# Privacy & MEV Resistance In traditional account-based DeFi (e.g., Ethereum Automated Market Makers), every transaction—including trading intents, slippage tolerances, and routing paths—is broadcast to a public mempool prior to execution. This structural transparency creates severe vulnerabilities for Maximal Extractable Value (MEV) attacks, most notably front-running and sandwich attacks, which drain alpha from institutional quantitative strategies. Nexus fundamentally eliminates these attack vectors through its strict protocol architecture. #### Local Execution & Maker Privacy A cardinal rule of the Nexus architecture is the absolute protection of institutional capital. In traditional smart-contract AMMs, a Market Maker’s pricing algorithms, dynamic parameters, and total liquidity depth are fully transparent on-chain, allowing predators to reverse-engineer and exploit quantitative strategies. Nexus safeguards Market Makers through Local Validation and Execution: * Proprietary Strategies: Makers calculate yielding curves, update risk parameters, and verify trades entirely within their own local nodes or [Institutional MPC](/deployment-and-integration/institutional-mpc.md) environments. These strategies are never deployed to a global, transparent state machine. * Hidden Liquidity: Total available inventory and UTXO depths remain confidential. The public cannot arbitrarily scan a Maker's balance to assess their exact trading capacity. * The Composer Boundary: This potent privacy layer is predicated on the strict neutrality of the Nexus Composer. The Composer operates solely as a neutral routing and drafting engine. It aggregates trading intents and constructs the draft PSBT, but the Maker's core decision-making logic and private keys remain physically isolated behind their own firewall. #### Zero-Exposure Intent Lifecycle The off-chain protocol ensures end-to-end privacy prior to settlement: 1. Private Quoting: The neutral Nexus Composer queries Makers for quotes based on the Taker's intent. The public mempool is blind to this process. 2. Taker Commitment: The Composer crafts the PSBT, and the Taker signs first, mathematically committing to the requested execution. 3. Local "Last Look": The Maker receives the Taker-signed PSBT and evaluates it locally. If the trade aligns with the Maker's private pricing strategy and avoids toxic flow, the Maker signs it. 4. Sealed Settlement (Signing IS Executing): In traditional account-based blockchains, a broadcasted transaction is merely an execution request, leaving it vulnerable in the mempool. In Nexus, a fully signed PSBT is a mathematically finalized, deterministic state transition. The exact inputs and outputs are locked the millisecond the Maker applies the final signature. Broadcasting to the L1 mempool is solely for historical state settlement; miners can only accept or reject the entire sealed package, but they absolutely cannot alter the price, routing, or outcome. #### Attack Vector Neutralization Because the L1 network only observes a completed, fully signed multi-party transaction, third-party network validators and mempool snipers cannot intercept it to optimize their own execution. | Attack Vector | Vulnerability in Standard AMMs | Nexus Mitigation Mechanism | | ----------------- | ---------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | | Front-Running | Snipers see a large pending buy, buy before it, and sell higher. | The intent is matched and prices are locked in the PSBT off-chain. By the time it is broadcast, the price is finalized. | | Sandwich Attacks | Attackers manipulate the pool price around a victim's trade. | Execution happens off-chain upon signature. Since the UTXO mapping is deterministic, no intermediary trades can slide between the signed inputs. | | Strategy Bleeding | Quants broadcast their logical triggers to the blockchain. | Strategy logic remains in the client's proprietary Node or MPC policy engine. Only the settlement outcome is public. | By relying on State Channels and off-chain PSBT crafting, institutional traders keep their edges sharp. Their liquidity depths, dynamic rebalancing triggers, and proprietary intent-matching formulas remain entirely obfuscated from market competitors until final clearance. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.on.nexus/protocol-architecture/mev-resistance.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.