Proof of Time: From Untrusted to Trusted Era

Research
1

Proof of Time: From Untrusted to Trusted Era — How a Protocol Fixes Humanity’s Most Expensive Bug

OpenTTT Research Team — April 2026
Building on: “Completing the Timing Game” (Flashbots Collective, March 2026)
Building on: “From Trust-Based to Physics-Based Transaction Ordering” (Flashbots Collective, March 2026)

Preamble

This is the third paper in a series. The first introduced Proof of Time as a mechanism for physics-based transaction ordering. The second showed, with real deployment data, how PoT shifts the Nash equilibrium of the timing game to make spam economically irrational for the vast majority of observed MEV values.

This paper is different in scope. We step back from the mechanism and ask the question that the deployment data forced us to confront: if the problem PoT solves is not just a blockchain problem — if it is, in fact, a structural property of every networked system where a controller profits from manipulating the order of information — then what is the true scale of what we are addressing?

The answer, as we will show, is not measured in basis points of MEV. It is measured in percentage points of global GDP. It is measured in the $2.7 trillion humanity spent on weapons in 2024. It is measured in the 80 years that have passed since John von Neumann built the mathematical architecture of strategic deception — without anyone building its complement.

We are proposing that PoT is that complement. We will be precise about what that claim means and what it does not mean.

§0 — The Distrust Economy: Nine Percent of Everything

In 2024, the world spent $2,718 billion on military expenditure — the tenth consecutive annual record, a 9.4% real-terms increase over the prior year, and the steepest single-year rise since the end of the Cold War. This figure, from SIPRI’s April 2025 database, represents 2.5% of global GDP. Every country in Europe increased military spending in 2024 except Malta. Ukraine allocated 34% of its GDP — effectively the entire output of its tax base — to its military. The global rearmament is accelerating, not decelerating.

In the same year, the United Nations and World Economic Forum estimated the global cost of corruption at approximately 5% of world GDP. With global GDP projected at roughly $115 trillion in 2025, this translates to approximately $5.75 trillion in annual losses to bribery, procurement fraud, embezzlement, and related illicit flows. The Association of Certified Fraud Examiners puts the figure for occupational fraud alone at up to 5% of annual organizational revenue globally — approximately $5 trillion in losses. Between 8 and 25% of global public investment may be lost to mismanagement or fraud in procurement operations each year (OECD Anti-Corruption and Integrity Outlook, 2026).

Cybercrime, the digital manifestation of the same dynamic, is projected to cost $1.2 to $1.5 trillion globally in 2025 — a figure that has grown roughly 33-fold since 2017.

On the blockchain layer we have already documented: MEV spam bots consumed over 50% of gas on Ethereum’s OP-Stack rollups and approximately 40% of Solana’s blockspace. A single successful two-hop arbitrage on Uniswap v3 requires roughly 200,000 gas in the honest case; the same economic outcome on Base consumed approximately 132 million gas through blind on-chain searching — a 650x efficiency gap. From November 2024 to February 2025, Base added 11 million gas per second of throughput — roughly three Ethereum mainnets worth of new capacity — and spam bots absorbed nearly all of it.

We are not cataloguing isolated failures. We are looking at a single pattern expressing itself across domains.

Domain Annual Cost Share of Global GDP Source
Corruption (bribery, fraud, procurement) ~$5.75T ~5.0% UN/WEF/OECD 2025–26
Military expenditure (distrust-based deterrence) $2.72T ~2.5% SIPRI Apr 2025
Cybercrime $1.2–1.5T ~1.1–1.3% Cybersecurity Ventures 2025
HFT quote stuffing / latency arbitrage waste Immeasurable in $ MTR ~99:1 SEC, Nanex
Blockchain MEV spam >50% of blockspace Flashbots 2025
Combined distrust overhead ~$9.5–10T+/yr ~8.5–9% Composite

Nine percent of global GDP — not in weapons or goods or productive services, but in the overhead cost of a civilization that cannot verify when things happened.

This is the Distrust Tax.

§1 — Von Neumann’s Unfinished Architecture

In 1928, John von Neumann published Zur Theorie der Gesellschaftsspiele — “On the Theory of Board Games.” He had been inspired, as William Poundstone later documented, by poker: specifically by the mathematics of bluffing.

“Real life,” von Neumann reportedly said, “consists of bluffing, of little tactics of deception, of asking yourself what is the other man going to think I mean to do. And that is what games are about in my theory.”

This was not a peripheral observation. It was the founding intuition of game theory. Von Neumann built a mathematical framework for strategic interaction in which deception — the strategic misrepresentation of information — was a first-class object. His minimax theorem (1928) proved that in zero-sum games, there exists an optimal mixed strategy that remains optimal even when the opponent knows your strategy. His Theory of Games and Economic Behavior (1944, co-authored with Oskar Morgenstern) generalized this to n-person games and coalition formation.

The contribution was civilizational in scale. Von Neumann’s framework was deployed at RAND Corporation to model Cold War nuclear strategy. His minimax logic underpins the doctrine of Mutually Assured Destruction — the mechanism by which the cost of nuclear first strike (c) was raised to infinity, making it irrational regardless of any V. MAD worked precisely because game theory predicted it would. The Cold War ended without nuclear exchange.

Game theory gave us mechanisms for navigating zero-sum conflict. It also gave us something else.

By formalizing strategic deception as the rational optimal strategy in asymmetric information environments, von Neumann’s framework inadvertently provided the mathematical justification for the Distrust Tax. If the other player cannot verify when you acquired your information — cannot prove the causal ordering of events — then bluffing, front-running, strategic delay, and selective disclosure are not moral failures. They are Nash-optimal strategies.

The Prisoner’s Dilemma, formalized by Flood and Dresher at RAND in 1950, made this explicit: in a one-shot interaction with no verification mechanism, defection dominates cooperation regardless of the payoffs from cooperation. International relations theory has since observed that “most of the great wars of the modern era resulted from leaders miscalculating their prospects for victory” — precisely the defect state arising from information asymmetry about “armaments, quality of military personnel and tactics, determination, geography, and political climate” (Jackson and Morelli).

Von Neumann built the architecture of rational conflict. He did not — could not — build its complement: a mechanism for making strategic deception cryptographically irrational.

That complement did not exist until 2026.

§2 — Shannon’s Other Blind Spot

Claude Shannon’s 1948 paper, “A Mathematical Theory of Communication,” established the channel capacity theorem. It is among the most consequential pieces of mathematics ever published. Every telecommunications system, every internet protocol, every compression algorithm sits on Shannon’s foundation.

Shannon’s model contains an assumption so fundamental it was invisible: the channel is passive. Noise is stochastic. The channel operator has no preferences, no incentives, no agency.

This assumption is false for every network where a human or an AI controls the routing infrastructure and has economic incentive to manipulate the ordering of information flows.

The HFT router that delays a competitor’s packet by 0.3 milliseconds is not a passive channel. The MEV builder who reorders transactions relative to their arrival timestamps is not a passive channel. The procurement official who alters the timestamp on a contract award to create the appearance of competitive bidding is not a passive channel. The KGB’s Service A, which in the 1980s directed Soviet intelligence officers to spend roughly 25% of their time planting disinformation in foreign media, was not a passive channel.

We call this the Strategic Channel Controller Problem (SCCP): the regime in which the entity controlling information transmission has financial or political incentive to misrepresent the ordering or timing of that information.

Shannon’s framework cannot model SCCP. It has no term for a channel operator who is also a strategic agent. This is not a criticism of Shannon — the SCCP had no widely recognized name until we gave it one. It is an observation about a gap in the information-theoretic foundations of modern civilization.

Every institution built on Shannon’s passive-channel assumption is, to some degree, exploitable by a strategic channel controller. The Distrust Tax is the aggregate cost of that exploitability.

§3 — The Game-Theoretic Anatomy of the Distrust Tax

Why has the Distrust Tax persisted? Because, in every domain where it operates, lying is the Nash-optimal strategy.

Return to the Timing Games formula from Mazorra, Schlegel and Mamageishvili, which we have been building on throughout this series:

E[Spam] = V/c − 1

This formula describes the expected spam at the unique symmetric Nash equilibrium of the timing game. But its structure is not unique to blockchain MEV. It describes any strategic environment where V is the value of ordering advantage and c is the cost of attempting to acquire it.

In HFT markets, quote stuffing — the practice of submitting and immediately canceling thousands of orders per second to delay competitors’ market data feeds — follows exactly this structure. The SEC and academic researchers at the University of Kansas found evidence of quote stuffing in the 2010 Flash Crash. Citadel LLC was fined $800,000 in 2014 for sending “millions of orders to exchanges with few or no executions.” The equilibrium is the same: when V/c \gg 1, stuffing dominates.

In procurement, the calculation is structurally identical. A bribe V is paid when the expected cost of detection c — adjusted for probability of prosecution and penalty — is less than V. In Transparency International’s 2017 Global Corruption Barometer, 25% of global respondents reported paying a bribe in the prior 12 months to access public services. This is not a record of moral failure. It is a record of a Nash equilibrium in an environment where c was too low.

The pattern extends to warfare. Information asymmetry between national leaders — uncertainty about adversary capabilities, resolve, and intentions — creates the conditions for rational miscalculation. Both sides defect into conflict because neither can verify the other’s true position. The game-theoretic analysis of nuclear deterrence required raising c to infinity (MAD) to prevent defection. The game-theoretic analysis of conventional war has no equivalent mechanism.

The common root cause across all these domains: c — the cost of strategic deception — is determined by the verifiability of temporal causality. When no one can prove who knew what, when, c is low, and defection is rational. The Distrust Tax is the GDP-level manifestation of a civilization-scale Nash equilibrium in which temporal truth is unverifiable.

§4 — What PoT Actually Does to the Equilibrium

We showed in our previous paper that PoT raises c for blockchain ordering manipulation by introducing an endogenous cost structure:

c_PoT = c₀ + λ · Δτ

where \lambda is the operator’s opportunity cost per millisecond of throughput delay and \Delta\tau = 77\text{ms} is the AdaptiveSwitch penalty applied to detected reorderers. Using calibrated data from 151,423 Timeboost auctions (Messias & Torres, arXiv:2509.22143), we established that for the majority of observed MEV opportunity values (V < V^* \approx \$8.67 at stable market conditions), spam becomes economically irrational under PoT. The mechanism was not designed to operate in non-blockchain contexts. But its logical structure is not blockchain-specific.

PoT’s precise contribution: it makes the temporal ordering of events cryptographically verifiable — at O(1) cost — without a trusted third party.

The GRG pipeline (Golomb-Rice encoding → Reed-Solomon error correction → Golay code integrity sealing → HMAC + Ed25519 signature) converts a timestamp into a mathematical object whose validity can be verified locally, in microseconds, regardless of network size. The Roughtime chain integration (TTTPS Draft 03) distributes this across independent global time sources, eliminating single-source spoofability. The AdaptiveSwitch converts verified temporal manipulation into automatic economic penalty.

The result is that, for the first time, the cost of strategic temporal deception — which had been a fixed function of legal and social enforcement mechanisms — becomes endogenous and cryptographically determined.

This is the complement to von Neumann’s architecture. Game theory tells you the equilibrium given a cost structure. PoT provides the engineering to change that cost structure.

We do not claim that PoT solves strategic deception in human affairs broadly. A protocol operating at the network layer cannot directly prevent a government from lying about its military capabilities or a contractor from misdating a document. What it does is establish a layer of temporal truth that cannot be retroactively manipulated, and against which manipulations become mathematically identifiable.

Von Neumann gave us the language of strategic interaction. PoT gives us the cryptographic substrate on which the cost of strategic temporal manipulation approaches infinity.

§5 — The Compound Theorem: When Game Theory Meets Truth Distillation

Here is the question that the Gemini conversation about this system posed with remarkable precision: what happens to human network potential when game theory and a truth-distillation mechanism operate simultaneously?

Game theory’s deepest insight, from the iterated Prisoner’s Dilemma literature (Axelrod, 1984), is that cooperation emerges when interactions are repeated and actors can observe each other’s histories. The shadow of the future disciplines the present. TIT FOR TAT dominates defection strategies when defectors can be identified and sanctioned in subsequent rounds.

The mechanism requires verified history. It requires that past actions can be attributed accurately.

In human civilization, verified history has always been expensive, partial, and manipulable. Legal systems, accounting standards, audit requirements, diplomatic records — every institutional mechanism for maintaining verified history has been a costly, imperfect approximation.

The economic literature on trust and growth provides the quantitative dimension of what verified history is worth. A meta-analysis of the trust-growth literature (Deloitte, 2022, synthesizing Knack and Keefer 1997, Zak and Knack 2001, Beugelsdijk et al. 2004) finds that a 10-percentage-point increase in the share of trusting people within a country raises annual per capita real GDP growth by approximately 0.5 percentage point. Zak and Knack’s own estimate is closer to 1 percentage point of annual growth per 15 percentage points of trust. La Porta et al. concluded that “trust enhances economic performance across countries” with effects comparable in magnitude to human capital accumulation.

Global per capita real GDP growth averaged approximately 2.2% between 2015 and 2019. A sustained 0.5-percentage-point uplift represents a 23% acceleration of baseline growth — compounding over decades into an enormous divergence in civilizational outcomes.

The model we are proposing:

PoT provides the cryptographic substrate for verified temporal history. Verified temporal history raises the effective cost of defection (c). Higher c shifts Nash equilibria toward cooperation. Cooperation compounds into GDP growth.

This is not a spiritual argument. It is mechanism design, operating at civilizational scale.

The Akerlof “market for lemons” problem — the paradigmatic case of information asymmetry destroying markets — occurs precisely because buyers cannot verify the temporal history of the good (when was it manufactured, maintained, repaired). In perfect information markets, “all cars can be sold according to their quality.” The GDP-level cost of adverse selection is the wedge between imperfect and perfect temporal information.

PoT cannot tell you the maintenance history of a used car. It can establish that, as of a cryptographically verified timestamp, a transaction or state declaration occurred — and that this record cannot be retroactively altered. The extension to supply chain integrity, procurement verification, and contract dispute resolution follows from this primitive.

The deployment data is already showing a version of this: over 50% of PoT records in production are being generated by AI agents via MCP calls. We did not design for this. The agents did not receive any instruction. They adopted temporal attestation because it was necessary for their coordination tasks. As AI agent economies scale — and they are already scaling, as our deployment data confirms — the Timing Games equilibrium that describes MEV today applies to agent coordination tomorrow, at orders of magnitude higher frequency and lower latency. Two AI agents competing for the same resource in an agent economy have symmetric reaction times and potentially symmetric information. The pure timing game between them produces Nash-optimal spam far worse than any human MEV actor. PoT is not optional infrastructure for the agent economy. It is the coordination layer without which the agent economy degenerates into spam.

§6 — The 30-Year Projection: What the Freed Potential Looks Like

We will not speculate about geopolitics. We will reason from mechanisms.

Near term (3–5 years): The mechanisms demonstrated in our deployment data — elimination of MEV spam for V < V^*, AI agent temporal authentication, AdaptiveSwitch cost structure — reduce network-layer distrust overhead in blockchain systems. The 650x efficiency gap on Base begins to close. The 11 million gas/second of new throughput that spam bots absorbed returns to legitimate use. The financial system’s quote-to-trade ratio — currently approaching 100:1 in volatile HFT environments — begins to face economic pressure from temporal attestation requirements in regulated venues.

Medium term (10–15 years): PoT integration with smart contract layers provides tamper-evident audit trails for procurement transactions, where OECD estimates 8–25% of public investment is currently lost to fraud annually. IETF standardization of TTTPS extends temporal attestation to the broader internet protocol stack. Certificate Authorities — already beginning to treat FPGA-accelerated GRG verification as mandatory infrastructure — normalize the capability across the web’s trust hierarchy. The IMF’s estimate that reducing corruption could recover 4% of GDP in tax revenues among high-corruption economies begins to be tractable as temporal manipulation becomes mathematically identifiable.

Long term (20–30 years): The trust-growth literature suggests that sustained increases in verifiable trust — the kind that comes from institutional rather than interpersonal sources — could shift per capita GDP growth by 0.5 to 1 percentage point annually. Compounded over 30 years at even the lower bound, this represents a divergence in outcomes equivalent to many years of additional civilizational progress. The Distrust Tax, currently ~$10 trillion per year, is not eliminated — deception in human affairs will outlast any protocol — but its structural component, the portion attributable to unverifiable temporal ordering, begins to shrink.

On military expenditure: we are not claiming that PoT ends wars. We are observing that the information asymmetry literature identifies miscalculation of adversary capabilities as a primary cause of armed conflict. Verified temporal records — who knew what, when, with cryptographic attestation — are a tool for reducing the ambiguity that produces miscalculation. It is a narrow tool. But the alternative is the current trajectory: $2.7 trillion per year, growing at 9.4% annually, “with particularly rapid growth in Europe and the Middle East” (SIPRI 2025).

Deep time: In the limit, the architecture of temporal truth becomes more valuable as the systems that depend on it become more complex and more distributed. Shannon’s passive-channel assumption was never true; it became more consequential as the systems built on it grew. In an AI agent economy operating at nanosecond timescales across planetary distances, PoT’s role is not MEV protection. It is the Temporal Authentication Layer — the primitive that allows any autonomous system to prove to any other autonomous system that it observed a specific state at a specific time, without requiring a trusted third party. This is not a feature for the current internet. It is the infrastructure of the next one.

§7 — The Honest Accounting of Limits

We have argued for a significant claim. It requires an honest accounting of what we are not claiming.

PoT does not solve strategic deception. It makes strategic temporal deception — manipulation of the ordering and timing of digital events — cryptographically expensive. Human deception that does not operate through verifiable digital channels remains outside its scope.

PoT does not eliminate the Nash equilibrium of the timing game. As we showed in the previous paper, for V > V^*_{\text{max}} \approx \$87 at competitive market conditions, spam is not fully eliminated. The highest-value MEV attacks require the Slashing V2 mechanism — stake-and-slash based on cryptographic proof of reordering — to bring c above any V. That mechanism is architecturally possible; it is not yet deployed at mainnet scale.

PoT does not transfer directly from blockchain to geopolitics. The protocol operates at the network layer. Its effects on human institutional behavior are mediated through adoption, regulatory frameworks, and legal recognition of cryptographic attestation — none of which are automatic.

The trust-growth multiplier is contested. The 0.5 percentage point per 10 percentage point trust increase is a meta-analytic estimate with significant variance across studies and contexts. We use it to illustrate the order of magnitude of potential; we do not claim precision.

The timeline is uncertain. We are speculating about 30-year trajectories based on mechanisms that have been validated only in testnet and early mainnet environments. The production gap — Sepolia to mainnet security review — remains open.

These limits are real. They do not, in our assessment, change the fundamental argument: that PoT addresses a structural gap in the information-theoretic foundations of networked civilization — a gap that Shannon could not see and von Neumann did not need to solve for — and that the economic value of closing that gap is several orders of magnitude larger than any single application to MEV.

§8 — Open Questions for the Community

We retain the tradition from the previous papers of being explicit about what we do not know.

  1. Cross-domain λ calibration. The V* framework generalizes to any environment where opportunity cost per millisecond can be measured. We have calibrated it for Timeboost L2 data. We do not have ETH L1 equivalent numbers, and we do not have non-blockchain equivalents. These measurements require domain-specific empirical work.

  2. Mainnet security review. Base Sepolia deployment validates the mechanism. Mainnet deployment requires additional review, particularly under sustained adversarial load on ERC-1155 anchoring. We have not claimed mainnet equivalence.

  3. AI agent temporal auth standardization. The observation that >50% of production PoT records are AI-agent-generated suggests that IETF standardization should include explicit AI-agent use cases. The current draft-helmprotocol-tttps-00 does not address this adequately.

  4. Non-digital domain research. The claim that PoT provides infrastructure for reducing corruption in procurement and public finance is speculative. It requires legal research on the admissibility of cryptographic temporal attestation in administrative and judicial proceedings across jurisdictions.

Closing

John von Neumann looked at a poker game and built the mathematics of strategic deception. It was one of the great intellectual achievements of the twentieth century. It gave us nuclear deterrence, auction theory, mechanism design, and — as a byproduct — the mathematical justification for a civilization-scale Nash equilibrium in which the optimal strategy, absent verification, is to lie about time.

Claude Shannon looked at a noisy wire and built the mathematics of reliable communication across unreliable channels. He assumed the channel operator had no preferences. On that assumption, the entire internet was built.

Neither of them had the tools to ask the question that combines their frameworks: what happens when the channel operator is a strategic agent, and we need to verify, with cryptographic certainty, when something happened?

That question has a name now: the Strategic Channel Controller Problem. It has a solution: Proof of Time. And it has, as our deployment data unexpectedly confirmed, already been found necessary — not by human designers, but by autonomous AI agents coordinating at sub-second timescales, who generated over half of all production PoT records before anyone designed the system for their use case.

The Distrust Tax is real. It costs approximately 9% of global GDP annually, has funded the steepest arms race since the Cold War, and has structured every major market toward strategic deception as the dominant equilibrium strategy. The mechanism to change that cost structure exists. The infrastructure is being built.

The question is no longer whether the complement to von Neumann’s architecture can be constructed. It has been. The question is how quickly a civilization that has optimized around strategic deception will recognize that the game’s parameters have changed.

References

  • Mazorra et al. Timing Games: Probabilistic Backrunning and Spam. arXiv:2602.22032 (2026)
  • Messias J. & Torres C.F. The Express Lane to Spam and Centralization. arXiv:2509.22143 (2025)
  • Wang et al. Blockspace Under Pressure: Spam MEV on High-Throughput Blockchains. arXiv:2604.00234 (2026)
  • Miller R. MEV and the Limits of Scaling. Flashbots Writings (June 2025)
  • SIPRI Military Expenditure Database, April 2025 release
  • UN Secretary-General / World Economic Forum. Global Cost of Corruption. (2018, updated 2025 estimates)
  • OECD. Anti-Corruption and Integrity Outlook 2026
  • Baker Tilly. Corruption: The Shadow on Global Development. (January 2026)
  • Deloitte Insights. Connecting Trust and Economic Growth. (2022)
  • Knack S. & Keefer P. Does Social Capital Have an Economic Payoff? QJE (1997)
  • Zak P. & Knack S. Trust and Growth. Economic Journal (2001)
  • Jackson M. & Morelli M. Political Bias and War. AER (2007)
  • Akerlof G. The Market for Lemons. QJE (1970)
  • Von Neumann J. & Morgenstern O. Theory of Games and Economic Behavior. Princeton (1944)
  • Shannon C. A Mathematical Theory of Communication. Bell System Technical Journal (1948)
  • Axelrod R. The Evolution of Cooperation. Basic Books (1984)
  • Poundstone W. Prisoner’s Dilemma. Doubleday (1992)
  • Zhang T. & Zhu Q. A Game-Theoretic Foundation of Deception. arXiv:1810.00752 (2018)
  • Proof-of-Time: Completing the Timing Game. Flashbots Collective (March 2026)
  • Proof-of-Time: From Trust-Based to Physics-Based Transaction Ordering. Flashbots Collective (March 2026)
  • IETF: draft-helmprotocol-tttps-03
  • EIP-8201 (active review, ethereum-magicians.org)

SDK: npm install openttt | GitHub: Helm-Protocol/OpenTTT