Deribit l Merkle Tree

Proof of Reserves

Proof of Liabilities

Verified

Deribit holds a 1:1 reserve of all customer assets and the company is happy to provide full transparency into our holdings. A cryptographic proof of liabilities, verifiable by any party without relying on a trusted auditor, was first proposed by Greg Maxwell in 2013, and is known as the Maxwell protocol. This initial proposal disclosed information about the number and size of customer accounts, which is why Deribit is using a slightly modified version that protects client privacy and offers full transparency, preventing balances from being hidden.

Deribit constructed a binary Merkle hash overview with the leaves being the steganographed (cut in-pieces) balances of our individual users, broken up by asset. Clients can see exactly which leaves in the tree refer to their funds by using the unique hash built from their account information. With the individual liabilities established, it can be easily verified whether the aggregate of these liabilities is held by Deribit on-chain.

The daily snapshot file can be found here.

Proof of Assets

Verified

Below please find an overview of the key wallet addresses used by Deribit. Please note, the list below does not include addresses of assets held in third-party custodians, like Copper Clearloop and Cobo Loop.

Verification of your Assets

1. Every day Deribit takes a snapshot of the on-chain assets for all eligible account. Assets held by third party custodians cannot be included in the reporting as they are not in Deribit’s direct control. The data file that is fully accessible for all interested parties therefore only contains the accounts that hold assets on Deribit.

2. In contrast to Maxwell’s approach, Deribit’s modified proof of assets includes steganography (rearranging balance data) of our user balances to protect client privacy and prevent disclosure of actual balances and their links to blockchain addresses or identities. This is important as we disclose a full list of accounts. Only the client can recognise his or her’s assets in the list.

3. In the Deribit frontend (here) clients will find a hash allowing them to verify that their assets are included in the asset file at both the main and sub-account level.

4. All code used to create Deribit’s modified Merkle Tree is available below so clients can verify the accuracy of the frontend data. To prevent the same nonces being assigned to different users with comparable asset levels, thus reducing the size of liabilities, we give each account a unique Proof ID. Using the instructions below client can convert the Proof ID into the identifiers found in the daily Snapshot file and shown in the verification section of the Proof of Reserves page.

5. The aggregate of the assets included in the Asset File should always be less than the aggregate of assets available on-chain. The difference is the Deribit reserve ratio, which includes the insurance funds and Deribit revenues. If the total on chain balance is higher than the Asset File balance (visible in frontend and in file itself), then Deribit has Proof of Reserves.

User Code

1. User can find his or her Proof ID from the frontend. The user can verify their Proof ID is unique by performing the following steps:

A. Verify Proof Signature

– Get the User ID and Proof ID Signature from the Proof Of Reserves page

– Download the latest Proof Of Reserves snapshot and copy the Public Key (public_key field in json file)

– Use the Ed25519 signature algorithm to verify that the Proof ID Signature was used to sign the User ID

tool: https://ed25519.altr.dev/ (Base64)

– Message = User ID

– Signature = Proof ID Signature

B. Verify Proof ID

– Base64url decode the Proof ID and Proof ID Signature

tool: https://cryptii.com/pipes/base64-to-hex (Variant = Base64url, Format: Hexadecimal Group By = None)

– Verify if sha1(Proof ID Signature Base64url Decoded) = Proof ID Base64url Decoded

tool: https://emn178.github.io/online-tools/sha1.html (Input Type = Hex)

2. By calculating hashes a user can fetch all his entries from the “liability” field of the JSON file (to increase PartNumber until no more fetches). The sum of the entries is the sum included into the liability.

A. Join Table Seed and Proof ID:

format: TableSeed ++ “|” ++ Proof ID
output: 2022-12-02 12:37:32|accountProofId

B. SHA256 hash:

tool: https://emn178.github.io/online-tools/sha256.html (Input Type = Text)
input: 2022-12-02 12:37:32|accountProofId
output (dummy): cc9810645a0119723eb25f3afaab84ae6c219ec492bd04409b91da710c61d264

C. Join hash with Part Number (in Hex):

format: HashFromStep2 ++ “|” ++ PartNumber
input:

– HashFromStep2: cc9810645a0119723eb25f3afaab84ae6c219ec492bd04409b91da710c61d264
– | in hex: 7c
– 1 in hex: 31

output: cc9810645a0119723eb25f3afaab84ae6c219ec492bd04409b91da710c61d2647c31

D. SHA256 hash:

tool: https://emn178.github.io/online-tools/sha256.html (Input Type = Hex)
input: cc9810645a0119723eb25f3afaab84ae6c219ec492bd04409b91da710c61d2647c31
output (dummy): 30d5635e4cc4fd315d38a4415801d5b3078f421263c9eb1f5e36b6d8c8e49bca

E. Base64 encode

tool: https://emn178.github.io/online-tools/base64_encode.html (Input Type = Hex)
input: 30d5635e4cc4fd315d38a4415801d5b3078f421263c9eb1f5e36b6d8c8e49bca
output: MNVjXkzE/TFdOKRBWAHVswePQhJjyesfXja22Mjkm8o=

F. Replace some characters:

‘=’ => ”
‘+’ => ‘-‘
‘/’ => ‘_’

input: MNVjXkzE/TFdOKRBWAHVswePQhJjyesfXja22Mjkm8o=
output: MNVjXkzE_TFdOKRBWAHVswePQhJjyesfXja22Mjkm8o

3. Everyone can check that our total liability (sum of all liability entries) is less than disclosed on-chain reserves (addresses see below).

4. When total liability is less than or equal to the wallet reserves, it confirms that Deribit has provided Proof-of-Reserves as it is holding sufficient reserves. As the snapshots are taken daily, market volatility and the corresponding impact on customer portfolios may cause a temporary difference between snapshots.

Additional reserves (beyond liabilities)

The additional reserves (assets under Deribit’s control beyond client liabilities), or the Deribit reserve ratio, includes the Deribit insurance fund, Deribit’s daily revenues and accounts used for payments and general administration.

As Cobo Loop clients have the choice to withdraw assets via Cobo Loop or, Deribit will need to keep funds to facilitate direct withdrawals by Cobo Loop users. This is contrary to Copper Clearloop, where 100% of client assets are always held by Copper.

(Proof of Margins) locked

Verified

Finally, Deribit publishes an endpoint that shows cumulative margin locked (MM and IM per currency) for the entire user base. This endpoint shows in real-time how many assets are held on Deribit as margins for outstanding positions. The above sections provides specifics on the exact assets Deribit holds on behalf of clients and how users can verify the assets exist, hence this enpoint is an additional layer of transparency.

Please see the following real-time endpoint here.

Don’t Trust Us. Verify Us.

Always full transparency of our Reserves.

Don’t Trust Us. Verify Us.

Always full transparency of our Reserves.

List of Wallets

Verified

All Deribit’s wallet holdings are public and easy to verify. Users funds are always backed 1:1 by real assets.

Deribit Wallets:

Bitcoin (BTC)
bc1qa3phj5uhnuauk6r62cku6r6fl9rawqx4n6d690 – Link
1MDq7zyLw6oKichbFiDDZ3aaK59byc6CT8 – Link
1932eKraQ3Ad9MeNBHb14WFQbNrLaKeEpT – Link
13JJ1nxDeX5fMsDeyGHiLoK8rF2ayGq1cX – Link
1MdrdcEzfiJdvs6eVSwUx6bWboPX8if5U3 – Link
35WHp4Hid61peyH4tuhNunwRj2gtNB41Lo – Link
bc1qtq5zfllw9fs9w6stnfgalf9v59fgrcxxyawuvm – Link
34ZHV8dd6uucEUABUydWpKi6F4qKQntEUf – Link
bc1qys8qcee7k6str98ewfd7hy743sng8xt2gmxaa9 – Link
14HeA1YRUiJGb95HVpVTBuavMUBYGk6y7R – Link
1938ZAyPMzCUKNgv7Z6uC89VfwXCbJti8A – Link
Ethereum (ETH) – USDC – ETHW
0x77021d475E36b3ab1921a0e3A8380f069d3263de – Link
0x5f397B62502e255f68382791947D54C4B2d37F09 – Link
0xcfee6efec3471874022e205f4894733c42cbbf64 – Link
0x2eeD6a08Fb89a5CD111efA33f8DcA46CfbEB370f – Link
0x6B378bE3c9642ccF25b1A27faCb8ace24aC34A12 – Link
0xA7e15eF7C01B58eBe5eF74Aa73625Ae4b11FE754 – Link
0x062448f804191128d71fc72e10a1d13bd7308e7e – Link
0xA0F6121319a34f24653fB82aDdC8dD268Af5b9e1 – Link
0x904cC2B2694FFa78F04708D6F7dE205108213126 – Link
0x63F41034871535ceE49996Cc47719891Fe03dff9 – Link
0x58F56615180A8eeA4c462235D9e215F72484B4A3 – Link
Solana (SOL)
H8z2yZcrKo7ngiMz3Vsuw823nYo11qdCqs3sJDDjeTdD – Link
A5ANHizfayJUDBSwV5Cm7CNXCj6E6AAda49wzzdYPons – Link

For a graphical overview please visit Nansen, CoinMarketCap, or DeFiLlama.

AUTHOR(S)

Deribit Deribit

We are the best resource for Crypto Derivatives trading. Deribit is not available in the United States or other restricted countries.

RECENT ARTICLES