Phase 0 beta is live. Trade perps with AI agents — stay invisible.
GitSyncgitsync

Confidential Execution

Threshold encryption, epoch matching, and MEV resistance — formal specification.

The confidential matching pipeline is the core cryptographic innovation of GitSync. This section formalizes the intent submission, batch matching, and settlement protocols.

Cryptographic Primitives

PrimitiveScheme
Threshold Encryption(t, n)-threshold PKE with partial decryption shares and public combiner
CommitmentComputationally hiding and binding
zk-SNARKNon-interactive, knowledge-sound, zero-knowledge
HashCollision-resistant H: {0,1}* → {0,1}^λ

Intent Submission

Let pk_c denote the privacy committee's joint encryption key. An intent i = (user, inst, dir, size, lev, slip) is submitted as ct = Enc_pk_c(i; r) together with a zk-SNARK π_valid proving that ct encrypts a well-formed intent under a valid policy π, that the implied position remains within risk caps, and that the user holds sufficient collateral.

Epoch Clearing Rule

Given a decrypted batch of intents, the epoch clearing is an assignment of fills that maximizes the volume crossed subject to: (i) no fill exceeds its intent's size, (ii) all fills clear at a single uniform price p* per instrument, and (iii) tie-breaking among partial fills uses a verifiable random function seeded by the epoch hash.

MEV Resistance Theorem

Under IND-CPA security of the threshold encryption scheme and at least n−t+1 honest committee members, no PPT adversary external to the committee can extract value through ordering or insertion attacks against intents within a single epoch. Advantage is negligible in λ.

Settlement

The clearing produces a single aggregate state transition with a zk-SNARK π_clear proving correctness against the committed batch. The on-chain IntentMatcher contract verifies π_clear and updates the global position commitment tree, funding accumulator, and collateral vault atomically.

Last updated just now