A strong crypto proof of reserves comparison does more than check whether an exchange has published a reserve page. To evaluate exchange transparency properly, you need to compare reserve ratios, liabilities coverage, audit independence, snapshot frequency, wallet proof, Merkle tree verification, and the known limits of reserve reporting.
Proof of reserves can improve confidence in centralized crypto platforms, but it is not the same as a full financial audit or a guarantee that funds are safe forever. This tutorial explains how to compare exchange reserve reports using only verifiable transparency signals.
1. What Proof of Reserves Means for Crypto Exchanges
Proof of Reserves, often shortened to PoR, is a process used by crypto exchanges and custodians to show that they hold the customer assets they claim to hold.
In practical terms, a proof of reserves review attempts to answer one core question:
If all customers tried to withdraw their in-scope crypto balances at the same time, does the exchange appear to control enough assets to cover them?
According to the source data, proof of reserves is usually performed by an independent third-party accountant or auditor. The review typically checks whether assets held by the exchange are equal to or greater than customer balances included in the review.
What a PoR report usually shows
A reserve report may include:
- Reserve Ratios: The percentage of assets held compared with customer balances for each supported asset.
- In-Scope Assets: The coins or tokens included in the review, such as BTC, ETH, SOL, USDC, USDT, XRP, or ADA.
- Snapshot Date: The point in time when balances were measured.
- Merkle Root: A cryptographic fingerprint representing the balance dataset.
- Wallet Proof: Evidence that the exchange controls wallets holding the assets.
- User Verification Tool: A way for customers to confirm their own balance was included.
For example, Kraken publishes reserve ratios by asset. At the time of writing, its proof of reserves page shows a snapshot date of March 31, 2026 with the following displayed reserve ratios:
| Asset | Displayed Reserve Ratio |
|---|---|
| BTC | 101.6% |
| ETH | 100.9% |
| SOL | 101.1% |
| USDC | 105%+ |
| USDT | 105%+ |
| XRP | 101.3% |
| ADA | 100.1% |
These ratios indicate that, for the assets shown, Kraken reports reserves exceeding or matching the in-scope client balances measured in that review.
Why PoR became important
The source data consistently points to the same reason proof of reserves became a major topic: user trust in centralized exchanges was damaged by major exchange failures, liquidity stress events, and concerns about whether platforms were holding customer funds properly.
Centralized exchanges custody user assets, meaning users generally do not control the private keys for assets held on the platform. As Ledger’s guide explains, when users deposit crypto into a centralized exchange, the exchange controls the private keys associated with the platform’s wallets. That makes transparency especially important.
Proof of reserves is most useful when users remember what it is: a transparency tool for custodial assets, not a complete guarantee of solvency, security, or future liquidity.
2. Proof of Reserves vs Full Financial Audits
A high-quality crypto proof of reserves comparison must separate reserve reporting from broader financial auditing. They are related, but they are not the same.
Proof of Reserves focuses on asset backing
PoR is designed to show that a custodian controls enough assets to cover customer balances included in the review. It commonly uses blockchain data, wallet signatures, Merkle trees, and third-party verification.
MoonPay describes PoR as a public demonstration that a crypto exchange holds the digital assets it claims to have on users’ behalf. Kraken describes it as a procedure performed by an independent third-party accountant to confirm that a custodian holds the assets it claims to hold.
Full audits examine a broader financial picture
Traditional financial audits are broader. According to MoonPay’s comparison, regular financial audits typically include both assets and liabilities, on-chain and off-chain information, and a wider assessment of financial health.
Ledger also emphasizes that a complete solvency view requires assessing both assets and debt, also called liabilities.
| Comparison Point | Proof of Reserves | Full Financial Audit / Solvency Review |
|---|---|---|
| Primary Focus | Assets held for users | Broader financial health |
| Blockchain Evidence | Often uses on-chain wallet balances and cryptographic proofs | May include on-chain and off-chain evidence |
| Liabilities Coverage | May be limited or excluded | Typically broader, depending on audit scope |
| User Verification | May allow users to verify inclusion via Merkle tree | Usually not designed for individual cryptographic verification |
| Frequency | Can be regular, monthly, real-time, or event-driven depending on exchange | Often periodic and more complex |
| Main Limitation | Snapshot may not show all obligations | Depends on audit scope, data access, and auditor process |
Proof of Reserves vs Proof of Solvency
MoonPay distinguishes Proof of Reserves from Proof of Solvency. PoR checks what an exchange has. Proof of Solvency aims to show whether the exchange can pay all customers back in full by considering both assets and liabilities.
| Feature | Proof of Reserves | Proof of Solvency |
|---|---|---|
| What It Shows | On-chain digital assets held | Assets minus obligations |
| Liabilities Included | Not always | Yes, by design |
| Assurance Level | Stronger for asset transparency | Stronger for overall financial health |
| Proof Methods | Wallet publishing, Merkle trees, cryptographic snapshots | Cryptographic methods plus broader audits |
| Best Use | Checking whether reserves exist | Assessing whether customer claims can be fulfilled |
A reserve report that excludes liabilities can look reassuring while still failing to prove that the exchange is financially healthy overall.
3. Key Transparency Metrics to Compare
When comparing crypto exchanges by proof of reserves quality, do not stop at “PoR available.” Compare the depth, scope, frequency, and verifiability of each report.
Core PoR comparison checklist
| Metric | What to Look For | Why It Matters |
|---|---|---|
| Reserve Ratio | Whether each in-scope asset is backed at or above 100% | Shows whether reported reserves cover included balances |
| Asset Scope | Which coins and tokens are included | A report may exclude assets you actually hold |
| Liabilities Disclosure | Whether user balances and obligations are included | Assets alone do not prove solvency |
| Audit Independence | Whether a third party performs the review | Reduces reliance on exchange self-reporting |
| Snapshot Date | How recent the review is | Old reports may not reflect current reserves |
| Frequency | Regular, monthly, real-time, or occasional updates | More frequent updates improve transparency |
| Wallet Transparency | Whether wallet addresses or ownership proofs are available | Lets users or analysts confirm on-chain reserves |
| Merkle Verification | Whether users can confirm their account was included | Prevents relying only on aggregate claims |
| Report Accessibility | Whether reports are easy to find and understand | Poor accessibility weakens practical transparency |
Examples from the source data
The available research gives several concrete examples of transparency approaches across exchanges and tools.
| Exchange / Tool | Confirmed PoR-Related Details from Source Data |
|---|---|
| Kraken | Publishes regular PoR reviews, asset-level reserve ratios, a snapshot date, and user verification through the Kraken Pro interface. Uses Merkle tree methodology and third-party accountant verification. |
| OKX | Identified by DayTrading.com as one of the crypto exchanges with proof of reserves. Cryptonomist describes OKX as using regular PoR reporting with on-chain verification. |
| BitMEX | DayTrading.com states BitMEX created open-source proof of reserves software clients can use to carry out an audit. |
| CoinMarketCap | DayTrading.com states CoinMarketCap has a proof of reserves tracking service with an “exchange reserves data available” icon on its Exchanges page. |
| Binance | Cryptonomist describes Binance as having regular Proof of Reserves reporting, majority cold storage, SAFU protection fund, and advanced withdrawal controls. |
| Bitget | Cryptonomist describes Bitget as using Merkle Tree-based PoR, multi-signature cold wallet infrastructure, and a protection fund exceeding $300 million. |
| Coinbase | Cryptonomist states Coinbase stores approximately 98% of customer assets in offline cold storage and is a publicly listed company with audited financial statements. |
| Bybit | DayTrading.com lists Bybit among exchanges with proof of reserves; Cryptonomist notes majority cold wallets and an insurance fund for liquidation and risk events. |
This does not mean every listed exchange offers the same depth of reserve verification. The quality of disclosure can differ meaningfully across asset scope, liabilities inclusion, user tools, and update frequency.
Security context beyond PoR
Cryptonomist’s exchange security framework includes several factors beyond proof of reserves:
- Custody Infrastructure: Cold storage, wallet architecture, and multi-signature systems.
- Regulatory Compliance: Licensing coverage and oversight.
- Insurance or Protection Funds: Coverage mechanisms for extreme events.
- Security Audits and Certifications: Formal reviews or standards.
- Operational Track Record: Historical hacks, outages, or fund losses.
- Transparency Level: Public reporting and verifiability.
For exchange selection, PoR should be one input in a broader risk review.
4. How Merkle Tree Verification Works
Merkle tree verification is one of the most important technical features in a high-quality proof of reserves report. It allows an exchange to prove that user balances were included without publicly exposing every customer’s account data.
The basic idea
A Merkle tree is a privacy-friendly cryptographic data structure. Each user balance record is represented as a hashed item, often called a leaf. These leaves are combined upward through the tree until they produce a single Merkle root.
Kraken describes the Merkle root as a cryptographic fingerprint that uniquely identifies the combination of balances at the time the snapshot was created.
If any balance in the dataset changes, the resulting hash path and Merkle root change. That makes tampering easier to detect.
Merkle tree verification in simple terms
| Step | What Happens |
|---|---|
| 1. Snapshot | The exchange records in-scope user balances at a specific time. |
| 2. Hashing | Balances are anonymized and converted into cryptographic hashes. |
| 3. Merkle Tree Creation | Hashed records are aggregated into a Merkle tree. |
| 4. Merkle Root Publication | The final root summarizes the dataset. |
| 5. Wallet Verification | The exchange proves control of wallets holding the assets. |
| 6. User Verification | Users check whether their balance was included in the tree. |
Kraken’s Merkle verification model
Kraken states that its third-party accountant takes an anonymized snapshot of balances and aggregates them into a Merkle tree. The accountant then obtains a Merkle root and collects digital signatures from Kraken proving ownership over on-chain addresses with publicly verifiable balances.
Kraken users can verify account inclusion through the Kraken Pro interface by navigating to:
- Account icon
- Proof of Reserves
- Proof of Reserves tab
- Verify yourself
Kraken also offers advanced verification for technical users. Its source data describes calculating a Record ID and Merkle Leaf using SHA-256 hashing.
A simplified pseudocode version of the process looks like this:
import hashlib
# Placeholder values supplied by the exchange's verification page
account_code = "YOUR_ACCOUNT_CODE"
iiban = "YOUR_IIBAN"
review_id = "CURRENT_REVIEW_ID"
record_id = hashlib.sha256(
(account_code + iiban + review_id).encode("utf-8")
).hexdigest()
balances = "BTC:YOUR_BTC_BALANCE,ETH:YOUR_ETH_BALANCE"
merkle_hash = record_id + "," + balances
merkle_leaf = hashlib.sha256(
merkle_hash.encode("utf-8")
).hexdigest()[0:16]
print("Record ID:", record_id)
print("Merkle Leaf:", merkle_leaf)
This example reflects the type of SHA-256 process Kraken describes, but users should always follow the exact formatting and asset order shown in their exchange’s own verification page.
Merkle verification is powerful because it lets users check inclusion without forcing an exchange to reveal every customer’s balances publicly.
5. Why Liabilities Matter as Much as Assets
Assets are only half of the transparency picture. A crypto exchange may control significant wallets, but users still need to know what obligations those assets are meant to cover.
The asset-only problem
DayTrading.com notes a key limitation: proof of reserves reports may not analyze a firm’s liabilities, so they do not paint a complete picture.
MoonPay makes the same point, warning that some PoR reports focus only on assets and fail to provide a clear or complete picture of total liabilities. Without liabilities, a reserve report might suggest strength while omitting debts or obligations.
Ledger explains this through Proof of Liabilities, which addresses an institution’s financial debts and obligations. A solvency-focused review compares assets against liabilities.
Why a 1:1 claim needs both sides
A meaningful reserve claim requires two numbers:
| Side | Question |
|---|---|
| Assets | What assets does the exchange control? |
| Liabilities | What does the exchange owe customers and other parties? |
If an exchange shows $1 billion in on-chain assets but does not disclose corresponding customer obligations, users cannot determine whether the exchange is fully backed. The source data does not provide that specific figure for any exchange; the example simply illustrates why both sides are required.
Proof of Liabilities and user privacy
A challenge with liabilities disclosure is privacy. Exchanges cannot simply publish every user’s identity and balance.
That is where Merkle trees become useful. Ledger explains that proof of reserves audits use Merkle trees to establish debt without publishing sensitive customer information. MoonPay similarly notes that anonymized user balance lists can be used to compare total liabilities with reserves while allowing individual users to confirm their own deposits are included.
Stronger transparency standard
For a stronger exchange transparency review, look for:
- Assets Verified: On-chain reserves or wallet ownership proofs.
- Liabilities Included: Customer balances included in the cryptographic dataset.
- User Inclusion Check: Ability to verify your own balance in the Merkle tree.
- Third-Party Review: Independent accountant or auditor involvement.
- Clear Scope: Explicit list of included assets, account types, and exclusions.
A reserve page that shows wallet balances but does not explain liabilities is less useful than a report that compares reserves with anonymized customer balances.
6. Red Flags in Exchange Reserve Reports
A good crypto proof of reserves comparison should identify weaknesses, not just rank exchanges by whether they publish a PoR page.
Common red flags
| Red Flag | Why It Matters |
|---|---|
| No Liabilities Disclosure | Assets alone do not prove customers are fully covered. |
| Old Snapshot Date | Reserves can change after the report is published. |
| No Third-Party Involvement | Self-reported claims require more trust. |
| No User Verification Tool | Users cannot confirm their balance was included. |
| Unclear Asset Scope | Your holdings may not be covered by the report. |
| No Wallet Ownership Proof | Published addresses may not prove exchange control. |
| No Update Frequency | Occasional reporting is less transparent than regular reviews. |
| Only Summary-Level Claims | Weak reports may lack enough detail to verify claims. |
Snapshot manipulation risk
Both DayTrading.com and MoonPay describe a major limitation: PoR is a point-in-time snapshot. In theory, an exchange could temporarily borrow assets to appear well-capitalized during a review, then return them later.
MoonPay specifically notes that mechanisms such as temporary borrowing or flash loans could artificially inflate reserves if the process is not properly designed and independently verified.
A reserve ratio above 100% is useful, but it is not enough by itself. Users should also check how the report prevents short-term window dressing.
Auditor trust risk
DayTrading.com states that proof of reserves relies on the auditor being independent and trustworthy. It also notes that auditors only look where the exchange asks them to look.
That means the auditor’s role, the scope of work, and the completeness of data access all matter. A report can be technically accurate within a narrow scope while still excluding important risks.
Privacy implementation risk
MoonPay warns that publicly sharing reserve and liability information must be balanced against user privacy. Poor implementation could expose sensitive account balance data or increase targeted attack risks.
A stronger PoR system should allow account inclusion checks without exposing individual customer information.
7. Step-by-Step: How Users Can Verify Their Balances
The exact process differs by exchange, but the source data gives a practical framework users can follow.
Step 1: Find the exchange’s official PoR page
Start with the exchange’s website, blog, support center, or account dashboard. DayTrading.com notes that exchanges that complete proof of reserves reviews often advertise the results to show transparency.
If you cannot find the report, contact customer support and ask:
- Latest Report: When was the most recent proof of reserves review?
- Scope: Which assets and account types are included?
- Auditor: Was the review performed by an independent third party?
- Liabilities: Are customer balances included?
- Verification: Can users verify their own balances?
Step 2: Check third-party or tracking sources
DayTrading.com states that CoinMarketCap has a proof of reserves tracking service. On its Exchanges page, firms with exchange reserves data available are marked with an icon.
This can be useful for discovery, but users should still review the exchange’s own report and methodology.
Step 3: Confirm the snapshot date
A PoR report reflects balances at a specific moment. MoonPay and DayTrading.com both emphasize that this timing limitation matters.
Ask:
- Freshness: Is the snapshot recent?
- Frequency: Does the exchange publish regular reviews?
- Pattern: Are reports consistent over time or only event-driven?
MoonPay notes that leading exchanges may publish monthly or even real-time updates, while others may publish only after major events.
Step 4: Confirm your asset is in scope
Kraken’s PoR page explains that verification reflects in-scope balances at the time of review. It will not reflect later trades or assets that are not in scope.
Before relying on a report, check whether it includes the assets you actually hold.
For example, Kraken’s displayed reserve ratios include major assets such as BTC, ETH, SOL, USDC, USDT, XRP, and ADA at the time of writing. If you hold another asset not listed in the review scope, that PoR report may not verify it.
Step 5: Verify account inclusion
If the exchange offers user verification, log into your account and follow its PoR verification flow.
Using Kraken as the source-data example:
- Log In: Access your Kraken account.
- Open PoR Page: Navigate to the Proof of Reserves page in the Kraken Pro interface.
- Review Reports: Check recent PoR reports where your account balance was verified.
- Select Date: Choose the report date.
- Verify Yourself: Confirm balances held at the time of the review.
- Use Merkle Data: Compare your Merkle Leaf ID or related data with the third-party accountant’s tools if available.
Step 6: Compare exchange-controlled assets with customer balances
A stronger report shows both:
- Exchange-Controlled Wallets: Assets the exchange can prove it controls.
- Customer Balance Dataset: An anonymized liability dataset represented through a Merkle tree.
Kraken states that its accountant compares publicly verifiable on-chain balances with client balances represented in the Merkle tree.
Step 7: Repeat verification after new reports
Because PoR is a snapshot, verification should not be a one-time exercise. Re-check after each new report, especially if you keep significant assets on a centralized exchange.
8. How to Use Proof of Reserves in Exchange Selection
Proof of reserves should influence exchange selection, but it should not be the only factor.
Build a practical exchange comparison scorecard
Use a structured checklist rather than a single headline claim.
| Category | Stronger Signal | Weaker Signal |
|---|---|---|
| PoR Availability | Public, easy-to-find reports | No report or vague claims |
| Reserve Ratio | Asset-level ratios at or above 100% | No asset-level backing data |
| Liabilities Treatment | Customer balances included via Merkle tree | Assets shown without liabilities |
| Verification | User self-verification available | No way to verify inclusion |
| Frequency | Regular reviews or frequent updates | One-off or outdated snapshot |
| Independence | Third-party accountant or auditor involved | Purely internal claims |
| Wallet Proof | On-chain balances and ownership signatures | Unverified wallet lists |
| Security Context | Cold storage, controls, audits, protections | Limited custody transparency |
Compare PoR with broader exchange security
Cryptonomist’s security review emphasizes that security in crypto exchanges is no longer defined only by cold storage. It highlights verifiable PoR, transparent custody architecture, regulatory alignment, audits, protection funds, and operational track record.
Based on the source data, here are examples of non-PoR security factors to consider:
| Exchange | Confirmed Security / Transparency Details from Source Data |
|---|---|
| Binance | Majority of user assets held in cold storage, SAFU protection fund, regular PoR reporting, multi-layer risk monitoring, withdrawal controls. |
| Bitget | Multi-signature cold wallet infrastructure, Merkle Tree-based PoR, protection fund exceeding $300 million, ISO 27001 and ISO 27701 certifications. |
| Coinbase | Approximately 98% of customer assets in offline cold storage, publicly listed company, audited financial statements, regulatory oversight, fiat insurance where applicable. |
| Kraken | Majority cold storage, no major exchange-wide hacks since launch according to the source, regular independent security audits, account-level controls, detailed PoR verification. |
| OKX | Multi-layer hot and cold wallet separation, regular PoR reporting with on-chain verification, internal risk control systems, withdrawal protection mechanisms. |
| Bybit | Majority cold wallets, insurance fund covering liquidation and risk events, real-time risk engine monitoring, mandatory security features such as 2FA and anti-phishing tools. |
This table should not be read as a universal ranking. It reflects only the attributes stated in the provided source data.
Consider trading needs, but do not ignore custody risk
DayTrading.com notes that users may also compare exchanges by:
- Supported Tokens: Kraken offers more than 100 tokens, while OKX offers over 350.
- Products and Features: Some platforms support spot trading, derivatives, staking, yield farming, or NFTs, while others may be narrower.
- Payment Methods: Entry-level exchanges may support fiat-crypto transactions using USD, EUR, GBP, debit cards, credit cards, bank transfers, or e-wallets such as PayPal, Neteller, and Skrill.
- Fees: Competitive maker fees are described as 0% to 0.20%, while decent taker fees are often 0.10% to 0.30%.
Those factors matter, but they should not replace reserve and custody review. A low-fee exchange with weak transparency may expose users to risks that are not visible in the trading interface.
Decide how much to keep on an exchange
Ledger’s guide emphasizes that users of centralized exchanges do not control their private keys. It also notes that non-custodial hardware wallets allow users to control their own assets.
That does not mean every user must avoid centralized exchanges entirely. It means PoR should be part of a custody decision:
- Active Trading Funds: Users may keep assets needed for trading on an exchange.
- Long-Term Holdings: Users may prefer self-custody if they want private-key control.
- Large Balances: Users should scrutinize PoR quality, liabilities, security controls, and withdrawal reliability more carefully.
Proof of reserves helps evaluate whether an exchange appears to hold customer assets, but self-custody changes the trust model by giving users direct control of private keys.
Bottom Line
A useful crypto proof of reserves comparison evaluates more than whether an exchange has a reserve badge. The strongest reports combine recent reserve ratios, clear asset scope, third-party review, wallet ownership proof, Merkle tree user verification, and meaningful liabilities disclosure.
PoR is valuable because it uses blockchain transparency and cryptographic methods to improve accountability. However, it remains limited by snapshot timing, auditor scope, possible manipulation, liabilities gaps, and post-report risks such as hacks or mismanagement.
Use proof of reserves as one layer in exchange selection. Pair it with custody architecture, regulatory posture, security controls, operational track record, protection funds, fees, supported assets, and your own custody preferences.
FAQ
What is proof of reserves in crypto?
Proof of reserves is a process used by crypto exchanges and custodians to show that they hold enough assets to cover customer balances included in a review. It often uses on-chain wallet data, cryptographic snapshots, Merkle trees, and third-party verification.
Is proof of reserves the same as a full audit?
No. Proof of reserves usually focuses on whether an exchange controls specific assets at a point in time. A full financial audit or solvency review is broader and may include liabilities, off-chain obligations, revenue, controls, and overall financial health.
Why do liabilities matter in proof of reserves?
Liabilities show what the exchange owes customers and other parties. Without liabilities, users can see assets but cannot determine whether those assets are sufficient to cover all obligations. A stronger reserve report compares assets against anonymized customer balances.
Can proof of reserves be manipulated?
Yes, if poorly designed. The source data notes that an exchange could potentially borrow assets temporarily to inflate reserves during a snapshot. Independent third-party review, frequent reporting, wallet ownership proof, and liabilities disclosure help reduce this risk.
How can I verify whether my balance was included?
If your exchange supports user verification, log into the official account dashboard and look for its proof of reserves verification tool. Kraken, for example, lets users verify inclusion through its Kraken Pro Proof of Reserves page and provides Merkle Leaf-based verification methods.
Should I choose an exchange only because it has proof of reserves?
No. PoR is important, but it is not a complete security guarantee. Also compare custody infrastructure, cold storage practices, account controls, regulatory oversight, protection funds, operational history, supported assets, payment methods, and fees.
