Deconstructing Vitalik: How Proof of Solvency for CEXs Can Go Wrong With His Suggestions
Jimmy Toussaint, a quite interesting fella that I started interacting with on Linkedin, has recently posted his counterarguments against the newest article of Vitalik named:
He tagged me on his post and I took the chance to read Vitalik’s article.
To say the least, I was mind-blown🤯.
Diving into the rational of Vitalik’s ideas regarding the hot-topic of Proof of Solvency from a Centralised Exchanges (CEXs) perspective was illuminating up to a point.
Despite Sunday being quite full yesterday, as I knew I will learn through Vitalik’s notes the next step was to snipe my notebook, a pen, and jumped right into it.
But, let’s start with some precepts:
Vitalik is trying to express his views based on his world-view and theory of how things can be done. Sometimes, these views happen to be too theoretical, which is fine initially.
Unfortunately, there are times where these ideas come off as short-sighted.
Who am I to judge Vitalik, huh (you would rightfully think)?
I don’t have his giga-math-tech-brain, I know that.
Maybe that’s a good thing, who knows.
But I know that I try all my life to connect the dots using a holistic approach, using first-thing my research background that has been a lifesaver so far in my Web3 career.
The holistic approach demands to see the world a priori with various perspectives taken from background knowledge in simple economics, psychology, sociology, etc.
Although, I see the views expressed as a template for what can be done, I cannot state enough how many things can go wrong and they were not mentioned (or naively left omitted).
Here are some of my notes which pose questions and provide mind-statements:
1) ZK-SNARKs are a great tool to preserve privacy.
Vitalik mentioned using,
“ZK-SNARK to prove that all balances in the (Merkle) tree are non-negative”,
though this provides the breeding ground for using the ZK-SNARK tech for all the wrong reasons, which we want to avoid like the plague.
Many backdoors can be created this way.
Hiding and obfuscating reserves balances and data is the number one thing that comes to my mind, where CEXs can manipulate ZK-SNARK’s privacy to transfer funds between wallet addresses, reach a total number summed up that makes sense, and pretend they have solvency.
If you find a way to reverse the privacy on the spot, then maybe that would be an alternative when authorities want to jump in for auditing purposes.
2) The following suggestion is dangerous, I don’t have to explain why:
“Wallet recovery would exist, and there may need to be highly centralized recovery options for new users dealing with small amounts, as well as institutions that require such arrangements for legal reasons, but this can be done at the wallet layer rather than within the exchange itself.”
You can think yourselves why.
I will leave it there and try putting some though to it.
3) “Both types of exchanges will continue to exist, and the easiest backwards-compatible way to improve the safety of custodial exchanges is to add proof of reserve.”
For backward compatibility I would say that it only adds salt to the wounds.
It carries with it all the inherent problems that exist right now in CEXs.
If we want to move forward with transparency there needs to be novel infrastructure that has to be built from the ground up.
And again, careful consideration has to be given to how privacy is handled.
4)”Exchanges can solve this problem: first e-mail recovery, and if even that fails, more complicated forms of recovery through KYC….This is an unavoidable tradeoff”
Again, email recovery…? Really?
I wouldn’t expect such a statement.
Major target for hackers are personal email accounts from retail investors.
My perception was that we knew already that and the goal was to find other solutions.
In self-custodial crypto wallets lies the solution, and that is where the focus should be.
5) Having validiums as a proposed L2 system is dangerous.
First you have off-chain data kept… at centralised centres.
Troublesome situation if things go south with the data centre operator…
Vitalik mentions:
In a validium, the operator has no way to steal funds, though depending on the details of the implementation some quantity of user funds could get stuck if the operator disappears.
Second, there is a need for high computational power required to generate these ZK proofs and it’s not cost-effective for low throughput applications.
And these off-chain operations get verified using smart contracts… meaning they will need transaction fees, right?
Again, the fees can be low — but yet again… it only adds a layer of cost that should be avoided.
Who wants to pay extra for something so simple?
It doesn’t make sense to me and probably to you, too.
6) On-ramp and off-ramp asset movements (crypto or fiat) are even more work-intensive to keep track.
In the example where USDC is being mentioned in the article, think about USDC being swapped from a stablecoin to fiat, and then again from fiat to stablecoin through other wallet addresses that are not CEX-directly labelled.
It starts getting overly complicated.
And it will be in the benefit of CEXs.
What’s Next For Proof of Solvency and the Future of CEXs
For Proof of Solvency to have an apt application in the CEX and DeFi world there is demand for new infrastructure and Web3 architecture that can support it.
Currently, having the likes of Binance, Kraken, BitMex and Crypto.com (among others) trying to “prove” their reserves and solvency does not provide any real insight.
On the contrary, if you ask me, I would tell you that what happens now is a concentrated effort from CEXs which tries to “soothe” the public outcry after the FTX debacle.
Future start-up CEXs and DEXs can pivot their business models and base their code having the considerations and ideas coming from Vitalik, Jimmy and me — if they want to!
That way we can hope to achieve greater transparency and trust within the Web3 community and the digital assets industry.
