[ANN] Bitfinex Passes Proof of Solvency Audit

[Stefan Thomas]

Happy to publish today the results of an audit I performed for the Bitfinex exchange. This is similar to the Kraken audit, we simply took some of the feedback on board (hash email address into leaf nodes), improved the security in a few places (balances were anonymized even to me) and streamlined the process some more (presenting easy-audit.)

As always, an audit does not constitute an endorsement and it does not address any risks outside of present insolvency. It's also not infallible, exchanges can borrow money or ask others to sign their audit message. Finally, until we can implement fully zero-knowledge, cryptographically provable audits, you have to trust the auditor, i.e. me, to have done my job correctly.

Also same as last time, I did not receive any compensation for the audit and I did it in my free time.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====BEGIN AUDIT REPORT=====

AUDITOR: Stefan Thomas
AUDITED ENTITY: iFinex, Inc., https://www.bitfinex.com
ROOT HASH: 37c49d606c61aab140726265099992c3dd0fba30e1ce1a8a04f0e56cec6dc19f
BLOCK HEIGHT: 294378
RESULT: >100% reserves


April 6, 2014
San Francisco

This post is to report on an audit I performed for the Bitfinex Bitcoin exchange on April 5th and 6th, 2014 from my home office here in San Francisco. I've not received any payment for this audit - my personal goal with this is to help improve the stability of and confidence in the math-based currency industry overall.


Statement
=========

The audit process is designed to allow the auditor - in this case me, Stefan Thomas - to verify that the total amount of bitcoins held by Bitfinex matches the amount required to cover an anonymized set of customer balances. I am attesting to is the root hash of a merkle tree containing all balances that were considered in the audit. If you are a customer of Bitfinex, you'll be able to verify using open-source tools that your balance at the time of the audit is part of this root hash. If it is and if you believe that I am trustworthy, then you can be confident that your balance was covered by 100% reserves at the time of the audit.

Compared to audits performed by other exchanges, this approach is very strict while still maintaining absolute privacy for customers. The most difficult part of an audit is normally to verify that the exchange is not under-reporting the number and balances of account holders. With this approach each account holder can verify that they were considered in the audit.

Trust in this type of audit still requires trust in the auditor. For now, this will rest on my shoulders, but Bitfinex have expressed interest in doing regular audits with different auditors each time. This serves to renew the audit and also to increase the confidence in the audit process and the validity of the result.


Claims
======

Claim 1: Bitfinex controls a certain amount of Bitcoins.

Proof: Bitfinex provided a JSON file with a list of their Bitcoin addresses and balances. I used the `cryptoshi audit` command in libcoin to verify the JSON file against a copy of the block chain.

The version of libcoin used was commit e913a46fd481236f573001abbc879d89595d5fef.

Here is the audit code used:

https://github.com/libcoin/libcoin/blob/e913a46fd481236f573001abbc879d89595d5fef/applications/cryptoshi/cryptoshi.cpp#L638-692


Claim 2: The amount from claim 1 is greater than the amount contained in the root hash of balances.

Proof: Bitfinex provided a JSON file containing a set of anonymized user balances. I used my own tool "easy-audit" to calculate the reserve ratio and root hash.

The version of easy-audit used was commit 8dc5882c1d40f5ab9bbea14778cd1abadce6e459

Available at: https://github.com/justmoon/easy-audit

Here is the audit code used:

https://github.com/justmoon/easy-audit/blob/8dc5882c1d40f5ab9bbea14778cd1abadce6e459/proof.js#L21-45

The tool's output was:

ASSET OWNER: bitfinex.com
BLOCK HEIGHT: 294378
ROOT HASH: 37c49d606c61aab140726265099992c3dd0fba30e1ce1a8a04f0e56cec6dc19f
RESERVE RATIO: 102.82%

The actual holdings were slightly (< 3%) above the required holdings, meaning Bitfinex had greater than 100% reserves at the audit block height.

// Stefan Thomas

=====END AUDIT REPORT=====

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBAgAGBQJTQsC9AAoJEMlHNwCksIvzTqYP/AoNwhCWI0EYcUm0mulbZT5T
DfeXUI3/VdiYMkVz21LNjwzb62DCkKLlA2T042z2zj2PZQy4hFSV6a4DZWYzbgv8
9Uh5v1GCGCBkUGzkDSRZHw8ZCngZBpwYjAzVpTAgpYCpdfHxlbv60ojgWv42qO3e
oTAXslu52jPFSYH7xI3wPL0Ry5BZEa1yB1rBjGzNEkqtLr+Iqz9RXy++Cln8Fx/H
qNQuSfD1XBEUEhddNgscU9dpCFhRdtRZFkk2m7ey6iDzmuAIfVRLL9H0fYeb78Yv
IJm9ugkzNNUS4vkjOvQtEbGZKXCoR/M77xkQ184Q7hd6ewy8bfvgs9364dvt3b2Z
c89Ru/83GKDDG0kB+UWP7zLYuBs0Z7INpCZmAeFSI0K9EOa+6Vll/6NPJZUZGa4W
/nIxxRs2O9IgYxrWQ5F8q9zj+vgP83ZMBUvsBm51wa2SIWRoAzedBjNK/Qvj3dJZ
5JqWaTTXTFP4DYX8dxKeKn9u2+YZ87Rpg8n4zhbzoGvITDmOkUxtYJnBRHbS1yjY
TfoYgaHtfv2DQzu5QpgEkXYQ4dGIhVd2HgMt9mPysJ+DxGYR1AJIFLt5PiMrZJqf
bDA9/MI9k3iCJ6Cl8CCxBedkdzRo09WlNj57TQsuTnWi2UyjuiH6u3y/n1TFUX6p
BL668CgmPco71YrdM1uN
=jCJM
-----END PGP SIGNATURE-----

[1714141885]

1714141885

[1714141885]

1714141885

[1714141885]

1714141885

[unclescrooge]

Hello everyone,

I'd like to thank Stefan for performing this audit on his free time for us.  Although it is not perfect, we believe this is a good step toward a complete financial transparency, and during this challenging time for Bitcoin businesses, a good way to reassure our users.

You can verify that your balance was included in the audit by doing the following::
-Login to your Bitfinex account
-Click on your Username on the right top corner of the page
-Click then on "Audit"

From there you will have all the necessary instructions to verify that your balance was calculated correctly and included in the balances reviewed by the Auditor.

If you have any questions let us know here

Best regards
Raphael
Bitfinex team

[broolstoryco]

1 hour and no new block god fucking damn it

[jonoiv]

Hmmm.   the plot thickens

[Sukrim]

Congratulations. Since there are funds in BTC at Bitstamp too, this means Bitfinex has significantly more BTC than 103% of user funds, right? Or did you just pull them off Bitstamp for an hour and redeposit?

How can I verify that my User ID had the correct balance at audit time?

[olalonde]

It would be nice if we could standardise those proofs. Me along with iwilcox and others (https://github.com/olalonde/proof-of-liabilities#implementations) have put a lot of time and effort in standardising our tools so that they are interoperable and secure. It's a bit painful and frustrating to see this scheme re-implemented again and again with no attempt follow a common standard. I understand that it was not possible for you to follow the proof-of-liabilities standard due to the requirements imposed by bitfinex, but why not contact us / open a GH issue / send a pull request / etc. and explain why the standard needs to be modified / extended to support your use case? Without a standard and multiple independent verification tool implementations, it will be difficult to expect end users to actually verify the proof.

That being said, congrats to bitfinex for getting audited.

PS: I also think the choice of wording here is a bit misleading ("passes proof of solvency audit"). I think "submits to proof of solvency audit" would be more adequate as the proof of solvency is only really "passed" when users individually verify the proof.

[TwinWinNerD]

As expected! Best exchange in the world

[unclescrooge]

Congratulations. Since there are funds in BTC at Bitstamp too, this means Bitfinex has significantly more BTC than 103% of user funds, right? Or did you just pull them off Bitstamp for an hour and redeposit?

How can I verify that my User ID had the correct balance at audit time?

We left a significant stash of bitcoins on Bitstamp (though a bit less than usual) so yes, it means that we have more reserves than what was "proved". Similarly our liabilities are artificially slightly increased because in some case, you can owe Bitfinex swap interests with collateral in other assets than BTC, in which case we didn't include this negative liabilities toward us (as per the rules of the audit).

I updated my post in this thread: You can verify your information here: https://www.bitfinex.com/account/audit

Thanks

It would be nice if we could standardise those proofs. Me along with iwilcox and others (https://github.com/olalonde/proof-of-liabilities#implementations) have put a lot of time and effort in standardising our tools so that they are interoperable and secure. It's a bit painful and frustrating to see this scheme re-implemented again and again with no attempt follow a common standard. I understand that it was not possible for you to follow the proof-of-liabilities standard due to the requirements imposed by bitfinex, but why not contact us / open a GH issue / send a pull request / etc. and explain why the standard needs to be modified / extended to support your use case? Without a standard and multiple independent verification tool implementations, it will be difficult to expect end users to actually verify the proof.

That being said, congrats to bitfinex for getting audited.

PS: I also think the choice of wording here is a bit misleading ("passes proof of solvency audit"). I think "submits to proof of solvency audit" would be more adequate as the proof of solvency is only really "passed" when users individually verify the proof.

Hello,

To be honest I was not aware of those tools, and don't know if the other persons involved in this were. However I totally agree with you on standardizing the tools for this kind of audit. We are very early in this practice and as time goes by I am pretty sure this will naturally standardize, and your work seems the good starting point for this.  The only difference for Bitfinex is the calculation of user liabilities (due to margin trading/p2p swaps), but this can fit quickly into your tool.

We will look into this for the next audits.

Thanks for the nice comments
Raphael

[Dalmar]

All they need to do now is a fiat audit by a reputable accounting firm. That combined with this crypto audit would significantly boost confidence and attract more customers.

[Sukrim]

Alright, I checked the new "Audit" tab, however it apparently (of course) does not take BTC used in swaps into account, as they are probably sold for USD or LTC by whoever borrowed them.

I however also have lent out some USD and I believe not all of them were used to buy LTC. Do BTC held in open positions show up somewhere too, maybe in trader's audit info?

Also it would be great to have a python script available somewhere where we can just copy-paste the hashes or whatever else is needed to verify the info.

[aminorex]

102% of what amount?  Add some credibility:  Disclose the total.  We can infer it approximately by means of the block chain, but an accurate moment-in-time value would be much appreciated.

[TwinWinNerD]

102% of what amount?  Add some credibility:  Disclose the total.  We can infer it approximately by means of the block chain, but an accurate moment-in-time value would be much appreciated.

of all BTC they are supposed to possess

[Bonez0r]

102% of what amount?  Add some credibility:  Disclose the total.  We can infer it approximately by means of the block chain, but an accurate moment-in-time value would be much appreciated.

of all BTC they are supposed to possess

He wants to know the number of coins. While i'd like to know the number out of curiosity, it would not add any credibility to the result of the audit. The auditor says all coins are accounted for. Every customer can check for themselves if their own coins are accounted for. No exchange would lie about their balance if it only takes one customer to check and find out the truth. Therefore we can safely assume that the result of the audit is correct (provided that you trust the auditor, as he himself already stated).

[unclescrooge]

Hello

Alright, I checked the new "Audit" tab, however it apparently (of course) does not take BTC used in swaps into account, as they are probably sold for USD or LTC by whoever borrowed them.

I however also have lent out some USD and I believe not all of them were used to buy LTC. Do BTC held in open positions show up somewhere too, maybe in trader's audit info?

Also it would be great to have a python script available somewhere where we can just copy-paste the hashes or whatever else is needed to verify the info.

Indeed, your taken swaps are not taken into account. It is for traders that the swaps liabilities are established. Long position add liabilities, short decrease it.

I have asked the person who managed this audit about the python script, I'll get back to you as soon as possible.

102% of what amount?  Add some credibility:  Disclose the total.  We can infer it approximately by means of the block chain, but an accurate moment-in-time value would be much appreciated.

Honestly I don't think it matters. As TwinWinNerD said, if you trust the auditor, you trust that we have more than 102% of our claimed liabilities That we have 100 btc liabilities or 60,000 btc liabilities doesn't change anything as long as anyone can confirm his own liabilities were included. And to be honest I don't have the ability to disclose this information.

Raphael
Bitfinex team

[akaman]

It has been well over a year since this audit. Much could have changed.

When will you repeat the audit?

If you have no plans for a new audit, then why do you think an audit is not necessary?

[slavo]

up!

[BITCOIN-PIZZA-DAY]

Can we get an update on this proof of solvency thing?

[Sukrim]

This is done via BitGo for quite a while now, I doubt that there's any point to it now.