Universal Settlement Protocol
Institutional-grade settlement rails for tokenized assets and fiat transfers with sub-2-second deterministic finality, attestation-based compliance enforcement, and 80-90% cost savings versus traditional correspondent banking.
Three markets. One settlement protocol. Invisible infrastructure.
JIL Sovereign provides institutional-grade settlement rails for tokenized assets and fiat transfers with sub-2-second deterministic finality, attestation-based compliance enforcement, and 80-90% cost savings versus traditional correspondent banking. Operating under Swiss legal framework (designed for FINMA supervision), JIL enables institutions to settle cross-border transactions through neutral infrastructure without requiring cryptocurrency exposure.
Version 2.0 of this whitepaper introduces the Fiat Settlement Module - a Transient Tokenization architecture that extends JIL from tokenized asset settlement into fiat-to-fiat transfers. Fiat currency is represented on-chain as a short-lived settlement token (< 30 second TTL), atomically transferred, then immediately burned. The sender sends dollars; the recipient receives dollars. The settlement infrastructure is invisible.
This expansion positions JIL as a Universal Settlement Protocol serving three markets: tokenized assets ($16T by 2030), crypto-native transfers, and cross-border fiat payments ($150T+ annually).
Cross-border settlement runs on infrastructure built in the 1970s.
$2.4 quadrillion in annual settlements. 1-5 day processing. 25-50 bps per transaction. No shared ledger. No portable proof.
The Problem
The global financial system processes $2.4 quadrillion in annual settlements using infrastructure built in the 1970s-1990s. Cross-border transactions require multiple intermediaries, take 1-5 business days, and cost 25-50 basis points ($250K+-$500K on a $100M transaction). SWIFT connects 11,000+ institutions across 200+ countries but does not actually move money - it passes messages between correspondent banks, each maintaining separate ledgers.
The Tokenization Wave
BlackRock launched BUIDL on Ethereum. JPMorgan operates Onyx on a private chain. Franklin Templeton uses Stellar and Polygon. HSBC built Orion. Goldman Sachs has its Digital Asset Platform. BCG projects $16 trillion in tokenized assets by 2030. But when these institutions need to settle with each other, there are no neutral rails. Fragmented settlement infrastructure creates the same siloed ledger problem on new technology.
The Fiat Gap
Beyond tokenized assets, $150+ trillion in annual cross-border payments still flows through SWIFT's correspondent banking chains. Ripple attempted to solve this with XRP as a bridge asset, but requiring banks to hold cryptocurrency created adoption barriers. What institutions need is settlement infrastructure where the settlement layer is invisible - fiat in, fiat out, with the speed and cost advantages of on-chain settlement.
JIL Sovereign: Universal Settlement Protocol
Neutral settlement and trust layer - institutional-grade post-trade infrastructure for tokenized assets and global payments. Three settlement modes on a single protocol.
| Mode | Use Case | Speed | How It Works |
|---|---|---|---|
| Tokenized Asset | RWA-to-RWA, securities | T+0 (<5s) | Native on-chain atomic settlement. Single shared ledger eliminates reconciliation. |
| Crypto-Native | Token swaps, stablecoin | T+0 (<5s) | AMM v5 DEX with zone-aware compliance. MEV protection. |
| Fiat Settlement | Cross-border payments | <10s on-chain + rail | Transient Tokenization: mint, settle, burn. Fiat in/out via banking partners. |
Key Principles:
- Neutral infrastructure: JIL does not compete with banks or asset managers. We are the settlement rails between their systems. Policy remains with participants; process enforcement is ours.
- DvP/PvP process enforcement: JIL enforces deterministic Delivery versus Payment and Payment versus Payment workflows. Both legs must be present and matched before final settlement.
- Attestation-based compliance: Banks attest to compliance status. JIL validates attestation signatures and enforces at protocol level. Banks remain obligated entities.
- Event emission, not reporting: JIL emits immutable event artifacts. Banks consume these for SAR/CTR/FATF filing. JIL does not file regulatory reports.
- Settlement premium: 3-5 bps applies only to final settlement events. Routine custody transfers and internal movements incur no fee. Base gas is burned 100%.
- Token-optional: Banks can settle using fiat invoices. Holding JIL tokens provides fee discounts within the 3-5 bps range.
- Swiss legal framework: JIL Sovereign Technologies, Inc. (Wilmington, Delaware) with primary hub in Zurich, designed for FINMA supervision.
14-of-20 BFT consensus across 13 jurisdictions. 9,500 TPS per node.
No single jurisdiction, cloud provider, or political bloc can control enough validators to censor or unilaterally shut down the network.
1.5 seconds. Deterministic finality (not probabilistic). Once a block is confirmed, it is irreversible. 9,500 TPS sustained per node on medium-grade servers (benchmarked February 2026). Projected 15,000+ TPS per node on production hardware. With 20 nodes processing in parallel, aggregate network throughput reaches approximately 200,000 TPS. Exceeds DTCC/SWIFT peak processing requirements.
Zone Architecture
Three compliance zones enforced at the protocol level by validators, not smart contracts.
Protected Zone
Tokenized securities, institutional RWA settlement. SEC Reg D/S, MiFID II, MiCA, FINMA compliant.
- Full KYC/AML verification
- Accredited investor checks
- Hold period enforcement
- Transfer whitelist
Premium Zone
Stablecoins, fiat settlement, and payments. FinCEN and FIU reporting compliant.
- Sanctions screening
- Jurisdiction containment
- Travel rule enforcement
- DEX and RFQ venues
Unprotected Zone
Utility tokens, NFTs, gaming. Pseudonymous. $10K daily limit.
- Standard blockchain validation
- DEX-only venue
- $10K daily limits
- No KYC required
Cross-zone isolation is enforced at consensus: Protected zone assets cannot be moved to Unprotected to bypass compliance. Upgrades require full compliance onboarding.
Cross-Chain Bridge: Wrapper token bridge (jBTC, jETH, jUSDC) for cross-chain asset support with deposit-mint and unwrap-burn flows, secured by 14-of-20 validator consensus. Cryptographic finality receipts and evidence bundles are generated for every settlement event, providing audit-ready proof and dispute resolution artifacts.
| Corridor | Zone | Venue | Fee | Throttle | Use Case |
|---|---|---|---|---|---|
| protected | Protected | RFQ only | 5 bps | 3K/min | Institutional RWA settlement |
| fiat | Premium | Direct | 3 bps | 10K/min | Fiat-to-fiat cross-border settlement |
| default | Premium | DEX+RFQ | 3 bps | 6K/min | Standard operations |
| unprotected | Unprotected | DEX only | 3 bps | 6K/min | Consumer crypto trading |
How JIL Compares to Other Layer-1 Blockchains
JIL is a BFT-style Proof-of-Stake Layer-1 with a hybrid architecture. Consensus is stake-based and BFT-driven. The architecture is hybrid because consensus is wrapped by a unified ledger, compliance controls, and fair-market execution.
| Property | Bitcoin | Ethereum | Solana | XRP Ledger | JIL Sovereign |
|---|---|---|---|---|---|
| Consensus | Proof of Work | PoS (Gasper) | PoS + PoH timestamps | Federated BFT | BFT-style PoS, deterministic finality |
| Finality | Probabilistic (~60 min) | Probabilistic (~12 min) | Optimistic (~0.4s) | Deterministic (~4s) | Deterministic (1.5s) |
| TPS | ~7 | ~15-30 | ~4,000 | ~1,500 | 9,500/node (200K+ aggregate) |
| Compliance Layer | None | None (off-chain) | None | None | ATE/ATCE at settlement layer |
| Jurisdiction Corridors | None | None | None | None | 13 zones, corridor-enforced |
| Settlement Proofs | Tx hash only | Tx receipt | Tx signature | Tx hash | Portable proof bundles |
| Post-Quantum | No | Research phase | No | No | Dilithium/Kyber (NIST) |
| Primary Focus | Store of value | General compute | Speed / DeFi | Cross-border payments | Institutional settlement integrity |
(1) Core Chain + Consensus - BFT-style PoS with validator staking and VRF leader selection. (2) JIL-5600 Unified Ledger - single auditable schema for assets, balances, and audit artifacts. (3) ATE/ATCE Compliance Layer - policy enforcement at the settlement layer, not inside consensus. (4) AMM V5 Fair-Market Execution - timed batch auctions, oracle price bands, and TWAMM handling. "Hybrid" describes the architecture. The consensus mechanism is strictly Proof of Stake. Read the full architecture document →
Beneficiary verification at the settlement layer. Before funds move.
Business Email Compromise causes over $2.7 billion in annual losses. Traditional payment rails verify routing and account numbers but never verify the identity of the actual recipient. JIL changes this.
Every settlement instruction submitted to JIL must include a cryptographic beneficiary binding. The binding is a SHA-256 hash computed from the beneficiary's LEI (or wallet identity), their account identifier, and the settlement instruction ID. This binding is created by the originating institution at instruction submission time, signed with the originator's Ed25519 API key, and is immutable - any change to the beneficiary after binding causes a hash mismatch and the settlement is rejected.
Gate 1 - Submission
Binding hash is computed from provided fields, verified against the binding signature, and stored. If the signature is invalid or the beneficiary is on a sanctions list, the instruction is rejected immediately.
Gate 2 - Compliance Check
During the COMPLIANCE_CHECK state, the stored binding is re-verified against settlement_parties data. If the beneficiary data has been tampered with, the settlement transitions to REJECTED with reason BENEFICIARY_BINDING_MISMATCH.
Gate 3 - Finality
The finality receipt includes the binding hash, verification timestamp, and a flag confirming the BEC check passed. This provides an immutable audit trail proving the correct beneficiary received the funds.
Attacker intercepts an invoice and changes the beneficiary account. Institution submits settlement instruction with the modified account. Gate 1: Binding hash computed from (LEI + modified account + instruction ID) does not match the pre-registered binding. Settlement is rejected with BENEFICIARY_BINDING_MISMATCH. Institution is alerted before any funds move.
BID - Beneficiary Identity Dispatch
BID is a standalone, monetized API product built on the beneficiary binding technology described above. Banks integrate BID to verify beneficiary identity before releasing funds - independent of whether they use JIL for full settlement. The end-to-end flow: the sending bank submits a verification request to JIL BID, which validates the beneficiary binding hash, confirms the Ed25519 signature, runs sanctions screening, and forwards the verified result to the receiving bank. The entire check completes in under 500ms. Pricing ranges from $0.12 to $0.50 per verification depending on tier (Starter, Pilot, Pro, Enterprise), making it accessible for banks of any size.
Exhaustive Identity Verification. BID performs five categories of identity checks, each backed by specialized vendor integrations: Phone verification (Twilio Lookup API - carrier identification, line type, subscriber name match, reachability), Email verification (DNS MX resolution, SMTP deliverability, disposable domain detection), Address verification (Smarty/SmartyStreets - USPS and international standardization, deliverability, residential/commercial classification, geocoding), Person verification (sanctions screening via OFAC SDN and internal lists, PEP status, adverse media), and Company verification (Middesk and OpenCorporates - business registration, officer identification, UBO discovery across 140+ jurisdictions). All person and company checks route through JIL's Compliance API for sanctions decisions and through the Analytics Integrations API for multi-provider blockchain risk scoring (Chainalysis KYT, Elliptic, TRM Labs - weighted composite scores). The architecture is fail-safe: when any upstream provider is unavailable, BID continues using JIL's internal heuristic engine with reduced confidence scores, ensuring verification never blocks settlement.
BID serves as the wedge product in JIL's go-to-market strategy - the first low-friction touchpoint that gets banks onto JIL infrastructure before full settlement adoption. A bank starts with BID for beneficiary verification on existing SWIFT flows, sees the speed and accuracy, then migrates settlement corridors to JIL over time. See the BID product page, BID API Specification, and Compliance Architecture for integration details.
Five Pillars of Settlement Integrity
Beneficiary binding (Pillar 1, above) is one of five settlement integrity pillars that JIL enforces simultaneously through a single protocol layer. The remaining four pillars complete the framework:
Pillar 2 - Policy Corridor Enforcement. Each settlement corridor (e.g., US-to-EU, APAC-to-MENA) can define automated compliance rules - jurisdiction-specific thresholds, sanctions screening, and escrow hold periods - enforced at the protocol level. This addresses the $4.3B in sanctions fines accumulated between 2015-2023 and the 33K daily SWIFT compliance alerts that currently require manual triage.
Pillar 3 - Deterministic Finality. Settlement achieves irreversible finality in under 5 seconds through 14-of-20 BFT validator consensus across 13 compliance zones. Unlike probabilistic finality (Bitcoin, Ethereum) or T+1/T+2 settlement windows (SWIFT, DTCC), JIL provides deterministic completion - once confirmed, settlement cannot be reversed or disputed.
Pillar 4 - Audit-Ready Receipts. Every settlement produces a portable finality receipt containing the beneficiary binding hash, compliance check results, validator signatures, and timestamp evidence. These receipts are independently verifiable and satisfy audit requirements without requesting additional documentation from counterparties - addressing the 42% KYC audit failure rate and over $10B in cumulative AML fines.
Pillar 5 - Neutral Integrity Layer. JIL operates as Swiss-anchored, non-custodial infrastructure owned by no counterparty. It does not hold funds, take positions, or favor any participant. This structural neutrality unlocks the $14T currently locked in nostro/vostro accounts by providing a shared evidence layer that all parties trust without trusting each other.
These five pillars are protected by JIL's provisional patent portfolio covering MPC key splitting, ZK compliance, BPoH soulbound NFTs, autonomous AI management, self-healing contracts, MEV protection, and AMM v5. Enforcement infrastructure is deployed across 13 compliance zones with 190+ production microservices.
Transient Tokenization. Fiat in, fiat out. The settlement layer is invisible.
A non-transferable, non-tradeable on-chain representation of fiat value that exists for < 30 seconds. Not a stablecoin. Not e-money. Not a stored-value instrument.
Fiat Received
From sending bank via banking partner API (FedNow, SEPA Instant, SWIFT gpi)
KYC/AML/Sanctions
Pre-check via compliance-api (< 200ms)
Transient Token Minted
To sender vault (< 2s block inclusion)
ZK-Compliance Proof
Generated (< 1s)
Atomic Transfer
On shared ledger with deterministic finality (< 5s)
Transient Token Burned
In same block
Event Artifact Emitted
Immutable regulatory audit trail
Fiat Released
To receiving bank via optimal rail
Steps 1-7 complete in under 2 seconds. Step 8 depends on the receiving bank's payment rail: FedNow (< 30s), SEPA Instant (< 10s), Faster Payments (< 2hrs), SWIFT gpi (1-2 days). JIL removes 80-90% of SWIFT's delay; the remaining time is the fiat last mile.
Regulatory positioning: Transient tokenization avoids classification as a stablecoin, e-money, or payment instrument. Token has no independent value and cannot exist outside the settlement window. It cannot be traded, transferred, approved, or held by any party. JIL never holds customer funds. Banking partners remain obligated entities for all regulatory compliance.
Message passing vs. shared ledger. The difference is structural.
| Dimension | SWIFT (Today) | JIL Sovereign |
|---|---|---|
| Architecture | Message-passing between siloed ledgers | Single shared ledger, atomic state changes |
| Intermediaries | 2-4 correspondent banks per transfer | Zero. Direct sender-to-receiver on one ledger |
| Settlement time | 1-5 business days | < 10 seconds on-chain + fiat rail |
| Cost | 25-50 bps ($15-50 per message + fees) | 3 bps flat |
| Reconciliation | Required at every hop. Manual. | None. Shared ledger = shared truth |
| Compliance | Each bank screens independently | Protocol-level ZK-compliance, one check |
| Finality | Reversible for days (recall risk) | Deterministic and irreversible at block confirmation |
| Nostro/Vostro | Pre-funded accounts at each correspondent | Pre-funded liquidity pools (more capital efficient) |
3-5 basis points on final settlement events. Token optional.
The institutional settlement premium applies only to final settlement events recorded on JIL as the authoritative settlement record. No fee on custody transfers, internal movements, or cancelled instructions.
| Settlement Notional | Premium | Example Fee | Target Client |
|---|---|---|---|
| < $1M | 5 bps | $500 on $1M | Small institutions |
| $1M - $10M | 4 bps | $4,000 on $10M | Mid-size banks |
| $10M - $100M | 3.5 bps | $35,000 on $100M | Large banks |
| > $100M | 3 bps | $30,000 on $100M | Global institutions |
Token-optional: Banks can settle using fiat invoices. Holding JIL tokens is an optional operational decision that provides additional fee discounts within the 3-5 bps range. Fiat corridor: 3 bps flat for all fiat-to-fiat settlements (lower margin, higher volume). Gas: Base gas is burned 100%.
0x9347efffa3e8985e0d35536b408cab48599971e8
JILTreasury contract deployed on Ethereum mainnet (0x84fF5974c8C00F5B323965d925478A244E7d504F) with 5 vaults: Validator Incentives (1B), Protocol Treasury (3B), Operations (2B), Ecosystem Fund (1B), and Strategic Reserve (0.5B). Total: 7.5B JIL managed under multi-vault governance.
Token migration contracts available for holders of deprecated token versions (v1 and v2). 1:1 swap ratio, deadline May 1, 2026. Both contracts verified on Sourcify.
Revenue Projections
| Year | Banks | Monthly Volume | Revenue | Margin | Fiat % |
|---|---|---|---|---|---|
| 1 | 5-10 | $6.4B | $36M | 59% | 10% |
| 2 | 20-25 | $20B | $118M | 75% | 25% |
| 3 | 40-50 | $49B | $275M | 80% | 40% |
| 5 | 100+ | $155B | $859M | 88% | 50% |
The addition of fiat settlement significantly expands the addressable market from tokenized assets only ($16T by 2030) to include the $150T+ cross-border payments market. Fiat settlement volume grows from 10% in Year 1 to 50% by Year 5 as banking partner integrations mature.
No existing platform combines settlement speed, compliance, and fiat invisibility.
| Feature | JIL | SWIFT | Ripple/XRP | DTCC | Fireblocks |
|---|---|---|---|---|---|
| Settlement speed | < 5 seconds | 1-5 days | 3-5 seconds | T+2 | Chain-dep. |
| Finality | Deterministic | Reversible | Probabilistic | T+2 | Varies |
| Cost | 3-5 bps | 25-50 bps | < 1 bps | Varies | 10-50 bps |
| Fiat settlement | Yes (transient) | Yes (slow) | Yes (XRP bridge) | No | No |
| Compliance | Protocol-level | Per-bank | Per-bank | SRO rules | Policy engine |
| Neutrality | Swiss, neutral | Cooperative | US corp | US SRO | Custodial |
| Token required | No (optional) | No | Yes (XRP) | No | No |
| Crypto visible | Invisible for fiat | N/A | Visible (XRP) | N/A | Visible |
vs Ripple
Ripple requires banks to hold XRP as a bridge asset - a significant adoption barrier. JIL's transient tokenization is invisible to end users. Sender sends dollars, recipient gets dollars.
vs SWIFT
SWIFT passes messages between siloed ledgers. JIL provides a single shared ledger with atomic settlement. JIL removes the correspondent banking chain entirely.
vs Fireblocks
Fireblocks is custodial infrastructure (institutions give up keys). JIL is non-custodial settlement (institutions keep keys, we settle).
Competitors address individual settlement problems - Ripple optimizes speed, SWIFT optimizes connectivity, Fireblocks optimizes custody. JIL addresses all five settlement integrity pillars simultaneously: beneficiary binding, policy corridor enforcement, deterministic finality, audit-ready receipts, and neutral infrastructure. This is protected by 48 patent claims (10 independent + 38 dependent) across the full stack. View the Settlement Integrity Framework →
Post-quantum cryptography. MPC custody. 4,390 tests at 96.7% coverage.
Cryptographic Foundation
MPC 2-of-3 threshold signing for self-custody. Post-quantum cryptography migration path via pq-epoch-registry. 14-of-20 BFT consensus with geopolitical distribution across 13 jurisdictions. Zero-knowledge compliance proofs for privacy-preserving verification.
Operational Security
Modular compliance engines: Identity, Sanctions, Accredited Investor, Travel Rule, Jurisdiction Containment, Hold Periods, Transfer Whitelists. Regulator read-only audit APIs with jurisdiction filtering. Court order enforcement via multi-party authorization.
SentinelAI Fleet Inspector
Real-time validator monitoring, threat scoring, and automated remediation across all mainnet validators. Continuous health assessment and anomaly detection.
Test Coverage
4,390 tests at 96.7% coverage across 190+ microservices. External audit pre-mainnet. Permissioned contracts (only JIL services can call). Emergency pause capability.
Institutional settlement infrastructure. Consumer products built on top.
Separate from the institutional settlement layer, JIL operates a consumer ecosystem with its own pricing and commercial strategy. Consumer products are not prerequisites for institutional settlement integration.
Native DEX (AMM v5)
Zone-aware decentralized exchange with MEV protection, concentrated liquidity, limit orders, and cross-chain swaps. Auto-listed tokens with compliance gates. 10% of trading fees allocated to humanitarian initiatives via corporate CSR.
Launchpad (ATCE Templates)
Automated Token Creation Engine with 6 templates: Utility, Governance, Humanitarian, Security, Liquidity Bootstrapping Pool, and Custom. 10x cheaper than traditional token launches ($5K-$50K vs $70K-$300K).
Secure Data Vault
Content-addressable document management using SHA-256 hashes stored on S3-compatible object storage. Zero-knowledge proof of document existence. Time-gated sharing, handle-based identity resolution, immutable timestamps anchored to JIL L1.
Web Wallet
Bank-like user interface with no seed phrases. Social handle-based transfers (@username). Biometric authentication. Payroll and business payment features. External crypto integration (BTC, ETH via bridges).
From pre-sale to network effects. Built, deployed, and operating.
| Timeline | Milestone | Details |
|---|---|---|
| Q1 2026 | Pre-sale + Development | Token pre-sale at $0.09. Complete fiat settlement module development. Banking partner outreach. |
| May 1, 2026 | Settlement Protocol Live | JIL mainnet with tokenized asset settlement, DEX, Launchpad, Vault. Fiat settlement on testnet. |
| Q3 2026 | Fiat Settlement Live | First banking partner live on mainnet for fiat settlement. FedNow + SEPA Instant integration. |
| Q4 2026 | Scale | 10 banking partners, $100B/month volume. FINMA license application. Additional rail integrations. |
| 2027 | Network Effects | 25+ banks. Cross-institutional settlement becomes standard. Series B optional. |
$40M raise. $1.2T+ addressable market. Network effects create the moat.
Competitive Moat: Network effects. Once 3-5 institutions settle on JIL, every counterparty needs access. This is the DTCC dynamic.
Humanitarian Impact: 10% of corporate profits allocated to humanitarian initiatives. JIL earns through infrastructure, not donations.
Settlement infrastructure should verify, not just execute.
JIL Sovereign is operational with 190+ production services, 20 mainnet validators across 13 jurisdictions, 48 patent claims pending, and the only settlement protocol with cryptographic beneficiary binding on every transaction.