Yes upon rereading this proposal, I think the core idea of reaching a commitment to input is what is most valuable. We could then mix this in with other SUAVE features like prog. privacy by doing what you said or perhaps having two layers of encryption where after the threshold decryption takes place we have the original SUAVE primitives which allow for certain homomorphic computation. With privacy primitives, I don’t think its necessary to have a permissioned set of builders at all.
My main concerns are with latency, advantages drawn from being the first to decrypt and changing the committee (basically, everything DKG related), but I haven’t really looked into it much.
Another problem would be with capital requirements of requiring builders to stake.
With respect to what this kind of commitment to the input to building enables, I started a thread to discuss it a bit further here.
Pre-confirmations: If every one of the block-builders of the next turn - the block-builders who will be able to decrypt the order-flow of the public mem-pool - give pre-confirmations to a user, then the user would know that his transaction will be included as pre-defined. If pre-confirmation are an important tool, the allow-list of builders could only contain builders that are actually providing this feature.
Pre-confs could maybe already be offered at the DOFD level. For example, after the reveal decryption if the total gas used by basefee paying txns (in certain orderings) is less than X million gas we preconfirm everything and force builders to include all.