The problem no one names
When you negotiate a deal — IP licensing, real estate, M&A — you have to share information to reach an agreement. Your first offer. Your counteroffer. How fast you concede. Whether you keep negotiating or walk away.
Here's the catch: that same information is used by the counterparty to worsen your terms.
Your opening bid of $100K? Now they know you'll pay at least $100K. Your quick concession to $80K? Now they know you're desperate. Your willingness to keep talking after round 5? Now they know you have no alternatives.
I call this the double-use of information: private information that is used once to facilitate a deal, then reused to extract more value from you.
What I built
Sealed Trade Protocol — a system where AI agents negotiate on behalf of each party, and neither party can observe the negotiation process.
The flow:
- Seller lists an asset with a max deal value. Posts a 1% bond.
- Buyer expresses interest. Posts a matching bond.
- Each party signs parameters for their AI agent (min/max price, terms, constraints).
- Agents negotiate inside a hardware-isolated enclave (TEE). Neither party sees offers, counteroffers, or timing.
- Only the outcome exits: agreed price + terms, or "no deal."
- Settlement happens on-chain. Bonds are returned.
If either party cancels during negotiation, their bond is slashed — 50% to counterparty, 50% to an insurance pool. This makes griefing expensive.
Why AI agents + TEE?
You might ask: why not just use MPC, FHE, or ZKP?
| Approach | Why it doesn't work here |
|---|---|
| MPC | Requires predefined circuits — can't support free-form negotiation |
| FHE | Orders of magnitude too slow for LLM inference |
| ZKP | Proves correctness but can't seal arbitrary conversation content |
| Trusted broker | No technical enforcement — trust fails |
TEE (Trusted Execution Environment) provides memory isolation and remote attestation. The agents run inside the enclave, negotiate in natural language, and the enclave is destroyed after negotiation. The negotiation dynamics — who conceded first, how many rounds it took, what intermediate prices were proposed — are sealed and gone.
Yes, TEE requires trusting the hardware vendor. That's a different assumption than mathematical hardness. But it's strictly better than trusting a human broker.
The economics
Both parties have skin in the game via escalating bonds:
| Stage | Bond | Range |
|---|---|---|
| Discovery | 1% of deal value | $1 – $1,000 |
| Negotiation | 3% | $5 – $5,000 |
| Execution | 10% | $10 – $50,000 |
Settlement fee: 0.3%. That's the only non-recoverable cost. Bonds are locked capital, not spent capital.
What's working now
-
Smart contracts on Sepolia testnet —
SealedTrade.sol,BondVault.sol,Treasury.sol(32 tests passing) - Demo UI where you can list assets, match, and run AI agent negotiation with Claude API
- Product listings with categories (Real Estate, Patent/IP, Equity, etc.) and search
- Position paper formalizing the information double-use problem
What's not built yet
- TEE agent runtime — agents currently run client-side, so negotiation messages are visible. Moving them into actual enclaves is the next milestone.
- Security audit — contracts are not audited. Testnet only.
Try it
- Demo (Sepolia, needs MetaMask): frontend-five-xi-i81goehc6k.vercel.app
- Code: github.com/ShotaNagafuchi/sealed-trade-protocol
- Paper (PDF): esaerakiku.github.io/ShotaNagafuchi/papers/sealed-trade-protocol.pdf
What I'd love feedback on
- Is "information double-use" a useful framing? Or does game theory already have a better term for this?
- The bond curve (1/3/10%) — too aggressive? Too soft?
- Agent negotiation strategies beyond simple price anchoring
- How this relates to A2A (Google → Linux Foundation) and ACP (IBM) protocols
Thanks for reading. Happy to answer questions.
Top comments (0)