Bitcoin Forum
April 22, 2021, 12:33:26 AM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
   Home   Help Search Login Register More  
Pages: [1]
Author Topic: [ANN] Huobi Passes Proof of Solvency Audit  (Read 6954 times)
Stefan Thomas
Full Member
Offline Offline

Activity: 234
Merit: 100

AKA: Justmoon

View Profile WWW
August 29, 2014, 04:57:52 AM

Just finished an audit of the Huobi Chinese Bitcoin exchange. Please see the report below.

As always, an audit does not constitute an endorsement and it does not address any risks outside of present insolvency. It's also not infallible, exchanges can borrow money or ask others to sign their audit message. Finally, until we can implement fully zero-knowledge, cryptographically provable audits, you have to trust the auditor, i.e. me, to have done my job correctly.

Also same as always, I did not receive any compensation for the audit and I did it in my free time. I requested the exchange donate any fees they would have paid me to a charity of my choice: Ludvig von Mises Institute For Austrian Economics Inc. in Auburn, Alabama

Hash: SHA512

AUDITOR: Stefan Thomas
AUDITED ENTITY: Huobi Technology Co., Ltd.,
ROOT HASH: c4d8c294ee91c8d61fc12f55750346eb4106f37effacdbc296320310bab1daf1
RESULT: >100% reserves

August 28, 2014
San Francisco

This post is to report on an audit I performed for the Huobi Bitcoin exchange on August 28th, 2014 from the Ripple Labs office here in San Francisco. (Note that I have performed this audit privately in my spare time and not as an employee at Ripple Labs Inc.) I've not received any payment for this audit - my personal goal with this is to help improve the stability of and confidence in the math-based currency industry overall.


The audit process is designed to allow the auditor - in this case me, Stefan Thomas - to verify that the total amount of bitcoins held by Huobi matches the amount required to cover an anonymized set of customer balances. I am attesting to the root hash of a merkle tree containing all balances that were considered in the audit. If you are a customer of Huobi, you'll be able to verify using open-source tools that your balance at the time of the audit is part of this root hash. If it is and if you believe that I am trustworthy, then you can be confident that your balance was matched by an equivalent or greater amount of bitcoins in the block chain at the time of the audit.

The most difficult part of an audit is normally to verify that the exchange is not under-reporting the number and balances of account holders. With this approach each account holder can verify that they were considered in the audit. At the same time it maintains absolute privacy for customers, the auditor only sees anonymized balances and the general public only sees the overall level of reserves.

Note that there are limitations to this type of audit. It does not verify an exchange's fiat assets and liabilities or other aspects of their balance sheet. It is also difficult to prove definitively that the bitcoins in question are actually owned by the exchange versus being on loan for instance.

In order to reduce reliance on the auditor, the audit should be repeated using different auditors at different times.


Claim 1: Huobi controls a certain amount of Bitcoins.

Proof: Huobi provided a JSON file with a list of their Bitcoin addresses and balances. I used the `cryptoshi audit` command in libcoin to verify the JSON file against a copy of the block chain.

The version of libcoin used was commit 5424505e2fb5866be96e9af35874cf9c289e3ccd.

Here is the audit code used:

Claim 2: The amount from claim 1 is greater than the amount contained in the root hash of balances.

Proof: Huobi provided a JSON file containing a set of anonymized user balances. I used my own tool "easy-audit" to calculate the reserve ratio and root hash.

The version of easy-audit used was commit 663c38be6767175764d13d249a6c18905ebae76f

Available at:

Here is the audit code used:

The tool's output was:

ROOT HASH: c4d8c294ee91c8d61fc12f55750346eb4106f37effacdbc296320310bab1daf1

The actual holdings were 3.52% higher than the required holdings, meaning Huobi had greater than 100% reserves at the audit block height.

// Stefan Thomas

Version: GnuPG v1


Twitter: @justmoon
PGP: D16E 7B04 42B9 F02E 0660  C094 C947 3700 A4B0 8BF3
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Hero Member
Offline Offline

Posts: 1619051606

View Profile Personal Message (Offline)

Reply with quote  #2

Report to moderator
Sr. Member
Offline Offline

Activity: 413
Merit: 250

View Profile
September 01, 2014, 07:29:18 AM

Cool.  Good to know for many that we're speculating about the Chinese exchanges.  I think this puts it to rest.
Sr. Member
Offline Offline

Activity: 413
Merit: 250

View Profile
September 01, 2014, 06:59:28 PM

Cool.  Good to know for many that we're speculating about the Chinese exchanges.  I think this puts it to rest.
Not really, Stefan detailed some of the possible fraudulent ways of passing an audit but its a big confidence boost none the less and thanks to all involved. Exchanges don't really have any excuse for anything other than complete transparency with the BTC side of their books these days but audits are certainly a step in the right direction.

Slightly off topic but GABI is launching today and considering who's behind it I'm very sceptical of their honesty, hopefully they'll conduct regular audits at a minimum.

I know this is a huobi thread but has BTCE done an audit?  I use them frequently.
Pages: [1]
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!