Michael Saylor on Bitcoin Proof-of-Reserves: Security Risks and Institutional Concerns

Michael Saylor, the Executive Chairman of Strategy (formerly MicroStrategy), has voiced strong concerns regarding the practice of institutions publishing onchain proof-of-reserves. He argues that this transparency measure, intended to demonstrate solvency and security, actually introduces significant security risks.

Speaking at a Bitcoin 2025 conference sideline event in Las Vegas, Saylor stated, “The current, conventional way to publish proof of reserves is an insecure proof of reserves. It actually dilutes the security of the issuer, the custodians, the exchanges and the investors. It’s not a good idea, it’s a bad idea.”

His primary concern stems from the potential exposure of wallet addresses, which he believes could be exploited by malicious actors. Saylor posits that revealing these addresses creates a trail that can be traced, analyzed, and ultimately used to undermine the security of the company holding the assets. He likened it to providing a roadmap for attackers.

Despite being asked directly, Saylor did not confirm whether Strategy itself would adopt proof-of-reserves. His reservations highlight a deeper debate within the crypto community about the balance between transparency and security.

What are Proof-of-Reserves?

Proof-of-reserves (PoR) are audits conducted by crypto exchanges and other entities to demonstrate that they hold sufficient crypto assets to cover customer deposits and obligations. The goal is to increase transparency and build trust, particularly in the wake of high-profile collapses like FTX. The process typically involves cryptographically proving ownership of the assets without revealing private keys.

Many crypto exchanges, custodians, and even exchange-traded fund (ETF) issuers began implementing PoR protocols following the FTX collapse in November 2022. These companies sought to reassure users that their funds were safe and fully backed. Notable examples include Binance, Kraken, OKX, and Bitwise.

Saylor’s Counterarguments Against Proof-of-Reserves

Saylor acknowledges the industry’s push for transparency but believes that PoR, in its current form, is not the right solution for institutional-grade security. He argues that:

• Wallet Address Exposure: Publishing wallet addresses creates a security vulnerability that outweighs the benefits of transparency.
• Incomplete Picture: PoR typically only shows the assets held, not the liabilities owed, providing an incomplete financial picture.
• Lack of Audited Liabilities: Without a comprehensive audit of liabilities by a reputable firm, PoR is essentially meaningless.

Saylor advocates for a more holistic approach to security, emphasizing the need for robust internal controls, cybersecurity measures, and independent audits that encompass both assets and liabilities.

The Importance of Considering Liabilities

As Saylor and other industry experts point out, proof-of-reserves alone is not enough. It only presents one side of the balance sheet. To truly assess the solvency and financial health of an organization, liabilities must also be considered. Without knowing what a company owes, it’s impossible to determine whether it has enough assets to meet its obligations.

A comprehensive audit that includes both assets and liabilities, conducted by a reputable auditing firm, provides a much more accurate and reliable assessment of financial stability.

Strategy’s Bitcoin Holdings

Strategy is well-known as a major Bitcoin holder. As of current reporting, Strategy holds a substantial amount of Bitcoin. This significant investment underscores the company’s belief in the long-term value of Bitcoin as a store of value and hedge against inflation. Strategy continues to be a prominent player in the institutional adoption of Bitcoin.

Alternatives to Onchain Proof-of-Reserves

While Saylor criticizes onchain PoR, he doesn’t dismiss the need for transparency altogether. He suggests exploring alternative methods that provide assurance without compromising security. These might include:

• Zero-Knowledge Proofs: Cryptographic techniques that allow a company to prove it holds sufficient reserves without revealing the actual addresses or amounts.
• Trusted Third-Party Custodians: Utilizing reputable custodians with strong security protocols and independent audits.
• Regular Audits: Engaging independent auditing firms to conduct comprehensive audits of both assets and liabilities.

Conclusion

Michael Saylor’s concerns regarding onchain proof-of-reserves raise important questions about the balance between transparency and security in the crypto industry. While the desire for greater transparency is understandable, it’s crucial to carefully consider the potential risks associated with exposing sensitive information. A more comprehensive and security-conscious approach, incorporating audited liabilities and robust security measures, is essential for building trust and ensuring the long-term stability of the crypto ecosystem.