Huobi announced (via reddit, yesterday) that it will be implementing an industry standard Proof of Reserves program by the end of August, with a Trading/Asset Separation scheme to follow in September.
Huobi is following in the footsteps of its foreign and domestic exchange counterparts by submitting its database and hot and cold storage wallets to a third-party audit. Their action follows on from wider concerns raised by the Chinese Bitcoin community that Chinese exchanges are operating by fractional reserve and user demands that exchanges prove 100% reserves.
The Spectre of Mt.Gox means that exchange users’ concerns are justified and that the onus of proof of reserves falls squarely upon the exchanges.
On 19 August BTC China announced that it will invite respected industry figures to visit its offices, audit the exchange database, audit wallets, and verify that user funds are accounted for. Bitstamp and Kraken had undergone and passed similar audits earlier this year.
OKCoin followed BTC China’s lead with a statement of third-party audit and, significantly, announced the additional measure of submitting to a technical audit to prove its reserves, namely Core dev Greg Maxwell’s Merkle tree cryptographic proof.
Whilst being a step in the right direction, these audit measures do not allay certain fundamental concerns:
- Third-party audits and Merkle tree cryptographic proofs are made at a specific moment in time. Nothing stops an exchange from reverting to a fractional reserve system after the auditors leave.
- Even after having proved 100% reserves, exchanges still hold and control all user funds. The risks of internal fraud, theft and hacking remain.
- Cryptographic analysis and its results are complex. Trust is a fuzzy concept, and brown envelopes buy strategic favors. Users and the public remain in the dark.
These concerns do not diminish the value of audit and technical proof. However,the Bitcoin story, to date, has taught us that the labels “important” or “respected” – when applied to influentials and decision makers – is no guarantee of trust or honesty.
When your bitcoins are held by someone else, on their system, they can easily (by Bitcoin’s very design) provide a mechanism for you to verify that the bitcoins in your exchange wallet match the associated transactions recorded in the blockchain.
Even better, they can segregate your exchange wallet from your exchange account and give you full ownership and control of your funds.
Trading and Asset Separation
This is exactly what Huobi intend to implement in September via their “Trading/Asset Separation Scheme”. Earlier this year the exchange acquired Quickwallet for exactly this purpose.
Quickwallet is an online (web) wallet that implements the Bitcoin protocol’s multi-signature facility to protect user funds by requiring one online and one offline signature to sign a transaction. A recent article cautions users about the risks of online wallets, however, the Quickwallet multi-signature feature is a significant security improvement.
Each new and existing user will be given a Quickwallet account which will be linked to their Huobi account. Users will be encouraged and incentivized to move the 80% of funds that are not actively traded into their Quickwallet accounts.
This makes Huobi the first exchange to operate an on-blockchain, multi-signature wallet. This novel mechanism allows users to transfer bitcoin from their Quickwallet to their Huobi account and to trade instantly, with zero blockchain confirmations.
Users control their private keys while still having the ability to take advantage of sudden market opportunities.
Vote With Your Feet
Exchanges have no obligation to prove accountability, to be transparent in their operations, or to improve security for users. It can be argued that the greed for money renders most people senseless and any exchange will enjoy their custom. We see that even an exchange with no registered address or declared owner or management can thrive.
Bitcoin is an international payment network. There is no reason users should use an exchange just because it is in their native country. Anyone can transfer their bitcoins, in an instant, to where they are equally liquid and more secure.