The new disclosure page allows skeptical users to self-verify that their assets are included in the report.
Crypto.com has released an audited proof-of-reserves page, showing that the exchange has enough crypto assets to back its liabilities to customers, according to a Dec. 9 statement on the exchange’s website. The new page shows that Crypto.com has 102% of the Bitcoin, 101% of the Ether, and 102% of the USD Coin needed to process withdrawals.
Tether, XRP, Dogecoin, Shiba Inu, Chainlink's LINK and Decentraland's MANA are also included in the report, with each of them having reserves of above 100%.
According to the statement, the audit was conducted by Mazars Group, an international audit, tax and accounting firm and is accurate as of Dec. 7.
The crypto community has been watching centralized exchanges more closely since the collapse of FTX in November. Crypto.com itself has been caught up in the crisis, as it briefly had to pause withdrawals on the Solana network due to the fallout from FTX.
By releasing its proof of reserves, the Crypto.com team said it hopes to show that it is a good steward of crypto users’ assets and can be trusted to process all withdrawals. Kris Marszalek, CEO of Crypto.com, explained it:
“Providing audited Proof of Reserves is an important step for the entire industry to increase transparency and begin the process of restoring trust. [...] Crypto.com is fully committed to providing customers around the world a safe, secure, and compliant means of engaging with digital currencies.”
Given that some users won't trust the exchange’s reporting of its own assets and liabilities, Crypto.com’s proof-of-reserves page also provides a method for users to self-audit its reserves. Users can log in to the app and verify the assets they held at the moment the audit was done, and they can copy the Merkle hash derived from the balances.
Once the customer obtains their Merkle hash, they can navigate to a separate auditor page under the control of Mazars, where they can receive detailed proof that their liabilities are part of the larger Merkle tree of the exchange’s audited liabilities.
Mazar claims that its auditor page runs a version of the open-source Silver Sixpence Merkle Tree Generator program. This implies that if the auditor page was doctored in some way to make it produce false results, any programmer should be able to discover this by running the program in their own developer environment.