The second one is a web to vulnerability because we're not committing to a public bulletin board on the potential balance. People don't know if they're taking against the correct Merkel route, right? And we need to create some tools for the community that can be used across the exchanges so people very quickly can check their balances. That's the secondulnerability. There is a third one. When you join an FTX or any exchange website, you are assigned an identity, right? Some identifier. You have a user ID. How do I know that FTX is giving me the same user ID with you or not? Or they're giving me their assigning me? Like if it's independent or
This week, Anna explores the topic of proof of solvency with Kostas Chalkias, co-founder and chief of Cryptography at MystenLabs. They cover Kostas’ background in Cryptography and explore his work on Proof of Reserves, otherwise known as Proof of Solvency. They review past Proof of Solvency models using ZKPs and look at the protocols that major centralized exchanges are currently using. Then they dive into the security vulnerabilities, privacy issues, and general bugs that Kostas and his collaborators have identified in these protocols and their recommendations on how to better build Proof of Solvency systems.
Here are some additional links for this episode:
Today’s episode is sponsored by Aleo
Aleo is a new Layer-1 blockchain that achieves the programmability of Ethereum, the privacy of Zcash, and the scalability of a rollup.
If you’re interested in building private applications then check out Aleo’s programming language called Leo. Visit leo-lang.org to start building.
You can also join Aleo’s incentivized testnet3 by downloading and running a snarkOS node. No sign-up is necessary to participate. For questions, join their Discord at aleo.org/discord.
If you like what we do: