pull down to refresh

I noticed that Kraken has Proof of Reserves reports.
But so far, I didn't understand how they work except that they are related to merkle trees.
I only know that merkle trees are data structures which can be used to proof that someone (a node, server, CEX or whatever) indeed has a specific "thing" (transaction or block or whatever) included in its database since it would need those to end with that specific merkle root hash (please correct me if I am wrong).
I would like to verify myself if what Kraken and this independent auditor claims is indeed true.
Anyone here who can explain it to me like I am 5? Or point me to good resources?
My understanding is that a proof of reserves proves control of certain utxos. A lot of places also seem to be coupling this with some kind of liability proof.
This could probably be implemented any number of ways, but the important part is control over utxos. If they are using merkle trees, I imagine the merkle root would be useful for concisely expressing control, where leaves in the tree correspond to utxos under your control, which you can prove belong to the published root with very little other data.
There are a lot of resources listed on https://niccarter.info/proof-of-reserves/.
reply