An exchange proves ownership of funds by cryptographically signing a custom message for each claimed address using the private key of that address. The coin balances for each address are obtained by taking a snapshot of the top N=32767 addresses for the current blockchain state.
The Proof-of-Assets zk-SNARK consumes the address-ownership signatures provided by the exchange, and the blockchain snapshots provided by Proven. It then computes the sum of the balances of all addresses for which a valid ownership signature was provided.
How do I see the blockchain snapshots that are used to obtain address balances in the Proof-of-Assets protocol?
We (Proven) provide snapshots of the blockchain state on each day and make them available to the public at the URL:
How do I verify that the snapshot provided by Proven matches the snapshot that was used in the protocol?
The top-level Solvency zk-SNARK reveals the hash of the snapshot that was used in its execution. To verify that a given snapshot was used in a given proof execution, it suffices to compute the hash of the snapshot and compare it with the snapshot hash revealed by the top-level Solvency zk-SNARK.
