4️⃣Proving Asset Balances

4. Proving Ownership & Balances of Your Assets

During the course of the PoR, you and the attestation provider should focus on two key components when compiling the results related to a platform’s assets that collateralize customer liabilities:

1. Extract Balances as of the Snapshot Date

2. Proving Ownership of those Balances

The approach to fulfilling these 2 requirements may vary depending on how the assets are held and the availability of information. In the following sections we will dive into the methods for fulfilling these requirements depending on these factors.

4a. Compiling a List of your Assets

At the beginning stages of the PoR process, you should compile a list of custodial arrangements and the availability of the balance information. In particular, you should note whether the information is historically available, or only available in “real-time.” Once this information is compiled, you and attestation provider can determine what approach(es) would be best to confirm balances and ownership of those balances as of the snapshot date.

4a. Management Outputs

• Compile a list of custodial arrangements and the availability of the balance information

4a Example Scenarios

Example List of Custodial Arrangements

4b. Proving On-Chain Assets

Self-Custodied Addresses or Wallets refer to wallets whereby the entity solely holds the underlying private keys to those addresses and those balances manifest on associated public blockchains. "Proving asset balance" is a process that involves validating that an entity, such as an individual or company, indeed possesses the asset balance they claim to have. In the context of a PoR, this process commonly involves demonstrating control over specific blockchain addresses holding these assets.

Extracting Balance Information

The engaging party and the attestation provider need to extract the balance information from each relevant blockchain as of the snapshot time. Typically, this involves converting the date and time to a blockchain and then querying the blockchain for those balances as of that block height. The preferred circumstance, is that the blockchain community of attestation provider has tools to query historical balances from the relevant blockchains historically. However, some blockchains may be new, and the associated community tools or attestation provider may not have the capabilities to easily “go back in time” as of a specific block height. Therefore it is important to determine the availability of tools and determine the most feasible approach to extracting the balance information. Therefore, the options usually boil down to two options:

1. If Community or Attestation Provider Tools Exist to Extract Historical Balances: then the attestation provider can use these tools to extract the balances some time after the snapshot date.

2. If Community or Attestation Provider Tools DO NOT Exist to Extract Historical Balances: then the attestation provider will likely have to observe the blockchain balances in “real-time” via block explorer or equivalent.

Often times, the entity will have hundreds, thousands, or even millions of addresses to consider. The engaging party and attestation provider should also ensure that all the tools being used can accommodate a large amount of addresses being queried for balance information.

Proving Ownership of Addresses/Wallets

Next the entity will confirm control of the wallets/addresses represented.

There are two primary methods for this process:

• Digital Signature Method: In this method, the attestation provider furnishes or consents to a distinctive message for the engaging party. The engaging party subsequently signs a message with each pertinent private key within the PoR scope. The attestation provider then validates ownership through internal or external tools. It might be necessary to collaborate with the attestation provider to confirm the availability of tools for signature verification. This method is preferred due to its scalability, allowing the simultaneous signing and verification of multiple addresses.

• "Send to Self" Transactions: Using this method, the attestation provider provides a small unit amount of digital assets to send to another wallet owned and controlled by the entity within a specific time frame. This approach is often used for multi-signature wallets or more complex setups because of the lack of multi-sig signing tools. However, it is a much less scalable approach, as a transaction for each in-scope address would need to complete the “Send to Self” transaction.

A note on xPubs/Extended Public Keys: If you're comfortable sharing your xPubs, all child addresses derived from this xPub can be verified. In this scenario, ownership only needs to be confirmed over the first address in the derivation chain, thus establishing control over all subsequent addresses in the chain.

In essence, proving asset balances involves a two-step process: first, confirming the balances on the blockchain, and second, demonstrating that you control the addresses with those balances. This dual-pronged approach ensures a comprehensive and reliable validation of asset ownership.

The final output of this process is a list of all addresses and corresponding signatures or transaction hashes that prove control over the in-scope addresses/wallets and providing them to the attestation provider. The attestation provider will then independently validate the signatures and transaction hashes provided.

If the number of addresses is small, a full list may not be required and the information could be shared via alternative means (i.e. Slack, etc).

4b. Management Outputs

Extracting Balance Information

• Determine if Community or Attestation Provider Tools Exist to pull Historical Balance Information

  • If yes, the attestation provider can extract the balances after the snapshot date

  • If not, the attestation provider may have to observe the balances with Management as of the snapshot date/time

• If necessary, determine if the proposed tools accommodate to a large number of addresses

Proving Ownership of Addresses/Wallets

• Determine a “Proof of Ownership” strategy for each in-scope addresses

  • If Digital Signature Method, sign a message provided by the attestation provider for each in-scope addresses

  • If Send to Self method, execute a transaction with an amount provided by the attestation provider for each in-scope address

• Provide a List (Excel, CSV, or TXT) to your attestation provider with the corresponding digital signature or transaction hashes for verification.

4b. Example Outputs

4c. Proving "Off-Chain" Assets

“Off Chain” assets refer to assets owned by the entity custodial or held with 3rd-party providers. For PoRs with Off Chain assets, we must employ modified techniques to extract to Prove Balances and Asset Ownership.

Extracting Balance Information

The engaging party and the attestation provider need to extract the balance information from each custodial source as of the snapshot time. Sometimes, an associated block height is not relevant (i.e. block heights may not be considered on exchange databases custodying your assets). The preferred circumstance, is that the custodian has account statements or historical snapshots available to pull account balances as of any point in time.

However, some custodians may not have tools to “go back in time.” Therefore it is important to determine the availability of the custodians capabilities and determine the most feasible approach to extracting the balance information. Therefore, the options usually boil down to two options:

1. If Custody Provider Tools Exist to Extract Historical Balances: then the attestation provider can observe Management log in or receive account statements anytime after the snapshot date.

2. If Community or Attestation Provider Tools DO NOT Exist to Extract Historical Balances: then the attestation provider will likely have to observe the custodial balances in “real-time” via observation with Management.

In either case, the preferred methods of extracting the balances usually entail observing the Management log in directly to the custodial portal or receiving account statements directly from or generated by the custodian.

Proving Ownership of Addresses/Wallets

Next the entity will confirm control of the accounts with the custodial provider that they have represented.

There are two primary methods to execute this process:

1. Observation: Using this approach, the attestation provider will observe Management log into their account with the appropriate credentials to confirm that they can access and control funds. The attestation provider may ask further details or procedures, such as moving funds or inspecting accounting details.

2. Confirmation: Using this method, the attestation provider will obtain an account statement from the custodial provider (ideally directly from the custodial provider). The attestation provider will confirm the details of the statement map appropriately to the Entity to ensure ownership of assets.

Other methods exist, such as extracting data via API. However, the 2 approaches noted above are the most popular and require less technical set up.

In essence, proving asset balances involves a two-step process: first, confirming the balances on the balances held at the custodian, and second, demonstrating that you control the account in which funds are held.

The final output of this process is a compilation of account statements and/or account observations that prove control over the in-scope custodial accounts.

4c. Management Outputs

For each of the custodial arrangements:

• Identify the most feasible approach to extract balances and prove ownership of the off-chain assets

• Execute account observations with the attestation provider, if needed

• Notify counterparties or custodians and request to send statements directly to attestation provider

• Provide the appropriate accounts statements, or alternative method of providing the balance information to the attestation provider