Chainlink Proof of Reserve (PoR): Putting Transparency at the Frontier

Key Insights

*Chainlink Proof of Reserve (PoR) is blockchain agnostic. It relies on a decentralized network of oracles to create automated on-chain data feeds for collateral assets represented on-chain, updated in near real-time. *Chainlink Proof of Reserves currently reports approximately $8.5 billion worth of assets, of which $3.5 billion is off-chain reserves and $5 billion is on-chain reserves.

• In the month after Chainlink added the TUSD PoR data source, TUSD’s market cap increased by 121%.
• With bridging attacks causing ~$1.9 billion in losses, Chainlink PoR can be used to help secure DeFi protocols that use off-chain assets or encapsulated assets as collateral, mitigating the risk of insufficient collateral by automatically triggering a circuit breaker-like mechanism.
• To ensure updates remain cost-effective, Chainlink's network of oracles periodically checks reserves off-chain and updates on-chain when balances move above a certain threshold. So update when your reserves fluctuate and save on gas when your reserves are stable.

introduce

In response to the events of Mt. Gox in 2014, the cryptocurrency community has been trying to establish standards around centralized exchanges (CEXs). About a week after FTX filed for bankruptcy reorganization, Vitalik published a blog post offering his opinion on the matter. He shared a vision of how CEXs can handle non-custodial value. The article elaborates on the technical approach to designing a "safe CEX" that proves that it has sufficient assets to cover its liabilities. While Vitalik focused on how Proof of Reserve (or Proof of Fund Reserves) works in CEXs, he briefly touched on the potential of Proof of Reserve for stablecoins and DeFi.

As the industry matures, stablecoin reserves grow, and on-chain bridging attacks result in billions of dollars in losses, we need to expand the proof-of-reserve focus beyond just CEXs. Chainlink attempts to address this need by providing proof-of-reserve for various assets, easily accessible through oracle-driven on-chain data sources.

Chainlink Proof-of-Reserve (PoR) is blockchain-agnostic. It relies on a decentralized network of oracles to create automated on-chain data feeds for various assets, updated in near real time.

There are quite a few flaws in traditional finance. It is opaque, inefficient, permissioned, centralized, based on social trust, and relies heavily on fractional reserves. In response to this flawed system, the cryptocurrency community has introduced new systems that address these issues, the first major development of which was Bitcoin in 2009.

Bitcoin was created to solve the problem of electronic payment settlement while being able to solve the problem of double spending without the need for a central authority. It achieves this functionality while maintaining key principles of permissionless access, decentralization, and cryptographic verification. The success of Bitcoin has sparked the need for more complex systems with Bitcoin-like properties. Therefore, Chainlink came into being, connecting blockchains and external data sources that cannot obtain data from outside its own network, through a decentralized oracle network.

Many blockchain projects operate by issuing collateral-based assets. These collaterals can come from the chain, such as local assets encapsulated on other networks (such as Wrapped Bitcoin, Wormhole package assets), or from off-chain, stable coins supported by cash and reserves (such as Tether, USD Coin).

FTX’s debacle revealed that it only owns a fraction of the assets needed to cover its liabilities, and frequent scrutiny of Tether’s holdings highlights the lack of transparency and positive social trust many projects have. Chainlink Proof of Reserves was born to fill the need for a decentralized network capable of cryptographically verifying sufficient reserves on-chain.

Chainlink’s Proof of Reserve (PoR) provides A variety of reserve-backed on-chain data sources, including off-chain currencies and precious metals as well as on-chain encapsulated assets of any type (e.g. bridges, liquid pledges, etc.). These data sources are publicly visible, adding transparency to current and potential users. Through smart contracts, Chainlink’s PoR data feeds can be accessed to add various security features to mitigate the risk of interacting with encapsulated assets.

Major PoR beneficiaries

Time and time again, crypto projects make choices that can limit transparency, putting the security of the protocol at risk. For example, a bridge app might not disclose all addresses it owns holding collateral, leading users to believe that all wrapped assets are backed. Alternatively, a DeFi application may not have added failsafe mechanisms to block activity when the encapsulated asset loses backing, making it possible for users to interact with partially backed assets.

Chainlink's PoR products can alleviate these problems and improve the experience of users and protocols.

App User

Fundamentally, proofs of reserves provide transparency. While the philosophy of cryptocurrencies has led many to believe that transparency is built into all cryptocurrencies, in reality it is often only an add-on.

Issuers of off-chain collateral-backed stablecoins and issuers of tokenized real-world assets (RWAs) have no contractual obligation to provide proof of reserves. Some projects, such as Tether (USDT) and Circle (USDC), offer quarterly and monthly proof-of-reserve respectively to enhance trust with users. However, there is still room for further transparency during the opaque period between proof-of-reserve updates.

In contrast, TrueUSD’s (TUSD) off-chain reserves are continuously verified by third parties, and Chainlink’s Proof of Reserves publishes on-chain data updates every 24 hours, or when balances move by at least 5%. This process can be applied to any mortgage-backed asset. Chainlink’s PoR currently provides reserve data on RWA (like PAX Gold), bridging assets (like Wrapped Bitcoin), and has the ability to cover liquid collateral assets (like Liquid Staked ETH).

Frequently updated PoR data sources provide more transparency to app users, as balances can change significantly within a month, or even within a quarter.

Chainlink’s In the month since the PoR data source was added to TrueUSD, TUSD’s market capitalization increased by 121% to more than $2 billion, as of March 12. It also means its reserves have more than doubled. Chainlink's robust infrastructure handled this over $1 billion increase without failure.

In addition to providing a frequent and immutable record of reserve holdings, Chainlink’s PoR publishes data on-chain. This allows developers to include various functions in their projects to react to inconsistencies, further increasing the security of the protocol.

project

Asset Issuer

By putting reserve data on-chain, Chainlink enables the protocol to add programmatic guarantees that the reserve value is greater than or equal to the supply of stablecoins or RWA being issued.

In Solidity, ensuring sufficient reserves is just a matter of creating a require statement in the smart contract's mint function (see, for example, line 1,404 in the TUSD smart contract code). By enabling near real-time minting of on-chain verified off-chain reserves, Chainlink’s PoR sets a new standard for minting reliability and transparency in stablecoins and RWA.

Tokenized assets that previously operated under more opaque circumstances can leverage Chainlink’s Proof-of-Reserve to increase collateral transparency. In addition to TUSD, CACHE Gold uses Chainlink PoR to enable users to verify that their tokenized gold products are fully backed by gold reserves held in off-chain vaults. Additionally, Backed Finance, a tokenized RWA project, is integrating PoR to increase the transparency of its bToken.

Bridging and encapsulating assets

Bridging is a major source of attacks and exploitation in the DeFi space. Four of the top 10 exploits were bridging, resulting in an estimated $1.7 billion in losses (49% of the total losses from the top 10 exploits). Typically, bridges are attacked in two ways:

Stealing collateral from the source chain (rendering wrapped tokens worthless).

Minting wrapped tokens on the target chain without depositing collateral of equivalent value on the source chain (also known as an "infinite minting" attack).

When Chainlink’s PoR is incorporated into the bridge’s minting smart contract, it can help prevent infinite minting attacks. Although it cannot prevent collateral theft on the source chain, PoR can identify this problem and provide developers with tools to mitigate the impact of such attacks. By verifying cross-chain collateral through its decentralized network of oracles, Chainlink enables smart contracts to read the data feeds of the tokens it encapsulates. Based on this information, automatic fail-safe mechanisms can be implemented that suspend the minting, redemption, and burning of wrapped tokens when there is an inconsistency in the reserve or the number of minted tokens.

To ensure that updates remain cost-effective, Chainlink's network of oracles periodically checks reserves off-chain and makes on-chain updates when balances move above a certain threshold. So update when reserves fluctuate and save on gas when reserves stabilize.

Chainlink’s bridging data layer provides users with additional transparency to ensure they are not bridging with fractional reserves on the source chain, and it can be a powerful tool for any protocol, especially DeFi protocols that interact with encapsulated or bridged assets.

DeFi

A compromised bridge affects bridge users and any protocols that employ encapsulated assets. Large-scale exploitation may lead to the insolvency of the DeFi protocol and the loss of users and protocol funds.

The verification service provided by Chainlink PoR can be extended to the DeFi field. These services allow developers to implement decentralized circuit breakers in DeFi smart contracts to prevent potential security issues. In DeFi applications, a circuit breaker is an automated feature that constantly checks the data feed of Chainlink PoR and suspends all application activity related to a specific wrapped asset when the wrapped asset loses support.

As a real-world example, BGD Labs has applied circuit breaker functionality to packaged assets in the Avalanche-based Aave marketplace. A new conditional feature checks Chainlink’s PoR data feed to determine if the wrapped asset has sufficient collateral. Therefore, in an emergency, the circuit breaker can suspend all lending activities involving encapsulated assets to mitigate or reduce potential losses.

Liquid Pledge

With the successful implementation of the Shapella upgrade and the increasing popularity of liquid staking as a relatively low-risk way to obtain sustainable returns in DeFi, the liquid staking token market has received more and more attention. Competition is also intensifying.

Liquid Staking Token issuers can also utilize Chainlink PoR for reliable and timely updates to ensure that Liquid Staking Token Reserves are always fully backed by an equivalent value of Staking Tokens.

Bridge Exploitation

Chainlink PoR offers more than just peace of mind for consumers; developers can incorporate it into applications to potentially mitigate the risk of excessive losses due to attacks and exploitation.

Among the top 100 exploits, total Of the estimated $6.1 billion in lost funds, the top six bridging exploits alone accounted for approximately $1.9 billion in lost funds (31% of the top 100 exploits). All of these exploits affected packaged assets in their respective bridge ecosystems.

While some exploits elicited an immediate response, others took days to be discovered. If Chainlink PoR was additionally added as third-party scrutiny on the bridged collateral and assets, the protocol might realize the inconsistency caused by the attack earlier.

In multiple cases, the attackers either sold the wrapped assets or used them as collateral, essentially stealing the lenders' assets. Any DeFi protocol associated with a hacked bridge could implement a circuit breaker function to suspend activity related to the affected encapsulated asset.

Cryptocurrency’s Biggest Exploitation

Ronin Network is an Ethereum Virtual Machine (EVM) compatible blockchain launched by Sky Mavis (creator of Axie Infinity) for gaming applications. The Ronin Network bridge hack was by far the largest, causing an estimated $624 million in damages (including 173,600 ETH and 255,000 USDC). It took the Ronin team six days to discover the amount of funds stolen from the bridge, thanks to a report from a user who was unable to withdraw 5,000 ETH from the bridge.

In other words, Ronin users interacted with unbacked wrapped ETH and USDC on the network for six days, engaging in various forms of economic activity. If Ronin or any application on Ronin had implemented Chainlink PoR, this exploit could have been automatically discovered within the same day and immediately suspended all Ronin activity involving wrapped ETH and USDC.

Other bridging exploits

Chainlink PoR’s automated capabilities could potentially mitigate losses from other exploits as well. Bridge projects can implement Chainlink PoR for encapsulated assets and build automated notification procedures to speed up the time to discovery of each exploit. While the amount of each bridge being exploited will not change, the impact of the attack may be mitigated by some teams' quicker reactions.

In the February 2022 Wormhole exploit, an attacker was able to

120,000 Wrapped Ethereum (WETH) were minted on Solana without a corresponding amount of collateral deposited on Ethereum. In a series of transactions, the attackers stole about $326 million worth of tokens. The impact of this exploit could be mitigated if Wormhole implemented Chainlink PoR.

The latency between discovery time and response time can be significantly reduced for applications implementing the circuit breaker function of Chainlink PoR-based encapsulated assets. DeFi applications that interact with Ronin, Wormhole, Harmony, and Qubit can suspend activity related to any wrapped assets that are not supported. However, it is uncertain whether Chainlink PoR can help in exploiting the vulnerability in BNB Bridge and Nomad.

PoR Activities

To protect billions of dollars of on-chain asset information, proof-of-reserve data should be provided by reliable entities. Chainlink is the largest oracle network in the cryptocurrency space and one of the most powerful oracle services with an extensive track record of oracle services. It has also been releasing on-chain proof-of-reserve data sources since October 2020.

Chainlink PoR covers ~$85B in value, about $35 billion of which includes off-chain reserves, while another $50 billion includes on-chain reserves. While the majority of off-chain reserves are made up of U.S. dollars, Chainlink has already demonstrated its ability to cover international currencies such as the euro and the British pound, providing data feeds from March 2021 and October 2022, respectively.

Among on-chain reserves, Chainlink currently covers wrapped assets on Ethereum, Avalanche, and Polygon, though its blockchain-agnostic infrastructure enables it to cover assets on virtually any blockchain. Wrapped Bitcoin (four different versions) accounts for ~93% of the total value covered by PoR on Chainlink so far.

challenge

Chainlink PoR is a powerful data layer that adds transparency to users and developers by bringing data on-chain in an accessible manner. However, this process still introduces varying degrees of risk if used incorrectly.

Trust in off-chain data sources

Trusting data sources is an issue any oracle network faces when retrieving off-chain data. When interacting with off-chain assets such as gold and fiat currencies, oracles obtain reserve data from third-party certification or self-certification. For self-reporting, more trust is required because the reporting entity is also the issuer and holder of the collateral. However, reporting entities/issuers have an incentive to appear authentic if they implement Chainlink PoR in their own contracts/minting functions. Additionally, third parties and self-reporting entities have an incentive to report the truth in order to maintain a good reputation. This setting assumes that providers value maintaining their reputation more than any potential gain from fraud.

Oracle per data source

Currently, each PoR data source has 10 or 16 oracle nodes to obtain the reserve data of the corresponding data source. PoR oracle nodes have no additional requirements beyond typical Chainlink oracles. While some users may be satisfied with the number of nodes obtaining PoR data, others may feel that the distribution or decentralization of the number of nodes is not enough. It is important to note that more nodes can be added to each PoR data source as the value increases.

Stolen Collateral

Chainlink PoR data sources cannot directly prevent collateral theft. Nonetheless, it prevents infinite minting attacks and could be cited by DeFi developers to build tools to mitigate the potential impact after smart contracts bridging or encapsulating assets are exploited. Chainlink PoR does not promise to serve as a preventive security layer for asset issuance protocols, but rather as a data layer that exposes reserve data on-chain. The degree of use of Chainlink PoR is not a drawback, but rather an oracle data source design feature.

Final Thoughts

Chainlink Proof-of-Reserve is a step forward in bringing more transparency to many core products in cryptocurrency. Chainlink PoR can update the reserve data on the chain at least once a day, and can use these data to make smart contracts secure.

For bridged and encapsulated assets, Chainlink optimizes costs when reserves remain stable, and automatically publishes changes above a certain threshold. It also provides tools for smart contract developers to make their protocols more secure, with the ability to read Chainlink’s constantly updated data feed. Additionally, applications that interact with encapsulated assets can also take advantage of Chainlink’s developer tools, helping to mitigate losses from potential exploits.

While access to off-chain reserve data is not completely trustless, Chainlink PoR has the potential to be the most powerful mechanism for validating on-chain reserves and bringing off-chain data on-chain in a decentralized, secure, and cryptographically verifiable manner.

Original link:

Translation: Terry |