Proof of Reserves
Our Commitment to Transparency
At Kraken, we don’t just offer you the ability to trade cutting-edge digital assets, we’re working to leverage the transparency of the open-source blockchains on which they operate.
Our regular Proof of Reserves reviews make it easy for clients to verify the in-scope balances they hold are backed by real assets, all with just a few easy clicks in their account.
An advanced cryptographic accounting procedure conducted regularly by trusted accountants, Proof of Reserves lets you verify that Kraken is meeting rigorous standards for accountability and exceeding the transparency offered by legacy financial firms.
What is Proof of Reserves?
A Proof of Reserves (PoR) review is a procedure performed by an independent 3rd party accountant. This is intended to confirm that a custodian holds the assets it claims to on behalf of its clients. This accountant takes an anonymized snapshot of all balances held and aggregates them into a Merkle tree — a privacy-friendly data structure that encapsulates all client balances.
From there, the accountant obtains a Merkle root: a cryptographic fingerprint that uniquely identifies the combination of these balances at the time when the snapshot was created.
The accountant then collects digital signatures produced by Kraken, which prove ownership over the on-chain addresses with publicly verifiable balances. Lastly, the accountant compares and verifies that these balances exceed or match the client balances represented in the Merkle tree, and therefore that the client assets are in Kraken’s control.
Any client can independently verify whether their balance was included in the Proof of Reserves procedure by comparing select pieces of data with the Merkle root. Any changes made to the rest of the data, however small, will affect the root – making tampering obvious.
What does Proof of Reserves cover?
Spot balances
The review will contain all of your balances in the in-scope assets, held at the time that the snapshot was taken. The following assets are in scope as of the most recent review: Bitcoin (BTC), Ether (ETH), Cardano (ADA), Polkadot (DOT), USD Coin (USDC), Tether (USDT), and Ripple (XRP).
Staking balances
If your balances were allocated to on-chain staking at the time of the snapshot, you will see a separate entry for these, following the naming convention with a '.S' suffix (e.g. DOT.S)
Margin trading
If you had margin positions at the time, then you would see your total balance adjusted by the positive position values.
Example 1: If you bought 1 BTC/USD @ 30,000 USD on margin, and your position is open, your Proof of Reserves balance will reflect a positive +1 BTC adjustment to your BTC balance. There will be no negative adjustment to your USD balance. Your BTC asset balance held under Kraken custody will include your BTC balance at the time, adjusted by the positive + 1 BTC adjustment for your margin position. Your USD asset balance will remain the same.
Example 2: If you sold 1 BTC/ETH @ 15 ETH on margin, and your position is open, your Proof of Reserves balance will reflect a positive +15 ETH adjustment to your ETH balance. There will be no negative adjustment for your BTC balance. Your ETH asset balance held under Kraken custody will include your ETH balance at the time, adjusted by the positive + 15 ETH adjustment for your margin positions. Your BTC asset balance held under Kraken custody will remain the same.
Note: The margin methodology described above is effective starting with the May 2023 Proof of Reserves reviews.
Futures balances
If you had balances in your Futures wallet at the time of the review, a separate Proof of Reserves record will exist for your futures collateral balances. Your balances are adjusted by unrealized Profit and Loss for Single Collateral futures trades. This will include the same in-scope assets as for spot and margin, and will be part of the same Merkle Tree (with its own Merkle Leaf ID).
Example 1: If you had 1 BTC in your futures wallet, and you open a position in BTC Perp Single Collateral, which has a -0.1 BTC unrealised Profit and Loss, then your BTC balance held under Kraken custody will be 0.9 BTC (your 1 BTC, adjusted by -0.1 BTC for unrealised P&L).
Example 1: If you had 1 BTC in your futures wallet, and you open a position in BTC Perp Multi-Collateral, which has a -100.0 USD unrealised Profit and Loss, then your BTC balance held under Kraken custody will be 1 BTC (your 1 BTC is not adjusted by the unrealised P&L, as that is tracked in USD, and USD is not an in-scope asset for this review).
Note: The futures methodology described above is effective starting with the May 2023 Proof of Reserves reviews.
Verifying that your account was included in the Proof of Reserves review
Simple verification
Follow the steps below to cryptographically verify the inclusion of your Kraken account balance in the most recent Proof of Reserves review.
Note: This verification will only reflect your account's balances in the in-scope assets at the time of the review. It will not reflect any subsequent trades or transactions, nor will it reflect balances held in assets that are not in-scope.
1. Log in to your Kraken account and navigate to your account settings (Account icon > Settings).
2. Select the Proof of Reserves tab. Your account will display recent Proof of Reserves reviews in which your account balance was verified, the associated Review ID, the date of the review, the name of the 3rd party accountant and the type of review that was conducted. The Review ID is the identifying string associated with a particular review; as Kraken expects to be conducting regular Proof of Reserves review, it’s important that each is uniquely identifiable.
3. Select the date. Here, you will find confirmation of the balances held at the time of the review, as well as a guide on how to verify your record.
The Record ID enables you to independently confirm that your account balance was included in the review, via the Kraken-provided interface or via the third-party accountant.
- Verify your Merkle Leaf ID - a step by step guide to find your unique identifier
- Confirm your ID in the Merkle Tree - a visual way of confirming your unique ID’s belonging to the data snapshot
- Review our 3rd party accountant’s report - this will navigate you to the 3rd party accountant’s verification tools.
Note: This has been made available for 2023 onwards. For previous review, please refer to our partner’s web page to find the verification tools.
Advanced verification
Tech-savvy clients may wish to independently reconstruct their particular Merkle Tree leaf node hash and look up their balances in the Merkle Tree programmatically, rather than in the Kraken or 3rd party accountant provided visual tools.
You can perform the following verifications steps in code:
-
You can verify the generation of your Merkle Tree Leaf ID for your account, with the steps outlined below.
-
You can then verify your Merkle Tree Path for the leaf ID, and reconstruct the path from your position to the root node. We provide full transparency and also include your sibling leaf IDs.
The requisite steps, in pseudocode, to reconstruct the Record ID and Merkle Leaf from your Account Code, Kraken IIBAN, Review ID and Balances are outlined below. Note that the results are sensitive to the particular string formatting of balances, and the order of assets reviewed, as displayed on the Proof of Reserves page.
- Record ID = SHA256(concatenate(Account Code, Kraken IIBAN, Review ID))
- Balances = ""
- ForEach Asset:
- Balances = concatenate(Asset, ":", AssetBalances[asset])
- Merkle Hash = concatenate(Record ID, “,”, Balances)
- Merkle Leaf = substring(SHA256(Merkle Hash), 0, 16)
After your Merkle Leaf is identified, you can use a SHA256 verification with HEX values to reconstruct the Merkle Tree Path.
Specific examples are also demonstrated in the code snippets below. The resulting Merkle Leaf is also visible on the review details to help confirm you’ve reconstructed this correctly.
Python
import hashlib
# Merkle Leaf ID calculation
account_code = "8dc20f34da8cea8dd0f46b001694f5123ecd30d786c5eb92ad1a013703a4f8d1"
iiban = "AB12C34DEFG5KSQI"
review_id = "PR31MAY23"
record_id = hashlib.sha256((account_code + iiban + review_id).encode('utf-8')).hexdigest()
balances = "ADA:15129.4,ADA.S:0.0,BTC:0.2600852178,DOT:50.0,DOT.S:20.5,DOT28.S:30.1,DOT.P:0.0,ETH:5.27518778,ETH2.S:10.123,USDC:50000.0,USDT:0.0,XRP:0.000002"
print("Record ID: {}".format(record_id))
print("Merkle Hash: {}".format((record_id + "," + balances)))
hash_result = hashlib.sha256((record_id + "," + balances).encode('utf-8')).hexdigest()
print("SHA Result: {}".format(hash_result))
print("Merkle Leaf: {}".format(hash_result[0:16]))
#Merkle Tree Path function
def mix(x, y):
a = bytes.fromhex(x)
b = bytes.fromhex(y)
d = hashlib.sha256()
d.update(a)
d.update(b)
return d.hexdigest()
Rust
use sha2::{Digest, Sha256};
//Merkle Leaf ID calculation
const ACCOUNT_CODE: &str = "8dc20f34da8cea8dd0f46b001694f5123ecd30d786c5eb92ad1a013703a4f8d1";
const IIBAN: &str = "AB12C34DEFG5KSQI";
const REVIEW_ID: &str = "PR31MAY23";
const BALANCES: &str = "ADA:15129.4,ADA.S:0.0,BTC:0.2600852178,DOT:50.0,DOT.S:20.5,DOT.P:0.0,DOT28.S:30.1,ETH:5.27518778,ETH2.S:10.123,USDC:50000.0,USDT:0.0,XRP:0.000002";
fn main() {
let mut record_hasher: Sha256 = Default::default();
record_hasher.update(ACCOUNT_CODE);
record_hasher.update(IIBAN);
record_hasher.update(REVIEW_ID);
let record_id = format!("{:x}", record_hasher.finalize());
let merkle_hash = format!("{},{}", record_id, BALANCES);
let mut merkle_hasher: Sha256 = Default::default();
merkle_hasher.update(&merkle_hash);
let merkle_result = format!("{:x}", merkle_hasher.finalize());
println!("Record ID: {}", record_id);
println!("Merkle Hash: {}", merkle_hash);
println!("SHA Result: {}", merkle_result);
println!("Merkle Leaf: {}", &merkle_result[..16]);
}
//Merkle Tree Path function
fn mix(x: &str, y: &str) -> Result<String, hex::FromHexError> {
let mut leaves_hasher: Sha256 = Default::default();
let a = hex::decode(x)?;
let b = hex::decode(y)?;
leaves_hasher.update(&a);
leaves_hasher.update(&b);
Ok(hex::encode(leaves_hasher.finalize()))
}
fn main() {
println!("{}", mix("f42372aeb1be7296", "dfcced6ec3235f5e").unwrap());
assert_eq!(
mix("f42372aeb1be7296", "dfcced6ec3235f5e").unwrap(),
"ad86a5ee2f21347403ce07e365530604690454fa76787e76be9d2f6efdceeabf"
);
}
Go
package main
import (
"crypto/sha256"
"fmt"
)
//Merkle Leaf ID Calculation
func main() {
accountCode := "8dc20f34da8cea8dd0f46b001694f5123ecd30d786c5eb92ad1a013703a4f8d1"
iiban := "AB12C34DEFG5KSQI"
reviewId := "PR31MAY23"
secret := accountCode + iiban + reviewId
data := []byte(secret)
hash := sha256.Sum256(data)
recordId := string(hash[:])
fmt.Printf("Record ID: %x\n", recordId)
balances := "ADA:15129.4,ADA.S:0.0,BTC:0.2600852178,DOT:50.0,DOT.S:20.5,DOT.P:0.0,DOT28.S:30.1,ETH:5.27518778,ETH2.S:10.123,USDC:50000.0,USDT:0.0,XRP:0.000002"
merkleHash := fmt.Sprintf("%x%s%s", recordId, ",", balances)
fmt.Printf("Merkle Hash: %s\n", merkleHash)
hashResult := sha256.Sum256([]byte(merkleHash))
hashResultStr := string(hashResult[:])
fmt.Printf("SHA Result: %x\n", hashResultStr)
fmt.Printf("Merkle Leaf: %x\n", hashResultStr[0:8])
}
//Merkle Tree path hashing
func mix(x, y string) (string, error) {
// Convert the hex strings to bytes
a, err := hex.DecodeString(x)
if err != nil {
return "", err
}
b, err := hex.DecodeString(y)
if err != nil {
return "", err
}
h := sha256.New()
h.Write(a)
h.Write(b)
// Get the final hash value as a byte slice
hashed := h.Sum(nil)
// Convert the hash to a hex string and return it
return hex.EncodeToString(hashed), nil
}
func main() {
result, _ := mix("f42372aeb1be7296", "dfcced6ec3235f5e")
fmt.Println(result)
}
Bash
#!/bin/bash
#Merkle Leaf ID calculation
ACCOUNT_CODE="8dc20f34da8cea8dd0f46b001694f5123ecd30d786c5eb92ad1a013703a4f8d1"
IIBAN="AB12C34DEFG5KSQI"
REVIEW_ID="PR31MAY23"
RECORD_ID=$(echo -n "${ACCOUNT_CODE}${IIBAN}${REVIEW_ID}" | sha256sum | head -c 64)
BALANCES="ADA:15129.4,ADA.S:0.0,BTC:0.2600852178,DOT:50.0,DOT.S:20.5,DOT.P:0.0,DOT28.S:30.1,ETH:5.27518778,ETH2.S:10.123,USDC:50000.0,USDT:0.0,XRP:0.000002"
MERKLE_HASH="${RECORD_ID},${BALANCES}"
HASH_RESULT=$(echo -n ${MERKLE_HASH} | sha256sum | head -c 64)
echo "Record ID: ${RECORD_ID}"
echo "Merkle Hash: ${MERKLE_HASH}"
echo "SHA Result: ${HASH_RESULT}"
echo "Merkle Leaf: $(echo -n ${HASH_RESULT} | head -c 16)"
#Merkle Tree Path function
hex_string1="f42372aeb1be7296"
hex_string2="dfcced6ec3235f5e"
# convert hex strings to binary, concatenate them and then hash
hash_result=$(echo -n "$(echo -n $hex_string1 | xxd -r -p)$(echo -n $hex_string2 | xxd -r -p)" | sha256sum | awk '{ print $1 }')
echo $hash_resultShortcomings and Future Improvements
In the interest of championing transparency, we would like to share some of the shortcomings in the Proof of Reserves process that we’ve identified.
- A Proof of Reserves involves proving control over on-chain funds at the point in time of the review, but cannot prove exclusive possession of private keys that may have theoretically been duplicated by an attacker.
- The procedure cannot identify any hidden encumbrances or prove that funds had not been borrowed for purposes of passing the review. However, the movement of funds is visible on the blockchain, as we provide transparency over the addresses where our assets are located. Similarly, keys may have been lost or funds stolen since the latest review.
- The accountant must be competent and independent to minimize the risk of duplicity on the part of the examinee or collusion amongst the parties.
- We seek to mitigate some of these shortcomings by engaging with a respected, independent third party firm for our Proof of Reserves, and conducting these reviews at a regular cadence. We also provide transparency over this data directly in our client platform.