Cryptology ePrint Archive: Report 2015/1008

Provisions: Privacy-preserving proofs of solvency for Bitcoin exchanges

Gaby G. Dagher and Benedikt Buenz and Joseph Bonneau and Jeremy Clark and Dan Boneh

Abstract: Bitcoin exchanges function like banks, securely holding their customers' bitcoins on their behalf. Several exchanges have suffered catastrophic losses with customers permanently losing their savings. A proof of solvency demonstrates that the exchange controls sufficient reserves to settle each customer's account. We introduce Provisions, a privacy-preserving proof of solvency whereby an exchange does not have to disclose its Bitcoin addresses; total holdings or liabilities; or any information about its customers. We also propose an extension which prevents exchanges from colluding to cover for each other's losses. We have implemented Provisions and show that it offers practical computation times and proof sizes even for a large Bitcoin exchange with millions of customers.

Category / Keywords: Bitcoin, proof of solvency

Original Publication (with major differences): ACM CCS

Date: received 13 Oct 2015, last revised 26 Oct 2015

Contact author: jbonneau at cs stanford edu

Available format(s): PDF | BibTeX Citation

Version: 20151026:184716 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]