A global open standard for cryptographic auditability across AI-driven & algorithmic trading systems.
Cryptographically linked chain of trading events
The algorithmic trading industry faces critical trust gaps — VCP addresses the root causes.
2024-2025: 80+ prop trading firms shut down or imploded, leaving traders with billions in unpaid profits.
Trading logs are easily falsified. Server-side data is opaque, unverifiable, and legally indefensible.
Regulators demand AI transparency: EU AI Act mandates logging for high-risk AI systems; MiFID II requires audit trails.
VCP records every trading event—from decision to execution—in a cryptographically verifiable format that cannot be altered.
Once recorded, events cannot be modified. Hash chains make retroactive falsification mathematically impossible.
Every decision point is visible. Traders, auditors, and regulators can independently verify the complete audit trail.
Auditors can validate any subset of events independently using hash-chains & Merkle proofs.
Cryptographic signatures (Ed25519) and Merkle trees provide mathematical proof of data integrity.
VCP records the complete lifecycle of every trading decision—from signal generation to execution completion—in a cryptographically verifiable format.
VCP v1.1 introduces a clear three-layer architecture for integrity and security, ensuring "Verify, Don't Trust."
Third-party verification without trusting the producer
Prove completeness of event batches (no omissions)
Individual event completeness
Merkle Roots are anchored to external timestamping services (Blockchain, RFC 3161 TSA) for third-party verifiability.
RFC 6962-compliant Merkle trees enable efficient integrity verification of large datasets.
RFC 8785 deterministic JSON serialization ensures consistent hashing across all platforms.
Time-ordered unique identifiers (RFC 9562) prevent backdating and ensure temporal integrity.
High-performance elliptic curve signatures with future-ready quantum migration path.
PTP/NTP synchronized timestamps with nanosecond precision for HFT compliance.
Key Insight: VCP is NOT a blockchain—it's a lightweight, high-speed "cryptographic audit layer" that works alongside existing trading systems.
Every stage of a trade is recorded and cryptographically linked.
AI/Algorithm generates a trading decision
Order is submitted to broker/exchange
Broker/exchange confirms receipt
Trade is filled and settled
Each event includes EventHash, Merkle Proof, and Signature — all linked by TraceID and externally anchored
VCP serves the entire spectrum of algorithmic trading participants.
Prove fair dealing and rebuild trader trust
Silver / GoldDemonstrate best execution compliance
GoldAnti-front-running proof and matching transparency
PlatinumOff-chain transparency, on-chain security
Gold / PlatinumVCP is a "cryptographic evidence layer" built to meet the requirements of international financial regulations.
High-risk AI systems must maintain detailed logs. VCP-GOV module records algorithm decisions and human oversight.
Algorithmic trading audit trails and clock synchronization requirements. Platinum tier uses PTPv2 for <1µs precision.
VCP-PRIVACY supports crypto-shredding: delete encryption keys to achieve "right to be forgotten" while preserving audit integrity.
Market surveillance requirements and CAT Rule 613 compliance for consolidated audit trails.
Internal control requirements for algorithmic trading systems and risk management documentation.
Singapore MAS, Hong Kong SFC, and ASIC guidelines for algorithmic trading transparency.
Modular architecture for flexible implementation based on your requirements.
Three-layer architecture: Event integrity, Collection integrity (Merkle), External verifiability.
Trading payload schema: orders, executions, positions, slippage data.
Algorithm governance, AI decision factors, human oversight records.
Risk parameters, position limits, stop-loss rules, margin requirements.
Crypto-shredding for GDPR compliance, key management, data encryption.
Chain disruption recovery, failure detection, gap identification.
Cross-reference & Dual Logging for multi-party verification and dispute prevention.
| Feature | Traditional Logs | VCP |
|---|---|---|
| Tamper Resistance | ✗ | ◎ |
| Independent Verification | ✗ | ◎ |
| Lifecycle Visibility | ✗ | ◎ |
| Regulatory Compliance | △ | ◎ |
| Log Format | Proprietary / Inconsistent | Open Standard |
Choose the tier that matches your technical requirements and use case.
HFT / Exchange
Institutional
Prop / Retail
As of v1.1, External Anchoring is mandatory for all tiers to ensure "Verify, Don't Trust" principle. Silver tier can use lightweight options like OpenTimestamps or FreeTSA. Hash chains (PrevHash) are now optional—Merkle trees provide equivalent integrity guarantees.
No. VC-Certified proves technical compliance with the VCP standard—it does not constitute regulatory approval or financial soundness certification. VSO is a standards body, not a financial regulator.
VCP is platform-agnostic. SDKs are available for Python, C++, Java, MQL5, and more. It can be integrated as a sidecar alongside existing trading systems without modifying core logic.
Implementation typically takes 2-4 weeks for Silver tier using our SDK. Gold and Platinum tiers may require additional infrastructure setup for clock synchronization and high-performance logging.
Auditors use the VCP Explorer API to query events, verify Merkle proofs, and validate digital signatures. The verification process is fully automated and cryptographically rigorous.
Platinum is for HFT/exchanges (PTPv2, binary). Gold is for institutional traders (NTP, JSON). Silver is for retail/prop firms (best-effort timing). All tiers provide cryptographic integrity.
No. VCP is a lightweight cryptographic audit layer—not a distributed ledger. It uses Merkle trees and external anchoring for integrity, but doesn't require consensus or mining. This makes it fast enough for HFT.
VCP-XREF enables independent VCP event streams from multiple parties (e.g., trader + broker) that can be cross-referenced to detect discrepancies. Unless both parties collude, manipulation by one party is detectable by the other.
v1.1 introduces Completeness Guarantees—third parties can cryptographically verify not only that events were not altered, but that no required events were omitted (omission/split-view attacks). This is achieved through mandatory Merkle Tree construction and external anchoring.
Join the growing ecosystem of transparent, compliant trading systems.