Proof of solvency

Example

Suppose there are 2 assets (ETH, USDT) and 3 users, and use USDT as the base denominated asset. Assume following user behaviors:

Alice deposit 10000 USDT to CEX, then use 10000 USDT as collateral to borrow 2 ETH, and then use 1 ETH as collateral to borrow 1000 USDT; and swap 1 ETH with Bob's 2000 USDT
Bob deposit 10 ETH and 10000 USDT to CEX; swap 2000 USDT with Alice's 1 ETH
Carl deposit 10 ETH to CEX, then use 1 ETH as collateral to borrow 1000 USDT

The user's balance sheet is as following:

	ETH (price:2000 USDT)	ETH	USDT (price: 1 USDT)	USDT	Total Net Balance (USDT)
	Equity	Debt	Equity	Debt
Alice	1	2	13000	1000	10000
Bob	11	0	8000	0	30000
Carl	10	0	1000	1000	20000

The assets CEX holds equal to the summation of every user net asset balance (Equity-Debt). So the CEX needs to hold 20 ETH and 20000 USDT at least.

In proof of solvency, the following properties are guaranteed:

Each user's total net balance is greater than 0;
Each asset of user is a part of total net asset declared by CEX:
- For alice, -1 eth is a part of total net eth, and 12000 usdt is a part of total net usdt ;
- For Bob, 11 eth is a part of total net eth, and 8000 usdt is a part of total net usdt;
- For Carl, 10 eth is a part of total net eth, and 0 usdt is a part of total net usdt
the total net asset declared by CEX equals to the summation of every user net asset balance

Design

The main idea of the design is to ensure the correctness of the process of building the world state tree through zksnark.

Suppose there are ASSET_NUM assets and ACCOUNT_NUM accounts. Define following structures:

type CexAssetInfo {
	total_equity    u64
  total_debt      u64
  usdt_price      u64
}

type AssetInfo {
	equity    u64
	debt      u64
}

type CreateUserOp {
  before_account_tree_root  Hash
	assets                    [ASSET_NUM]AssetInfo
  after_account_tree_root   Hash
  account_index             u32
  account_proof             [ACCOUNT_TREE_DEPTH]Hash
}

type AccountTreeLeafNode {
  equity_usdt          u64
  debt_usdt            u64
	assets_commitment    Hash
}

type CexAssetInfoList  [ASSET_NUM]CexAssetInfo
type AssetInfoList     [ASSET_NUM]AssetInfo
type CreateUserOpList  [BATCH_NUM]CreateUserOp

CEX can construct CexAssetInfoList and AssetInfoList for each account based on user balance sheet snapshot defined above. And CexAssetInfoList is published, AssetInfoList keeps private to each user.

In this design, CEX use index to represent user and asset type, such as:

0	1	…	n
alice	bob	…	dummy account

0	1	…	n
ETH	USDT	…	dummy asset