Chainlink Proof of Reserve (PoR): Putting Transparency at the Forefront

Chainlink's PoR: Transparency First

Key Insights

• Chainlink Proof of Reserve (PoR) is not blockchain dependent. It relies on a decentralized oracle network to create automated on-chain data feeds for collateral assets represented on-chain, updated almost in real-time.
• Chainlink PoR currently reports around $8.5 billion worth of assets, with $3.5 billion being off-chain reserves and $5 billion being on-chain reserves.
• Within a month of Chainlink adding a TUSD PoR data feed, TUSD’s market cap grew by 121%.
• Chainlink PoR can be used to help secure DeFi protocols that use off-chain or wrapped assets as collateral, by automatically triggering circuit breaker-like mechanisms to mitigate the risk of under-collateralization, following a bridge attack that caused losses of around $1.9 billion.
• To ensure updates remain cost-effective, Chainlink’s oracle network periodically checks reserves off-chain and updates on-chain when balance changes exceed a certain threshold. Therefore, updates occur during reserve fluctuations and save gas fees during stable reserves.

Introduction

In response to the 2014 Mt. Gox incident, the cryptocurrency community has been attempting to establish standards around centralized exchanges (CEXs). About a week after FTX applied for bankruptcy restructuring, Vitalik shared his own thoughts in a blog post. He shared a vision on how CEXs handle non-custodial value. The post details the technical approach to designing “secure CEXs” that prove they have enough assets to cover their liabilities. While Vitalik focuses on how Proof of Reserve (or Proof of Solvency) works in CEXs, he only briefly mentions its potential application to stablecoins and DeFi.

As the industry matures, stablecoin reserves grow, and on-chain bridge attacks result in billions of dollars in losses, we need to expand the focus of Proof of Reserve beyond just CEXs. Chainlink is attempting to meet this need by providing Proof of Reserve for various assets through easy access to on-chain data feeds driven by oracles.

Chainlink Proof of Reserve (PoR) is not blockchain dependent. It relies on a decentralized oracle network to create automated on-chain data feeds for collateral assets represented on-chain, updated almost in real-time.

Traditional finance has significant flaws. It is opaque, inefficient, permissioned, centralized, trust-based, and largely reliant on fractional reserve banking. In response to this flawed system, the cryptocurrency community has introduced new systems to address these issues, with the first major development being Bitcoin, which was created in 2009.

• What are the potential chain reactions of Prime Trust facing bankruptcy crisis?
• Bloomberg Interview with He Yi: My relationship with CZ is that of a mentor, friend, and spouse.
• Inventory of Rug Pull events in the crypto world

Bitcoin was created to solve the problem of electronic payment settlement without requiring a central authority and while also solving the double-spending problem. It maintains key principles such as permissionless access, decentralization, and cryptographic verification. Bitcoin’s success spurred demand for more complex systems with similar characteristics. As a result, Chainlink was created to connect blockchains that cannot obtain data from outside their own networks with external data sources through a decentralized oracle network.

Many blockchain projects operate by issuing collateralized assets. These collateralized assets can come from on-chain sources, such as locally asset-wrapped onto other networks (e.g. Wrapped Bitcoin, Wormhole wrapped assets), or off-chain through cash- and reserve-backed stablecoins (e.g. Tether, USD Coin).

The collapse of FTX revealed that it held only a small portion of the assets needed to cover its liabilities, and frequent scrutiny of Tether holdings highlighted the lack of transparency and positive social trust in many projects. Chainlink’s Proof of Reserve emerged to meet the need for a decentralized network that can cryptographically verify sufficient reserves on-chain.

Chainlink’s Proof of Reserve (PoR) provides on-chain data sources backed by various reserves, including off-chain currencies and precious metals, as well as any type of on-chain wrapped asset (e.g. bridged, liquidity-staked, etc.). These data sources are publicly visible, adding transparency for current and potential users. Through smart contracts, Chainlink’s PoR data sources can be accessed to add various security functions to mitigate risks associated with interacting with wrapped assets.

Main PoR beneficiaries

Time and again, choices made by cryptocurrency projects can limit transparency and put the protocol’s security at risk. For example, a bridging application may not disclose all the addresses of its held collateral, leading users to believe that all wrapped assets are supported. Alternatively, a DeFi application may not add fail-safes to prevent activity when wrapped assets lose support, leaving users potentially interacting with partially supported assets.

Chainlink’s PoR product can mitigate these issues and improve the user and protocol experience.

Application Users

Fundamentally, proof of reserves provides transparency. While the concept of cryptocurrencies may lead many to believe that transparency is built into all cryptocurrencies, it is often only an afterthought.

Stablecoin issuers and tokenized real-world asset (RWA) issuers supported by off-chain collateral have no contractual obligation to provide proof of reserves. Some projects, such as Tether (USDT) and Circle (USDC), offer quarterly and monthly proof of reserves, respectively, to enhance trust with users. However, there is still room for increased transparency during the opaque periods between proof of reserve updates.

In contrast, TrueUSD’s (TUSD) off-chain reserves are continuously verified by a third party, and Chainlink’s proof of reserves publishes on-chain data updates every 24 hours or when balance changes of at least 5% occur. This process can be applied to any asset backed by collateral. Chainlink’s PoR currently provides reserve data for RWAs such as BlockingX Gold, bridged assets such as Wrapped Bitcoin, and has the capability to cover liquid staked assets such as Liquid Staked ETH.

The frequently updated PoR data sources provide application users with more transparency, as balances can experience large changes within a month, or even a quarter.

Within a month of adding Chainlink’s PoR data source to TrueUSD on February 15, 2023, TUSD’s market cap grew by 121%, surpassing $2 billion as of March 12. This also means that its reserves have more than doubled. Chainlink’s robust infrastructure did not fail in handling this over $1 billion growth.

In addition to providing frequent and immutable reserve holding records, Chainlink’s PoR also publishes data on-chain. This allows developers to include various functionalities in their projects to react to inconsistencies, further increasing protocol security.

Projects

Asset Issuers

By putting reserve data on-chain, Chainlink enables protocols to add programmatic guarantees requiring reserve value to be greater than or equal to the supply of a stablecoin or RWA being issued.

In Solidity, ensuring sufficient reserves only requires creating a require statement in the coin minting function of the smart contract (e.g., see line 1,404 of the TUSD smart contract code). By implementing nearly real-time on-chain verification of off-chain reserves for stablecoins and RWAs, Chainlink’s PoR sets a new standard for reliability and transparency in coin minting.

Tokens that previously operated in less transparent situations can use Chainlink’s reserve verification to increase transparency of collateral. In addition to TUSD, CACHE Gold uses Chainlink PoR to allow users to verify that their tokenized gold product is fully backed by gold reserves in an off-chain vault. Additionally, the tokenized RWA project Backed Finance is integrating PoR to increase the transparency of its bTokens.

Bridging and Wrapping Assets

Bridging is a major source of attack and exploitation in the DeFi space. Of the top ten exploits, four were bridges, resulting in approximately $1.7 billion in losses (49% of the total losses from the top ten exploits). Bridges are typically attacked in two ways:

· Stealing collateral from the source chain (rendering wrapped tokens worthless).

· Minting wrapped tokens on the target chain without depositing equivalent collateral on the source chain (also known as “infinite minting” attacks).

When Chainlink’s PoR is included in the minting smart contracts of bridges, it can help prevent infinite minting attacks. While it cannot prevent collateral from being stolen on the source chain, PoR can identify this issue and provide developers with tools to mitigate the impact of such attacks. By verifying cross-chain collateral through its decentralized oracle network, Chainlink enables smart contracts to read data sources for their wrapped tokens. Based on this information, automatic fault protection mechanisms can be implemented that pause the minting, redemption, and burning of wrapped tokens when there are inconsistencies in the reserve or minted token amounts.

To ensure updates remain cost-effective, Chainlink’s oracle network periodically checks reserves off-chain and performs on-chain updates when the balance changes by more than a certain threshold. Therefore, updates occur during reserve fluctuations and save gas fees when reserves are stable.

Chainlink’s bridging data layer provides users with additional transparency to ensure they are not using fractional reserves on the source chain, making it a powerful tool for any protocol, especially those interacting with wrapped or bridged assets in DeFi protocols.

DeFi

Compromised bridges can impact both bridge users and any protocol that adopts wrapped assets. Large-scale exploits can result in DeFi protocol insolvency and loss of user and protocol funds.

Chainlink PoR validation services can be extended to the DeFi space. These services enable developers to implement decentralized circuit breakers in DeFi smart contracts to prevent potential security issues. In DeFi applications, a circuit breaker is an automated feature that continually checks Chainlink PoR data sources and pauses all application activity related to a specific wrapped asset when the wrapped asset loses support.

As a real-world example, BGD Labs has applied the circuit breaker feature to wrapped assets in the Avalanche-based Aave market. The new conditional feature checks Chainlink’s PoR data sources to determine if a wrapped asset has sufficient collateral. Thus, in an emergency, the circuit breaker can pause all lending activity involving the wrapped asset to mitigate or reduce potential losses.

Liquidity Mining

With the successful implementation of Shapella upgrades and the increasing popularity of liquidity mining as a relatively low-risk way to earn sustainable yields in DeFi, the liquidity mining token market has garnered increasing attention, and competition among several major players is intensifying.

Liquidity mining token issuers can also leverage Chainlink PoR for reliable and timely updates to ensure that liquidity mining token reserves are always fully supported by equivalent collateral tokens.

Bridge Exploits

Chainlink PoR not only provides peace of mind for consumers; developers can integrate it into applications to potentially mitigate the risk of excessive losses from attacks and exploits.

In the top 100 exploits, which resulted in approximately $6.1 billion in total funds lost, the top six bridge exploits alone accounted for approximately $1.9 billion in funds lost (31% of the top 100). All of these exploits affected wrapped assets in their respective bridge ecosystems.

While some exploits elicited immediate responses, others took days to be discovered. Adding Chainlink PoR as a third-party review on bridged collateral and assets may allow protocols to become aware of inconsistencies from an attack earlier.

In multiple cases, attackers either sold off encapsulated assets or used them as collateral, essentially stealing the lender’s assets. Any DeFi protocol related to bridging with a hacker attack can implement a circuit breaker to pause activities related to affected encapsulated assets.

The Biggest Exploit in Cryptocurrency

Ronin Network is a blockchain created by Sky Mavis (the creator of Axie Infinity) that is compatible with the Ethereum Virtual Machine (EVM) for gaming applications. To date, the hack on Ronin Network bridging is the biggest, resulting in approximately $624 million in losses (including 173,600 ETH and 255,000 USDC). The Ronin team took six days to discover the amount of funds stolen from the bridging, thanks to a report from a user who was unable to extract 5,000 ETH from the bridging.

In other words, Ronin users interacted with unsupported encapsulated ETH and USDC on the network for six days, engaged in various forms of economic activity. If Ronin or any application on Ronin had implemented Chainlink PoR, this exploit could have been automatically discovered and all Ronin activities involving encapsulated ETH and USDC immediately paused on the same day.

Other Bridging Exploits

Chainlink PoR’s automation capability can also potentially mitigate losses from other exploits. Bridging projects can implement Chainlink PoR for encapsulated assets and build automatic notification systems to speed up the discovery of each exploit. While the amount exploited for each bridging will not change, faster response times from certain teams may mitigate the impact of an attack.

In the February 2022 Wormhole exploit, attackers were able to mint 120,000 encapsulated Ethereum (WETH) on Solana without depositing the corresponding amount of collateral on Ethereum. In a series of transactions, the attacker stole tokens worth approximately $326 million. If Wormhole had implemented Chainlink PoR, the impact of this exploit could have been mitigated.

For applications that implement circuit breaker functionality for encapsulated assets based on Chainlink PoR, the delay between discovery time and response time can be greatly reduced. DeFi applications interacting with Ronin, Wormhole, Harmony, and Qubit can pause activities related to any unsupported encapsulated assets. However, it is currently unclear whether Chainlink PoR can provide assistance in the BNB Bridge and Nomad exploits.

PoR Activities

To protect the on-chain asset information worth billions of dollars, Proof of Reserve (PoR) data should be provided by a reliable entity. Chainlink is the largest oracle network in the cryptocurrency space and one of the most powerful oracle services, with an extensive record of providing oracle services. Since October 2020, it has also been publishing on-chain PoR data sources.

Chainlink PoR covers approximately $85 billion in value, of which around $35 billion comprises off-chain reserves, and the remaining $50 billion comprises on-chain reserves. Although most off-chain reserves are denominated in USD, Chainlink has demonstrated its ability to cover international currencies, such as EUR and GBP, which it has provided data sources for since March 2021 and October 2022, respectively.

For on-chain reserves, Chainlink currently covers wrapped assets on Ethereum, Avalanche, and Polygon, although its blockchain-agnostic infrastructure enables it to cover almost any asset on any blockchain. So far, wrapped Bitcoin (four different versions) accounts for approximately 93% of the total value of Chainlink’s on-chain PoR coverage.

Challenges

Chainlink PoR is a powerful data layer that adds transparency for users and developers by bringing data on-chain in an accessible way. However, this process still introduces varying degrees of risk if used improperly.

Trust in Off-chain Data Sources

Trust in data sources is an issue that any oracle network faces when retrieving off-chain data. When interacting with off-chain assets such as gold, fiat currencies, etc., oracles obtain reserve data from third-party attestations or self-attestations. For self-reporting, more trust is needed as the reporting entity is also the issuer and holder of the collateral. However, if they implement Chainlink PoR in their own contracts/minting functions, reporting entities/issuers have an incentive to report truthfully. Additionally, both third-party and self-reporting entities have an incentive to report truthfully to maintain a good reputation. This setup assumes that providers value maintaining their reputation more than any potential gains from fraud.

Oracle Nodes per Data Source

Currently, each PoR data source has 10 or 16 oracle nodes obtaining reserve data for the respective data source. PoR oracle nodes have no additional requirements beyond typical Chainlink oracle nodes. While some users may be satisfied with the number of nodes obtaining PoR data, others may view the node count distribution or decentralization level as insufficient. It should be noted that as the value increases, more nodes can be added to each PoR data source.

Stolen Collateral

The Chainlink PoR data source cannot directly prevent collateral from being stolen. Nonetheless, it can prevent infinite minting attacks and can be referenced by DeFi developers to build tools that mitigate potential impacts after smart contracts bridging or wrapping assets are exploited. The use of Chainlink PoR is not a disadvantage but rather a feature of oracle data source design, as it does not promise to act as a preventative security layer for asset issuance protocols but instead as a data layer that publicly exposes reserve data on-chain.

Final Thoughts

Chainlink’s Proof of Reserve is a step towards increasing transparency in many core products within cryptocurrency. The Chainlink PoR can update on-chain reserve data at least once per day and utilize that data to make smart contracts secure.

For bridged and wrapped assets, Chainlink optimizes costs by automatically publishing changes that exceed a certain threshold when reserves remain stable. It also provides tools for smart contract developers to make their protocols more secure and read Chainlink’s constantly updating data source. Additionally, applications interacting with wrapped assets can also leverage Chainlink’s development tools to help mitigate potential losses from exploited vulnerabilities.

Although acquiring off-chain reserve data is not entirely trustless, Chainlink PoR has the potential to become a powerful mechanism for verifying on-chain reserves and bringing off-chain data on-chain in a decentralized, secure, and cryptographically verifiable manner.

Original article: https://messari.io/report/chainlink-proof-of-reserve-por-bringing-transparency-to-the-forefront?referrer=all-research

Translation by: Terry | Hu Ziguanbi

We will continue to update Blocking; if you have any questions or suggestions, please contact us!