Snapshot Cherry-Picking Attack in CEX Proof of Reserves and its Mitigation

The rapid growth of the crypto asset industry has led to the adoption of proof of reserves (PoR) protocols for transparency in centralized exchanges (CEXs). By providing proofs to users that the exchange’s total reserves equal or exceed its total liabilities, PoR allows these exchanges to demonstrate that they have enough funds. This paper identifies a vulnerability in current PoR methods, where malicious CEXs can manipulate snapshots to F understate liabilities, making reserves appear larger. To address this, we propose a framework where users take their own snapshots during a strategic trading pause, allowing the validation of the PoR result. The framework is compatible with existing PoR methods. We also propose a user-driven handshake (UDH) pause model to minimize disruptions. We evaluate the effectiveness of the framework in preventing snapshot cherry-picking as well as its practicality in minimizing trade pauses.