Transparent custody
At CheckSig, we believe in a provably-honest transparent custody. At least monthly, CheckSig provides a public blockchain proof that all assets in custody are safely under control, i.e., a proof-of-reserves transaction. This might seem so obvious to be redundant but, as a matter of fact, no other custodian service proves its reserves; woefully, they might be concealing losses to be discovered later on!
Blockchain transaction
The Proof-of-Reserves (PoR) is provided as a bitcoin transaction, publicly available on the blockchain for everybody’s inspection. Such a transaction:
- includes (i.e., in tech jargon, spends as TxIn) the amount under custody consolidated in the previous proof-of-reserves;
- collects (i.e., spends as TxIn) all deposits CheckSig has received since then;
- pays the transaction fee;
- withdraws (i.e., creates a TxOut for) the amount required to satisfy our clients’ requests;
- merges all remaining Bitcoins as a single new consolidated amount (i.e., creates one change TxOut) at the consolidation address.
This new consolidated amount represents the assets under custody at the transaction date.
Additionally, spending the previous consolidated amount reveals the (pre-image of the P2WSH) locking script that protects the Bitcoins under custody, making CheckSig custody really transparent.
Spend-to-self transaction
At the beginning, the control of the consolidated amount was proved by the act of spending it at the next transaction date. To make the proof-of-reserves self-contained, since July 2021 each transaction spends from and to the consolidation address at the same time. As a result, this spend-to-self transaction immediately proves the control of the consolidated amount at the transaction date.
While address reuse is bad for privacy, it is fine in our case because the proof-of-reserves must be public. Moreover, residual security concerns (e.g., nonce exfiltration) are solved by our custody protocol. In fact, we rely on a multi-level multi-signature scheme using hardware wallets (Hardware Security Modules) from different vendors. To learn more about our security, read about CheckSig custody protocol.
Proof-of-solvency
Anyway, proving our reserves does not prove them to be enough to cover the obligations we have towards our clients. To achieve a proof-of-solvency, the proof-of-reserves should be combined with a proof-of-liabilities. Unfortunately, a reliable cryptographic proof-of-liabilities is impractical. All known privacy preserving approaches do not provide easy independent verification for non-technical clients (see here).
Off-chain external auditors
Therefore, we believe that proof-of-liabilities is better delegated to external auditors. Indeed, our (internal controllers and) external auditors independently verify that the proved reserves exceed our liabilities. This verification is part of the SOC attestations we receive from Deloitte.
Furthermore, even the on-chain proof-of-reserves could be manipulated. For example, bitcoins could be borrowed from a third party to temporarily cover losses. Only an off-chain external auditor can detect this kind of shenanigans.
Proof-of-Reserves transactions
Finally, check out below our proof-of-reserves transactions and explore them on-chain.
The current consolidation address is bc1qqst9un5sz8576fy2nnqkpm4rpfh0weveqwtt8zxgjp02g2mx5q7s2vresu.
| Transaction | Deposits (₿) | Transaction Fees (₿) | Withdrawals (₿) | Asset under Custody (₿) |
|---|---|---|---|---|
| Dec 2, 2022 | 34.11648757 | 0.00029334 | 5.00000000 | 511.71916726 |
| Nov 3, 2022 | 12.54438499 | 0.00008004 | 5.00000000 | 482.60297303 |
| Oct 4, 2022 | 7.9461708 | 0.00011877 | 0.00000000 | 475.05866808 |
| Sep 3, 2022 | 11.43284996 | 0.00001651 | 0.00000000 | 467.11261605 |
| Aug 2, 2022 | 14.23876819 | 0.00005788 | 0.00000000 | 455.6797826 |
| Jul 6, 2022 | 32.62741757 | 0.00020804 | 0.00000000 | 441.44107229 |
| Jun 6, 2022 | 4.95127001 | 0.00002238 | 0.00000000 | 408.81386276 |
| May 17, 2022 | 13.92010123 | 0.00006018 | 0.00000000 | 403.86261513 |
| May 3, 2022 | 14.26250604 | 0.00006552 | 0.00000000 | 389.94257408 |
| Apr 1, 2022 | 28.10778268 | 0.00009213 | 0.00000000 | 375.68013356 |
| Mar 4, 2022 | 8.32775921 | 0.00013104 | 0.00000000 | 347.57244301 |
| Feb 2, 2022 | 14.29410966 | 0.00014470 | 0.00000000 | 339.24481484 |
| Jan 5, 2022 | 13.84709331 | 0.00006018 | 0.00000000 | 324.95084988 |
| Dec 22, 2021 | 21.32797471 | 0.00013071 | 10.09516878 | 311.10381675 |
| Nov 29, 2021 | 26.51869064 | 0.00014667 | 8.12112682 | 299.87114153 |
| Oct 29, 2021 | 90.43568346 | 0.00018396 | 6.65512106 | 281.47372438 |
| Sep 30, 2021 | 11.65154583 | 0.00016460 | 6.80705070 | 197.69334594 |
| Sep 1, 2021 | 13.90389341 | 0.00007370 | 0.00000000 | 192.84901541 |
| Aug 2, 2021 | 4.97480450 | 0.00016214 | 0.00000000 | 178.94519570 |
| Jul 2, 2021 | 32.06748252 | 0.00051181 | 0.00000000 | 173.97055334 |
| Jun 2, 2021 | 8.95164489 | 0.00027216 | 0.00000000 | 141.90358263 |
| May 1, 2021 | 7.24822810 | 0.00030954 | 0.00000000 | 132.95220990 |
| Apr 1, 2021 | 21.21598524 | 0.00057939 | 1.00000000 | 125.70429134 |
| Mar 1, 2021 | 22.78825901 | 0.00051181 | 0.00000000 | 105.48888549 |
| Feb 2, 2021 | 0.00000000 | 0.00004851 | 0.00000000 | 82.70113829 |
| Jan 31, 2021 | 32.07315051 | 0.00031248 | 0.00000000 | 82.70118680 |
| Jan 1, 2021 | 18.03542688 | 0.00051181 | 0.00000000 | 50.62834877 |
| Dec 2, 2020 | 12.71367043 | 0.00073700 | 0.00000000 | 32.59343370 |
| Nov 3, 2020 | 0.00000000 | 0.00006930 | 0.00000000 | 19.88050027 |
| Oct 12, 2020 | 19.88127787 | 0.00070830 | 0.00000000 | 19.88056957 |
