Proof-of-Reserves

Since October 2020, CheckSig has been the first to offer public blockchain-based Proof-of-Reserves. Emulated by a few exchanges, we are still the only custodian to do so. Our unrivaled transparency ensures that all funds are always available and safe under our effective control.

Transparent custody

At CheckSig, we believe in a provably-honest transparent custody. At least monthly, CheckSig executes a Proof-of-Reserves transaction, i.e., provides a proof that all bitcoins in custody are available and safely under our control. This might seem so obvious to be redundant but, as a matter of fact, most crypto companies do not prove their reserves; woefully, they might be concealing losses to be discovered later on!

The public blockchain transaction

The Proof-of-Reserves is provided as a transaction, publicly verifiable on the Bitcoin blockchain.

Such a transaction:

  • includes (i.e., in tech jargon, spends as TxIn) the amount under custody consolidated in the previous Proof-of-Reserves;
  • collects (i.e., spends as TxIn) all deposits CheckSig has received since the previous Proof-of-Reserves;
  • pays the transaction fees;
  • withdraws (i.e., creates a TxOut for) the amount required to satisfy our clients’ withdrawal requests, if any;
  • consolidates all remaining bitcoins as a single new amount (i.e., creates one change TxOut) at the consolidation address.

This new consolidated amount represents all bitcoins under custody at the transaction date.

Please note that spending the previous consolidated amount reveals the (pre-image of the P2WSH) locking-script that protects the bitcoins under custody, making CheckSig custody completely transparent.

Finally, the Proof-of-Reserves spends from and to the consolidation address in the same transaction to proves the control of the consolidated amount at the transaction date. While address reuse is bad for privacy, it is fine in our case because the Proof-of-Reserves must be public. Moreover, residual security concerns (e.g., nonce exfiltration) are solved by our custody protocol. In fact, we rely on a multi-level multi-signature scheme using hardware wallets (Hardware Security Modules) from different vendors. To learn more about our security, read about CheckSig .

Reserves, solvency, and off-chain external auditors

Anyway, proving our reserves does not prove them to be enough to cover the obligations we have towards our clients. To achieve a proof-of-solvency, the proof-of-reserves should be combined with a proof-of-liabilities. Unfortunately, a reliable cryptographic proof-of-liabilities is complex, always partial, hardly verifiable by clients and auditors. All known privacy preserving approaches do not provide easy independent verification for non-technical users (see here).

Therefore, to ensure maximum transparency and accountability, the proof-of-liabilities is better delegated to external auditors. Indeed, our (internal controllers and) external auditors independently verify that the proved reserves exceed our liabilities. This verification is part of the SOC attestations we receive from Deloitte.

Furthermore, even the blockchain Proof-of-Reserves could be the result of a manipulation. As example, bitcoins could have been borrowed from a third party to temporarily cover losses. Only an off-chain external auditor can detect this kind of shenanigans.

Le prove di riserve

Finally, check out below our proof-of-reserves transactions and explore them on-chain. The total bitcoin amount in custody can be verified at the current consolidation address bc1qqst9un5sz8576fy2nnqkpm4rpfh0weveqwtt8zxgjp02g2mx5q7s2vresu.

TransactionDeposits (₿)Fees (₿)Withdrawals (₿)Asset under Custody (₿)
Mar 30, 202325.923746350.000160088.00000000570.67493171
Mar 3, 20230.011190780.000025165.00000000552.75134544
Feb 28, 202316.629473730.000868560.00000000557.74017982
Feb 9, 202311.034472990.000208040.00000000541.11157465
Gen 20, 202310.694545630.000104020.00000000530.07730970
Dic 23, 20227.663764120.000063290.00000000519.38286809
Dic 2, 202234.116487570.000293345.00000000511.71916726
Nov 3, 202212.544384990.000080045.00000000482.60297303
Ott 4, 20227.94617080.000118770.00000000475.05866808
Set 3, 202211.432849960.000016510.00000000467.11261605
Ago 2, 202214.238768190.000057880.00000000455.6797826
Lug 6, 202232.627417570.000208040.00000000441.44107229
Giu 6, 20224.951270010.000022380.00000000408.81386276
May 17, 202213.920101230.000060180.00000000403.86261513
Mag 3, 202214.262506040.000065520.00000000389.94257408
Apr 1, 202228.107782680.000092130.00000000375.68013356
Mar 4, 20228.327759210.000131040.00000000347.57244301
Feb 2, 202214.294109660.000144700.00000000339.24481484
Gen 05, 202213.847093310.000060180.00000000324.95084988
Dic 22, 202121.327974710.0001307110.09516878311.10381675
Nov 29, 202126.518690640.000146678.12112682299.87114153
Ott 29, 202190.435683460.000183966.65512106281.47372438
Set 30, 202111.651545830.000164606.80705070197.69334594
Set 1, 202113.903893410.000073700.00000000192.84901541
Ago 2, 20214.974804500.000162140.00000000178.94519570
Lug 2, 202132.067482520.000511810.00000000173.97055334
Giu 2, 20218.951644890.000272160.00000000141.90358263
Mag 1, 20217.248228100.000309540.00000000132.95220990
Apr 1, 202121.215985240.000579391.00000000125.70429134
Mar 1, 202122.788259010.000511810.00000000105.48888549
Feb 2, 20210.000000000.000048510.0000000082.70113829
Gen 31, 202132.073150510.000312480.0000000082.70118680
Gen 1, 202118.035426880.000511810.0000000050.62834877
Dic 2, 202012.713670430.000737000.0000000032.59343370
Nov 3, 20200.000000000.000069300.0000000019.88050027
Ott 12, 202019.881277870.000708300.0000000019.88056957

Altcoins

Ethereum does not support native multi-sig and is managed using multi-party computation instead. Because of that, we only provides our addresses whose balances can be verified:

0x48e3593A70b0ed9D1572A246C4d1c3fAED2415D6
0xEC738cf775822AABA713bd283D095Eb7b5100CF4
0xbc88303F12e73CBe708cE2Cf30AFf7685b1ae625
0xe421002905E8c7Cb37350b801193371B4592B6DF
0x9935ae7f8bb63386A276DA7c63B9d4F44a668b8e

LinkedIn logo YouTube logo Instagram logo Buzzsprout logo Email logo Info logo
© 2023 CheckSig S.r.l. - P.IVA 11028330964 | CheckSig Suisse AG - CHE-183.628.610
Privacy policy Cookie policy Cookie preferences