VEILBack to Blog
R

Relic

Founder

On Privacy-Native Prediction Markets: Architecture Notes

April 1, 2024

Price Discovery Demands Two Kinds of Light

Prediction markets live at the intersection of two incompatible instincts. Transparency — open ledgers yield accountability. Tactical opacity — price discovery is adversarial and information has half-life. Traders who reveal intent too early donate alpha to the fastest copycat in the room.

VEIL's thesis: privacy during formation, transparency at resolution. The engineering question is whether you can deliver that as a chain property — not duct-taped at the app edge — without denting liveness, fairness, or cost.

Why a Custom VM

A prediction market needs three levers under its own control: mempool semantics (sealed vs. cleartext, ordering, admission), execution semantics (batch cadence, clearing rules, market maker invariants), and economic routing (how fees feed depth, security, operations and privacy). A dedicated Avalanche L1 with HyperSDK gives all three.

Sealed Order Flow

VeilVM uses threshold encryption: clients encrypt under the epoch key; blocks carry ciphertexts ordered before content is known; a committee posts partial decryptions the chain aggregates. This addresses the worst MEV path: reordering on information. Threshold-keyed mempool privacy is locally validated; production rollout evidence is pending (G2).

Batch Auctions

Continuous matching rewards latency. Batch auctions flip the bias: trade in sealed windows, clear once at a uniform price. Path dependence disappears; speed is less valuable; correct sizing and pricing wins.

Shielded Ledger

Encrypted mempool protects intents in flight; a shielded note ledger protects balances at rest. The state machine moves commitments and nullifiers, not public balances. Viewing keys are first-class — “private by default, auditable by choice.”

Chain-Owned Liquidity as Native Mixer

Protocol-owned liquidity adds a third privacy layer by mixing value flows at the liquidity layer. Because the protocol itself owns and operates core liquidity conduits, every epoch routes many independent streams through a pooled balance sheet, creating plausible unlinkability even when some interactions touch public rails.

Current Status

These are architectural design principles. Implementation status varies by component — proof-gated consensus passes locally (G1), threshold keying passes locally (G2), and shielded ledger circuits are archived (G3). Current launch authority state is GO FOR PRODUCTION. See the transparency page for the latest gate snapshot and operator caveats.