The closing bell is a memory of a market structure we are about to leave behind. Tokenised assets, programmable settlement and consumer-grade AI traders are converging into a single architectural picture: continuous markets, no human gatekeeper at the wallet, decisions executed by agents at sub-second latency, and a settlement substrate that does not sleep. The interesting question is not whether this happens. It is which firms will still be standing when it does, and the answer comes down almost entirely to engineering choices being made now.

This piece is written from the engineer’s chair rather than the strategist’s. Most of the strategy decks on this topic are wrong because they assume the constraints look like equities or like crypto, when in fact they look like neither. They look more like real-time payments, plus an immutable ledger, plus an audit committee, plus a generation of consumers who expect a Robinhood-grade UI talking to a Claude-grade agent. Build for that, or make room for someone who will.

What changes when the bell goes away

A 24/7 market on a settlement rail the firm does not own is a different proposition from a closing-bell market on a CSD it does. The architectural differences are not incremental.

  • Maintenance windows disappear. There is no quarterly upgrade slot at 9pm on Sunday. Every change becomes a hot change, and the release-engineering posture moves closer to that of a payments processor than a brokerage.
  • The latency budget compresses to settlement, not just execution. When the ledger settles in seconds and the agent decides in milliseconds, a two-day reconciliation pipeline is no longer an operational nicety; it is a fraud window.
  • Identity moves to the wallet. The KYC perimeter previously enforced at onboarding is now a continuous control surface, evaluated per transaction, by something that lives partly in the user’s pocket.
  • The agent is a market participant. Not a recommendation engine, not an advisor, not a copilot. It is an actor whose decisions hit the rail directly. The governance regime must acknowledge this and instrument for it; otherwise the firm is pretending it is still 2019, and the regulator will eventually notice.

None of these is a minor tweak. Each one breaks a load-bearing assumption in the architectures used by every Tier 1 firm.

Is Ethereum mainnet the rail for trillions of assets, 24/7?

No, and the answer is not close.

Ethereum L1 is many things: a remarkable censorship-resistant settlement layer, a credibly neutral anchoring substrate, and the longest-running decentralised computer in production. It is not, however, the rail for the world’s tokenised securities, for four engineering reasons.

  1. Throughput. Mainnet sustains roughly 15 to 30 transactions per second. Proto-danksharding and full danksharding raise data availability for L2s but do not raise L1 execution capacity in any meaningful way. Global tokenised securities at retail scale require five orders of magnitude more.
  2. Finality. Probabilistic finality of approximately 12.8 minutes is acceptable for store-of-value transfers but inappropriate for instruments where margin, hedging and circuit-breakers depend on certainty within seconds.
  3. Cost. Gas-priced execution under contention is not a basis for retail trading economics. The base layer is, by design, optimised for security-per-byte rather than cost-per-transaction at scale.
  4. Censorship resistance versus compliance. Mainnet’s most prized property, neutrality at the validator level, is in active structural tension with sanctions screening, freeze orders and pre-trade controls. The OFAC episode of 2022 was not a one-off but the visible edge of a permanent constraint.

So mainnet is not the answer. What is?

The realistic shape of the answer is hybrid, and the architectural choice is which hybrid to adopt. The credible candidates are:

  • Application-specific chains (validium, app-rollups, Cosmos-style sovereign chains) with deterministic finality, controlled validator sets and explicit pre-trade hooks. These trade neutrality for throughput and compliance ergonomics, a defensible trade for a regulated venue.
  • Permissioned L2s anchoring to mainnet for assurance, with day-to-day execution off-mainnet and periodic cryptographic anchoring providing tamper-evidence without bottlenecking on L1 capacity.
  • DLT-of-record consortia (Corda, Canton and similar) running entirely off public chains, anchoring select cryptographic commitments to a public ledger only where external assurance is required.

Each of these survives an audit committee. Mainnet, today, does not.

The mistake to avoid is the dichotomy of “public versus private”. The right framing is layered: an execution ledger that is fast, deterministic and controlled; an assurance anchor that is public, immutable and periodic; and a dispute surface that is off-chain and articulable in court. These are three separate components, each with its own SLA and threat model. Most public discourse conflates them, and most architectural mistakes follow from that conflation.

Fraud on an immutable ledger

Immutability is the property that ledger advocates value most highly and the one that risk officers lose sleep over. Both reactions are reasonable, and both are answering the wrong question.

The right question is not “how do I undo a fraudulent transaction on an immutable ledger” but “how do I architect for the difference between invariance of history and reversibility of effect?”. History is invariant; effect is not. The two were collapsed in the legacy world because the ledger and the position were the same artefact. They are not the same artefact in a tokenised world, and pretending they are is the source of much of the confused argument on this subject.

The pattern that works has four elements.

  • Compensating-transaction architecture. A fraudulent trade is not erased; it is followed by a counter-transaction, signed by an authority recognised in the venue’s rulebook, with both transactions visible on the ledger. The position is restored, the history is preserved, and the audit trail is stronger than in a system where rows could be silently corrected.
  • Off-chain dispute layer. Disputes resolve in a forum that the ledger neither knows nor cares about: arbitration, courts, the venue’s own dispute committee. The ledger records only the outcome, as a signed transaction.
  • Pre-settlement risk windows. Some classes of trade hold in on-ledger escrow for a controlled window during which a circuit-breaker can refuse settlement. This is unfashionable among advocates of instant settlement, but it is a legitimate architectural option, used in adjacent rails, and it answers a real risk concern without sacrificing the substrate.
  • Mutualised insurance pools. A venue-level insurance pool, posted by participants, indemnifies retail clients against fraud up to a defined cap. The pool is itself on-ledger, transparently funded and transparently drawn on. This is a credible answer to the question of how the consumer trusts the AI in their pocket: the venue, not the consumer, carries the residual risk.

None of this is novel in isolation. The architectural work is in composing the pieces, sequencing the on-ledger and off-ledger events so that the audit trail is unbroken, the dispute is articulable, and the consumer sees a comprehensible outcome. The composition is hard, and most current implementations are poor at it.

What the regulator is actually going to ask

Treat the following list as the spine of the architecture, not as a compliance overlay.

  1. Who is the principal of this trade? The retail client, with the agent acting on their behalf. The audit trail must say so explicitly, with a cryptographic link from the user’s authentication event through the agent’s decision to the on-ledger transaction. If the chain is unbroken, the principal question is answered. If it is broken at any point, the trade is unattributable and the venue is liable.

  2. What were the pre-trade controls, and were they applied? Suitability, leverage limits, sanctions and market-abuse heuristics. The right answer is not a gateway in front of the agent; it is controls embedded in the agent’s tool surface, with the gateway acting as a defence-in-depth backstop. A consumer-side agent with a weak gateway is a regulatory problem waiting to happen. A consumer-side agent whose tools refuse, by construction, to call the trade endpoint without a valid suitability assertion is a defensible architecture.

  3. Can the decision be replayed? Replay is not a forensic luxury. It is the control surface that distinguishes a venue that can be regulated from one that cannot. Every agent decision should be content-addressed: the inputs, the model version, the policy snapshot, the timestamp and the resulting action, all hashed, all anchored, all reproducible. If the regulator asks why a trade happened on a Tuesday at 04:17 UTC, the firm should be able to re-run it deterministically. If it cannot, it does not have a venue; it has an outage waiting to happen.

  4. What controls drift in the agent’s behaviour? This is the question the second line is least equipped to ask, and the one most affected by the answer to it. An agent whose behaviour drifts is a control whose effectiveness drifts. The drift surface must be instrumented, attested and equipped with a kill-switch. The same discipline already applied to model drift in credit scoring applies here, with greater urgency, to agents executing trades.

  5. Who attests? Every architectural component must have a named human, or a named function with a named owner, who signs an attestation, on a defined cadence, that the component is operating within its declared envelope. The attestations themselves are on-ledger artefacts. The audit committee does not want a Confluence page; it wants a signed transaction.

If the architecture answers all five of these questions by construction, the firm is running a venue. If it answers them with PowerPoint, it is running a project that the regulator will shut down within eighteen months of the first bad headline.

The big-firm versus small-firm question, answered structurally

The romantic version of this story says small firms win because they have no legacy. The cynical version says big firms win because they have the balance sheet and the regulatory relationships. Both readings are partly right and both are insufficient.

The structural answer is as follows.

Where small firms win. Greenfield architecture is a one-time advantage with a long half-life. A firm starting today can pick a settlement substrate, a custody model, an agent framework and a control plane that are all designed for this market structure. It can wire content-addressed decisions, signed agent traces, embedded pre-trade controls and on-ledger attestations from the first commit. It can hire engineers who have never seen a SWIFT message. It can move at the cadence of payments rather than that of corporate change-control. None of this is replicable by a Tier 1 inside the building it currently occupies.

Where big firms win. Custody at scale; a balance sheet able to absorb operational losses during the eighteen-month window in which the architecture is wrong; regulatory relationships that survive the first incident; distribution into the retail base; and the institutional muscle to negotiate with the venues, the L2 operators, the custody providers and the regulators in parallel. None of this is replicable by an insurgent, and no amount of engineering elegance compensates for it.

Where the line gets drawn. It is not drawn between firms but inside them: between the part of the firm willing to run the new architecture as a separate, ring-fenced, greenfield venue, and the part that wants to bolt the new architecture onto the back of the old one. Every Tier 1 will run this experiment. The ones that let the greenfield team operate at the cadence of an insurgent, with a separate stack, separate change-control, separate hiring, real budget and real autonomy, will compete. The ones that ask the greenfield team to “leverage the existing platform” will lose to a venue that never had the existing platform to leverage.

This is not a strategy observation; it is an engineering observation. The architecture of the new venue is structurally incompatible with that of the old one. Any attempt to share components, whether identity, custody, ledger or controls, pulls the new venue back to the cadence of the old one and erases its only advantage.

The architectural answer, in concrete terms

A defensible reference architecture, suitable for either an insurgent or a ring-fenced incumbent venue, looks broadly as follows.

  • Execution ledger. Application-specific rollup or app-chain, with deterministic finality, a controlled validator set and native pre-trade hook execution. Throughput target ≥ 10⁵ TPS sustained, finality ≤ 1s.
  • Assurance anchor. Periodic cryptographic commitment to a public chain (Ethereum mainnet is fine for this; throughput is not the constraint at the anchoring layer). Frequency tunable from per-block to per-hour.
  • Dispute surface. Off-chain arbitration with on-ledger settlement of outcomes, a venue rulebook articulable in court, and a mutualised insurance pool with on-ledger funding.
  • Custody. MPC or threshold-signature custody, with the consumer holding a partial share, the venue holding a partial share and the agent holding no share at rest. Trade signing requires both consumer authorisation (delegated and time-bound) and venue authorisation. The consumer’s share is recoverable through a published, auditable process.
  • Agent execution. A consumer-side agent with a strict tool surface, in which the tools embed pre-trade controls and every decision is content-addressed and signed. Every signed decision becomes an on-ledger transaction or an attested non-action.
  • Controls plane. Drift instrumentation on agent behaviour, a kill-switch with both venue and consumer triggers, a replay harness available to the second line and to the regulator, and attestations signed on a defined cadence by named humans.
  • Reconciliation. Continuous rather than end-of-day. The reconciliation engine is a real-time consumer of the execution ledger, the assurance anchor, the agent decision log and the custody events.

None of these components is exotic. Each exists, in production, in adjacent rails. The architectural work lies in the composition, the cadence and the attestation discipline. The firms that get the composition right will run the venues of 2030. The firms that try to assemble the composition out of the components their existing platforms happen to expose will not.

Closing

The next five years of this story are an engineering story. They are not a “trends deck” story, nor a “tokenisation taskforce” story, nor a “we should think about a metaverse strategy” story. They are a story about which firms have the engineering courage to run a parallel, ring-fenced, greenfield architecture at the cadence of a payments processor and the discipline of an audit committee. Most large firms will not do this. Some will. A handful of insurgents will do it from the first commit and force the question.

For an engineer inside a firm having this conversation in 2026, the highest-value action available is to refuse to allow the new venue to share components with the old one. The architectural arguments set out above provide the technical scaffolding for that refusal.