Audit. Verify. Prove — Proof-of-Reserve for crypto projects

Reserve Audit provides independent security audits, on-chain proofs and continuous monitoring for exchanges, custodians and DeFi protocols. Build trust with verifiable reserves and professional audit reports.

Request audit View reports →

Proof-of-Reserve

On-chain snapshots & Merkle proofs

Smart-contract audits

Manual & automated reviews

Continuous monitoring

Alerting & incident response

Trusted by exchanges

Audit partners & integrations

Transparent reports

Readable findings & remediation

Rapid response

From triage to patch

Latest reports

Project Aurora — Exchange Reserve Check

Completed: Oct 10, 2025

Verified

VaultX — Smart-contract audit

Completed: Sep 2, 2025

High risk — fixes required

Pebble DeFi — Proof snapshot

Completed: Aug 21, 2025

Verified

Browse all reports

Proof snapshot demo

Example Merkle root: 0x3f5b...9a2e

Want a live demo? Contact us to schedule a walkthrough.

Services

Full lifecycle security services tailored for crypto platforms.

On-chain Reserve Audit

Independent snapshots, proof generation & publication.

Smart-contract review

Manual code review & static analysis.

Penetration testing

Infrastructure & webapp security testing.

Numbers that build trust

120+

completed audits

$3.2B+

assets verified

98%

client satisfaction

SLA 5d

median delivery

About

Reserve Audit is a minimal yet professional team focused on delivering transparency and trust through concise, verified audits and proof-of-reserve reports.

Why Reserve Audit

We prioritize clarity, speed, and reliable verifications. Simple process, clear deliverables, and trusted results.

Our Process

1. Submit project · 2. Audit & proof generation · 3. Report delivery · 4. Optional monitoring

Case studies

Project Aurora — CEX Reserve Attestation

Scope: Exchange wallets on BTC, ETH, TRON; liabilities snapshot via Merkle tree. Outcome: solvency ratio 108%, 4 medium issues fixed in 72h, public PoR page published.

Pebble DeFi — Lending Protocol

Scope: Solidity contracts, oracle integration, liquidation logic. Result: 1 high risk found & patched pre‑launch; economic model validated; monitoring set with anomaly alerts.

VaultX — Cross‑Chain Bridge

Scope: Smart contracts, relayer infra, key management. Result: 0 critical after fixes; incident playbook delivered; quarterly re‑audit retainer.

Documentation

Concise methodology describing how we perform Proof‑of‑Reserve, smart‑contract audits, and continuous monitoring. Minimal fluff, maximum clarity.

Proof‑of‑Reserve overview

PoR demonstrates that a custodian or exchange holds on‑chain assets at least equal to user liabilities. We use cryptographic commitments (Merkle roots) to let users verify inclusion of their anonymized balance without revealing others.

Deliverables: Merkle root, asset addresses, snapshot time (UTC), solvency ratio, independent report PDF, and optional public PoR page.

Assets: discovery & verification

We compile signed wallet lists per chain (BTC, EVM, TRON, etc.), confirm control via signed messages or on‑chain movements, and tag addresses (hot, cold, operational). Balances are captured block‑height‑pinned.

Liabilities: anonymized tree

User balances are aggregated and salted, then hashed into a Merkle tree. Each user receives a leaf proof. Double‑counting and negatives are forbidden by constraints in the tree construction and by total checksum disclosure.

Solvency ratio

ratio = onchain_assets / user_liabilities. We present chain‑by‑chain tables and consolidated view. Threshold alerts can be set for real‑time monitoring.

Smart‑contract audit method

We combine manual review (spec vs. code), threat modeling, and automated analysis (Slither, Mythril, Foundry tests) with focus on access control, arithmetic, upgradeability, and economic security.

Reporting & remediation

Findings are graded (Critical → Low) with PoC, impact, likelihood, and fix recommendations. A verification pass confirms patches. Clean reports include full diff review.

Continuous monitoring

Optional add‑on: on‑chain balance watchers, reserve ratio alerts, contract event sentries, uptime checks, and dependency CVE feeds. Incidents include a 60‑minute triage SLA.

Compliance & standards

We align with industry guidance (SOC‑like controls for custody processes), follow responsible disclosure, and support regulatory inquiries with signed attestations upon request.

Public PoR JSON sample

Minimal endpoint schema you can host at /por/latest.json or similar.

{
  "snapshot_time": "2025-10-10T12:00:00Z",
  "merkle_root": "0x3f5b...9a2e",
  "assets": [
    {"chain": "BTC", "addresses": ["bc1q..."], "balance_btc": 123.45},
    {"chain": "ETH", "addresses": ["0xabc..."], "balance_usd": 51234567.89}
  ],
  "liabilities_checksum": "0x9d7c...e101",
  "solvency_ratio": 1.08,
  "proof_url": "/por/proofs/{user_hash}.json"
}

FAQ

How long does a PoR take?

Typical scope ships in 3–7 business days depending on chains and data access. Retainers shorten lead time.

What do users get to verify?

An inclusion proof for their anonymized balance plus public root and snapshot details.

Do you store customer data?

We minimize data. Liability inputs can be hashed client‑side; raw records are deleted post‑attestation.

Audit vs. code review?

Code review checks style and minor issues; an audit models threats, tests assumptions, and validates safety properties.

Can you publish a public PoR page?

Yes. We provide a minimal static page or JSON endpoint you can embed.

Final call to action

Boost credibility with a verifiable audit. Start with a 15‑minute scoping call.

Get your audit See sample reports →

Pricing

Transparent packages. Fixed scope, clear deliverables. Custom retainers available.

Starter

$2,500 — 3–5 business days

Assets attestation (1–2 chains)
Liabilities Merkle tree
Solvency ratio report (PDF)
1 verification pass

Choose Starter

Standard

$7,500 — 5–7 business days

PoR (multi-chain 3–5)
Smart-contract audit (core set)
Public PoR JSON endpoint
2 verification passes

Choose Standard

Enterprise

Custom — SLA & monitoring

End‑to‑end security program
Continuous monitoring & alerts
Compliance assistance
Quarterly re‑audits

Talk to Sales

Sample reports

Aurora — Reserve Attestation

PDF, 12 pages · Oct 2025

Download sample

Pebble DeFi — Smart‑contract audit

PDF, 18 pages · Sep 2025

Download sample

VaultX — Bridge Security Review

PDF, 15 pages · Aug 2025

Download sample

What clients say

“Reserve Audit gave us a clear path to fix issues pre‑launch. The report was concise and actionable.”

— CTO, Lending protocol

“Our public PoR page increased user trust overnight. Integration was straightforward.”

— Ops Lead, Centralized exchange

“Monitoring alerts helped us catch a wallet drift before it became an incident.”

— Head of Security, DeFi aggregator

Get in touch

Tell us about your project and we'll send a short intake questionnaire. We usually reply within 24h.