On The Brink with Castle Island - Noah Buxton and Jeremy Nau (Armanino LLP) on Proof of Reserves: the view from the auditors (EP.93)

Episode Date: June 22, 2020

Noah Buxton, director and co-lead of Armanino's blockchain practice and Jeremy Nau, senior manager of the practice join the show. Armanino LLP is an accounting and audit firm that has developed proof ...of reserve tools for exchanges and custodians, as well as real time attestation tools for stablecoins. In this episode, we cover:  How Armanino came to engage with crypto financial companies Why Proof of Reserve matters to the industry How a modern Proof of Reserve process is mechanically carried out Why exchanges are looking to adopt PoR today Why the first round of PoR didn't stick Why the Liability side is so tricky Why involve an auditor in a PoR process Whether PoR inherently requires an audit or accounting firm Proof of Reserve as a way to avoid onerous regulation Armanino's real time assurance tool for Trust Token

Transcript
Discussion (0)
Starting point is 00:00:00 Welcome back to On the Brink with Castle Island. I'm Nick Carter. If you know me, you know that I care pretty fervently about this idea of really instrumentalizing the auditability properties of crypto assets. Now, what does that mean? So we have these public blockchains. We have this very strong level of transparency, which some people think is a bug. What it means is we have the ability to audit not only the global supply of something like Bitcoin, but, the ability for me to prove to a third party that I own some Bitcoin. Now, that's pretty new, right? You couldn't really do that with gold. If I was receiving gold in a transaction, and I want to prove that it's gold, I need some fancy machine like an XRF spectrometer to determine that those really are gold atoms. With Bitcoin, it's much, much simpler. You pretty much just run a node or you sign a
Starting point is 00:00:54 transaction. So we do have a problem in the industry today. We have lots of trusted third parties. That was the thing that we were trying to get away from. They've sucked up a lot of the Bitcoins. Probably about 20% of the Bitcoins are held in a custodial setting today. And what's more, we've had a bunch of trust failures. These exchanges keep getting hacked. They keep losing our keys. They keep breaching our trust.
Starting point is 00:01:14 They do terrible things like commingle, client deposits, and their operating capital. It's been pretty sloppy so far. So after the Gox failure in 2014, a few exchanges started doing this thing called proof of reserves. Now, what does that mean? You prove that the claims that depositors have, with you match up to the actual assets that you control on-chain. It's honestly not that complicated to do. Lots of exchanges did in 2014. Then we had a quiet period. They stopped doing it. It fell out of favor. There was one exchange that kept doing it, coin floor, but very few other exchanges did it.
Starting point is 00:01:46 Fast forward to present day, quidriga happens. Another one that would have been caught if they'd been doing a routine proof reserve attestation. Maybe there would have still been a fraud, but it would have been unveiled much more quickly. Now you may say we don't need proof of reserves because some of these exchanges are audited and they are regulated under the New York Trust license or that maybe they have a bit license or there's this new Wyoming regulation. That's fine. However, I think it's extremely important that the clients of these exchanges are able to verify for themselves that the exchanges or custodians have the balance attributable to those specific individuals. That's what proof of reserve allows you to do. It empowers the
Starting point is 00:02:26 users to interrogate the exchanges directly and ensure that they have the full reserve that they claim they do. So what are the prospects for proof reserve in 2020? Well, it seems like things are changing a little bit. So gate.io has recently done a proof of reserve attestation, baby steps. Their auditor and consulting firm that they used is called Arminino LLP. Arminino LLP is a San Francisco based CPA and consulting firm, and they've recently unveiled what they've. call the proof reserve trust explorer. So they are actively undertaking this process with exchanges to assist them in it. Now this is pretty critical. We do need some of these audit firms to take this seriously. That's been a hindrance in the past. It looks like it's changing. So today on the show,
Starting point is 00:03:15 we speak with Noah Buxton and Jeremy now of Arminino and explain their thought process here, what they're trying to build and why they think proof reserve is so important. It's a concept that is very close to my heart. I think it's extremely important and hopefully can win some hearts and minds of exchange operators here. So let's dive right in. Brought down by bad mortgage investments, Lehman, which has 25,000 employees, will be liquidated. The federal government loans American International Group, AIG, $85 billion. This is a different kind of market, and the Fed is asleep. The federal government is stepping it to stabilize Fannie Mae and Freddie Mac, the two mortgage giants
Starting point is 00:03:51 that have been threatened by the housing crisis. The Bank of England has pumped 75 billion pounds more of Britain's ailing economy with a new round of quantitative easing. You print a couple trillion dollars and all of a sudden people start to worry. So out of this worry, we have something called the Bitcoin. Hey guys, welcome back. Today we have a special two for one. We have two folks from Arminino LLP. Today with us, we have Noah Buxton, who is the director and co-lead of the blockchain practice at Arminino.
Starting point is 00:04:25 And Jeremy Now, who is the senior manager. of the blockchain practice. Thank you both for appearing on the show. Good to be with you, Nick. Thanks, Nick. It's been a listener and it's really cool to be able to contribute to your podcast. Well, I'm excited to have you on. You guys have done something very exciting recently. I feel like I'm maybe one of the, there's like maybe a half dozen enthusiasts of this concept in the world. But I'm definitely one of the cheerleaders. So I'm referring to proof of reserves, proof of solvency, whatever you want to call it, basically the idea that crypto custodians should be much more accountable in terms of making the reserves they have on their kind of balance
Starting point is 00:05:10 sheet transparent and making sure that the users know that they're not running a fractional reserve. I'll link it in the show notes, but Arminino has just announced that they're facilitating this practice with crypto exchanges, with the first one being Gateio. So I'll I was super, super excited to see that. Yeah, we're glad you're a cheerleader. We've been, this is Noah. We've been following this sort of line of thinking, right? This theory around proof of reserves, can it be done?
Starting point is 00:05:37 How can it be done for a while now? And we'll get into some of the background of sort of how we got here. But yeah, we're super excited about it as well. We think we've got a novel approach and one that will be really good for the industry. So I'm curious how you, decided as a firm to start engaging with the crypto industry, given that, you know, historically audit firms have been pretty leery about getting involved in crypto. I guess there's been, you know, some reputational risk there. So how did this come about? You know, maybe by way of
Starting point is 00:06:15 quick background. So Arminino LLP is a large accounting firm, essentially. We're top 25 by our revenue numbers. We're the largest headquartered in California. And we service clients across industries, really, with audit, tax, risk assurance, consulting services. And we also work globally through a large network. So the more global network places our people and our clients, you know, around the globe, I think top seven or eight by revenue. So with that perspective, now we're a firm that's California sort of centric in its history and definitely Silicon Valley centric in the clients that it services. And I think the real answer of how we got into this space is, like most auditors and other service providers get pulled in. They know their clients have needs.
Starting point is 00:07:09 Their client directed. The client is doing something new and cool. And, you know, they need some help or they need some guidance or, you know, et cetera. So I think that's really the genesis. Now, you know, there's lots of audit firms, I think kind of like you're alluding to that have been asked, hey, can you do a financial statement audit for us? We have a regulatory requirement or or a spin out and, you know, our VC group wants, you know, some audit assurance. Whatever the real driver is, yes, other auditors have been asked for it and you're right. They've been leery for many, many years. So again, being deep in Silicon Valley, we essentially started working with clients very early in the space. I like to joke around.
Starting point is 00:07:51 that one of the guys at the firm, one of the partners, David Sordello, he's in, leads our tax practice, did Satoshi's taxes because he really, he's like worked with people since a very inception, I think, of this space. You know, the true listeners will know that Satoshi didn't sell, so there was no tax to file, but not yet. Not yet. That's right. So yeah, I think, you know, we started with that, right? We're drawn in by a client, essentially 2014. Can you do a financial statement audit and that was a Bitcoin exchange of very small one at that time, a very early startup and has grown to be the U.S.'s largest exchange by volume. And we serviced them, you know, 2014 to 2018. So that's sort of the genesis story of how we started servicing clients. It's really
Starting point is 00:08:36 just client need directed. And then then the question is, how do you, how do you formalize and do more than that, right? Just sort of piecemeal or opportunistically responding to client needs. And I think that really goes to some of our structures, a firm, just frankly, the way that we've organized ourselves around a set of values and strategic anchors. And two of those strategic anchors happen to be innovation and entrepreneurialism. And we really, frankly, have a framework that allows for this kind of nimble decision making. So it really didn't cause all that much agita, frankly, at Armino. It was really about understanding. So we set up a steering committee.
Starting point is 00:09:11 Jeremy and I sort of spearheaded that process. and took it to the leadership, just got them a little bit more educated about what we were seeing in the marketplace, what we were already doing as a firm, which was pretty significant, especially on the tax side, like I mentioned. And then, you know, how do we go forward? How do we formalize this? And so that's essentially what we did. And over a number of months, we now have a shingle on the door that says blockchain practice. Well, you guys have, you know, really instrumentalized that in a pretty awesome way, in a kind of a very visible way. with this latest kind of proof for reserve process with gate I.O. So maybe you can tell me about what exactly that entails
Starting point is 00:09:53 and sort of why a proof of reserve is an important thing for an exchange to do. Yeah, sure. I think maybe I can start. This is Noah again. I can kind of start with the why. And then Jeremy is very much the how. So you alluded to some of these topics at the top, Nick, which are really that our crypto asset industry or crypto industry really lacks a lot of formalization.
Starting point is 00:10:20 It lacks a lot of sort of the traditional layers of trust that we've come to expect in traditional financial markets and institutions and sectors. And so, you know, the average crypto user right now is very little transparency regarding sort of the custody of their assets. and that's not a great situation, especially because we're not talking about, we're talking about bearer assets, right? Things like it's gone, it's gone. And so ultimately, we're talking also about reserve sort of requirements, right? I think your user, your listeners would agree that if we're talking about Bitcoin, right,
Starting point is 00:11:03 we're talking about a fixed supply asset. We're talking about this bear instrument. it's not just print more if you lose it. And so I think that's one of the key components here is the reserve sort of requirements. You know, traditional banking we say it's, you know, the 20% reserve. And when we're talking about crypto assets, I think it's a very, very different. I mean, the unwritten rule seems to be some of it written in user agreements, but mostly not with exchanges is that the user assumes that, you know,
Starting point is 00:11:32 that there's 100% reserves to back the IOU that they have on the platform. And then, you know, thinking about like the goal from, you know, the exchange or platforms perspective is that they want to basically be able to show users that they have more assets than liabilities in aggregate. And the idea is that they have enough actual on-chain Bitcoin or another crypto asset, enough to cover their user liabilities. And, you know, thinking about some of the how, it's kind of important to understand, you know, in this process, there's kind of two sides.
Starting point is 00:12:04 You know, there's the asset side. and the liability side. And each side has its own ledger. So we're all familiar with the Bitcoin ledger. That's where the assets are actually held. You know, you have access based on your private keys. So that's one ledger. And then you have another ledger,
Starting point is 00:12:20 which is the company's internal platform that is used to manage tracking the amount of Bitcoin or another crypto asset that they owe to the users. So there's these two sets of ledgers. And there's a lot of movement. and they're not always one-for-one movements. So let's say, you know, if there's a deposit into the platform, that will show up on chain. But if there's transactions, you know, on the trading platform, that's not going to show up on chain.
Starting point is 00:12:47 That's just going to be tracked on the company's internal platform. So inherently, there's these two sets of ledgers, the asset ledger and a liability ledger that need to be reconciled to be able to show that the company has more assets than liabilities. And historically, exchanges haven't really been forthcoming at all in terms of indicating to their clients that these ledgers do match. And in fact, quite the opposite, not only have they been secretive about it, but there have been a huge number of exchange failures. But this might be changing. I mean, in 2014, there were a number of these kind of proof of reserve attestations. I don't know exactly what the right word for them is.
Starting point is 00:13:30 And then there was a blackout period and virtually no exchanges continued this process of demonstrating that their liabilities match their assets. But it seems like potentially there might be a resurgence now. So can you talk about why you feel that exchanges would want to undertake this process today? Yeah. So there's a couple different parties. There are reasons why you would get a proof of reserves assessment done over your Bitcoin holdings, right? And it is usually driven from a couple different factors. So, you know, I can't explain why more people haven't been or demanding proof of reserves assessments by exchanges.
Starting point is 00:14:11 But typically, what we've been seeing right now from our client base is that the first reason is for user to heighten user confidence. And they can use that as a competitive advantage against other platforms. So we're seeing that as the key driver as of right now. In the future, there's some additional factors that I think will weigh into this, and we're already seeing those start to shape up. One of those would be for regulatory reasons. So if you look at the new Wyoming legislation by put out, you know, in partner with Caitlin Long and the other folks in Wyoming,
Starting point is 00:14:45 proof of reserves is part of that regulatory process. So we expect that to probably grow as regulators start to understand the value of proof of reserves, approving reserves. And then the last bucket of drivers that we essentially see in the future is, you know, as a management best practice and internal audit function, if we think about, you know, big banks, they have huge internal audit departments checking every transaction, you know, multiple times. And, you know, and what these exchanges and platforms and lending products are or platforms are
Starting point is 00:15:21 is that they're really, you know, Bitcoin banks in a sense. So we expect them to take on some of those key operational functions that we see in the traditional financial world. And, you know, for better for worse, it's really just good operational hygiene because management's going to want to know that they have what they think they have. I would just add to that, you know, sort of to the initial question also is you're right. I think that this interest in or ability to perform and show proof of reserves has really ebbed and flowed, right? So I think it's very very, you know, to credit Greg Maxwell, we could call him the father of proof reserves, right? I mean, he at least theorized this idea, right, that you use sort of a cryptographic proof on this liability side,
Starting point is 00:16:02 which we can talk more about, and then you in some way prove custody or prove rights and obligations and existence of the digital asset that backs it up, the reserve, right? But I think one of the answers to this question is really that it didn't stick very well because of some of the problems with that theory, right? So Greg Maxwell is probably 10 times smarter than me. So I'm a little scared to challenge him on this one. But I do think that it's fair to say that on the liabilities side, like Jeremy said, you've got this centralized, essentially what's a user database, right? It's a user database that sits at the exchange. It's not shared. It's not opened anybody but the exchange. It's fair to say that getting a reliable liability number out of that database is one
Starting point is 00:16:50 of the stickiest points, right? Because it's where all the potential cheats come up of, you know, underreporting the liability, um, a potentially merging user balances. Like there's a couple specific things that even Maxwell notes that can happen. And so I think that that's the piece that we've kind of solved for here by bringing in, you know, an independent, it can be Arminino as an independent audit firm that's, uh, you know, has obligations as a CPAs, as licensed CPAs and also has over oversight from the PCAOB and our peer firms, that's a really important trusted provider to bring into the mix. And I think that kind of solves maybe not completely, right?
Starting point is 00:17:30 I still think there's things we can talk about that are open. But I think that that solves one of the biggest problems. The other thing is no demand for it. I just think it's as simple as you don't know what you don't know. And I don't think that users, regulators, even management understands always that this can be done in actually a very efficient way. that's reliable and, you know, sort of gives the end result that they want, right? They know they have that feeling of uncertainty.
Starting point is 00:17:58 Geez, I know these digital assets aren't insured on platform. I know my cash deposit on platform is insured, but, hey, I'm out there trading, I'm out there speculating, trying to make gains. So I take some risk, right? But they don't know necessarily that proof of reserves can be done in this way. So I just think we're early, frankly. Yes, yes. I mean, it's been a while since we've been.
Starting point is 00:18:20 dealing with bearer asset or bearer style assets. I guess some people would quibble with calling Bitcoin, for instance, a bear asset because it's not strictly redeemable for anything, leaving the nomenclature issues aside. When was the last time that the public meaningfully had access to actual bearer assets, you know, in the U.S. I'm thinking some of those reserved notes which had, you know, literal coupons. on them, which you could redeem for interest payments in the civil war, you know. So kind of a long time ago, you know. So we've become used to a financial system, which is kind of fully guaranteed and, you know,
Starting point is 00:19:06 risks are socialized. And we don't really think twice about our financial institutions being solvent. Or, you know, if they become insolvent, typically that can be remediated by the central bank or the government. And so now we have this new concept once again, everything old is new again with these banks with self-contained risk and an obligation to prove to depositors that they are solvent and can function and are trustworthy. And I guess there's been a lot of complacency in the industry about that. People just naively assume that these Bitcoin banks are fundamentally trustworthy even though the obligation is on them to prove it to us.
Starting point is 00:19:51 But so far, for the most part, they haven't been willing to. Certainly. And I think a part of that is, right, like you said, we've kind of been, you know, grown up in thinking that we can trust these institutions and we think Bitcoin banks are the same, that they're under the same level of scrutiny. And that's not necessarily the case, right? And I think also users in the community don't understand the risks that they're taking for the different types of platforms.
Starting point is 00:20:14 the risks on an exchange are theoretically much different than what you're seeing on a lending platform. These platforms do a good job of obfuscating away the complexity behind the scenes, but there's a lot of re-hypification and movement of Bitcoin behind the scenes, and you don't necessarily know where your funds are that you have a claim on. So I definitely agree. I think part of it is user education, right? And I think that's just part of the process of Bitcoin adoption. Yeah.
Starting point is 00:20:42 And I find to be kind of sad that we have these cryptographically auditable assets, which are not used in the context that they're useful in, which is auditability. You know, like gold bars are difficult to audit, and it's very hard to prove to someone that you own gold and you have the requisite amount of gold. But with Bitcoin, it's kind of trivial. So it's a bit of a tragedy to me that this hasn't been more of a popular concept. Yeah, to that point, I think there's one of the things that we're kind of forward looking about is from a technical perspective, how can we bring back some of that auditability? Now, I don't think we've fully done that with this proof reserves. And really, just real quick, the end product here is an independent accountant's report. It's technically under an AUP or agreed upon procedures standard.
Starting point is 00:21:38 It is an attest standard in the U.S. governed by the American Institute of Certified Public Accountants. So it's the type of standard that's applied in traditional business across industries. It's an attest standard. There's also this verifier portion, which I think we should talk about technically. I should let Jeremy talk more about that. Yeah, I was going to ask you guys because what you call this process really matters. So I guess in audit, the nomenclature is super important, right?
Starting point is 00:22:06 it definitely yes it certainly can be how are you referring to this current proof or reserve process that you're doing right now so we're referring to it as a proof of reserves because i think that that's what the industry knows it as and we are an industry focused group there's no need to change the name of a theory or a practice you know but we have taken more traditional assurance or audit methodologies and reporting standards and applied them to this. So what we have is basically, well, let me do this. Let me talk about the audit piece, sort of like, what assurance is, does this really give a user?
Starting point is 00:22:52 I'll talk about that piece. And then Jeremy can kind of talk about the technical component of those two sides of the equation and how we have a verifier tool for the users to use. Without, so I think audit is a little bit like crypto in some ways. It's got its own lingo or maybe like in any sort of industry or niche. It's got it all of its own words and all of its own acronyms. But let's just say you're running a business. You're running a startup crypto business and you're looking for some sort of assurance over a money use case. You're going to go to an auditor. You're going to go to a firm like Arminino and you're going to say, I'm looking to give my investors, for instance, assurance that, you know, the revenue that I'm reporting up is, you know, reasonably complete and accurate. Okay, it's a financial statement engagement. So you can ask an auditor for a number of things. You can ask them for assurance over something.
Starting point is 00:23:41 And this is boiling it down a little bit, but really there's kind of three arrows in their quiver from an audit perspective. There's this AUP engagement or agreed upon procedures. There's something called a review and there's something called an examination. Now we, you know, in lay terms and just in casual, we refer to these. things as audits. Now, technically, they're different. So the agreed upon procedures is really a set of specific procedures that are performed, and the auditor really just reports the finding. A review is a looser engagement. There's no real audit opinion that comes with it, but it is a review of some
Starting point is 00:24:18 historical information and presentation of essentially it looks accurate. The examination you can think of as the highest standard. This is what financial statements are audited under in the U.S. and similar standards internationally. It's also similar to public reporting, financial reporting standards, like, you know, for SEC filers. So there's kind of those three levels. AUP is a really flexible way to report on something. And so that's why AUP is the right vehicle for proof of reserve. So that's kind of from an audit standpoint. Really, these are just kind of big volume knobs that you can turn in different directions. More assurance, less assurance, you kind of get a different standard. And is there the possibility to kind of graduate proof of reserves to the more stringent
Starting point is 00:25:09 kind of audit functions in the future? I think that door is definitely open. It's kind of interesting because actually, you know, the whole reason that we know how to do proof of reserves is because we do financial statement audits for large exchanges. And in a way, a proof of reserves is a subset of a financial statement audit, right? It's, hey, well, we have to go test the balance sheet. What are the digital assets that sit on the balance sheet? Okay. Now we have to look at not only existence, but rights and obligations, as we call it as auditors,
Starting point is 00:25:41 but basically, is it there and do you own it? And we do that with digital signatures, and we do that with sign-to-self transactions for digital assets. And so that's really, you know, what we end up doing for the asset side of the equation and approve for reserves. So yeah, I think short answer, yes. The opportunity is there where you could do some sort of an examination opinion that would put maybe at the end of the day, I think the assurance is pretty similar to the user,
Starting point is 00:26:11 but the language of the opinion would be a little bit more forceful. So I guess what's interesting about proof reserve is that it's not only a function of trusting the integrity of the auditor and the nature of the process. and then transposing that trust to the depositor institution, you do have some fairly strong sort of cryptographic trust potential there, which is maybe a little bit different from, you know, banks releasing audited financials, I guess, because there's no ability to really, as an individual, to peer at the balance sheet of that bank.
Starting point is 00:26:53 You really do have, like, significant intermediation. But in proof of reserve, the way you guys are configuring it, and I think the optimal way is there is that depositor facing side to it. So there's actually this ability to undertake your own little process to audit your exchange. So can you guys talk me through that and how that works? Yeah, sure. This is Jeremy. So we kind of spoke to a little bit about the asset side of the equation, right? where we basically want to prove that the assets are there and then prove that they own them.
Starting point is 00:27:30 And the liability side is a lot different, right? Because it's a lot harder to be transparent from the platform's perspective. They don't necessarily want to give the public their whole customer database. So we have to address the liabilities in a separate manner. So starting at the highest level, you know, during this proof of reserves procedures engagement, what we do is we observe them generate the report directly from their system. We gain an understanding of the table that they're pulling the data from, the script used to pull that data,
Starting point is 00:28:04 and how the table is populated. And we can confirm an aggregate, right, or verify an aggregate that assets are greater than liabilities when we reconcile those two together. But like you were alluding to, there's this kind of user verification. portion of the engagement, right, where users can verify themselves. And, you know, to really understand how it works, we have to understand what Merkel trees are
Starting point is 00:28:35 because we use Merkel trees to facilitate this process of users being able to verify that their account was actually included in the liabilities portion of our assessment. So diving in a little bit deeper on, you know, what this Merkel tree structure is, is that, you know, I'd like to paint it visually for you a little bit. A Merkel tree, you know, if you were to think about it in your head, it visually looks kind of like a March madness bracket. As you can tell, you know, I'm missing my sports with the lockdown in quarantine. So, you know, reminded myself as much as I can. But you can think about it is that, you know, each. contestant in this bracket or each team in the bracket can be thought of as a leaf in the
Starting point is 00:29:25 Merkle tree or in this case what each leaf is is a user account so each user account is put onto this bracket you know in the NCAA there's what 64 in the case of gate io there was actually three million close to three million users so the bracket was much bigger and instead of six rounds, there was about, you know, 23. But the idea is the same if you have this structure of all these accounts and they eventually lead up to a winner. And we call that winner the Merkel root hash. And we actually publish that Merkel root hash as part of our report. And how users can use this, this data structures, I can explain a little bit how it works to get to that final Merkel root hash is that if you think about an individual matchup,
Starting point is 00:30:15 an opening round matchup, you know, it'll be a pairing. It'll be like account one and account two on the first two lines. And what we do is we basically concatenate those two, you know, pairing, those pairs,
Starting point is 00:30:30 those leaves in the pair. And we put them through a hash, a one-way function, and there's one output. There's two inputs and there's one output. And we basically, repeat that process for each matchup in the first round. And then when we've advanced to the round of 32, we do that again. We hash each sibling leaf in the pair to get to the round of 16. And we keep
Starting point is 00:30:58 doing that over and over until we get to this single hash. And that's this Merkel root that we publish. So that's pretty key, important part of this process, because that's also acts as a seal for users to for that liability side of the data. And they can actually re-perform this process because GATE, they have released the customer database that we have included as part of our agreed-upon procedures engagement. And you can actually run this through a Merkel tree generator and hopefully you output the same Merkel route hash that we did. And to be clear, they're anonymizing the account data in that data. They released it. What they releases hashes of account information, right?
Starting point is 00:31:46 Precisely, yes. So we're not actually getting my individual user account name. We are getting the hash user account ID, as well as the Bitcoin balance. So that's what each line item looks like in this bracket. Because there has to be some salt in there. There has to be some randomness, right, so that people can't just grind away at the, you know, email addresses or the names of the depositors, right? So it's the ID, which is like a number, which is assigned to depositors by the exchange, right?
Starting point is 00:32:19 Correct, exactly. Yeah, part of this is, it's hard, right? Because there's always the balance between security, privacy, and, you know, transparency. So this is a good example of airing on the side of privacy in this case. So there's actually relatively little information, which is leaked through this. I mean, you allow, users can derive their own ID, I guess. They request it. from the exchange. Is that right? Correct. So how you operationally do it is you will go through
Starting point is 00:32:47 into your exchange account on gate and they have a little proof section. And there you'll have your hashed user ID and your Bitcoin balance as of that point in time because it's important to note that this is this assessment is as of a single point in time. Right. So there might have been activity after that. So they take a snapshot as of the point. Kind of just quick capstone to what Jeremy's saying too is like if you were to be sort of scrutinizing this process, you're saying, okay, wow, okay, now you're talking about taking a snapshot from a database. And I think Jeremy spoke to it a little bit. How do you know that that's complete and accurate? It's kind of interesting because this is actually, this is like block and tackle simple stuff for what we call IT auditors, right?
Starting point is 00:33:33 You're doing a large financial statement engagement. You need to pull some revenue transactions. Well, where do you get it? You get it out of whether it's the ERP, the accounting system, where you get it out of maybe the platform that, you know, the business is operating. But either way, these are very standard procedures in audit, actually. So they're formalized into best practices. And that's basically what we followed, is that sort of best practice approach to understanding the nature of the environment, validating that we're at the right database, validating the data structure, understanding the query, and then understanding the hash
Starting point is 00:34:07 the encryption function that they used for anonymizing the data, as you said, and sort of understanding it end to end. So that piece isn't fully transparent. I don't think to the user, but that is the kind of process that we have to go through to really get that level of coverage. Right. So from the user perspective, your participation gives them the confidence to believe that the liabilities side is fully accounted for. And then they have the additional ability to go into
Starting point is 00:34:41 their own user account, look at their own balance, and verify effectively cryptographically that their account is included in that entire liability attestation coming from the exchange. Exactly. They verify that they were included and because they were included, at least they were not excluded or sort of underreported as a liability. Exactly. Yeah, and that would be how you would want to cheat if you were in exchange by underreporting your liabilities so that you would look fully reserved, even if you weren't, you would just omit some liabilities. But that's the point of the auditor being there. So to, you know, to attest to that global nature of the liabilities, and then the user can go ahead and actually verify the local liability, the one that they are kind of
Starting point is 00:35:33 responsible for. Yeah, exactly. There's just one other layer that's kind of not, I was just thinking of it as we go here, but it's not really probably transparent to the user in our report, but there's a whole engagement and acceptance sort of framework that we have to go through, right? To even engage a client that's a large exchange, to even take on the nature of this type of work, the firm and our sort of risk practice has to get pretty comfortable as to the management of the exchange, the track record, you know, background checks and on the actual key management figures. So there's actually a lot that goes into just a basic level of assurance as well. Yeah, I think, you know, sometimes people don't really appreciate that auditors or accounting
Starting point is 00:36:18 firms that take these engagements, they have like professional liability. So they need to make sure it's not a trivial thing for an accounting firm to engage with a client, right? Yeah, that's perfectly stated. It's one thing to shout on Twitter, oh, but that's another centralized party. It's another thing to understand all of the real layers that go into even getting to this point in an engagement. And what I think about the benefits from the community from this is that they have someone to hold accountable, right? We're a public firm, you know, top 25, very out there in the open.
Starting point is 00:36:54 And that should give the users some feeling of someone's accountable. for this. So, you know, it's different than just some random person going and saying, you know, Roger Vair before Mount Gawkes goes down and says, hey, yeah, they're fully reserved, right? This is a professional firm basically holding my license on the line, our licensures on the line, you know, and we've worked our lives to get, you know, these CPA licenses. So from a, from a community perspective, I think that's one of the big benefits is that there's someone accountable for this. And that gives it a heightened level of trust. Totally. So I guess the takeaway is proving ownership of a digital asset on chain is not particularly difficult. But really attesting to the liability side is pretty challenging. And it's like hard to also just transfer that trust signal to depositors. So that's really where you guys come in and put your reputation on the line and say, look, you know, we've evaluated this process and we believe it to be, you know, complete. We believe that this is a complete sort of accounting of the liability.
Starting point is 00:37:58 and combined that is like a fairly strong signal that everything is in order. Yeah, I would say, you know, the assets like you mentioned are pretty trivial unless you're Craig, apparently. Craig, right. But I digress. But like you mentioned, yes, on the liability side, that's where it is stickier. And part of that is, you know, in aggregate, right, we are doing this reconciliation of total assets and liabilities.
Starting point is 00:38:25 But part of us is also relying on the community because, like I mentioned earlier, you know, this data structure of all their user accounts in this bracket is that we grant the users the ability to go and use what we call a user verification portal. And they plug in their hashed user ID and their balance. And they can check to make sure that they were included. And if they weren't included, you know, that's a tip off to us as the auditor is saying, you know, something's fishy going on and, you know, we're responsible for this.
Starting point is 00:38:53 So we want to know any scenario where that's the case. And what this does is that the more people that use it and the more people that verify using these tools, the stronger and stronger the assurance behind this gets. So community involvement is really important with this process. Yeah, not to make a topical analogy, but it's very much like herd immunity. If you have a sufficient fraction of users that go through this process, you can have very strong confidence that it's completely. because if there are omitted liabilities and every user went through the process, that would be discovered. So no exchange would, you know, dare, I guess, do that if it was such a fragile process. And those emitted liabilities could be discovered easily or commingled, I guess.
Starting point is 00:39:46 Yeah, exactly. They could always assign multiple users kind of the same on-chain balance kind of thing. Yeah, I mean, it gives users the response. to basically be able to hold their own platforms and exchanges accountable. And this is their little way that they can contribute to that process. So I think it's cool. You know, it's a unique function that you don't get in other traditional banking or other audits. One thing that I've encountered when talking about proof of reserves to Bitcoiners,
Starting point is 00:40:18 understanding that there's still kind of a necessary role for sort of audit or accounting firms to assist in this process is like this disillusionment with the idea, you know, because you know, lots of Bitcoiners would prefer this whole thing to be crypto economic in nature and not rely on these quote unquote legacy, you know, sources of trust, you know, these, these entities like yourselves which generate trust signals. And I think that's probably part of the reason there's been a bit of a disaffectation with the proof reserve process since 2014 because it's not perfect and also because it's not fully sort of sovereign. It does rely on, you know, third parties. But I guess that's just kind of the reality of the world we live in. Yeah, I mean, why let
Starting point is 00:41:16 perfect be the enemy of good, I think, you know, it's a pretty extreme position to say just because it's not fully decentralized. It's not, you know, like you said, fully crypto economic, the incentivized as a process, then let's throw that baby out with the bathwater. I think we're moving in the right direction. I think that, you know, there's also changes in the space like, you know, decentralized exchanges where some of these issues aren't really issues anymore. And, you know, I think there's other opportunities for us to make the process better, right? So I think one thing would be to invite users to actually read this report, read the procedures we performed,
Starting point is 00:41:57 but then also make it to the end of the report and check out some of the remaining risks, as we call them. You know, we really talk about these things. We talk about what are the open areas for improvement? Like I sort of said, these are volume dials that you can kind of turn different directions, you know, and so grapple with those a little bit. and think about them. I think that the other thing that we can do to make this a little bit better,
Starting point is 00:42:23 one of the things is when it comes to publishing addresses, so the cold storage addresses of the exchange is obviously potentially a lot of concern about that, security concern, right? Not that publishing a public address is going to really expose a private key in any way, but it certainly puts the honey, at least lets you know where the honey pot is, I guess. So one of the things is zero knowledge proofs, I think would be, you know, we launched this verifier tool through Arminino's platform,
Starting point is 00:42:57 which we call Trust Explorer. It's really an assurance solution for where on-chain and off-chain assurance issues sort of meet. It's a stable coin assurance platform. It's a first real-time audit in the world. doing some other interesting things, but why couldn't we leverage zero knowledge proofs for the deposit or the cold storage addresses
Starting point is 00:43:18 that are involved in a proof reserves? So now we're back using, and maybe we're hashing that on chain or we're using some sort of a proof of action type of service on chain. That could be a cool way to sort of bring a little bit more of that decentralized trust back into it. Yeah, and it's worth noting that there have been papers about zero-knowledge-proofified
Starting point is 00:43:46 proof-reserve protocols, although they tend to be more complex and more sort of black-boxy. So just to cap off this discussion, if you guys had to guess what fraction of sort of current crypto exchanges would you estimate would be employing a user-facing proof-reserve tool in five-year time. I know it's kind of an impossible question, but just curious to get your sentiments on it. Greater than 50% in five years is my call. I might even go higher because I think it's going to become a regulatory requirement, especially in the U.S. It depends on your jurisdiction, right? In the U.S., I think it's probably going to become standard. Yeah, I think so too. And I also think it's a very strong self-regulatory measure, which heads off subsequent onerous regulation. So that's always my
Starting point is 00:44:42 pitch to exchanges. Like, if you do this now, life will probably be easier for you in the future. Certainly. And it's interesting because we look at some of the regulations out there. And they seem like they're trying to hit on some of the wrong areas that increase the burden without increasing, you know, the point, which is trust and transparency and being regulatoryly compliant. Like the, for instance, the New York bit license, the requirements are almost made for, public companies that have been public for five years. And when you're a crypto startup trying to operate in New York, these regulatory compliance burdens are almost impossible to meet.
Starting point is 00:45:20 And that's why we see so many companies not operating in New York just because this burden is so high. But to me, it seems like what they really want is they want to make sure that the company is a legitimate and honest business. And one of those ways that they can fulfill that is with the proof reserves rather than, you know, adding on these layers of legal work and higher level other audits that might not have necessarily the same effect as a proof of reserves could. And this is something that we see on a firsthand basis. Lots of our startups would love to operate in New York, and they have a very
Starting point is 00:45:58 difficult time. It's extremely capital intensive to comply with the bit license. And it's a really a huge shame. And it's also a shame because our regulations, for the most part, in the U.S. are not equipped, really, to deal with the nature of the collateral here, which is eminently provable and sort of crypto economic in nature. They just treat it as if it's kind of old-school legacy collateral, which has to be proven through kind of solely traditional methods. So it seems mismatched in a way. That's always been my view. view of like the dominant regulation in the U.S. Although granted, it's pretty patchy and disparate.
Starting point is 00:46:40 That's what I was going to add on is that, wow, it's quite the patchwork, isn't it? Yes, very much so. Moving on to you guys have also done something really interesting, which is also a kind of a controversial thing in the industry is how do you regulate or provide any of these trust signals around crypto dollars or stable coins as people refer to them? obviously the biggest one that people worry about, and there's very valid questions about the backing is tether. So in response, other crypto dollars have striven to be more sort of accountable and more transparent about their reserves. And so you guys have also built a real-time assurance tool,
Starting point is 00:47:24 forgive me if I'm getting that wrong, for trust token, right? Yeah, no, you stated it the right way. Yeah, it really goes hand in hand with how Jeremy and I and the firm and really got deep into this space as well. So you're right. Trust token is the first client that we support on our real-time assurance dashboard initially. And it's also now the world's first real-time audit. So the genesis of that story is really just, again, a client-ask. Trust token is very forward-thinking about compliance. They wanted to give their users everything they could.
Starting point is 00:48:01 in terms of trust and transparency. And so to that point, you said others of sort of crypto dollars have taken similar measures. So trust token, as far as I know, was the first to do these periodic attest reports. And essentially, you know, every 30 days, some of the stable coins do them less frequently based on, you know, budgetary needs and things like that. But your top handful of stable coins exclusive of tether do these periodic attest reports. And trust token was the first to do that. And they said, you know, this is really good, but we're not sure that it's enough for our users.
Starting point is 00:48:38 It, you know, it's a little clunky, basically. It's an old audit product. Is there something else we can do? And that was the start of Trust Explorer that day. We basically said, yeah, like, let's help you solve for that. And what we built was the world's first stable coin assurance dashboard. And so I mentioned earlier that it's bringing off-chain data and on-chain data together in one place. Well, in a tokenized dollar situation, what you're talking about is
Starting point is 00:49:07 a circulating supply of tokens issued on a given blockchain. In this case, we support Ethereum and finance chain blockchains for those assets right now and other chains that our infrastructure supports also. So circulating supply on the one hand side of the equation and on the other side, the asset, which in most stable coin cases sits at a third-party custodian. So it's a financial institution, a bank, a trust company, and there's a handful of those. And we query both of those sides on a very frequent basis. So the blockchain side is technically every 15 seconds, and the custodian side is every 30 seconds. And we pull a snapshot and compare them every 30 seconds.
Starting point is 00:49:50 So the first version really was just that basic level of assurance. And you can see this for yourself if you go to the Trust Explorer page. it's trust explorer.io. And you'll see that we've put these two pieces of data on a graph next to each other. And that for most users gives a great level of assurance. They can see that there's more tokens, excuse me, more dollars than tokens, or at least that they're equal. It's like an inversion of the exchange proof of reserve problem,
Starting point is 00:50:20 because in this case, with crypto dollars, the quantity is kind of visible on-chain, unless something weird happens. you can just look on a block explorer basically and see how many coins exist, tokens. And then the challenging part is actually the Fiat reserves because the banks aren't particularly transparent. So it's like almost inverted, but there's still a trust shortfall, which needs to be remediated. And so then your role is to actually query the bank or the financial institution holding the dollars. and present that information in real time, which is pretty cool.
Starting point is 00:51:03 I mean, like, we're talking about transparency, which, you know, to my knowledge, doesn't really exist in the actual financial system because people are sloppy and just rely on FDIC and the government bailouts and so on. But in the crypto industry, people are actually, you know, pretty intent on auditing these financial intermediaries. And so we have much more stringent demands for transparency, and that's what we're getting. Yeah, exactly. I mean, you could think of the traditional window of assurance, you know, being this financial reporting every year and closes in December and the reports are issued in March or something. But then again, only few people see them, you know, down to maybe
Starting point is 00:51:50 every 30 days in the stable coin space has become, again, sort of table stakes. You get this 30-day report. you put it out there. Most audit firms issue it a couple weeks after. You know, frankly, it's stale already. You do a number of them, but it's okay, but it's stale. Now you've reduced that from 30 days down to effectively 30 seconds because what we built on top, sort of our second iteration of Trust Explorer, was a real-time audit product.
Starting point is 00:52:15 So now, you know, we're pulling in this data in real-time, and we have all of it, right? We have the complete history of everything that we've queried, and we can apply essentially what are audit procedures, right? Like we can reconcile. We can look at tokens versus dollars and we can do it every 30 seconds. And so we asked ourselves as a group and as a firm, can we build an audit product on top of this? That was a long process, longer than starting the firm in some ways, or at least harder,
Starting point is 00:52:43 or starting the practice within the firm, I think. But ultimately, amazing collaboration and what we end up with is the world's first real-time audit. So now a user can go to trustexplore.io and actually click and download one of these attest opinions. So it's an examination opinion over the trust holdings of the stablecoin. And there's five of trust tokens, stablecoins supported there. There's a couple of others actually in the pipeline. And then some other interesting things with, I can't say client names exactly, but there's some
Starting point is 00:53:20 Exchange traded notes or ETF work that we're doing, which I think is opens, you know, this from being just a stable coin use case to an asset back token use case to an asset back to note use case. So it's really flexible. And I think the, yeah, the application potential here is huge. It's, uh, there's probably a fairly small constituency of people that get excited by innovations in audit. But I, I will confess that it's pretty cool to. see the stable coin attestations go from a granularity of one year, you know, maybe was the frequency of the attestations that we got from Tether. And then the standard became monthly for some of the other stable coins and now real time. I mean, that's a pretty dramatic shift. Yeah, why not use
Starting point is 00:54:16 the technology itself, you know? I mean, it's there. So that's kind of our perspective. Yeah, well, I will put a link to both of those, the TrustCoken Explorer and the Gate I.O. Proof Reserve in the show notes. Before we wrap, what interesting products are in the future here of these kind of hybrid audit processes that marry, you know, cryptographic assurances with, you know, standard trust assurances, trust signals. What is in the pipeline? So, well, there's a whole handful of things that we do, first off, outside of this trust explorer program. And so those are your traditional audit tax, risk assurance, advisory, consulting, products, services, right? And we deliver those into the crypto and blockchain space.
Starting point is 00:55:11 We're very good at that. And we continue to do that. I think there's a number of things. maybe they're a little less exciting than the sort of technology plays that we're doing. But they're pretty cool. Like, you know, industry-specific standards, like CCSS is a great example of something we're starting to work with. I think is, you know, really good for the industry, good for consumer protection, good, like Jeremy said, good hygiene. And, you know, for your users, I think most know, but that's, you know, produced by C4.
Starting point is 00:55:41 And it's really crypto-key management framework, security framework. So what does it look like when exchanges start to get audited against C4 or in CCSS? I think that that's a great advancement and something that Arminino is going to be involved in. On the technology side, how does Trust Explorer grow? I think there's some really exciting things that we're doing. One of them is a fund-related product. So as we see the crypto fund industry growing, we'd like to respond to that. We'd like to provide tools that are really useful to those plans.
Starting point is 00:56:16 players, both subscribers, managers, and even the admins involved. And so there's that. And I think some of the things that we do a little further off in the future are actually providing tools back to other auditors. So what we've done here, the ability to build tools that allow us to get our own engagement done are things that we can extend to other audit firms to allow them to. Because I think Jeremy and I agree that within the foreseeable future, just about any balance sheet that you come across will have some digital asset on it.
Starting point is 00:56:53 Well, Noah and Jeremy, it's been a pleasure. Thanks so much for coming on the show. Yeah, it's been fun. Thanks, Dick. Thanks, Dick.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.