VeilSolver — MEV-resistant intent solver on 0G

Installation

bash

npm install veilsolver-sdk ethers

Testnet Config

All values below are live on 0G Galileo Testnet (chainId 16602). Use the faucet endpoint to get test tokens — no gas required from the user.

LIVE TESTNET VALUES

Solver API	https://veilresolver.onrender.com
Contract	0x4181c06901Ee172cc169fFDf44c6C192c22265aF
Solver public key	0x039a5b81f4b2bc0c181b1292f3aeb55721de43dc7e3d07c6c44ba3aa08e7caae04
Mock USDC	0xDb799A80BC1eC3688F84002Fb900B590F516f1CE
Mock WETH	0x51addE398737830C2Ee2C32aF35C6C4f5e2a6180
Chain RPC	https://evmrpc-testnet.0g.ai
Chain ID	16602

bash

# Get test tokens — solver pays gas, user gets 1000 USDC + 1 WETH
curl -X POST https://veilresolver.onrender.com/faucet \
  -H "Content-Type: application/json" \
  -d '{"address": "0xYourWallet"}'

Native gas token

The faucet mints ERC20 test tokens for free. You still need OG (native gas) to submit the settlement transaction. Get it at faucet.0g.ai.

Quick Start

Use VeilSolverClient for the full pipeline in a single call. It handles encryption, TEE inference, plan signing, and on-chain settlement.

typescript

import { VeilSolverClient } from "veilsolver-sdk"
import { ethers } from "ethers"

const solver = new VeilSolverClient({
  apiUrl:          "https://veilresolver.onrender.com",
  contractAddress: "0x4181c06901Ee172cc169fFDf44c6C192c22265aF",
  solverPublicKey: "0x039a5b81f4b2bc0c181b1292f3aeb55721de43dc7e3d07c6c44ba3aa08e7caae04",
})

// Full pipeline: encrypt → TEE → sign → settle
const { solveResponse, receipt } = await solver.solve({
  tokenIn:        "0xDb799A80BC1eC3688F84002Fb900B590F516f1CE",  // mock USDC
  tokenOut:       "0x51addE398737830C2Ee2C32aF35C6C4f5e2a6180",  // mock WETH
  amountIn:       "100",      // human-readable — 100 USDC
  decimalsIn:     6,
  maxSlippageBps: 150,        // 1.5%
  signer                      // ethers.Signer on chainId 16602
})

console.log("tx:", receipt?.hash)
console.log("min received:", solveResponse.plan.minAmountOut)

Individual Functions

For step-by-step control, use the individual functions directly. All functions are pure TypeScript — no React dependency.

buildIntent→ TradingIntent

buildIntent({ tokenIn, tokenOut, amountIn, decimalsIn, maxSlippageBps, userAddress, chainId, strategyId? })

Constructs a TradingIntent from human-readable parameters. Converts amountIn to wei string using decimalsIn. Generates a cryptographically random 32-byte nonce for replay protection. chainId prevents cross-chain replay attacks.

typescript

import { buildIntent } from "@veilsolver/sdk"

const intent = buildIntent({
  tokenIn:        "0xUSDC...",
  tokenOut:       "0xWETH...",
  amountIn:       "100",   // 100 USDC — human-readable
  decimalsIn:     6,
  maxSlippageBps: 50,      // 0.5%
  userAddress:    "0xYourWallet...",
  chainId:        16602,   // 0G Galileo Testnet
  strategyId:     "0abc…"  // optional: 0G Storage root hash
})

encryptIntent→ Promise<string>

encryptIntent(intent: TradingIntent, solverPublicKey: string)

Encrypts the intent using ECIES with the solver's enclave public key. Returns a hex-encoded ciphertext. The solver API receives this alongside the plaintext intent (used for routing) but cannot read the plaintext without the enclave private key.

typescript

import { encryptIntent } from "@veilsolver/sdk"

const SOLVER_PUBKEY = "0x039a5b81f4b2bc0c181b1292f3aeb55721de43dc7e3d07c6c44ba3aa08e7caae04"
const encryptedIntent = await encryptIntent(intent, SOLVER_PUBKEY)
// encryptedIntent: "0x04a3b9..." — ECIES ciphertext

callSolverAPI→ Promise<SolveResponse>

callSolverAPI(intent: TradingIntent, encryptedIntent: string, apiUrl: string)

POSTs to /solve with the intent and encrypted blob. The solver API forwards to 0G Compute (GLM-5-FP8 in Intel TDX), verifies the TEE attestation, signs the plan, stores the audit record to 0G Storage, and returns the full SolveResponse.

typescript

import { callSolverAPI } from "@veilsolver/sdk"

const response = await callSolverAPI(
  intent,
  encryptedIntent,
  "https://veilresolver.onrender.com"
)

// response.plan         — execution plan (tokenIn, tokenOut, minAmountOut, route, deadline)
// response.signature    — ECDSA hex, verified by VeilSolver.sol
// response.attestation  — { chatID, isVerified, provider, model, timestamp }
// response.auditRootHash — 0G Storage root hash (empty string if storage failed)

submitSettlement→ Promise<TransactionReceipt | null>

submitSettlement({ solveResult, contractAddress, signer })

Approves ERC20 spend, then calls executePlan() on VeilSolver.sol. The contract verifies the ECDSA signature, checks the deadline and replay mapping, deducts the fee, and routes the swap through the DEX. Returns the ethers TransactionReceipt on success.

typescript

import { submitSettlement } from "@veilsolver/sdk"

const receipt = await submitSettlement({
  solveResult:     response,
  contractAddress: "0x4181c06901Ee172cc169fFDf44c6C192c22265aF",
  signer           // ethers.Signer on chainId 16602 — must have tokenIn balance
})

console.log("tx hash:", receipt?.hash)
console.log("block:",   receipt?.blockNumber)

Strategy Registry

Upload private system prompts to 0G Storage. Each prompt is ECIES-encrypted before upload — only the TEE can decrypt it. The returned strategyId is the 0G Storage merkle root hash — safe to share publicly.

typescript

import { VeilSolverClient } from "@veilsolver/sdk"

const solver = new VeilSolverClient({ apiUrl, contractAddress, solverPublicKey })

// 1. Upload your private strategy prompt
const strategyId = await solver.uploadStrategy({
  prompt: "You are a conservative DeFi executor. Never route through more than 2 pools...",
  signer
})
// strategyId = 0G Storage root hash — share with your users

// 2. Use it in a trade — TEE fetches + decrypts it internally
const { receipt } = await solver.solve({
  tokenIn, tokenOut, amountIn, decimalsIn,
  maxSlippageBps: 50,
  strategyId,    // ← activates your custom strategy
  signer
})

Privacy guarantee

The encrypted blob is stored on 0G Storage. The strategyId is a content-addressed root hash — publicly retrievable, but the blob is ECIES encrypted. The operator cannot read strategy contents. Only the TEE enclave can decrypt using its private key — which never leaves the Intel TDX hardware boundary.

Architecture

VeilSolver is a three-layer system. The client layer handles encryption and settlement. The solver layer orchestrates TEE inference and storage. The chain layer enforces all guarantees via smart contract.

plaintext

User → buildIntent() → encryptIntent() → POST /solve
         ↓ (ECIES encrypted, unreadable to solver)
Solver API → 0G Compute (GLM-5-FP8 in Intel TDX enclave)
         ↓ (execution plan computed inside enclave)
Solver API → signPlan() → storeAuditRecord() → 0G Storage
         ↓
SolveResponse { plan, signature, attestation, auditRootHash }
         ↓
submitSettlement() → VeilSolver.sol → DEX swap → receipt

Client

›buildIntent() — TradingIntent from form values

›encryptIntent() — ECIES, local computation

›submitSettlement() — ERC20 approve + executePlan()

Solver API

›inference.ts — 0G Compute, broker singleton

›signer.ts — ECDSA plan hash (matches Solidity)

›storage.ts — 0G Storage audit trail

VeilSolver.sol

›ecrecover(planHash, sig) == solverKey

›executedIntents[hash] — replay protection

›minAmountOut enforced — MEV shield

SECURITY MODEL

Guarantee	Enforcement
Intent contents private	ECIES encryption — only enclave key decrypts
Strategy logic private	TeeML — host cannot read enclave memory
Execution plan authentic	ECDSA — contract verifies via ecrecover
Audit record immutable	0G Storage merkle root — content-addressed
No replay	On-chain mapping — EVM state is final
MEV bounded	minAmountOut enforced by VeilSolver.sol

VeilSolver · 0G APAC Hackathon 2026Privacy is an architecture property, not a policy promise.

@veilsolver/sdk

Installation

Testnet Config

Quick Start

Individual Functions

Strategy Registry

Architecture

Ready to build?