Everything You Need to Know About Asset Security At Dacxi: Proof of Reserves

Dacxi Chain
8 min readJan 10, 2023

--

In 2022 we saw a number of crypto-based exchanges, protocols and lending organisations collapse in a way few would have predicted. In all cases, their customers could lose some or all of their assets.

Across the world, crypto-organisations are scrambling to assure clients and the market more generally that they provide a secure home for their assets. References to ‘Proof of Reserves’ have been commonplace. And while ‘Proof of Reserves’ seems an appropriate and well-intentioned response to the need to provide clients greater transparency and security, in truth ‘Proof of Reserves’ in its current, proposed form does not provide the protection required.

It is, however, a well-intentioned, meaningful first step towards a better future.

What is Proof of Reserves (POR)?

Within the blockchain space, ‘POR’ is commonly known as an independent audit that enables centralised exchanges to publicly attest to the value of their reserves, and by doing so prove their solvency.

In other words, it is designed to establish that the organisation holding client assets has sufficient funds to return these assets to every one of their clients if required.

While POR may seem an appropriate way to assure clients their assets are safe, in reality, POR in isolation does not go nearly far enough.

1:1 Proof of Reserves Does Not Go Far Enough.

And there are multiple reasons why.

1:1 POR simply calculates the current value of client assets and establishes that the company holding them has sufficient financial reserves to match the value of the assets. This approach does not take into account several important facts:

  • The company providing 1:1 POR may also have liabilities that should be taken into account. It may be that when liabilities are also considered, financial reserves are insufficient to guarantee client assets.
  • 1:1 POR does not mean assets are being held in a type and quantum identical to the underlying assets purchased by clients. For example, if a client owns Bitcoin to the current market value of $1,000, it must be established that $1,000 of Bitcoin is held for that client. Value matching that Bitcoin to $1,000 worth of any other cryptocurrency, digital asset or even fiat, creates client risk as prices fluctuate. Instead, it should be established that what is held in custody for the client is an exact match by asset type(s) and quantum to that last purchased by the client.
  • The company providing 1:1 POR may be participating in schemes whereby they loan client assets to another company (a counterparty) to produce a return. In the crypto world, these schemes have been common and are often marketed to clients as a program through which they can generate a return on the crypto they already hold. Programs such as this introduce counter-party risk, where the client either no longer knows where their assets are being held and by whom, and/or they have no guarantee or recourse on their assets should they be lost in part or whole by the counter-party.

Custody is Key

The single most fundamental principle in providing clients with the protection they deserve is to establish where and how their assets are being held. This is usually referred to as custody of assets. Custodial protection (including third-party independent custody providers) is well established in most asset classes and can include physical, paper or digital assets.

In the world of crypto, traditional custodial arrangements exist but are applied inconsistently across the industry. In many cases, clients that invest in crypto have no idea where their assets are actually being held, how and by whom. Establishing if, and exactly how your digital assets are being held on your behalf is critical. Above all else, clients should not assume that the organisation/platform from which they acquired their digital assets is also providing the level of custody needed.

We believe the minimum standard for custody of client assets looks like this:

  • Your assets are being held in a purpose-built, secure environment. This usually means they are stored in a highly secure cold wallet, disconnected from the internet which makes it very difficult to hack.
  • A security-first approach has been applied to who and when those assets may be accessed. Security first means no single person should ever have the authority to access your assets. Rather, access should only be achievable via the approval of multiple trusted individuals from within the organisation providing custody.
  • In traditional financial markets, independent third parties usually provide custodial services for the clients that hold the assets. In most countries operating a custodial service means the operator is subject to strict laws and controls and must be licensed, providing added protection.
  • Third-party custody providers often provide insurance to further protect client assets.

There remain various other considerations when it comes to protecting clients. Perhaps the best way to explain this is by looking at how we think about client safety and what we believe we must provide it.

As a wealth platform, Dacxi has always operated in a different business sector to exchanges and lending organisations. We have always believed we must operate to the highest standard of client protection and security.

Three key areas influencing your crypto-asset security

1. Client Assets

  • 100% Asset Backing. Clients expect that the organisation holding their assets has 100% of their assets at all times. Their claims are 100% backed.
  • If clients store cash or crypto on an exchange then the exchange will have totals for each type of asset; there may be US$100mil, 1,000 Bitcoin, 10,000 ETH, etc.
  • Clients expect that there is 100% Asset Backing so if the clients have deposited a total of US$100 million in cash then there is $100 million in cash in bank accounts.
  • If the client total says there is 10,000 Bitcoin then there is 10,000 Bitcoin, not the ‘equivalent’ of 10,000 Bitcoins worth of cash or some other token. If this is not the actual asset then there is exchange risk.
  • With 100% asset backing, a company can pay all clients all their assets within 24 hours, with the only reason for a delay being the movement of assets out of ‘cold storage custody’.

We have always ensured that we keep the EXACT amount of EACH type of asset for 100% Asset Backing.

  • Asset Separation. Clients should expect that their assets, fiat cash and crypto, are separated from the company’s assets.
  • All client’s funds are placed in a separate bank account from the company’s funds.
  • If the company gets into financial difficulties, the receiver can therefore immediately determine client accounts so they can be returned.
  • Separation of crypto assets is more difficult due to operational wallet requirements and custody. Where possible client assets are placed in custody with company assets being used in the hot wallet. We have operated asset separation since our inception.
  • Asset independence. Client cash and crypto must never be promised to support any company lending in any way; known as ‘unencumbered’. At Dacxi, we have never had debt.
  • Independent Audit. An independent organisation, like an accountant, can simply compare presented client totals with actual assets to prove 100% asset backing and asset separation. The audit must rely on the figures presented and proven by the company, yet it forces the company to act properly.

We have voluntarily undertaken this process with its Precious Metals tokens for over two years.

  • Regulations It is highly likely that all crypto-regulations will demand the above requirements. The UK FCA regulations require this and Dacxi had to deliver proof of backing and separation.

2. Crypto-Asset Security

Crypto-Assets held by exchanges must be protected from ‘hackers’ as clients can lose their assets as exchanges cannot repay stolen funds.

  • Devices. Many crypto-industry people suggest that all assets are removed from exchanges and held on simple ‘cold storage’ devices such as a Ledger. They are the size of a ‘memory stick’.
  • While this seems very secure, eliminating exchange hacking risk, they introduce a huge risk of losing the device or forgetting the passwords. It is not surprising that the claim is that 20% of all Bitcoin has been lost this way. 4 million coins worth $60 billion.
  • For nearly all crypto investors, they need their assets looked after by a secure professional, called ‘custodied’. It is not like leaving your money in the bank as the bank is backed by the money-printing government. If you lose your crypto, it’s gone.
  • Wallets. All active platforms split their crypto into those held in hot or cold wallets.
  • Hot wallets are connected to the internet and used for trading, deposits and withdrawals. Hot wallets are at risk of hacking, the crypto name for stealing.
  • Cold wallets are not connected to the internet so cannot be hacked.
  • The percentage of all assets held between hot and cold wallets shows the hacking risks taken by the exchange. There is no promoted ratio between wallets, yet exchanges talk of the 5%/95% ratio; 5% in a hot wallet.

We operate with 5% maximum, yet normal ratios are close to 2% as we are not a trading exchange.

  • Custody
  • Custody is the assets held in cold wallet storage where most, min 95% of assets are held.
  • Custody can be independent, like a Bitgo, or internal. For highly experienced companies, there is no reason why custody must be independent.
  • These can be insurance coverage offered on assets and/or processes.

We have over four years of safe custody and also use Bitgo independent insured service.

  • Asset movement.
  • Operations like exchanges and some projects require assets moving between blockchains on ‘bridges’. These have shown themselves to have the most hacks in 2022. We do not participate in these actions.

3. Corporate risk

  • Client asset security should not be threatened by the actions of the company yet irresponsible actions or obvious red flags should warn of other potential risks.
  • Earn Feature. Many exchanges or lending organisations offer the opportunity to earn a return by storing assets with them.
  • This could be a huge risk because exchanges usually make money by lending it to someone else (counterparty).
  • The counter-party risk of Earn programmes is better understood within the industry and why we have yet to offer a programme outside of our control.
  • Debt. Some companies, ie FTX, borrowed large amounts of money. Some used their own token as collateral even though if they had to sell it in large amounts, this action would destroy the asset’s value.

We have never had debt or used our token as collateral.

In summary

2022 will forever be an inflection point for the crypto market and the growing blockchain industry that sits in and around it. While there have been some devastating examples of failure, these serve to crystallise the urgent need for robust regulatory frameworks designed to protect clients in the way they have been protected for years in non-digital assets. These protections are coming, hopefully very soon, and will provide confidence for retail and institutional investors alike.

In the meantime, the industry must step up and demonstrate its commitment to new standards of safety, security and client protection. This commitment will serve to reassure all market participants, and more importantly provide them with a basis on which to assess which platform or provider is right for them.

At Dacxi, we have upheld the highest of these standards from the very beginning. For us, these are standards that will never be compromised.

--

--

Dacxi Chain
Dacxi Chain

Written by Dacxi Chain

The World's First Global Equity Crowdfunding Network. 🌐 http://dacxichain.com

No responses yet