Research

The Distributed Auditing Proofs of Liabilities (DAPOL) are schemes designed to let companies that accept (i) monetary deposits from consumers (i.e., custodial wallets, blockchain exchanges, banks, gambling industry etc.) or (ii) fungible obligations and report claims from users (i.e., daily reporting of COVID-19 cases, negative product reviews, unemployment rate, disapproval voting etc.) to prove their total amount of liabilities or obligations without compromising the privacy of both users’ identity and individual amounts.

Throughout this document we’ll often refer to one of DAPOL’s most popular use cases, which is proving solvency of cryptocurrency exchanges. Solvency is defined as the ability of a company to meet its long-term financial commitments. In finance and particularly in blockchain systems, proof of solvency consists of two components:

1. Proof of liabilities: proving the total quantity of coins the exchange owes to all of its customers.
2. Proof of reserves (also known as proof of assets): proving ownership of digital assets (i.e., coins) in the blockchain.

Typically, an exchange should prove that the total balance of owned coins is greater than or equal to their liabilities, which correspond to the sum of coins their users own internally to their platform.

It is highlighted that this proposal focuses on the proofs of liabilities part only, mainly because the same solution can be applied to a broad range of applications, even outside solvency, and secondly because the proof of assets part cannot easily be generalized and it differs between blockchain types due to different privacy guarantees offered per platform.

The extra benefit of DAPOL compared to conventional auditor-based approaches is it provides a transparent mechanism for users to validate their balance inclusion in the reported total amount of liabilities/obligations and complements the traditional validation performed by the auditors by adding extra privacy guarantees.

This document focuses on a particular class of auditing cases, in which we assume that the audited entity does not have any incentive to increase its liabilities or obligations. Although proofs of liabilities are an essential part of proving financial solvency, it will be shown that there are numerous applications of DAPOL, including their use in tax earning statements, “negative” voting and transparent reports of offensive content in social networks, among the others.

The recommended approach combines previously known cryptographic techniques to provide a layered solution with predefined levels of privacy in the form of gadgets. The backbone of this proposal is based on the enhanced Maxwell’s Merkle-tree construction and is extended using balance splitting tricks, efficient padding, verifiable random functions, deterministic key derivation functions and the range proof techniques from Provisions and ZeroLedge solvency protocols, respectively.

Because Bulletproofs [5], Gro16 [23], Ligero [1], Plonk [21], Halo [3] and other efficient ZKP constructions were not available or mature when the above solvency protocols were published, we will assume that any efficient zero knowledge scheme for set membership in summation structures can be a good candidate, but we hope we will agree as a community on one or two concrete constructions.