a recent email to the bitcoin-dev mailing list. The idea is for users to create private keys using a seed, generate a public key from this seed to represent their account, and give the public key to the custodian to represent their account in a public record of account balances. When a user's account is credited, the custodian would update a map of addresses to balances and store funds on one or more HD wallets, creating a proof that they own each HD wallet. These two structures would be combined and hashed, and the hash published in an on-chain transaction, possibly along with a URI where the full data can be found, on a daily basis.Software for each user could continuously validate that their account has a balance that matches what it's supposed to have, and could also verify that owned addresses have funds that have at least as many coins as promised to accounts. To give users additional proving ability, a receipt system could be added where users could request a receipt for any balance update. This way, if something goes wrong, a user can use this signed receipt to show that the custodian did in fact promise a new updated balance at a particular time.Recording the proof of reserves on-chain gives a clear record that can be verified later by anyone in the future, preventing a custodian from being able to change history when it suits them. Having a record like this every day would reduce the possibility of shenanigans like taking a short term loan of a large amount of cryptocurrency. However, there is still no way to prevent a smash-and-grab attack, but this does prevent a slow-leak. The proposal aims to introduce people to self custody of keys in a light-weight way and places less responsibility on the user. Losing the keys isn't that big of a deal since they could simply create a new seed and give a new public key to the custodian, who would have other identifying information they could use to validate that they own the account. The proposal has been shared with the community for feedback and discussion on whether systems with similar properties are already out there.
Updated on: 2023-06-15T00:08:28.501376+00:00