VEILBack to Blog
R

Relic

Founder

On Privacy-Native Prediction Markets: A Systems Engineer's Musing on VEIL

April 1, 2024

Prologue: Price Discovery Demands Two Kinds of Light

Prediction markets live at the intersection of two incompatible instincts. On one side is transparency—the belief that open ledgers yield accountability and trust. On the other is tactical opacity—the reality that price discovery is adversarial and information has half-life and rent. Traders who reveal intent too early donate alpha to the fastest copycat in the room. The world's best venues protect orders until it's time to print, then expose prices and final outcomes quickly, fairly, and definitively.

VEIL's thesis accepts that duality: privacy during formation, transparency at resolution. The engineering question is whether you can deliver that as a chain property, not duct-taped at the app edge, without denting liveness, fairness, or cost. Treat privacy like mempool policy, fairness like execution policy, and truth like a slashable oracle commitment. And add one more pillar most chains miss: liquidity policy as a privacy policy—chain-owned liquidity that doubles as a native mixer for value flows. That's the full decomposition. Now let's examine how the parts fit, and where the good dragons live.

1) Why a Subnet? Sovereignty over the Three Levers

General L1s optimize for aggregate TPS; specialized venues optimize for predictability and semantics. A prediction market needs three levers under its own control: mempool semantics (sealed vs. cleartext, ordering guarantees, admission control), execution semantics (batch cadence, clearing rules, invariants for market makers), and economic routing (how protocol fees feed depth, security, operations and privacy).

A dedicated Avalanche Subnet with a HyperSDK VM gives you all three. You keep Avalanche's fast probabilistic consensus and tight finality while writing a state machine that thinks like a venue, not a generic chain. Sovereignty here isn't a slogan; it's operational sanity. You can set window timing, meter ZK verification, slash committees—and design liquidity flows that create privacy properties you can't get from a rent-a-pool AMM.

2) Sealed Order Flow: Encrypt Early, Decrypt Predictably

VEIL uses epochal threshold encryption: clients encrypt under the epoch key; blocks carry ciphertexts ordered before content is known; a committee later posts partial decryptions the chain aggregates. That kills the worst MEV path: reordering on information.

The cliffs: Committee math vs. network reality. Pick k,t so routine packet loss doesn't starve windows; "boringly available" beats "mathematically optimal." Timeouts and proofs require objective evidence (epoch metadata, share commitments, canonical transcripts). Side-channels exist—even ciphertext leaks counts and timing. Normalize window duration, pad payloads, and trickle commits on a fixed beat.

3) Batch Auctions: Stop Rewarding Who Arrived First

Continuous matching rewards latency. Batch auctions flip the bias: trade in sealed windows, clear once at a uniform price. Path dependence disappears; "fast" is less valuable; "right size, right price" wins.

Make it deterministic and cheap: State+flow → price. From opening inventory q and net flow Δ, compute a single price (LMSR for thin markets, CPMM/CFMM for deep binaries). No one should gain by splitting an order 10 ways. Bound numerics with fixed-point math and log-sum-exp; clamp the depth knob b and per-window Δ. Grief limits through admission caps and nuisance fees discourage spam.

4) Shielded Ledger: Privacy Persists After the Print

Encrypted mempool protects intents in flight; a shielded note ledger protects balances at rest. The state machine moves commitments and nullifiers, not public balances.

Two practicalities: Viewing keys are first-class. "Private by default, auditable by choice." Professionals need scoped auditability without doxxing everything. Wallet ergonomics matter—scanning and proving are heavy, so optimize clients, enable remote provers, and make recovery sane.

5) Resolution: Stake, Slash, and Move On

Outcomes need finality with teeth. A rotating, staked oracle committee works if you: Select fairly (stake-weighted VRF; avoid committee ossification), slash objectively (late/no-reveal and equivocation are on-chain facts), and define a bonded dispute path (short window, evidence standard, randomized ve-jury with capped weights).

6) Economics: Depth You Can Bank On

Most venues rent liquidity with emissions; it leaves when the music stops. VEIL's answer is chain-owned liquidity (POL) and a Market Scoring Rule Bank (MSRB) that converts fees into durable depth.

Buyback-and-make: Route a share of fees to purchase WVEIL via TWAP and LP it into approved pairs. This improves price continuity, builds a permanent floor of liquidity, and turns fee flow into productive inventory—not confetti. MSRB as a lever: LMSR's b controls price impact. Publish targets ("A $10k clip moves ≤1% in Flagship markets"), then top up b until observed spreads match targets.

6A) POL as a Native Mixer

Shielded notes hide balances; encrypted windows hide intents. POL adds a third privacy layer by mixing value flows at the liquidity layer. Because the protocol itself owns and operates the core liquidity and reward conduits, every epoch routes many independent streams into a single pooled balance sheet and then re-emits value on a different cadence, in different denominations, to different recipients. That creates plausible unlinkability even when some interactions touch public rails.

Where the mixing comes from: Fee pooling → buyback TWAP (fees from thousands of trades pool, then execute time-weighted WVEIL buys across venues), LP mint/burn churn (treasury converts buys into LP shares and periodically rebalances), reward routing (staking/ve and LP rewards paid from pooled sources on epoch ticks), anonymity sets by design (epoch-based accrual, batched claims, optional claim-to-stealth address), and cross-market recycling (POL earnings from one market's activity top up MSRB depth in another category).

7) Governance: Change at the Speed of Proof

Two layers is enough: Validator governance for chain-critical parameters (epoch cadence, DKG policy, verifier intrinsics, emergency scaffolding), and ve-governance for economic routing (fee bands, MSRB caps, buyback cadence/mix, keeper limits, grants). Every proposal binds to a Policy Registry hash, then sleeps behind a timelock.

8) Engineering Hygiene: Measure, Replay, Own It

Benchmarks, not vibes. Micro-bench tables: ZK verify cost, decrypt aggregation latency for k∈21, auction clear time at 100/1k/10k orders. Deterministic replay: One-hour devnet transcript must re-compute to identical roots on any honest node. Failure playbooks: Missed decrypt quorum? Quarantine, retry, or refund—document it upfront.

9) Side-Channel Realism: The Last Mile of Privacy

You can encrypt bodies and shield balances; observers still see timing and inclusion patterns. Practical mitigations: Gateway cadence (fixed beat), payload padding, low-rate dummy traffic, user guidance (relays, Tor/VPN), and leverage POL mixing—the more value routes through the treasury, the less any single flow stands out.

10) Interop: Export Truth, Not Just Tokens

Warp asset bridges are obvious. The more valuable export is resolution attestations: (market digest, aggregate signature) + committee key root. Make verification a 30-second job for integrators.

11) Compliance Without Capitulation

Protocols don't KYC; interfaces often do. Separate chain capability from listing policy. Templates, creator bonds, and category toggles suppress spam without moral arbitration. Viewing keys enable voluntary audits by serious users.

12) Roadmap Discipline: Small, Sharp, Shipped

Ship the minimum surface area with strong telemetry: M1 Devnet (sealed commits, decrypt liveness, explorer for ciphertexts & shares, slash proofs), M2 Testnet (p95 commit→print < 10s; 99.5% windows cleared; disputes live; fee router → MSRB + tiny POL; privacy dashboards), M3 Mainnet Beta (curated markets, ve-governance for bands/caps, weekly buybacks, audits), M4 Hardening (proof aggregation, combinatorials, richer keeper logic—after boring stability).

13) The Human Factor

A sealed mempool means nothing if no one gives you flow. Talk in SLOs: "≥99.5% windows clear on time," "p95 commit→print < 10s," "<0.1% decrypt timeouts/epoch," "anonymity set ≥ X per epoch." Telemetry as a public good: Expose anonymous metrics (window latency, decrypt success, oracle SLA, POL mix ratio). Creator care: Templates, guardrails, actual support.

14) Known Unknowns

Network partitions (define deterministic recovery), committee capture (no-repeat seasoning), numerical cliffs (fuzz the edges), UX entropy (private defaults can feel opaque—visualize batch clocks, decrypt status, payout countdowns). Admit cracks; patch relentlessly.

15) What Would Convince a Skeptic

No one with scars cares about prose. They want plots and receipts: Decrypt Liveness (windows vs. time-to-decrypt P50/P95 with jitter overlays), Auction Clear Perf (time vs. order count + CPU profile), Observed Spread @ Standard Clip (before/after MSRB top-ups), Slash Proof Transcript (late decrypt, who got cut, why), Deterministic Replay Transcript (identical roots across runs), POL Privacy Metrics (epoch anonymity set, claim quantization histogram, mix ratio, % claims to stealth).

Epilogue: Darkness for Intent, Daylight for Truth—and Fog from the Treasury

The social value of prediction markets is not that they're edgy casinos; it's that they compress dispersed belief into a public price signal. For that compression to work, participants need cover while they act, and a credible anchor once the truth arrives. VEIL's architecture—sealed order flow, batch clears, shielded transfers, slashable oracles—draws that boundary. POL closes the loop: a state-native mixer that blurs value provenance by routing flows through a common, policy-bound balance sheet.

Darkness where intent should hide, daylight where truth should stand, and a steady fog from POL in between that keeps casual linkers lost. You'll earn your keep the dull way: decrypt on time, clear on time, pay out on time—month after month—under load and scrutiny. Markets don't demand perfection; they demand predictability. Publish your numbers, accept your slashes, keep the knobs small. The rest is just work.