TokensInsight has tested how can they help to improve assist security in the 🧵👇
1/ What is PoR? It is an audit method used to prove whether the on-chain reserves are sufficient to cover all assets of the user on the exchange. When reserves/asset are ≧💯%, the user assets are safeenough.
2/ Merkel Tree It's used to verify user assets, the info is stored in anonymous snapshots in leaf nodes🍀 and will be aggregated to the root. If the user assets change, it will be reflected in the root node data. It improves the transparency,
but there are still 2 questions🤨:
3.1/ Do all users' assets are recorded by the Merkel tree? Users can manually verify the assets, OKX provides a file containing data on different heights and nodes in the Merkel tree. After verification, "Merkle tree path validation passed" appears, it also shows token balances💵
3.2/ Do all users' assets recorded by the Merkel tree? If we change a few numbers in the data file then verify again, it shows "Merkle tree path validation failed", indicating that the verification fails.
4/ Are the addresses disclosed by the exchange belongs to OKX? OKX shares the crypto type, amount, signature and signs a message with the corresponding private key 🔑when sharing the wallet address. Our test shows that the verification has passed and OKX owns the addresses.
5/ Read the full article at TokenInsight:
this twitter thread.