At CheckSig, we believe in a provably-honest transparent custody.
At least monthly, CheckSig executes a Proof-of-Reserves transaction,
i.e., provides a proof that all bitcoins in custody are available and
safely under our control. This might seem so obvious to be redundant but,
as a matter of fact, most crypto companies do not prove their reserves;
woefully, they might be concealing losses to be discovered later on!
The public blockchain transaction
The Proof-of-Reserves is provided as a
transaction, publicly verifiable on the Bitcoin blockchain.
Such a transaction:
- includes (i.e., in tech jargon, spends as TxIn) the amount under custody
consolidated in the previous Proof-of-Reserves;
- collects (i.e., spends as TxIn) all deposits CheckSig has received since
the previous Proof-of-Reserves;
- pays the transaction fees;
- withdraws (i.e., creates a TxOut for) the amount required to satisfy our
clients’ withdrawal requests, if any;
- consolidates all remaining bitcoins as a single new amount (i.e.,
creates one change TxOut) at the consolidation address.
This new consolidated amount represents all bitcoins under custody at the
Please note that spending the previous consolidated amount reveals the
(pre-image of the P2WSH) locking-script that protects the bitcoins under
custody, making CheckSig custody completely transparent.
Finally, the Proof-of-Reserves spends from and to the consolidation address
in the same transaction to proves the control of the consolidated amount
at the transaction date. While address reuse is bad for privacy, it is fine
in our case because the Proof-of-Reserves must be public.
Moreover, residual security concerns (e.g., nonce exfiltration)
are solved by our custody protocol.
In fact, we rely on a multi-level multi-signature scheme using
hardware wallets (Hardware Security Modules) from different vendors.
To learn more about our security, read about
Reserves, solvency, and off-chain external auditors
Anyway, proving our reserves does not prove them to be enough to cover
the obligations we have towards our clients.
To achieve a proof-of-solvency, the proof-of-reserves should be combined
with a proof-of-liabilities.
Unfortunately, a reliable cryptographic proof-of-liabilities is complex,
always partial, hardly verifiable by clients and auditors.
All known privacy preserving approaches do not provide easy independent
verification for non-technical users (see
Therefore, to ensure maximum transparency and accountability,
the proof-of-liabilities is better delegated to external auditors.
Indeed, our (internal controllers and) external auditors independently
verify that the proved reserves exceed our liabilities.
This verification is part of the SOC attestations we receive.
Furthermore, even the blockchain Proof-of-Reserves could be the result of
a manipulation. As example, bitcoins could have been borrowed from a third
party to temporarily cover losses. Only an off-chain external auditor can
detect this kind of shenanigans.