A fast, non-custodial private exchange: introducing Hyliquid
Hyliquid is our new, fully open-source demonstration of how Hyli's proof-powered architecture makes private, performant, non-custodial trading systems straightforward to build.
Most trading platforms make you pick two out of three: privacy, performance, or non-custodial security. With Hyli's architecture, you don't have to choose. That's what we're showing today with the Hyliquid code release.
| App type | Private exchange |
|---|---|
| Key Hyli feature | Auditability without sacrificing privacy |
| Proof systems | SP1 |
| Source code | https://github.com/hyli-org/hyliquid |
The problem with onchain trading
Developers building onchain trading applications face a persistent trilemma:
- You can build a centralized exchange that's fast but custodial.
- You can build a decentralized exchange that's non-custodial, but transparent and often slow.
- Or you can try to split the difference with a hybrid solution that still compromises on at least one dimension.
The root issue is architectural.
Traditional blockchains aren't designed for heavy execution, so they add zero-knowledge proof on top of their underlying system to make it more scalable. Most systems treat cryptographic proofs as an add-on rather than embedding them at the core.
Builders have to manually wire together components that weren’t meant to be together. It’s easy enough to claim verifiability, but actual practical implementations are inherently subtle and complex; often, building these tools leads to inconsistencies between what the user sees and what actually gets proven.
Hyliquid is different.
By building on Hyli, where proofs are a core primitive rather than an afterthought, we can deliver all three guarantees simultaneously: privacy, performance, and non-custodial guarantees.
Privacy, performance, and non-custody on Hyliquid
Hyliquid uses a centralized sequencer architecture, similar to a traditional CEX. At the same time, it’s non-custodial: it holds no power over user funds. The server can process operations quickly, but it cannot act without user permission and funds are entirely user-owned.
Private: anonymous user operations
Every user operation in Hyliquid is anonymous. No private data is published onchain. Only those who hold the secret can create orders.
The result is a trading experience where your positions, order history, and balances remain private while still being fully verifiable.
This isn't privacy through obscurity: the prover possesses all the information needed to verify correctness, and all components are open-source, without any black boxes for code auditing.
Performant: sub-second sequencing
User orders are executed almost in real-time thanks to the Rust backend.
The server processes deposits, order placements, cancellations, and withdrawals immediately. It enacts state changes and starts generating proofs. Proving happens asynchronously with a quick rollback if they end up invalid, so that users benefit from the best possible experience.
This is Hyli’s « show now, prove soon » pattern enabled by pipelined proving. Users act locally, the system responds immediately, and proofs reconcile and settle in the background.
A fully non-custodial exchange with a built-in escape hatch
Hyliquid is a centralized exchange that relies on a server.
And yet, Hyliquid is non-custodial. The server cannot create orders without user signatures. Every state transition requires explicit user authorization.
Hyliquid’s non-custodial guarantee isn’t just about signatures. Due to its permissionlessness, it includes a failsafe to mitigate any possible server liveliness issues.
The smart contract tracks the timestamp of the last submitted transaction. If the server hasn’t been submitting transactions for a specified number of blocks, the contract enters emergency mode, in which users can submit withdrawal proofs directly to Hyli, without relying on the Hyliquid sequencer.
This built-in escape hatch is an essential layer for user protection. Even in a worst-case scenario, user funds remain accessible. The sequencing server turns from being the potential single point of failure to a convenience.
This preserves the speed and efficiency of a centralized sequencer while maintaining the security guarantees of a non-custodial system.
Note: The escape hatch exists in the code but is not yet usable. We're working on a feature to publish intermediary nodes of the Merkle tree. Once this feature is live, the escape hatch will be fully functional.
Behind the scenes: the architecture of Hyliquid
An event-sourced architecture
Hyliquid follows an event-sourcing pattern. The flow looks like this:
This architecture keeps the system responsive under heavy load while guaranteeing that every state change is eventually proven and settled onchain.
Everything is auditable
All contract logic compiles to RISC-V artifacts that run inside SP1. The same compiled code drives the fast-path server, the prover replay, and the onchain settlement. There are no shadow VMs, no duplicated logic, and no discrepancies between what users see and what gets proven.
Because everything is open source, anyone can audit the behavior of Hyliquid and its server, run their own prover, or fork the system to build alternate matching engines.
But because execution happens entirely off-chain, no sensitive information is shown onchain or even to the sequencing server.
Verifiable execution with Merkle trees
Running a full orderbook in a zkVM requires careful optimization. Hyliquid uses merkle trees to ensure the prover only loads what it needs. The protocol guarantees that loaded values are part of the committed state and properly ordered, minimizing the proving cost while maintaining full verifiability.
This design is optimized for low cost without sacrificing security. Every state transition can be verified, but the prover doesn't wastefully re-execute unnecessary operations.
Why this matters
Hyliquid is a blueprint for what becomes possible when proofs are core primitives rather than bolt-on features.
By enshrining verification into the base layer and keeping execution fully off-chain, Hyli makes it straightforward to build applications that don't compromise on privacy, performance, or security.
This is what we mean when we talk about proof-powered infrastructure. It's not about adding zero-knowledge proofs to an existing system. It's about designing the system from the ground up around verifiable execution, so builders can focus on their product instead of manually plumbing together execution, proving, and settlement.
Hyliquid is fully open, fully reproducible, and ready to fork.