With the fall of FTX in the crypto world, in the few days after the FTX incident on November 9, all the major centralized exchanges (CEX) have expressed that they have published or directly publicized their merkle-tree proof-of-reserves recently, hoping that through the Merkle-tree proof-of-reserves, make transparent the reserves of CEX assets, which are not transparent, so as to prove the asset reserves of their CEX centralized exchange and prove that funds are not being misappropriated or moved.

There is no doubt that the demise of the FTX has cast a shadow, if not an ineffable stain, on the entire black-box operation of the CEX, and the Merkle Tree proof seems to have cast a ray of light on the industry. For this technical solution, it was proposed and applied many years ago. What exactly is the “Merkel proof”, and how does it prove that a user’s assets on an exchange have not been misappropriated, or that they are being kept safe?

The Merkle tree, the data structure behind cryptocurrencies like Bitcoin and Ethereum, is a cryptographic technique that compacts data. By using Merkle tree, multiple data can be combined into one data, and the large-scale data summary results can be stored. At the same time, cryptography can be used to prove that the corresponding data is compressed in the summary results. Moreover, by verifying the data integrity of the root of the Merkle tree, the integrity of all the data constituting the Merkle tree can be proved.

The leaf portion of the Merkle tree consists of the hash value of each data in the data set. Specifically, the leaf section is constructed by concatenating two adjacent hashes, packaging them into a block and hashing them again to produce the parent hash. The last hashed to the top level is called the Merkle Root. The hash value of the Merkle tree root contains the hash characteristics of all data, which means that the node on which the data is tampered with will present completely different values, that is, the hash value recorded in the Merkle tree cannot be tampered with.

Assuming that our account and balance information is recorded in Merkle root as data A, we can verify whether data A is recorded in Merkle tree by using the following data as proof:

- Data A (Account and balance information)
- The hash value of B
- The hash valtue of CD
- The root hash

Next, we calculate the hash of A through the data A, and then calculate the hash of AB together with the hash of B. Finally, we calculate the root hash together with the hash of CD. Compare the root hash we calculated with the root hash we obtained, and verify that A is recorded in the Merkle tree if it is equal.

Suppose the assets of all users of a centralized exchange are recorded in the Merkle tree and proved to be real. In that case, the exchange can prove to each user that “data records have been recorded in the Merkle tree and the assets of users are real” without disclosing other users’ information.

How does this proof system work in practice? Trust in this system is based on the Merkle tree (dynamic deterrence) and audit (third-party professional responsibility). Dynamic deterrence is based on the fact that any user can act as a detection node and prove that he is not on the Merkle tree to reveal that the root provided by the exchange is false. Besides, there is no other function, such as the root does not show the function of the sum of all users’ balances. The two are indispensable. It does not mean that all problems can be proved by closely relying on the proof method of cryptography. Practice is much more complicated than theory, and there are many points that can be manipulated.

However, compared with the previous CEX, which was only monitored by audit, the inclusion of the Markle Tree actually gives users the right to whistle, allowing CEX’s asset reserves to be monitored in a decentralized way to a certain extent. This is a good thing for the current market.

However, does the Merkle tree reserve proof prove that the user asset is safe? Although we can verify that our assets are recorded in immutable hashes through the Merkle proof, can we completely prove that the funds are not misappropriated or moved?

Centralized exchanges have a lot of trades going on every second, and it’s impossible to update the roots every second, so the roots we see are probably not up to date. But from another point of view, Merkle tree calculation is mainly composed of a series of hash function calculations, and the hash function calculation speed is relatively fast, so in this sense, the update frequency will not be slow.

In addition to the above problem of updating frequency, the Merkle tree reserve proves to have the following important problems:

Front-end fraud problem: the Merkle tree data is stored on the exchange’s own server. The front-end page for users to interact with the exchange is controlled by the exchange, and the exchange may completely return a fake page to deceive users, which leads to the possibility of front-end fraud. This problem needs to be solved by third-party software supervision.

The credit problem of the third party audit: the same traditional finance often has audit mistakes and even illegal behavior, although it has not been applied in the field of Crypto on a large scale, but the audit is not always objective and fair.

Related transactions, liability relationships, margin transactions and so on cannot be reflected through reserves.

The Crypto market needs more open and transparent information. The Merkle tree reserve has proved to be the standard allocation of Crypto exchange to help establish industry norms and rebuild user confidence.

Whether for investors or users, keeping money safe is always a sword of Damocles hanging over the head of every practitioner. In this round of bear market, no matter who falls, the last remaining who, the wheel of Web3 will not stop, rolling forward.