Platform

Overview

How It Works

Beneficiary Identity

Policy Corridors

Deterministic Finality

Architecture

Security Model

Governance

Integration
Solutions

Corridors Overview

Institutional Overview

Pricing

All Scenarios

Humanitarian Impact Fund
Assurance

Technical Assurance

Verify Receipt

Receipt Example
Developers

Documentation

APIs & Bridges

Architecture Docs

Glossary

BID API
Company

About

Team

Partners

Roadmap

Investors

Contact

Blog

All Documentation
Schedule Consultation
← Back to Patent Claims
Patent Claim 10 All Patents →

MEV Protection via Commit-Reveal

Verifiable Random Function-Based Transaction Ordering

Patent Claim JIL Sovereign February 2026 Claim 10 of 36

01Executive Summary

Maximal Extractable Value (MEV) represents one of the most damaging systemic risks in blockchain systems, with over $1 billion extracted annually from users through frontrunning, sandwich attacks, and validator-controlled transaction reordering. JIL Sovereign eliminates MEV at the protocol level through a two-phase commit-reveal mechanism combined with Verifiable Random Function (VRF) based ordering.

In Phase 1 (Commit), users submit encrypted commitments - a hash of their transaction plus a random nonce - during a 500-millisecond collection window. In Phase 2 (Reveal), the original transactions are disclosed, verified against their commitments, and ordered using a VRF seeded with the block hash. Because the ordering seed depends on the block hash (unknown during the commit window), no party - including validators - can predict or manipulate transaction order.

Core Innovation: The combination of commit-reveal with VRF-based ordering creates a provably fair transaction ordering that is immune to frontrunning, sandwich attacks, and validator reordering. No existing blockchain combines both mechanisms at the consensus layer. Flashbots and similar solutions reduce MEV but do not eliminate it.

02Problem Statement

MEV extraction is a structural tax on every blockchain user. When a user submits a DEX trade, any observer who sees the pending transaction can insert their own transaction before it (frontrunning) or wrap it between two transactions (sandwich attack) to extract value. Validators compound the problem by reordering transactions within a block to maximize their own profit.

2.1 MEV by the Numbers

$1.4B+
MEV extracted on Ethereum (2023 - 2024)
~4%
Average value lost per DEX trade to MEV
90%+
Ethereum blocks use MEV-Boost (validator MEV)

2.2 Attack Taxonomy

Attack TypeMechanismImpactCurrent Defenses
FrontrunningObserver sees pending tx, submits same trade first at higher gasUser gets worse price; attacker profits on spreadPrivate mempools (partial)
Sandwich AttackAttacker buys before user tx, sells after, capturing price impactUser loses 1 - 5% of trade valueSlippage limits (reactive only)
Validator ReorderingBlock proposer reorders transactions to maximize own profitSystemic value extraction at consensus levelPBS (partial separation)
Just-in-Time LiquidityLP adds liquidity before large trade, removes afterLP captures fees without sustained commitmentNone widely deployed
Time-Bandit AttackValidator re-mines previous blocks to capture MEV retroactivelyConsensus stability riskFinality mechanisms (partial)
The Gap: Flashbots MEV-Share reduces extraction but still allows value to be captured through private order flow agreements. Proposer-Builder Separation (PBS) separates block building from proposing but does not prevent the builder from reordering. No existing system provides provably fair ordering at the consensus layer.

03Technical Architecture

3.1 Two-Phase Commit-Reveal Protocol

Phase 1: COMMIT (500ms window)
  |  User submits: commitment = SHA256(tx_data || nonce)
  |  Transaction content is hidden from all observers
  |  Validators collect commitments into commitment set
  |
Phase 2: REVEAL (500ms window)
  |  User submits: (tx_data, nonce)
  |  Validator verifies: SHA256(tx_data || nonce) == commitment
  |  Invalid reveals are discarded (commitment wasted)
  |
Ordering: VRF SHUFFLE
  |  Seed = VRF(validator_key, block_hash || batch_id)
  |  Fisher-Yates shuffle using SHA256 chain from seed
  |  Deterministic: all validators produce same order
  |
Execution: SEQUENTIAL
  |  Transactions executed in VRF-determined order
  |  Slippage and limit checks applied per transaction
  |  Failed transactions produce rejection receipts

3.2 Commitment Structure

FieldSizeDescription
commitment_hash32 bytesSHA256(tx_data || nonce) - the opaque commitment
sender32 bytesAccount address (visible for fee deduction)
fee_deposit8 bytesPre-deposited execution fee (covers gas regardless of reveal)
batch_id8 bytesTarget batch window identifier
timestamp8 bytesSubmission timestamp (must fall within commit window)

3.3 VRF Seed Generation

The VRF seed is generated by the block proposer using their validator key and the previous block's hash. Because the block hash is unknown until the block is finalized (after the commit window closes), no party can predict the ordering seed during the commit phase. The VRF proof is included in the block header so that all validators can independently verify the seed's correctness.

// VRF seed generation
seed = VRF_prove(validator_private_key, prev_block_hash || batch_id)
proof = VRF_proof(validator_private_key, prev_block_hash || batch_id)

// Deterministic Fisher-Yates shuffle
function vrfShuffle(transactions, seed) {
  let state = seed;
  for (let i = transactions.length - 1; i > 0; i--) {
    state = SHA256(state);
    let j = bytesToInt(state) % (i + 1);
    [transactions[i], transactions[j]] = [transactions[j], transactions[i]];
  }
  return transactions;
}

04Implementation

4.1 Batch Window Timing

The default batch window is 3,000 milliseconds (configurable via BATCH_WINDOW_MS). Within each batch window, the first 500ms are allocated for commitment collection, the next 500ms for reveal submission, and the remaining 2,000ms for VRF ordering, execution, and block finalization. This timing ensures that even under network latency, all participants have sufficient time to submit both commitments and reveals.

4.2 Commitment Verification

During the reveal phase, each validator independently verifies that SHA256(revealed_tx || revealed_nonce) == original_commitment. Any reveal that does not match its commitment is silently discarded. The commitment fee is still consumed (preventing spam attacks where users submit commitments without intending to reveal). Users who fail to reveal within the window forfeit their fee deposit.

4.3 Ordering Algorithm

  1. Collect Reveals: All valid reveals for the current batch are assembled into an unordered set.
  2. Generate VRF Seed: Block proposer generates the VRF seed from their key and the previous block hash.
  3. Deterministic Shuffle: Fisher-Yates shuffle using SHA256 chain seeded by VRF output. All validators produce the same permutation.
  4. Sequential Execution: Transactions execute in the shuffled order. Each transaction is checked against slippage limits and price bounds.
  5. Result Aggregation: Executed transactions are assembled into the block. Failed transactions produce signed rejection receipts.
Why VRF + Commit-Reveal Together: Commit-reveal alone prevents frontrunning (transactions are hidden during collection) but does not prevent validator reordering during the reveal phase. VRF alone prevents validator reordering but does not prevent mempool observation. Together, they provide complete MEV protection: transactions are hidden when submitted and randomly ordered when executed.

05Integration with JIL Ecosystem

5.1 Retail Lane Engine

The retail-lane-engine service (port 8563) implements the batch auction clearing algorithm that uses the commit-reveal + VRF ordering described in this claim. Every trade intent submitted to the retail lane is processed through the commit-reveal pipeline, ensuring that all DEX trades receive provably fair ordering.

5.2 Execution Router

The execution-router service (port 8562) determines whether a trade is routed to the retail lane (commit-reveal batches) or the RFQ lane (direct market maker quotes). Small trades and standard market orders flow through the retail lane and receive full MEV protection. Large institutional trades may opt for the RFQ lane where pricing is determined by direct market maker competition.

5.3 Market State Integration

The market-state service (port 8561) adjusts batch parameters based on market conditions. During ELEVATED or STRESSED states, batch windows may be extended and commitment fees increased to prevent spam during volatile periods. In HALTED state, no new commitments are accepted.

5.4 Fee Distribution

DEX fees (200 basis points total - 1% buyer, 1% seller) collected from MEV-protected trades are distributed according to the protocol fee split: 50% to liquidity providers, 40% to platform operations, and 10% to the humanitarian fund. The VRF ordering ensures that this fee distribution is not distorted by reordering attacks.

06Prior Art Differentiation

SystemMEV ApproachCommit-Reveal?VRF Ordering?Eliminates MEV?
Flashbots (MEV-Share)Private order flow, partial rebatesNoNoReduces, does not eliminate
Ethereum PBSSeparates builder from proposerNoNoBuilder can still reorder
CowSwapBatch auction with solver competitionNoNoReduces within batches
Chainlink FSSFair sequencing with time-based orderingNoNoTime-based, not provably random
JIL SovereignCommit-reveal + VRF ordering at consensusYesYesYes - provably eliminated
Key Differentiator: No existing system combines encrypted commitment collection with VRF-based transaction ordering at the consensus layer. Flashbots and PBS reduce MEV extraction but do not eliminate it. JIL Sovereign's two-phase protocol makes MEV extraction mathematically impossible: transactions are hidden during collection and randomly ordered during execution.

07Implementation Roadmap

Phase 1
Months 1 - 3

Core Commit-Reveal Protocol

Implement commitment collection with 500ms windows. Reveal verification against commitments. Fee deposit and forfeiture mechanism. Basic sequential ordering (pre-VRF). DevNet testing with simulated MEV attacks.

Phase 2
Months 4 - 6

VRF Integration

VRF seed generation using validator keys and block hashes. Deterministic Fisher-Yates shuffle implementation. VRF proof inclusion in block headers. Cross-validator ordering verification. Batch window timing optimization.

Phase 3
Months 7 - 9

DEX Integration

Retail lane engine integration with commit-reveal batches. Execution router policy for retail vs. RFQ lane selection. Market state-aware batch parameter adjustment. Fee distribution through VRF-ordered execution. MainNet deployment with live trading.

Phase 4
Months 10 - 12

Advanced Protection

Cross-chain MEV protection for bridge transactions. Statistical MEV detection and reporting dashboard. Formal verification of ordering fairness properties. Third-party audit of VRF implementation. Research into post-quantum VRF candidates.

08Patent Claim

Claim 10: A method for preventing maximal extractable value (MEV) extraction in a blockchain transaction ordering system, comprising: a first commit phase wherein users submit encrypted commitments consisting of a cryptographic hash of transaction data concatenated with a random nonce, during a defined collection window, such that the transaction content is hidden from all network participants including validators; a second reveal phase wherein users disclose the original transaction data and nonce, which are verified against the previously submitted commitments; a verifiable random function (VRF) ordering step wherein the block proposer generates a deterministic ordering seed using their validator key and the previous block's hash, and all verified transactions are ordered using a Fisher-Yates shuffle seeded by the VRF output; wherein the ordering seed is unpredictable during the commit phase because it depends on a block hash that does not exist until after the commit window closes; and all validators independently reproduce the same transaction ordering by verifying the VRF proof and applying the same deterministic shuffle algorithm.