Why MEV-Resistance Is Not Optional for Institutional Blockchain Infrastructure

By Kash Balhotra

Financial services institutions evaluating blockchain for trading and payments typically ask three things: What’s the throughput? What does it cost? How fast does it settle?

All reasonable questions. None of them is the hardest one.

The question that actually kills institutional blockchain evaluations is this: can the ordering of transactions be manipulated by any participant in the network?

On most public blockchains, yes. That’s the MEV problem. And for regulated institutions, it’s not a risk to manage around. It’s a reason to walk away.

The Problem Isn’t Abstract

Maximal Extractable Value (MEV) is the profit a block producer can extract by reordering, inserting, or censoring transactions before they’re finalized. On leader-based chains, one validator or sequencer proposes each block and controls what goes in it. Pending transactions sit in a publicly visible mempool. Anyone can see what’s coming before it’s confirmed.

Put those two things together: single ordering authority plus full transaction pre-visibility. You have the structural conditions for front-running, sandwich attacks, and queue manipulation. Not hypothetically. Routinely.

European regulators quantified this in their July 2025 analysis: MEV appears widespread on Ethereum and is growing on other chains, may go against the fairness principles that underpin orderly markets, and current countermeasures have failed to adequately address it.[1]

For retail DeFi users, MEV means worse prices. For regulated institutions, the consequences are different in kind.

Best-execution obligations. MiFID II requires institutions to demonstrate that client orders were filled at the best available terms. If a large order can be spotted in a public mempool, front-run before execution, and the price moved, that obligation cannot be met. The architecture and the regulatory requirement are structurally incompatible.

Audit integrity. A settlement record that a regulator, counterparty, or compliance team relies on for dispute resolution is only reliable if the sequence it reflects wasn’t rearranged for profit. MEV breaks that assumption.

Fee-based ordering discrimination. On most chains, higher fees buy better queue position. A counterparty with deeper pockets can routinely move their transactions ahead of yours. In traditional markets, that’s exactly the kind of preferencing that market structure rules have generally sought to limit.

Why Mitigations Don’t Clear the Bar

The instinct at this point is to ask about mitigations: private transaction relays, commit-reveal schemes, proposer-builder separation, and permissioned deployment environments. These exist. In some configurations, they reduce the visible extraction that occurs in the base mempool.

But by 2025, what actually happened across major public networks was that MEV became more mediated, not eliminated. Extraction moved from brute-force bot competition into structured markets run by a small number of block builders and sequencers. For an institution that needs to demonstrate that no single participant influenced transaction ordering, that’s not a solution. It’s a more organized version of the same problem.

Private relays reduce exposure by routing transactions away from the public mempool. But they introduce a different dependency: an institution trying to prove ordering integrity on finalized records now relies on a handful of private intermediaries whose behavior cannot be verified on-chain. That’s a trust assumption, not a mathematical guarantee.

Permissioned environments reduce public-chain exposure. But if the underlying consensus mechanism retains a single ordering authority (a leader, a sequencer, a rotating committee), the structural conditions for manipulation remain, even if the participant set is controlled.

The requirement for a regulated institution is not lower MEV. It is an architecture where ordering manipulation is impossible for any single participant. Mitigations don’t reach that bar.

Hedera’s Architecture: Built From First Principles

Hedera doesn’t mitigate MEV. The Hashgraph algorithm eliminates the structural conditions that make it possible. Four properties are the reason why.

No public mempool. Transactions submitted to Hedera aren’t placed in a visible queue before finalization. There is no pool of pending transactions for validators, bots, or anyone else to monitor. The information asymmetry that enables front-running simply doesn’t exist here.

Leaderless consensus. Hashgraph reaches consensus through gossip-about-gossip and virtual voting: all nodes participate simultaneously, no single node proposes a block. No participant controls transaction ordering for a given round. The sequence that emerges is a collective output of the consensus process, not a decision any individual makes.

Mathematically fair transaction ordering. Each transaction receives a consensus timestamp derived from the median of timestamps submitted by the nodes that first received it. The median of a distributed set cannot be shifted by any single participant. No node can move transactions in the queue for profit. This is not a policy commitment. It is a mathematical property of the algorithm.

Deterministic timestamp logging. Every finalized transaction on Hedera carries a consensus-derived timestamp that is immutable and verifiable, a provable record of when a transaction was received and settled, in a sequence that was not subject to manipulation. That is what regulators, counterparties, and audit committees need: not a representation that manipulation was unlikely, but a record that demonstrates it was architecturally impossible.[2]

MEV-resistance isn’t something Hedera added to address a problem. It’s what the architecture produces. The network was built from first principles to achieve consensus on ordered events fairly, and these properties are present in every transaction, not just the ones routed through a protected relay.

Hashgraph inventor Leemon Baird walks through the consensus algorithm in this four-minute explainer.

The performance picture supports institutional use cases at scale: up to 10,000 TPS, 3–5 second finality, and fixed USD-denominated fees of approximately $0.0008 per transaction. Fixed fees eliminate the gas auction mechanism through which fee-based ordering manipulation operates on most chains. The cost of settling a $500 million position is the same as the cost of settling a $5,000 one.

Where This Maps to Specific Workflows

The architecture above is only useful if it connects to what institutions are actually trying to do. Here’s where it matters most.

On-chain collateral mobility. OTC derivatives margining relies on cash for variation margin because non-cash assets can’t move fast enough in traditional rails. Tokenized collateral changes that equation, but only if the institution can demonstrate to regulators and counterparties that the transfer sequence wasn’t manipulable. That’s a hard requirement, not a preference. In July 2025, Aberdeen Investments, Lloyds Banking Group, and Archax completed the UK’s first use of regulated digital assets as live FX collateral: tokenized units of Aberdeen’s money market fund and UK gilts, issued and settled on Hedera, under FCA oversight.[3] The UK accounts for approximately $4.7 trillion in daily FX turnover and $4.3 trillion in daily OTC interest rate derivatives turnover, per the BIS Triennial Central Bank Survey of April 2025.[4] The implications of scaling that use case on fair-ordered infrastructure are significant.

Tokenized fund settlement. Asset managers distributing tokenized fund units to institutional investors need settlement finality that satisfies custody and audit requirements. The sequence from subscription instruction to finalized holding cannot be subject to manipulation between steps. Hedera’s fixed fee structure also removes a practical problem: the economics of settling fund redemptions at scale don’t depend on network congestion or fee volatility.

Intraday treasury and liquidity management. Moving funds between counterparties to meet margin calls, cover intraday positions, or optimize reserve requirements requires both throughput and ordering integrity. High frequency is only part of the requirement. Institutions need to demonstrate that the sequence in which settlements occurred was not influenced by any third party.

Wholesale CBDC and settlement interoperability. Central bank infrastructure requirements are explicit: ordering must be fair, and settlement records must be tamper-resistant by construction, not policy. In July 2025, the Reserve Bank of Australia and the Digital Finance Cooperative Research Centre selected Hedera as one of five distributed ledger platforms for pilot wholesale CBDC issuance under Project Acacia, a research initiative exploring tokenized asset settlement across private and public-permissioned DLT infrastructure.[5]

Governance: The Question Compliance Always Asks

Architecture is a technical conversation. Governance is a compliance one. They’re equally important.

The Hedera Governing Council, designed for up to 39 term-limited organizations each holding one vote, manages network parameters, node operation, and protocol development. Current members include Google, IBM, BitGo, Standard Bank, Nomura, Shinhan Bank, ServiceNow, LSE, Dentons, Aberdeen, and Accenture, among others. No single organization controls the network, and no founding team holds permanent majority influence.

For a legal or compliance function evaluating a blockchain network, this is a materially different answer than an anonymous validator set or a foundation with concentrated token holdings. It provides identifiable counterparties, accountable institutions, and a governance framework that regulated entities can engage with.

On the regulatory side: effective March 23, 2026, the SEC and CFTC jointly classified HBAR, along with 15 other digital assets, as digital commodities under a formal 68-page interpretive release.[6] That classification removes the securities law uncertainty that had constrained institutional participation and opens the door to custody solutions, ETF products, and allocation channels previously unavailable.

HashSphere: For Institutions That Can’t Start on a Public Network

Not every institution can deploy directly on a public network on day one. Data residency requirements, internal policy constraints, or regulatory frameworks around public ledger visibility sometimes make that path unavailable initially.

HashSphere is a permissioned deployment option built on Hashgraph consensus that connects to Hedera’s public mainnet. Institutions deploy private networks with full control over participant access and data visibility, with the ability to interoperate with Hedera and other EVM-compatible ecosystems when needed. The MEV-resistance properties carry through: they are properties of the Hashgraph consensus algorithm itself, not features exclusive to the public network. A HashSphere deployment gets the same ordering fairness guarantees as the Hedera mainnet.

This makes HashSphere a practical path for institutions operating under GDPR, MAS TRM, APRA, or similar frameworks that constrain what data can appear on a public ledger, and for those who want to validate the technology in a controlled environment before moving workflows to the public network. Project Acacia itself runs on HashSphere infrastructure, alongside other permissioned DLT platforms.

The Bottom Line

A CTO, CDO, or head of market infrastructure evaluating blockchain for trading or payments needs to answer one question with confidence: can I take the finalized settlement record to a regulator, a counterparty, or an audit committee and demonstrate that the ordering was not manipulated?

On most public blockchains, the honest answer is: not by design, only through mitigations that reduce exposure without eliminating the underlying structural problem, and that introduce dependencies on intermediaries whose behavior cannot be verified on-chain.

On Hedera, the answer is yes: no mempool, leaderless consensus, median-derived timestamps that no participant can shift, and immutable deterministic logging at finality. These are not claims against a whitepaper. They are the mathematical properties of the consensus algorithm, present in every transaction the network processes.

Aberdeen, Lloyds, and Archax didn’t run a proof of concept. They ran a live trade, under FCA oversight, on a workflow where ordering integrity is a compliance requirement. That’s the difference between infrastructure that has been evaluated and infrastructure that has been trusted.

If you’re building or evaluating blockchain infrastructure for trading, settlement, or payments in a regulated environment, I’m happy to go deeper on how the architecture maps to your specific compliance requirements and technical stack. Reach out on LinkedIn.

*Kshitish ‘Kash’ Balhotra is a financial services and blockchain expert at Hashgraph. He advises on the deployment of distributed ledger technology in regulated financial markets. Find him on LinkedIn at linkedin.com/in/kshitishb.

Sources

[1] ESMA, “Maximal Extractable Value — Implications for crypto markets,” TRV Risk Analysis, July 2025. https://www.esma.europa.eu/sites/default/files/2025-07/ESMA50-48136992629744_Maximal_Extractable_Value_Implications_for_crypto_markets.pdf

[2] “Does Maximal Extractable Value (MEV) Exist on Hedera?”, hedera.com/blog/does-maximal-extractable-value-mev-exist-on-hedera

[3] Aberdeen Investments, Lloyds Banking Group, Archax, “Digital Assets Breakthrough: UK-First Use of Digital Assets as FX Collateral,” July 2025. https://archax.com/insights/digital-assets-breakthrough-aberdeen-investments-lloyds-banking-group-and-archax-complete-uk-first-use-of-digital-assets; see also: https://hedera.com/case-study/abrdn-lloyds-archax/

[4] Bank of England, “BIS Triennial Survey of Foreign Exchange and Over-The-Counter Interest Rate Derivatives Markets in April 2025 — UK Data,” September 2025. https://www.bankofengland.co.uk/news/2025/september/bis-triennial-survey-of-foreign-exchange-and-over-the-counter-interest-rate-derivatives-markets

[5] Reserve Bank of Australia, “Project Acacia: RBA and DFCRC announce chosen industry participants,” 2025. https://www.rba.gov.au/media-releases/2025/mr-25-18.html

[6] SEC and CFTC, “Application of the Federal Securities Laws to Certain Types of Crypto Assets and Certain Transactions Involving Crypto Assets,” Release Nos. 33–11412 and 34–105020 (issued March 17, 2026; effective March 23, 2026). https://www.sec.gov/files/rules/interp/2026/33-11412.pdf

Why MEV-Resistance Is Not Optional for Institutional Blockchain Infrastructure was originally published in Hedera Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.